Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ea4125e9-8dcd-4a52-9d05-dbf603623346/df89d52259264a638729c05f723d732ce606e18d.roa
File:                     df89d52259264a638729c05f723d732ce606e18d.roa (raw, json)
Hash identifier:          uhDcZo/mLnnaq2i+1GvavKVZPv34GPV7iAgvbSm6a8Y=
Subject key identifier:   E7:7F:37:72:B6:FD:7C:51:18:51:EB:87:C4:5A:E4:A2:F4:50:A1:82
Certificate issuer:       /CN=8e4c3ee07149aed63c2b3f3d9b54dcf020c26262
Certificate serial:       09F1B3
Authority key identifier: 27:E3:88:63:2E:D5:E8:EF:F2:C8:59:22:8D:F2:94:65:47:35:35:F5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8e4c3ee07149aed63c2b3f3d9b54dcf020c26262.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ea4125e9-8dcd-4a52-9d05-dbf603623346/df89d52259264a638729c05f723d732ce606e18d.roa
Signing time:             Sun 17 Sep 2023 16:52:01 +0000
ROA not before:           Sat 16 Sep 2023 16:52:01 +0000
ROA not after:            Wed 17 Sep 2025 16:52:01 +0000
asID:                     272822
IP address blocks:        2803:1490::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ea4125e9-8dcd-4a52-9d05-dbf603623346/8e4c3ee07149aed63c2b3f3d9b54dcf020c26262.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ea4125e9-8dcd-4a52-9d05-dbf603623346/8e4c3ee07149aed63c2b3f3d9b54dcf020c26262.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8e4c3ee07149aed63c2b3f3d9b54dcf020c26262.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 12:23:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 651699 (0x9f1b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e4c3ee07149aed63c2b3f3d9b54dcf020c26262
        Validity
            Not Before: Sep 16 16:52:01 2023 GMT
            Not After : Sep 17 16:52:01 2025 GMT
        Subject: CN=df89d52259264a638729c05f723d732ce606e18d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:20:94:46:ed:3d:e0:2b:9d:9f:78:21:30:e6:
                    11:8a:12:ff:f8:88:64:55:84:c9:47:ab:b7:3c:80:
                    49:12:f0:d3:34:7b:96:77:cc:78:47:64:f3:e6:7f:
                    a1:1f:16:e9:e0:60:9f:a7:4f:a7:85:94:0c:77:c7:
                    c1:74:f3:a0:b9:09:d0:73:b3:27:51:43:7e:9d:12:
                    5e:63:7b:f3:aa:b8:23:bf:b4:d6:7f:5b:01:9e:2c:
                    f5:00:bb:e7:17:af:ae:c2:38:50:cb:a4:6c:12:b9:
                    98:1c:0f:77:70:0b:cb:6d:e8:7b:17:2b:24:54:80:
                    5a:42:43:7a:92:9c:9c:9b:d9:f7:0a:ae:4d:44:6f:
                    ff:fe:ca:73:31:82:42:99:9f:6d:de:1a:60:2d:1a:
                    8e:e4:92:65:f6:26:84:a5:6f:3b:e6:ea:06:e2:f8:
                    0f:f4:99:4a:c0:e4:4c:68:fd:50:32:9d:98:9c:7d:
                    83:e7:9b:1f:04:cf:8c:5e:6f:75:1e:86:02:5b:14:
                    86:7f:f9:a6:ea:ae:e0:0c:85:33:42:90:dc:ac:07:
                    ec:9e:ca:f4:5a:39:74:9e:73:05:97:d2:e5:94:b2:
                    17:ce:f4:d9:75:e7:e6:88:68:46:c1:fb:0f:c3:7b:
                    a1:bc:42:1e:ef:44:59:5b:af:3e:c9:37:bc:8d:00:
                    8a:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:7F:37:72:B6:FD:7C:51:18:51:EB:87:C4:5A:E4:A2:F4:50:A1:82
            X509v3 Authority Key Identifier:
                keyid:27:E3:88:63:2E:D5:E8:EF:F2:C8:59:22:8D:F2:94:65:47:35:35:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8e4c3ee07149aed63c2b3f3d9b54dcf020c26262.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ea4125e9-8dcd-4a52-9d05-dbf603623346/df89d52259264a638729c05f723d732ce606e18d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ea4125e9-8dcd-4a52-9d05-dbf603623346/8e4c3ee07149aed63c2b3f3d9b54dcf020c26262.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:1490::/32

    Signature Algorithm: sha256WithRSAEncryption
         51:23:8e:c5:58:16:d2:43:62:e8:bc:5a:7b:34:0f:0d:9e:de:
         5a:dc:e4:81:e8:de:d2:46:43:01:21:ce:95:dc:60:bf:3c:c5:
         a2:3d:42:47:02:5e:1a:b0:e1:c2:49:69:20:e5:c9:06:48:9e:
         66:6e:cd:73:b2:a5:be:7d:d0:30:45:b9:97:f3:a9:39:0c:7f:
         b8:c3:72:df:85:93:aa:79:3b:1d:21:a0:f1:86:b3:90:a6:9c:
         f0:41:ba:1c:cf:9b:0a:a9:1d:e6:cf:d7:78:63:ca:9b:ad:2f:
         39:ec:b3:80:99:be:ef:ed:bd:9b:c4:ba:0e:11:a3:6e:ec:4c:
         87:0b:d8:f3:8d:27:59:26:97:6f:a0:77:7a:be:79:9f:6d:7e:
         f7:61:9b:08:14:33:51:88:b4:f7:7a:4d:b2:14:5c:f7:ee:3c:
         e6:d0:1b:58:9d:bb:06:cb:66:cc:24:48:51:c3:55:bd:1a:03:
         92:30:bd:bb:2c:79:91:93:f9:e7:39:44:a9:2f:76:bf:cd:68:
         e6:d7:5c:16:32:9e:68:61:2c:3a:b9:b4:ea:54:05:ac:3b:20:
         ac:41:30:83:46:dd:aa:08:11:0d:a1:8b:71:90:fb:37:04:0f:
         17:49:a3:a5:3a:c6:11:71:bd:0c:2e:d6:1e:0e:5c:20:c1:d1:
         60:3d:7f:7a
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDCfGzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhl
NGMzZWUwNzE0OWFlZDYzYzJiM2YzZDliNTRkY2YwMjBjMjYyNjIwHhcNMjMwOTE2
MTY1MjAxWhcNMjUwOTE3MTY1MjAxWjAzMTEwLwYDVQQDEyhkZjg5ZDUyMjU5MjY0
YTYzODcyOWMwNWY3MjNkNzMyY2U2MDZlMThkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArCCURu094Cudn3ghMOYRihL/+IhkVYTJR6u3PIBJEvDTNHuW
d8x4R2Tz5n+hHxbp4GCfp0+nhZQMd8fBdPOguQnQc7MnUUN+nRJeY3vzqrgjv7TW
f1sBniz1ALvnF6+uwjhQy6RsErmYHA93cAvLbeh7FyskVIBaQkN6kpycm9n3Cq5N
RG///spzMYJCmZ9t3hpgLRqO5JJl9iaEpW875uoG4vgP9JlKwORMaP1QMp2YnH2D
55sfBM+MXm91HoYCWxSGf/mm6q7gDIUzQpDcrAfsnsr0Wjl0nnMFl9LllLIXzvTZ
defmiGhGwfsPw3uhvEIe70RZW68+yTe8jQCKEQIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFOd/N3K2/XxRGFHrh8Ra5KL0UKGCMB8GA1UdIwQYMBaAFCfjiGMu1ejv8shZ
Io3ylGVHNTX1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOGU0YzNl
ZTA3MTQ5YWVkNjNjMmIzZjNkOWI1NGRjZjAyMGMyNjI2Mi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZWE0MTI1ZTktOGRjZC00YTUyLTlkMDUtZGJmNjAz
NjIzMzQ2L2RmODlkNTIyNTkyNjRhNjM4NzI5YzA1ZjcyM2Q3MzJjZTYwNmUxOGQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lYTQxMjVlOS04ZGNkLTRhNTItOWQwNS1kYmY2
MDM2MjMzNDYvOGU0YzNlZTA3MTQ5YWVkNjNjMmIzZjNkOWI1NGRjZjAyMGMyNjI2
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDFJAwDQYJKoZIhvcNAQELBQADggEBAFEjjsVYFtJDYui8
Wns0Dw2e3lrc5IHo3tJGQwEhzpXcYL88xaI9QkcCXhqw4cJJaSDlyQZInmZuzXOy
pb590DBFuZfzqTkMf7jDct+Fk6p5Ox0hoPGGs5CmnPBBuhzPmwqpHebP13hjyput
Lznss4CZvu/tvZvEug4Ro27sTIcL2PONJ1kml2+gd3q+eZ9tfvdhmwgUM1GItPd6
TbIUXPfuPObQG1iduwbLZswkSFHDVb0aA5IwvbsseZGT+ec5RKkvdr/NaObXXBYy
nmhhLDq5tOpUBaw7IKxBMING3aoIEQ2hi3GQ+zcEDxdJo6U6xhFxvQwu1h4OXCDB
0WA9f3o=
-----END CERTIFICATE-----
Generated at Sat Feb 24 14:25:22 2024 by rpki-client on console-ams.rpki-client.org