Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ea4125e9-8dcd-4a52-9d05-dbf603623346/f30ab451adec7ddaf1bf9f6d7f420d96ab4f03f3.roa
File:                     f30ab451adec7ddaf1bf9f6d7f420d96ab4f03f3.roa (raw, json)
Hash identifier:          /IRqoCXng+rIzWjU5xrMhGUmH36JtOKumWns0PdD+Kc=
Subject key identifier:   14:DE:12:5B:26:83:56:1C:DC:5C:71:CC:4B:D1:65:B7:49:C9:5C:48
Certificate issuer:       /CN=8e4c3ee07149aed63c2b3f3d9b54dcf020c26262
Certificate serial:       09F59B
Authority key identifier: 27:E3:88:63:2E:D5:E8:EF:F2:C8:59:22:8D:F2:94:65:47:35:35:F5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8e4c3ee07149aed63c2b3f3d9b54dcf020c26262.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ea4125e9-8dcd-4a52-9d05-dbf603623346/f30ab451adec7ddaf1bf9f6d7f420d96ab4f03f3.roa
Signing time:             Sun 17 Sep 2023 16:56:13 +0000
ROA not before:           Sat 16 Sep 2023 16:56:13 +0000
ROA not after:            Wed 17 Sep 2025 16:56:13 +0000
asID:                     272822
IP address blocks:        2803:1490:f100::/40 maxlen: 40
                          2803:1490:f200::/40 maxlen: 40
                          2803:1490:f300::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ea4125e9-8dcd-4a52-9d05-dbf603623346/8e4c3ee07149aed63c2b3f3d9b54dcf020c26262.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ea4125e9-8dcd-4a52-9d05-dbf603623346/8e4c3ee07149aed63c2b3f3d9b54dcf020c26262.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8e4c3ee07149aed63c2b3f3d9b54dcf020c26262.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 16:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 652699 (0x9f59b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e4c3ee07149aed63c2b3f3d9b54dcf020c26262
        Validity
            Not Before: Sep 16 16:56:13 2023 GMT
            Not After : Sep 17 16:56:13 2025 GMT
        Subject: CN=f30ab451adec7ddaf1bf9f6d7f420d96ab4f03f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:56:dc:e9:18:a0:08:3e:c4:68:62:5b:50:4f:
                    8d:d8:c9:16:c2:95:39:8f:c1:22:9b:50:84:84:4f:
                    1c:20:55:cf:fe:52:88:34:d3:c2:84:da:c1:a1:44:
                    12:68:72:be:ea:fe:92:3b:5a:06:92:6b:b0:34:fd:
                    f3:da:de:f9:6e:96:8f:59:7a:32:0c:f9:87:7f:c5:
                    a5:30:93:98:fe:2a:85:51:ae:ed:25:3e:0e:f3:77:
                    12:c7:dd:21:0d:2e:9e:c3:70:42:e0:10:4d:00:2d:
                    6c:57:9f:ac:a5:fe:90:e8:41:d3:be:26:1c:11:1b:
                    ba:a1:5e:27:ad:11:38:88:a2:26:e5:7f:6a:4a:e6:
                    70:1b:4e:67:58:52:da:0c:7f:d5:61:ba:9e:97:fd:
                    fa:fd:ee:3c:65:0c:61:0c:a2:16:1c:2a:cd:73:80:
                    ca:d3:03:e1:a5:6c:30:c9:12:e4:85:98:2f:c7:06:
                    1d:95:60:c0:63:40:fa:3b:0b:1c:dd:a7:dc:19:5a:
                    8f:e3:97:4d:a5:f2:4f:90:45:8f:14:56:01:18:dd:
                    ad:b8:cd:51:ab:09:85:f8:76:36:c4:f9:2e:aa:16:
                    e7:f4:de:b6:a9:f9:fc:58:f5:80:86:27:3b:1f:2f:
                    9b:d0:0a:75:1d:98:d5:2a:75:4c:6b:02:56:b5:bd:
                    c8:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:DE:12:5B:26:83:56:1C:DC:5C:71:CC:4B:D1:65:B7:49:C9:5C:48
            X509v3 Authority Key Identifier:
