Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/cff76ec0-7d4a-49c3-b4ae-3e6a91b723cb/571fdb4bc7df37016bcf13ae989a41eefd8cc8f5.roa
File:                     571fdb4bc7df37016bcf13ae989a41eefd8cc8f5.roa (raw, json)
Hash identifier:          vNV2rQF0BGzsCfxU80yReGkplR5+75W61XR6uglt6lY=
Subject key identifier:   F0:4A:37:87:A6:40:E0:CC:02:0C:DE:E0:EB:2F:F6:60:7A:12:28:FB
Certificate issuer:       /CN=d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765
Certificate serial:       0D6F3A
Authority key identifier: 40:37:2B:8A:A4:64:31:7E:A5:61:E6:C4:63:CB:F7:04:CD:94:A0:63
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/cff76ec0-7d4a-49c3-b4ae-3e6a91b723cb/571fdb4bc7df37016bcf13ae989a41eefd8cc8f5.roa
Signing time:             Wed 24 Mar 2021 14:29:04 +0000
ROA not before:           Wed 24 Mar 2021 14:29:03 +0000
ROA not after:            Tue 24 Mar 2026 14:29:03 +0000
asID:                     28114
IP address blocks:        2803:2600::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/cff76ec0-7d4a-49c3-b4ae-3e6a91b723cb/d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765.crl
                          rsync://repository.lacnic.net/rpki/lacnic/cff76ec0-7d4a-49c3-b4ae-3e6a91b723cb/d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 880442 (0xd6f3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765
        Validity
            Not Before: Mar 24 14:29:03 2021 GMT
            Not After : Mar 24 14:29:03 2026 GMT
        Subject: CN=571fdb4bc7df37016bcf13ae989a41eefd8cc8f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:b2:4c:e6:e1:f9:ef:2e:44:46:98:9f:83:2c:
                    b7:79:c3:68:25:27:67:3e:74:37:3c:d8:b4:cf:10:
                    9e:b2:41:66:29:55:ac:b4:65:a3:f2:01:87:f1:6e:
                    54:58:b4:bf:e2:43:01:87:1e:54:9b:02:ef:ff:bf:
                    49:bb:e6:da:7e:df:01:41:fc:1e:59:75:1d:c0:a6:
                    bd:43:d5:69:8f:ce:24:69:b6:af:32:f8:3b:4b:57:
                    c8:e4:59:20:40:5c:d7:0a:00:d1:55:c9:1f:4f:2e:
                    40:14:f0:32:c8:37:04:ae:5e:ba:7e:ec:76:fa:b0:
                    41:8a:ed:c1:0e:36:5a:35:91:e3:bd:ed:51:26:ec:
                    95:c5:a7:1e:28:2c:13:f1:c3:bf:bb:94:01:2a:7a:
                    6b:ba:2c:16:84:45:68:87:b7:65:da:22:65:c5:f0:
                    a3:17:28:77:f6:0c:fb:f7:72:fc:35:a5:2f:fd:7f:
                    68:8d:32:e4:ad:da:a8:8d:12:52:76:9f:f6:24:c8:
                    bb:7f:9e:3c:ff:c3:86:26:34:62:0d:dd:03:16:f0:
                    02:6f:a0:55:e1:f8:e9:ea:74:10:a5:84:01:c5:9b:
                    a3:63:46:eb:fb:11:9f:39:7b:63:13:32:c8:fa:80:
                    75:b7:73:f6:48:83:64:c4:5c:57:79:d7:1c:75:2e:
                    86:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:4A:37:87:A6:40:E0:CC:02:0C:DE:E0:EB:2F:F6:60:7A:12:28:FB
            X509v3 Authority Key Identifier:
