Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d2fa77ef-bb99-4f19-8aa0-97a54438d237/84ddf1aa9c490c0efd5f76de6f79c49cfe1877c1.roa
File:                     84ddf1aa9c490c0efd5f76de6f79c49cfe1877c1.roa (raw, json)
Hash identifier:          FEImbGETAhhjyEApJ5aC5A7cot+xyPad/GYcw+Zl1eU=
Subject key identifier:   60:C6:B4:E7:75:24:30:D2:46:ED:50:15:66:90:23:DF:90:2E:25:65
Certificate issuer:       /CN=2edc085c643dfc251027399f88d0a3502685b615
Certificate serial:       035E4D
Authority key identifier: 6D:6D:64:35:95:77:C1:8A:EC:9C:4D:06:6A:C2:C9:60:DA:F0:F6:9B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2edc085c643dfc251027399f88d0a3502685b615.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d2fa77ef-bb99-4f19-8aa0-97a54438d237/84ddf1aa9c490c0efd5f76de6f79c49cfe1877c1.roa
Signing time:             Wed 24 Mar 2021 14:39:19 +0000
ROA not before:           Wed 24 Mar 2021 14:39:19 +0000
ROA not after:            Tue 24 Mar 2026 14:39:19 +0000
asID:                     270100
IP address blocks:        2803:a7e0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/d2fa77ef-bb99-4f19-8aa0-97a54438d237/2edc085c643dfc251027399f88d0a3502685b615.crl
                          rsync://repository.lacnic.net/rpki/lacnic/d2fa77ef-bb99-4f19-8aa0-97a54438d237/2edc085c643dfc251027399f88d0a3502685b615.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2edc085c643dfc251027399f88d0a3502685b615.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 220749 (0x35e4d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2edc085c643dfc251027399f88d0a3502685b615
        Validity
            Not Before: Mar 24 14:39:19 2021 GMT
            Not After : Mar 24 14:39:19 2026 GMT
        Subject: CN=84ddf1aa9c490c0efd5f76de6f79c49cfe1877c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:dc:29:4f:a5:69:23:f1:5a:12:9b:fb:01:9d:
                    d6:bd:ca:4e:29:e8:4f:12:86:f4:a4:b6:ba:06:b3:
                    1d:2c:c1:4c:6f:0f:a4:b3:aa:cc:95:07:87:f1:fd:
                    13:98:18:cd:d0:72:55:ea:50:f9:3c:bc:7e:71:81:
                    c7:f6:1f:51:5a:9c:c5:71:eb:6f:2f:c6:e7:ce:70:
                    27:41:b7:d0:62:de:c9:97:02:75:67:c9:83:09:44:
                    18:66:79:51:a9:95:29:7e:a6:b8:4a:73:bf:3d:1a:
                    ec:58:1f:26:fa:32:6e:c8:f6:6b:74:10:b2:07:d3:
                    25:1b:27:57:00:f5:62:17:ac:4a:53:c3:7a:15:27:
                    84:e5:ba:53:d8:c1:31:de:7e:06:cc:bd:cf:f9:d9:
                    0f:af:41:73:1a:6a:a8:68:5c:26:d9:ca:ee:a5:17:
                    65:dd:ea:ec:1d:8c:f7:7a:a6:22:7f:c1:b1:47:d3:
                    3c:29:20:7b:1c:01:ff:84:7b:33:1f:c4:eb:e0:91:
                    f7:8c:14:25:81:f3:92:ac:79:c9:5e:7a:a7:35:b3:
                    6c:1b:2b:71:0d:98:d2:5c:97:c9:86:44:18:db:db:
                    aa:9b:b7:25:87:05:05:fb:91:62:8e:8d:96:1c:f5:
                    04:40:4f:20:2d:bc:0f:2b:c6:5a:2c:ff:00:bf:cf:
                    ee:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:C6:B4:E7:75:24:30:D2:46:ED:50:15:66:90:23:DF:90:2E:25:65
            X509v3 Authority Key Identifier:
                keyid:6D:6D:64:35:95:77:C1:8A:EC:9C:4D:06:6A:C2:C9:60:DA:F0:F6:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2edc085c643dfc251027399f88d0a3502685b615.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d2fa77ef-bb99-4f19-8aa0-97a54438d237/84ddf1aa9c490c0efd5f76de6f79c49cfe1877c1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d2fa77ef-bb99-4f19-8aa0-97a54438d237/2edc085c643dfc251027399f88d0a3502685b615.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:a7e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         1d:c2:49:09:2e:b2:04:af:62:c9:2f:0a:af:91:b3:8f:ec:c0:
         1a:3c:5d:1a:04:b6:79:ce:d2:e0:58:c6:d3:ad:4a:ab:8c:bf:
         4d:53:28:b0:6a:df:ff:46:2f:f5:fc:7f:b5:3c:74:35:7f:21:
         35:5d:37:42:05:6a:73:2f:0e:a8:43:ca:61:2a:61:e9:52:80:
         51:3d:50:4f:e2:5f:36:c3:0a:c7:4b:fe:a0:4e:7e:b0:be:05:
         cd:67:d8:cb:f6:e1:0a:9c:64:a1:65:b0:28:c2:f8:b5:c1:af:
         a8:6f:02:47:f5:a1:c3:98:1a:6a:ca:48:e3:4e:0b:f4:40:f7:
         54:09:6f:84:d2:f5:b9:59:c2:63:9b:88:15:2e:f1:56:7b:56:
         96:43:cb:c3:80:5e:1f:5d:c1:14:ed:4f:eb:b4:85:2c:cf:d9:
         95:d6:e6:00:51:76:a4:65:b8:6e:80:7e:11:ea:62:f8:e6:49:
         9c:06:f7:70:d5:e3:9c:d7:50:db:e4:f6:23:34:4c:ce:7b:d5:
         ef:23:73:0a:b9:c4:23:ed:05:15:8d:93:f8:d0:ee:8c:4b:04:
         9b:ab:e8:28:7a:65:15:4b:bb:fd:84:4a:d0:43:eb:09:3c:8d:
         70:0c:fa:8b:b6:fe:f8:26:1e:b1:6e:04:13:c8:b1:d9:b5:73:
         09:d8:5b:f6
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDA15NMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJl
ZGMwODVjNjQzZGZjMjUxMDI3Mzk5Zjg4ZDBhMzUwMjY4NWI2MTUwHhcNMjEwMzI0
MTQzOTE5WhcNMjYwMzI0MTQzOTE5WjAzMTEwLwYDVQQDEyg4NGRkZjFhYTljNDkw
YzBlZmQ1Zjc2ZGU2Zjc5YzQ5Y2ZlMTg3N2MxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgNwpT6VpI/FaEpv7AZ3WvcpOKehPEob0pLa6BrMdLMFMbw+k
s6rMlQeH8f0TmBjN0HJV6lD5PLx+cYHH9h9RWpzFcetvL8bnznAnQbfQYt7JlwJ1
Z8mDCUQYZnlRqZUpfqa4SnO/PRrsWB8m+jJuyPZrdBCyB9MlGydXAPViF6xKU8N6
FSeE5bpT2MEx3n4GzL3P+dkPr0FzGmqoaFwm2crupRdl3ersHYz3eqYif8GxR9M8
KSB7HAH/hHszH8Tr4JH3jBQlgfOSrHnJXnqnNbNsGytxDZjSXJfJhkQY29uqm7cl
hwUF+5Fijo2WHPUEQE8gLbwPK8ZaLP8Av8/u1wIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFGDGtOd1JDDSRu1QFWaQI9+QLiVlMB8GA1UdIwQYMBaAFG1tZDWVd8GK7JxN
BmrCyWDa8PabMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmVkYzA4
NWM2NDNkZmMyNTEwMjczOTlmODhkMGEzNTAyNjg1YjYxNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDJmYTc3ZWYtYmI5OS00ZjE5LThhYTAtOTdhNTQ0
MzhkMjM3Lzg0ZGRmMWFhOWM0OTBjMGVmZDVmNzZkZTZmNzljNDljZmUxODc3YzEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kMmZhNzdlZi1iYjk5LTRmMTktOGFhMC05N2E1
NDQzOGQyMzcvMmVkYzA4NWM2NDNkZmMyNTEwMjczOTlmODhkMGEzNTAyNjg1YjYx
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDp+AwDQYJKoZIhvcNAQELBQADggEBAB3CSQkusgSvYskv
Cq+Rs4/swBo8XRoEtnnO0uBYxtOtSquMv01TKLBq3/9GL/X8f7U8dDV/ITVdN0IF
anMvDqhDymEqYelSgFE9UE/iXzbDCsdL/qBOfrC+Bc1n2Mv24QqcZKFlsCjC+LXB
r6hvAkf1ocOYGmrKSONOC/RA91QJb4TS9blZwmObiBUu8VZ7VpZDy8OAXh9dwRTt
T+u0hSzP2ZXW5gBRdqRluG6AfhHqYvjmSZwG93DV45zXUNvk9iM0TM571e8jcwq5
xCPtBRWNk/jQ7oxLBJur6Ch6ZRVLu/2EStBD6wk8jXAM+ou2/vgmHrFuBBPIsdm1
cwnYW/Y=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:33:44 2024 by rpki-client on console-fra.rpki-client.org