Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e70ffa56-ac19-410a-a9e0-0efc375f40f5/1308ca2e7f87f481bbcde5321d2b19db94532585.roa
File:                     1308ca2e7f87f481bbcde5321d2b19db94532585.roa (raw, json)
Hash identifier:          yk3lU2NWPwayXtHLjJU81imtsgwpWn1Jesyqh4dkJcs=
Subject key identifier:   7F:20:EA:F8:23:75:9B:50:A6:D2:76:94:8C:9F:D2:1C:73:1C:1D:14
Certificate issuer:       /CN=964a21ff7c1fd56e60119cb717b0e0a16f85e7d4
Certificate serial:       063E89
Authority key identifier: 62:1E:53:9D:6D:E0:5F:59:D3:77:CD:57:97:ED:EB:3F:02:D0:8A:EF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/964a21ff7c1fd56e60119cb717b0e0a16f85e7d4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e70ffa56-ac19-410a-a9e0-0efc375f40f5/1308ca2e7f87f481bbcde5321d2b19db94532585.roa
Signing time:             Wed 24 Mar 2021 14:46:03 +0000
ROA not before:           Wed 24 Mar 2021 14:46:03 +0000
ROA not after:            Tue 24 Mar 2026 14:46:03 +0000
asID:                     28032
IP address blocks:        2803:25e0::/32 maxlen: 36

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e70ffa56-ac19-410a-a9e0-0efc375f40f5/964a21ff7c1fd56e60119cb717b0e0a16f85e7d4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e70ffa56-ac19-410a-a9e0-0efc375f40f5/964a21ff7c1fd56e60119cb717b0e0a16f85e7d4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/964a21ff7c1fd56e60119cb717b0e0a16f85e7d4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 409225 (0x63e89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=964a21ff7c1fd56e60119cb717b0e0a16f85e7d4
        Validity
            Not Before: Mar 24 14:46:03 2021 GMT
            Not After : Mar 24 14:46:03 2026 GMT
        Subject: CN=1308ca2e7f87f481bbcde5321d2b19db94532585
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:18:16:74:82:e0:c2:ed:d9:1f:9d:6d:65:09:
                    cc:7b:7a:a3:18:56:0d:ae:b1:83:22:21:61:b6:e6:
                    17:33:ca:ee:08:9d:00:45:3e:4d:48:a2:e6:ae:05:
                    d9:a9:90:cd:8a:43:d4:c9:59:28:36:c8:5e:50:fe:
                    39:ed:b5:40:bd:39:34:0c:83:67:97:26:86:80:eb:
                    c3:19:d6:45:68:bf:88:53:8a:8b:d7:7f:3f:1c:8d:
                    bb:02:e4:0e:07:07:9b:53:c0:b7:a8:c0:ce:1d:46:
                    61:15:7a:0e:b4:ef:95:b2:85:b6:87:24:59:b2:c8:
                    82:29:ab:96:a0:b9:6c:20:36:cf:06:6f:5f:44:78:
                    e3:7e:88:e5:d6:9e:22:7c:4b:29:ce:00:26:0e:5d:
                    e5:40:2b:cc:ff:c4:2e:06:27:20:0d:87:96:4b:9c:
                    f1:d0:6b:1c:11:d5:ed:3a:41:91:40:46:8a:93:c5:
                    fc:74:d7:0a:0f:d5:b9:e3:7b:d7:5f:89:a7:2a:4c:
                    06:55:54:34:52:67:7f:65:a3:a3:b2:30:fc:90:5b:
                    84:06:ae:92:ee:e2:76:67:02:97:fb:44:dd:5a:7d:
                    03:6e:c5:ab:94:3e:bc:2a:a6:6b:15:18:ee:e0:1d:
                    b9:f8:4a:7d:fa:17:9c:74:41:66:40:f4:63:49:e3:
                    99:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:20:EA:F8:23:75:9B:50:A6:D2:76:94:8C:9F:D2:1C:73:1C:1D:14
            X509v3 Authority Key Identifier:
