Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/dba681e0-98a3-49ba-a222-b243c9e0f681/b2cf79df41f492bf8417dc6dfc379b70a3c564d8.roa
File:                     b2cf79df41f492bf8417dc6dfc379b70a3c564d8.roa (raw, json)
Hash identifier:          cjPElzLt/nrvXYBqeiclSTGn6qKXQ1d1EKQUkCtwyMc=
Subject key identifier:   C7:BF:03:1B:D7:9F:2D:09:39:1A:C1:53:BC:B8:F2:37:B2:01:04:52
Certificate issuer:       /CN=b0e5e35584d82ee017f3248e331868334b2ae7b7
Certificate serial:       0BE3A9
Authority key identifier: BF:A6:74:94:70:54:88:15:BD:46:A3:30:6E:85:E7:8A:83:49:1F:B7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b0e5e35584d82ee017f3248e331868334b2ae7b7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/dba681e0-98a3-49ba-a222-b243c9e0f681/b2cf79df41f492bf8417dc6dfc379b70a3c564d8.roa
Signing time:             Wed 24 Mar 2021 14:34:47 +0000
ROA not before:           Wed 24 Mar 2021 14:34:46 +0000
ROA not after:            Tue 24 Mar 2026 14:34:46 +0000
asID:                     3549
IP address blocks:        2803:b2a0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/dba681e0-98a3-49ba-a222-b243c9e0f681/b0e5e35584d82ee017f3248e331868334b2ae7b7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/dba681e0-98a3-49ba-a222-b243c9e0f681/b0e5e35584d82ee017f3248e331868334b2ae7b7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b0e5e35584d82ee017f3248e331868334b2ae7b7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 779177 (0xbe3a9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0e5e35584d82ee017f3248e331868334b2ae7b7
        Validity
            Not Before: Mar 24 14:34:46 2021 GMT
            Not After : Mar 24 14:34:46 2026 GMT
        Subject: CN=b2cf79df41f492bf8417dc6dfc379b70a3c564d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:70:db:5e:06:b1:99:e1:fd:23:89:3d:56:79:
                    be:01:14:cf:ba:8e:e9:4f:33:55:be:78:60:88:a3:
                    88:71:c2:3e:82:a6:f5:b2:89:4a:4d:23:98:74:b8:
                    79:75:bf:5b:f4:b3:41:f5:b3:ff:1d:6c:56:59:63:
                    53:d0:5e:7c:62:31:9e:a2:3a:c7:1e:51:b5:5a:3e:
                    4b:a4:09:90:19:50:dd:92:b2:eb:70:74:bb:46:7f:
                    24:3a:7b:6c:59:ab:1a:3d:e6:b4:32:c2:c6:7e:d3:
                    cc:7e:1f:86:d3:46:96:cd:e0:51:60:9d:22:ce:1a:
                    9e:a0:c3:0b:bf:4d:25:16:df:d0:85:fa:dc:a4:be:
                    18:ed:f9:36:a2:2d:70:5f:a7:a3:05:ee:86:ce:08:
                    49:77:5f:e4:e9:f3:02:5e:e1:28:e9:41:c2:00:8a:
                    e8:42:fe:00:ca:f0:88:5f:e7:34:57:fa:36:06:f9:
                    84:b0:8a:81:1b:c8:54:38:2c:ef:94:f0:1d:4d:de:
                    62:40:67:6d:80:e5:c4:27:ab:9f:e9:3e:9e:0a:97:
                    1e:e0:46:9e:73:08:2a:63:47:b6:44:70:c7:91:f3:
                    1f:de:6a:a8:26:78:5a:88:ef:ba:b7:95:ca:cf:8c:
                    2f:68:58:64:6b:c3:f3:91:d7:b5:d1:79:d1:fe:7b:
                    c1:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:BF:03:1B:D7:9F:2D:09:39:1A:C1:53:BC:B8:F2:37:B2:01:04:52
            X509v3 Authority Key Identifier:
                keyid:BF:A6:74:94:70:54:88:15:BD:46:A3:30:6E:85:E7:8A:83:49:1F:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b0e5e35584d82ee017f3248e331868334b2ae7b7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/dba681e0-98a3-49ba-a222-b243c9e0f681/b2cf79df41f492bf8417dc6dfc379b70a3c564d8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/dba681e0-98a3-49ba-a222-b243c9e0f681/b0e5e35584d82ee017f3248e331868334b2ae7b7.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b2a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         6f:dc:6a:c8:15:e0:dc:c4:22:d1:38:3d:e2:7b:3c:06:73:a8:
         92:37:79:ed:cf:09:31:7a:d7:91:9f:e7:e7:3a:93:de:4b:95:
         d9:9d:c1:72:95:be:57:a8:ee:d8:f9:df:b9:54:a7:0c:6d:09:
         61:7b:ef:c3:ac:07:3f:0c:95:08:23:6a:41:5c:92:fb:25:54:
         a7:5f:52:4d:bc:68:86:77:41:3f:0b:3d:a7:86:e4:42:70:16:
         81:5f:76:8b:55:01:a7:92:fa:fd:dc:ae:d6:23:d8:7f:d2:ba:
         71:c5:d8:b9:ee:e2:3f:72:f5:98:fa:49:58:d5:43:af:6e:69:
         6b:43:15:51:dc:73:f0:7f:a5:27:48:06:ed:75:8e:3f:af:f5:
         a5:d2:c0:95:82:e6:d9:df:98:4d:29:d3:ea:40:c5:4a:f9:7b:
         c7:7a:ca:35:03:d8:bc:1d:ee:30:79:2c:0c:51:51:e6:d7:05:
         b5:7f:5f:66:92:90:7e:7a:9e:19:fc:e1:15:66:21:6c:f2:06:
         07:e2:f5:68:2a:ce:f0:93:a0:3e:5c:3f:94:23:ee:02:43:7a:
         7f:53:91:71:9e:48:70:78:4e:de:ec:24:46:a5:b8:25:b3:5c:
         c5:16:a6:b2:63:ec:f8:02:b5:52:bd:68:91:c3:fc:fd:28:fe:
         0b:a5:62:e3
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDC+OpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIw
ZTVlMzU1ODRkODJlZTAxN2YzMjQ4ZTMzMTg2ODMzNGIyYWU3YjcwHhcNMjEwMzI0
MTQzNDQ2WhcNMjYwMzI0MTQzNDQ2WjAzMTEwLwYDVQQDEyhiMmNmNzlkZjQxZjQ5
MmJmODQxN2RjNmRmYzM3OWI3MGEzYzU2NGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnnDbXgaxmeH9I4k9Vnm+ARTPuo7pTzNVvnhgiKOIccI+gqb1
solKTSOYdLh5db9b9LNB9bP/HWxWWWNT0F58YjGeojrHHlG1Wj5LpAmQGVDdkrLr
cHS7Rn8kOntsWasaPea0MsLGftPMfh+G00aWzeBRYJ0izhqeoMMLv00lFt/Qhfrc
pL4Y7fk2oi1wX6ejBe6GzghJd1/k6fMCXuEo6UHCAIroQv4AyvCIX+c0V/o2BvmE
sIqBG8hUOCzvlPAdTd5iQGdtgOXEJ6uf6T6eCpce4EaecwgqY0e2RHDHkfMf3mqo
JnhaiO+6t5XKz4wvaFhka8Pzkde10XnR/nvBnwIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFMe/AxvXny0JORrBU7y48jeyAQRSMB8GA1UdIwQYMBaAFL+mdJRwVIgVvUaj
MG6F54qDSR+3MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjBlNWUz
NTU4NGQ4MmVlMDE3ZjMyNDhlMzMxODY4MzM0YjJhZTdiNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZGJhNjgxZTAtOThhMy00OWJhLWEyMjItYjI0M2M5
ZTBmNjgxL2IyY2Y3OWRmNDFmNDkyYmY4NDE3ZGM2ZGZjMzc5YjcwYTNjNTY0ZDgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kYmE2ODFlMC05OGEzLTQ5YmEtYTIyMi1iMjQz
YzllMGY2ODEvYjBlNWUzNTU4NGQ4MmVlMDE3ZjMyNDhlMzMxODY4MzM0YjJhZTdi
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDsqAwDQYJKoZIhvcNAQELBQADggEBAG/casgV4NzEItE4
PeJ7PAZzqJI3ee3PCTF615Gf5+c6k95LldmdwXKVvleo7tj537lUpwxtCWF778Os
Bz8MlQgjakFckvslVKdfUk28aIZ3QT8LPaeG5EJwFoFfdotVAaeS+v3crtYj2H/S
unHF2Lnu4j9y9Zj6SVjVQ69uaWtDFVHcc/B/pSdIBu11jj+v9aXSwJWC5tnfmE0p
0+pAxUr5e8d6yjUD2Lwd7jB5LAxRUebXBbV/X2aSkH56nhn84RVmIWzyBgfi9Wgq
zvCToD5cP5Qj7gJDen9TkXGeSHB4Tt7sJEaluCWzXMUWprJj7PgCtVK9aJHD/P0o
/gulYuM=
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:47:17 2024 by rpki-client on console-ams.rpki-client.org