                keyid:27:E3:88:63:2E:D5:E8:EF:F2:C8:59:22:8D:F2:94:65:47:35:35:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8e4c3ee07149aed63c2b3f3d9b54dcf020c26262.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ea4125e9-8dcd-4a52-9d05-dbf603623346/f30ab451adec7ddaf1bf9f6d7f420d96ab4f03f3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ea4125e9-8dcd-4a52-9d05-dbf603623346/8e4c3ee07149aed63c2b3f3d9b54dcf020c26262.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:1490:f100::-2803:1490:f3ff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         93:a0:c0:46:4d:0a:1b:6f:be:dd:1a:de:f5:37:b7:f3:94:7b:
         18:04:1d:39:e3:d3:1e:ed:d0:72:ba:cd:0a:15:5c:37:ba:07:
         65:76:ee:04:67:ac:bb:c7:d8:c2:2d:3c:e5:1e:c7:27:b2:3c:
         a5:17:3e:88:73:06:ac:3f:e6:21:60:9f:e5:87:cd:58:2e:5d:
         55:f8:21:47:59:a3:fe:8c:e5:3e:5c:89:2d:af:f7:fd:80:bb:
         80:cd:e3:78:0c:f6:60:04:73:8b:fe:9f:4e:f2:f4:df:3c:ee:
         3c:ed:4a:c4:d0:f3:33:af:d6:42:1d:52:00:8c:2e:07:35:15:
         69:7c:0c:05:2b:02:a0:59:c5:63:12:6f:da:17:e1:f5:53:9a:
         19:1f:03:12:76:9e:64:18:03:9f:d7:d7:9f:44:c2:b8:05:e9:
         87:a1:d6:3b:c7:32:9c:75:a4:98:c1:d3:bf:be:b3:e6:e0:a7:
         79:b9:a9:2d:57:10:69:fa:1b:f8:29:65:f3:1b:15:ce:e7:16:
         84:59:8f:28:83:5e:8b:14:b4:b4:ce:73:05:65:2a:ad:0d:73:
         bd:9f:32:7a:f7:7c:92:4c:67:04:18:15:c7:24:1a:b5:e5:c1:
         04:f6:90:0d:5c:2c:93:35:fe:a9:1f:95:a6:d4:17:e2:34:3c:
         a2:77:cd:5d
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIDCfWbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhl
NGMzZWUwNzE0OWFlZDYzYzJiM2YzZDliNTRkY2YwMjBjMjYyNjIwHhcNMjMwOTE2
MTY1NjEzWhcNMjUwOTE3MTY1NjEzWjAzMTEwLwYDVQQDEyhmMzBhYjQ1MWFkZWM3
ZGRhZjFiZjlmNmQ3ZjQyMGQ5NmFiNGYwM2YzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAylbc6RigCD7EaGJbUE+N2MkWwpU5j8Eim1CEhE8cIFXP/lKI
NNPChNrBoUQSaHK+6v6SO1oGkmuwNP3z2t75bpaPWXoyDPmHf8WlMJOY/iqFUa7t
JT4O83cSx90hDS6ew3BC4BBNAC1sV5+spf6Q6EHTviYcERu6oV4nrRE4iKIm5X9q
SuZwG05nWFLaDH/VYbqel/36/e48ZQxhDKIWHCrNc4DK0wPhpWwwyRLkhZgvxwYd
lWDAY0D6Owsc3afcGVqP45dNpfJPkEWPFFYBGN2tuM1RqwmF+HY2xPkuqhbn9N62
qfn8WPWAhic7Hy+b0Ap1HZjVKnVMawJWtb3IfQIDAQABo4ICZzCCAmMwHQYDVR0O
BBYEFBTeElsmg1Yc3FxxzEvRZbdJyVxIMB8GA1UdIwQYMBaAFCfjiGMu1ejv8shZ
Io3ylGVHNTX1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOGU0YzNl
ZTA3MTQ5YWVkNjNjMmIzZjNkOWI1NGRjZjAyMGMyNjI2Mi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZWE0MTI1ZTktOGRjZC00YTUyLTlkMDUtZGJmNjAz
NjIzMzQ2L2YzMGFiNDUxYWRlYzdkZGFmMWJmOWY2ZDdmNDIwZDk2YWI0ZjAzZjMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lYTQxMjVlOS04ZGNkLTRhNTItOWQwNS1kYmY2
MDM2MjMzNDYvOGU0YzNlZTA3MTQ5YWVkNjNjMmIzZjNkOWI1NGRjZjAyMGMyNjI2
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAIwEjAQAwYAKAMUkPEDBgIoAxSQ8DANBgkqhkiG9w0BAQsFAAOCAQEA
k6DARk0KG2++3Rre9Te385R7GAQdOePTHu3QcrrNChVcN7oHZXbuBGesu8fYwi08
5R7HJ7I8pRc+iHMGrD/mIWCf5YfNWC5dVfghR1mj/ozlPlyJLa/3/YC7gM3jeAz2
YARzi/6fTvL03zzuPO1KxNDzM6/WQh1SAIwuBzUVaXwMBSsCoFnFYxJv2hfh9VOa
GR8DEnaeZBgDn9fXn0TCuAXph6HWO8cynHWkmMHTv76z5uCnebmpLVcQafob+Cll
8xsVzucWhFmPKINeixS0tM5zBWUqrQ1zvZ8yevd8kkxnBBgVxyQateXBBPaQDVws
kzX+qR+VptQX4jQ8onfNXQ==
-----END CERTIFICATE-----
Generated at Fri Feb 23 17:09:12 2024 by rpki-client on console-ams.rpki-client.org