                keyid:40:37:2B:8A:A4:64:31:7E:A5:61:E6:C4:63:CB:F7:04:CD:94:A0:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/cff76ec0-7d4a-49c3-b4ae-3e6a91b723cb/571fdb4bc7df37016bcf13ae989a41eefd8cc8f5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/cff76ec0-7d4a-49c3-b4ae-3e6a91b723cb/d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:2600::/32

    Signature Algorithm: sha256WithRSAEncryption
         2e:b7:92:25:6e:d6:05:fe:3f:8b:7c:0e:fe:82:31:43:f6:0c:
         95:35:e6:43:7c:2e:a9:22:3d:f0:fc:f6:94:23:c0:0b:20:b1:
         17:14:b4:8b:f9:0b:de:2b:03:ee:70:b9:90:ed:3b:27:2a:fa:
         c5:f0:32:30:05:54:e9:ba:f5:e2:88:48:e9:ee:57:27:4d:1b:
         4d:4e:e0:a0:44:9a:85:18:bf:6d:03:67:bf:92:f1:32:e7:24:
         19:e4:08:ba:e6:ba:f6:77:5f:53:9b:97:d8:36:fe:5c:6e:b2:
         05:94:ec:c8:4b:1d:d4:c4:c6:38:37:89:6b:a6:5f:b7:9f:99:
         17:e7:2b:56:8d:6b:a9:6b:11:33:fb:ab:ab:28:93:c6:c9:bc:
         11:3a:22:52:34:25:8b:b9:07:a0:51:6f:3e:f7:a5:82:73:f1:
         5e:ad:e0:55:1d:10:51:88:31:f2:01:93:e6:11:fa:66:86:2e:
         a9:cb:42:7a:0d:7d:92:1f:bc:b4:a8:69:6a:f5:05:07:c9:01:
         36:93:cc:a3:03:ea:c3:6e:6a:1f:ca:60:aa:ef:af:64:4c:fb:
         59:d2:f4:0f:69:ec:57:38:ea:e5:3a:4f:f2:5d:9a:3a:8e:e8:
         2d:8d:36:a2:9e:5b:98:ad:60:54:23:ae:82:2b:6c:da:f8:f1:
         40:b6:dc:fe
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDDW86MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
Y2IxODVkYzJiNjdmZWE0ZThmY2M5MzAzZGU3NmIyZTZiM2U3NjUwHhcNMjEwMzI0
MTQyOTAzWhcNMjYwMzI0MTQyOTAzWjAzMTEwLwYDVQQDEyg1NzFmZGI0YmM3ZGYz
NzAxNmJjZjEzYWU5ODlhNDFlZWZkOGNjOGY1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqbJM5uH57y5ERpifgyy3ecNoJSdnPnQ3PNi0zxCeskFmKVWs
tGWj8gGH8W5UWLS/4kMBhx5UmwLv/79Ju+baft8BQfweWXUdwKa9Q9Vpj84kabav
Mvg7S1fI5FkgQFzXCgDRVckfTy5AFPAyyDcErl66fux2+rBBiu3BDjZaNZHjve1R
JuyVxaceKCwT8cO/u5QBKnpruiwWhEVoh7dl2iJlxfCjFyh39gz793L8NaUv/X9o
jTLkrdqojRJSdp/2JMi7f548/8OGJjRiDd0DFvACb6BV4fjp6nQQpYQBxZujY0br
+xGfOXtjEzLI+oB1t3P2SINkxFxXedccdS6GuwIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFPBKN4emQODMAgze4Osv9mB6Eij7MB8GA1UdIwQYMBaAFEA3K4qkZDF+pWHm
xGPL9wTNlKBjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDhjYjE4
NWRjMmI2N2ZlYTRlOGZjYzkzMDNkZTc2YjJlNmIzZTc2NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvY2ZmNzZlYzAtN2Q0YS00OWMzLWI0YWUtM2U2YTkx
YjcyM2NiLzU3MWZkYjRiYzdkZjM3MDE2YmNmMTNhZTk4OWE0MWVlZmQ4Y2M4ZjUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jZmY3NmVjMC03ZDRhLTQ5YzMtYjRhZS0zZTZh
OTFiNzIzY2IvZDhjYjE4NWRjMmI2N2ZlYTRlOGZjYzkzMDNkZTc2YjJlNmIzZTc2
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDJgAwDQYJKoZIhvcNAQELBQADggEBAC63kiVu1gX+P4t8
Dv6CMUP2DJU15kN8LqkiPfD89pQjwAsgsRcUtIv5C94rA+5wuZDtOycq+sXwMjAF
VOm69eKISOnuVydNG01O4KBEmoUYv20DZ7+S8TLnJBnkCLrmuvZ3X1Obl9g2/lxu
sgWU7MhLHdTExjg3iWumX7efmRfnK1aNa6lrETP7q6sok8bJvBE6IlI0JYu5B6BR
bz73pYJz8V6t4FUdEFGIMfIBk+YR+maGLqnLQnoNfZIfvLSoaWr1BQfJATaTzKMD
6sNuah/KYKrvr2RM+1nS9A9p7Fc46uU6T/JdmjqO6C2NNqKeW5itYFQjroIrbNr4
8UC23P4=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:20:28 2024 by rpki-client on console-fra.rpki-client.org