Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e27c8ded-fabf-42f1-a452-28c5544083e4/36c35bf017649ccc611c5aeaea4e311541ff9b03.roa
File:                     36c35bf017649ccc611c5aeaea4e311541ff9b03.roa (raw, json)
Hash identifier:          DXZ0vYxt1cFzTtZHKcf/XSn16U2Dfv+v8ZbHm87l9DQ=
Subject key identifier:   25:0F:98:88:8B:80:94:97:A0:CE:20:CF:F7:4F:0D:23:6F:A6:6A:14
Certificate issuer:       /CN=3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7
Certificate serial:       1D25F7
Authority key identifier: 54:07:E3:26:0E:37:3F:FA:85:65:42:62:04:BA:57:D5:22:12:FB:3E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e27c8ded-fabf-42f1-a452-28c5544083e4/36c35bf017649ccc611c5aeaea4e311541ff9b03.roa
Signing time:             Mon 10 Jul 2023 19:10:24 +0000
ROA not before:           Sun 09 Jul 2023 19:10:23 +0000
ROA not after:            Thu 10 Jul 2025 19:10:23 +0000
asID:                     269974
IP address blocks:        2803:d440::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e27c8ded-fabf-42f1-a452-28c5544083e4/3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e27c8ded-fabf-42f1-a452-28c5544083e4/3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 16:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1910263 (0x1d25f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7
        Validity
            Not Before: Jul  9 19:10:23 2023 GMT
            Not After : Jul 10 19:10:23 2025 GMT
        Subject: CN=36c35bf017649ccc611c5aeaea4e311541ff9b03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:80:54:cd:65:84:a1:b2:a5:cd:09:48:9d:bc:
                    c5:14:67:63:c0:0b:a1:b0:d2:9e:fa:14:ea:08:37:
                    ef:d5:3d:53:75:6d:41:b8:d7:46:48:e5:c3:86:18:
                    6e:0e:16:43:19:36:50:fd:6a:bc:33:0f:ea:b4:41:
                    2a:90:67:26:32:18:24:62:cd:87:6c:e4:f4:2b:72:
                    91:fa:87:40:fe:42:2b:98:f8:8d:42:1b:95:97:7e:
                    f7:89:2b:05:89:a2:ac:3e:4e:6a:e8:03:e2:60:f1:
                    50:bd:8b:8c:81:37:b3:1c:60:55:6a:d7:37:9f:78:
                    d4:e9:74:c7:55:d3:24:0f:24:6e:13:98:21:9c:7c:
                    70:5e:37:63:f4:93:7f:38:b4:5e:09:54:b8:e2:3d:
                    10:b6:c5:fc:db:97:b4:ae:a9:fc:5f:b9:c8:1c:a7:
                    a3:63:ae:d2:5a:24:24:08:bf:61:3a:be:ef:81:8c:
                    53:bf:4e:35:ac:b0:60:a0:a2:a8:55:dc:c6:a4:bd:
                    98:a9:e1:64:1c:3f:f3:e8:a1:98:d3:89:81:d1:1e:
                    b4:40:aa:ed:47:79:81:b9:bb:80:51:38:de:7e:a0:
                    6f:88:08:14:cd:65:b1:8f:ef:5b:6d:cc:52:58:c0:
                    22:b7:0f:1c:fc:cb:d8:97:a7:93:da:d6:f5:fb:42:
                    4b:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:0F:98:88:8B:80:94:97:A0:CE:20:CF:F7:4F:0D:23:6F:A6:6A:14
            X509v3 Authority Key Identifier:
                keyid:54:07:E3:26:0E:37:3F:FA:85:65:42:62:04:BA:57:D5:22:12:FB:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e27c8ded-fabf-42f1-a452-28c5544083e4/36c35bf017649ccc611c5aeaea4e311541ff9b03.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e27c8ded-fabf-42f1-a452-28c5544083e4/3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:d440::/32

    Signature Algorithm: sha256WithRSAEncryption
         2c:00:b1:6d:18:21:61:a6:93:90:7c:08:67:e7:a5:d0:e1:0e:
         7e:36:3d:63:22:b7:7e:c3:a2:3c:06:4a:73:17:68:7c:2b:c2:
         37:6a:b5:88:ad:41:5b:a6:6b:a5:2d:12:99:47:a3:c4:94:f9:
         f0:62:19:f0:80:92:88:6e:a2:84:ad:63:e8:dc:f7:e7:e0:a2:
         1d:07:01:88:37:75:f1:77:3d:92:b7:5c:ea:ee:52:05:52:75:
         14:ef:ee:1a:8f:1e:f5:d2:9c:94:1f:cb:64:2b:53:56:d2:41:
         51:6c:60:e3:b4:ad:02:5f:cc:96:68:91:c3:bb:65:f1:e1:b1:
         e3:39:65:62:a2:37:ce:b2:16:09:ad:49:12:0d:47:42:cb:97:
         4a:c2:7c:22:86:79:c9:ec:4b:c4:3f:d6:89:17:f5:51:25:78:
         87:65:0d:73:c5:c2:73:92:2a:08:53:ce:da:a6:a4:c4:7b:b7:
         81:b3:45:5c:7d:ce:b1:1e:42:9d:6f:e4:cb:ed:9a:e3:39:7b:
         34:ea:ee:b3:b0:97:c5:49:30:80:18:2c:90:23:06:79:14:4d:
         9f:53:3e:80:47:3f:71:a6:cb:6e:e3:cd:50:ce:41:03:d0:99:
         d4:be:52:a5:81:f0:12:21:ff:e7:bb:0f:e4:f9:c8:94:fd:dc:
         85:88:80:13
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDHSX3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNh
YThkZTYxNGNhMDViY2QyOTQzZWUyZjRmZmIzMGJmMTlhODY0YjcwHhcNMjMwNzA5
MTkxMDIzWhcNMjUwNzEwMTkxMDIzWjAzMTEwLwYDVQQDEygzNmMzNWJmMDE3NjQ5
Y2NjNjExYzVhZWFlYTRlMzExNTQxZmY5YjAzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyYBUzWWEobKlzQlInbzFFGdjwAuhsNKe+hTqCDfv1T1TdW1B
uNdGSOXDhhhuDhZDGTZQ/Wq8Mw/qtEEqkGcmMhgkYs2HbOT0K3KR+odA/kIrmPiN
QhuVl373iSsFiaKsPk5q6APiYPFQvYuMgTezHGBVatc3n3jU6XTHVdMkDyRuE5gh
nHxwXjdj9JN/OLReCVS44j0QtsX825e0rqn8X7nIHKejY67SWiQkCL9hOr7vgYxT
v041rLBgoKKoVdzGpL2YqeFkHD/z6KGY04mB0R60QKrtR3mBubuAUTjefqBviAgU
zWWxj+9bbcxSWMAitw8c/MvYl6eT2tb1+0JLvwIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFCUPmIiLgJSXoM4gz/dPDSNvpmoUMB8GA1UdIwQYMBaAFFQH4yYONz/6hWVC
YgS6V9UiEvs+MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2FhOGRl
NjE0Y2EwNWJjZDI5NDNlZTJmNGZmYjMwYmYxOWE4NjRiNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTI3YzhkZWQtZmFiZi00MmYxLWE0NTItMjhjNTU0
NDA4M2U0LzM2YzM1YmYwMTc2NDljY2M2MTFjNWFlYWVhNGUzMTE1NDFmZjliMDMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lMjdjOGRlZC1mYWJmLTQyZjEtYTQ1Mi0yOGM1
NTQ0MDgzZTQvM2FhOGRlNjE0Y2EwNWJjZDI5NDNlZTJmNGZmYjMwYmYxOWE4NjRi
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgD1EAwDQYJKoZIhvcNAQELBQADggEBACwAsW0YIWGmk5B8
CGfnpdDhDn42PWMit37DojwGSnMXaHwrwjdqtYitQVuma6UtEplHo8SU+fBiGfCA
kohuooStY+jc9+fgoh0HAYg3dfF3PZK3XOruUgVSdRTv7hqPHvXSnJQfy2QrU1bS
QVFsYOO0rQJfzJZokcO7ZfHhseM5ZWKiN86yFgmtSRINR0LLl0rCfCKGecnsS8Q/
1okX9VEleIdlDXPFwnOSKghTztqmpMR7t4GzRVx9zrEeQp1v5MvtmuM5ezTq7rOw
l8VJMIAYLJAjBnkUTZ9TPoBHP3Gmy27jzVDOQQPQmdS+UqWB8BIh/+e7D+T5yJT9
3IWIgBM=
-----END CERTIFICATE-----
Generated at Fri Feb 23 20:10:06 2024 by rpki-client on console-ams.rpki-client.org