                keyid:62:1E:53:9D:6D:E0:5F:59:D3:77:CD:57:97:ED:EB:3F:02:D0:8A:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/964a21ff7c1fd56e60119cb717b0e0a16f85e7d4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e70ffa56-ac19-410a-a9e0-0efc375f40f5/1308ca2e7f87f481bbcde5321d2b19db94532585.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e70ffa56-ac19-410a-a9e0-0efc375f40f5/964a21ff7c1fd56e60119cb717b0e0a16f85e7d4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:25e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         17:5c:92:c4:69:01:20:bd:bf:d5:39:f4:09:82:af:06:ff:ca:
         58:b6:47:f6:83:43:fc:37:1c:6d:f9:38:b4:1d:65:2e:6d:5d:
         b6:44:3b:cd:a7:c4:ae:fc:f2:25:f0:a7:e3:8e:d8:5c:d3:1e:
         10:1b:25:2a:6a:ec:01:2d:13:11:49:f9:e9:0a:94:31:2c:b9:
         53:c9:c5:12:42:4a:73:78:e0:d3:dd:1d:09:58:34:96:5a:69:
         a2:3e:05:cd:45:d1:9f:d8:c2:89:1d:47:29:7a:ab:85:2e:54:
         f6:f7:4b:ee:57:db:c8:3d:60:7b:54:fe:ad:d5:e6:4a:a9:ea:
         96:19:10:e5:04:6a:b5:ea:f7:b4:0e:dc:0e:78:32:43:cb:dc:
         22:05:61:19:43:78:c4:8b:46:ef:95:e2:5d:f9:5a:f3:c8:0d:
         15:6d:f6:47:ff:f5:91:f3:8f:d8:4d:8b:dd:b4:29:f0:d0:59:
         a7:f3:2e:9f:47:22:06:90:71:52:04:66:2f:10:e8:e0:2f:b3:
         77:5b:d7:48:7f:b2:f6:c1:f2:4e:f2:3c:31:ef:fb:a5:5d:b2:
         1d:f4:dc:5c:ad:5b:f9:7e:98:6f:99:5a:a0:ef:2c:07:16:d0:
         f1:f4:d5:72:a0:66:42:ab:53:c7:bc:c2:de:17:84:83:50:22:
         ae:02:9b:49
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDBj6JMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDk2
NGEyMWZmN2MxZmQ1NmU2MDExOWNiNzE3YjBlMGExNmY4NWU3ZDQwHhcNMjEwMzI0
MTQ0NjAzWhcNMjYwMzI0MTQ0NjAzWjAzMTEwLwYDVQQDEygxMzA4Y2EyZTdmODdm
NDgxYmJjZGU1MzIxZDJiMTlkYjk0NTMyNTg1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4RgWdILgwu3ZH51tZQnMe3qjGFYNrrGDIiFhtuYXM8ruCJ0A
RT5NSKLmrgXZqZDNikPUyVkoNsheUP457bVAvTk0DINnlyaGgOvDGdZFaL+IU4qL
138/HI27AuQOBwebU8C3qMDOHUZhFXoOtO+VsoW2hyRZssiCKauWoLlsIDbPBm9f
RHjjfojl1p4ifEspzgAmDl3lQCvM/8QuBicgDYeWS5zx0GscEdXtOkGRQEaKk8X8
dNcKD9W543vXX4mnKkwGVVQ0Umd/ZaOjsjD8kFuEBq6S7uJ2ZwKX+0TdWn0DbsWr
lD68KqZrFRju4B25+Ep9+hecdEFmQPRjSeOZ/wIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFH8g6vgjdZtQptJ2lIyf0hxzHB0UMB8GA1UdIwQYMBaAFGIeU51t4F9Z03fN
V5ft6z8C0IrvMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTY0YTIx
ZmY3YzFmZDU2ZTYwMTE5Y2I3MTdiMGUwYTE2Zjg1ZTdkNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTcwZmZhNTYtYWMxOS00MTBhLWE5ZTAtMGVmYzM3
NWY0MGY1LzEzMDhjYTJlN2Y4N2Y0ODFiYmNkZTUzMjFkMmIxOWRiOTQ1MzI1ODUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lNzBmZmE1Ni1hYzE5LTQxMGEtYTllMC0wZWZj
Mzc1ZjQwZjUvOTY0YTIxZmY3YzFmZDU2ZTYwMTE5Y2I3MTdiMGUwYTE2Zjg1ZTdk
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDJeAwDQYJKoZIhvcNAQELBQADggEBABdcksRpASC9v9U5
9AmCrwb/yli2R/aDQ/w3HG35OLQdZS5tXbZEO82nxK788iXwp+OO2FzTHhAbJSpq
7AEtExFJ+ekKlDEsuVPJxRJCSnN44NPdHQlYNJZaaaI+Bc1F0Z/YwokdRyl6q4Uu
VPb3S+5X28g9YHtU/q3V5kqp6pYZEOUEarXq97QO3A54MkPL3CIFYRlDeMSLRu+V
4l35WvPIDRVt9kf/9ZHzj9hNi920KfDQWafzLp9HIgaQcVIEZi8Q6OAvs3db10h/
svbB8k7yPDHv+6Vdsh303FytW/l+mG+ZWqDvLAcW0PH01XKgZkKrU8e8wt4XhINQ
Iq4Cm0k=
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:40:47 2024 by rpki-client on console-fra.rpki-client.org