Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/deddbbd1-f527-46a1-8fc7-02bb3c04f9af/668c33ff0cf059ed8bb554af699874afc4ce4ff7.roa
File:                     668c33ff0cf059ed8bb554af699874afc4ce4ff7.roa (raw, json)
Hash identifier:          7OkeFvxVKuvAetgn4t27ItFCCEhXWIDCFz3c6Vxh/Ew=
Subject key identifier:   CA:00:48:BB:8D:F4:58:2F:03:F0:CB:59:02:DB:68:B0:B9:FD:E5:B0
Certificate issuer:       /CN=874dd1d8bbfccd0b7a362fbb72654cd64097efa5
Certificate serial:       2587
Authority key identifier: 31:04:4C:1F:85:51:AD:87:C3:CA:38:38:1D:F8:06:4A:0F:8A:0F:DE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/874dd1d8bbfccd0b7a362fbb72654cd64097efa5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/deddbbd1-f527-46a1-8fc7-02bb3c04f9af/668c33ff0cf059ed8bb554af699874afc4ce4ff7.roa
Signing time:             Mon 11 Apr 2022 23:01:51 +0000
ROA not before:           Mon 11 Apr 2022 03:00:00 +0000
ROA not after:            Thu 11 Apr 2024 03:00:00 +0000
asID:                     19429
IP address blocks:        2801:10:5800::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/deddbbd1-f527-46a1-8fc7-02bb3c04f9af/874dd1d8bbfccd0b7a362fbb72654cd64097efa5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/deddbbd1-f527-46a1-8fc7-02bb3c04f9af/874dd1d8bbfccd0b7a362fbb72654cd64097efa5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/874dd1d8bbfccd0b7a362fbb72654cd64097efa5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 06 Mar 2024 06:24:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9607 (0x2587)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=874dd1d8bbfccd0b7a362fbb72654cd64097efa5
        Validity
            Not Before: Apr 11 03:00:00 2022 GMT
            Not After : Apr 11 03:00:00 2024 GMT
        Subject: CN=668c33ff0cf059ed8bb554af699874afc4ce4ff7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:12:d3:53:a9:58:f1:34:17:51:3e:d7:b7:a9:
                    79:7e:c8:b7:83:e5:02:cf:ca:b4:1e:d9:1e:10:c2:
                    66:15:61:91:5f:5c:79:e1:d5:66:69:1a:7e:97:6c:
                    88:52:56:8a:86:db:07:ab:79:93:d2:89:89:bb:32:
                    46:ad:b8:de:05:4c:13:3e:fa:da:90:3a:be:51:4d:
                    f3:b1:f3:3a:70:bf:90:eb:5b:a4:3d:74:a3:2b:0d:
                    9a:97:e5:98:4f:98:bd:36:a4:99:38:75:3b:0b:25:
                    b3:f0:da:1e:0a:32:42:48:38:22:74:89:6b:93:d4:
                    a5:22:53:fa:b1:9e:7d:dd:1b:f9:fb:dd:ab:35:73:
                    8a:13:42:e8:4f:69:99:5d:83:3f:5b:55:9f:d4:68:
                    03:42:f1:43:65:6e:67:81:11:8d:6a:c4:76:16:18:
                    d2:db:7b:c2:af:77:ca:4c:30:67:35:64:a1:61:27:
                    c2:4c:b8:67:7e:23:2b:d8:38:92:c7:64:30:26:51:
                    d3:15:da:0d:c8:d5:8a:44:5a:2d:d3:e2:15:19:40:
                    33:e0:4a:18:9d:98:95:65:21:bb:43:94:4d:1b:4b:
                    c2:4c:6e:1a:9c:f3:56:ab:b1:f5:30:95:1a:fc:d9:
                    ac:d2:a3:1d:22:95:22:61:ca:4c:01:da:c7:d7:ae:
                    cd:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:00:48:BB:8D:F4:58:2F:03:F0:CB:59:02:DB:68:B0:B9:FD:E5:B0
            X509v3 Authority Key Identifier:
                keyid:31:04:4C:1F:85:51:AD:87:C3:CA:38:38:1D:F8:06:4A:0F:8A:0F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/874dd1d8bbfccd0b7a362fbb72654cd64097efa5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/deddbbd1-f527-46a1-8fc7-02bb3c04f9af/668c33ff0cf059ed8bb554af699874afc4ce4ff7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/deddbbd1-f527-46a1-8fc7-02bb3c04f9af/874dd1d8bbfccd0b7a362fbb72654cd64097efa5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:10:5800::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:60:fa:97:5d:26:83:91:72:99:26:d8:58:97:8d:a2:cc:4a:
         3d:a1:31:b4:0e:b3:58:bb:2a:40:22:39:aa:20:d0:8a:00:95:
         9c:7c:17:c9:49:c4:20:83:bb:19:1a:83:24:aa:0f:da:60:df:
         2c:7c:51:9b:87:72:5a:04:b3:85:b1:f0:60:53:60:7b:25:28:
         a7:63:83:cd:99:1b:e8:90:8e:26:75:8f:18:a7:0e:28:6f:58:
         39:dc:e7:3b:f9:a8:3a:f7:dd:7d:a6:dc:f8:13:18:90:cb:e3:
         ee:95:5e:f8:2d:ac:6f:11:dc:ac:46:73:a4:84:f7:02:b5:2f:
         27:17:2e:90:1e:0e:54:e4:82:c3:71:ba:ca:ce:d8:0c:07:94:
         e3:41:23:a2:e7:92:41:99:c4:aa:7f:42:79:85:4c:b0:3a:80:
         66:6b:19:a7:1e:78:29:d0:d0:2a:6b:d8:21:cc:83:dd:f2:0c:
         82:48:f2:72:8f:2b:c1:d4:7e:8b:ff:17:1b:bc:74:e2:54:15:
         4f:6b:1e:77:db:ba:3b:1b:e7:34:05:3e:bc:b4:f3:a1:c6:84:
         a1:1d:33:a0:4b:b3:f4:51:ea:d0:82:29:7c:b1:49:d1:62:f1:
         14:fd:34:f6:9a:4e:07:d9:6a:26:8f:b9:5f:79:5a:71:d7:c1:
         ed:43:06:8b
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICJYcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODc0
ZGQxZDhiYmZjY2QwYjdhMzYyZmJiNzI2NTRjZDY0MDk3ZWZhNTAeFw0yMjA0MTEw
MzAwMDBaFw0yNDA0MTEwMzAwMDBaMDMxMTAvBgNVBAMTKDY2OGMzM2ZmMGNmMDU5
ZWQ4YmI1NTRhZjY5OTg3NGFmYzRjZTRmZjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZEtNTqVjxNBdRPte3qXl+yLeD5QLPyrQe2R4QwmYVYZFfXHnh
1WZpGn6XbIhSVoqG2wereZPSiYm7MkatuN4FTBM++tqQOr5RTfOx8zpwv5DrW6Q9
dKMrDZqX5ZhPmL02pJk4dTsLJbPw2h4KMkJIOCJ0iWuT1KUiU/qxnn3dG/n73as1
c4oTQuhPaZldgz9bVZ/UaANC8UNlbmeBEY1qxHYWGNLbe8Kvd8pMMGc1ZKFhJ8JM
uGd+IyvYOJLHZDAmUdMV2g3I1YpEWi3T4hUZQDPgShidmJVlIbtDlE0bS8JMbhqc
81arsfUwlRr82azSox0ilSJhykwB2sfXrs2JAgMBAAGjggJeMIICWjAdBgNVHQ4E
FgQUygBIu430WC8D8MtZAttosLn95bAwHwYDVR0jBBgwFoAUMQRMH4VRrYfDyjg4
HfgGSg+KD94wDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS84NzRkZDFk
OGJiZmNjZDBiN2EzNjJmYmI3MjY1NGNkNjQwOTdlZmE1LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy9kZWRkYmJkMS1mNTI3LTQ2YTEtOGZjNy0wMmJiM2Mw
NGY5YWYvNjY4YzMzZmYwY2YwNTllZDhiYjU1NGFmNjk5ODc0YWZjNGNlNGZmNy5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljL2RlZGRiYmQxLWY1MjctNDZhMS04ZmM3LTAyYmIz
YzA0ZjlhZi84NzRkZDFkOGJiZmNjZDBiN2EzNjJmYmI3MjY1NGNkNjQwOTdlZmE1
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMw
ETAPBAIAAjAJAwcAKAEAEFgAMA0GCSqGSIb3DQEBCwUAA4IBAQB5YPqXXSaDkXKZ
JthYl42izEo9oTG0DrNYuypAIjmqINCKAJWcfBfJScQgg7sZGoMkqg/aYN8sfFGb
h3JaBLOFsfBgU2B7JSinY4PNmRvokI4mdY8Ypw4ob1g53Oc7+ag69919ptz4ExiQ
y+PulV74LaxvEdysRnOkhPcCtS8nFy6QHg5U5ILDcbrKztgMB5TjQSOi55JBmcSq
f0J5hUywOoBmaxmnHngp0NAqa9ghzIPd8gyCSPJyjyvB1H6L/xcbvHTiVBVPax53
27o7G+c0BT68tPOhxoShHTOgS7P0UerQgil8sUnRYvEU/TT2mk4H2Womj7lfeVpx
18HtQwaL
-----END CERTIFICATE-----
Generated at Sun Mar 3 12:14:16 2024 by rpki-client on console-fra.rpki-client.org