Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/fe0a37a0-166a-4a06-a48b-44df7521fa4e/01e0ad86b8718dc26d08affa3e092eae08fb6e45.roa
File:                     01e0ad86b8718dc26d08affa3e092eae08fb6e45.roa (raw, json)
Hash identifier:          noJHujHi5agJV/t+B4rTx1SM/dfavMB8PoTrKAuanNg=
Subject key identifier:   D1:B9:62:7C:1B:D5:FC:0F:1D:95:0F:93:9B:51:FF:3B:20:C7:9C:1E
Certificate issuer:       /CN=23091c63c58ba27ebd4d56345b541e6a9f5d1923
Certificate serial:       0D8829
Authority key identifier: FC:C5:DE:7D:91:EE:FC:28:49:91:6D:DA:53:BB:B7:7D:16:F9:53:2B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/23091c63c58ba27ebd4d56345b541e6a9f5d1923.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/fe0a37a0-166a-4a06-a48b-44df7521fa4e/01e0ad86b8718dc26d08affa3e092eae08fb6e45.roa
Signing time:             Wed 24 Mar 2021 14:28:33 +0000
ROA not before:           Wed 24 Mar 2021 14:28:32 +0000
ROA not after:            Tue 24 Mar 2026 14:28:32 +0000
asID:                     28017
IP address blocks:        2001:13c7:6005::/48 maxlen: 56

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/fe0a37a0-166a-4a06-a48b-44df7521fa4e/23091c63c58ba27ebd4d56345b541e6a9f5d1923.crl
                          rsync://repository.lacnic.net/rpki/lacnic/fe0a37a0-166a-4a06-a48b-44df7521fa4e/23091c63c58ba27ebd4d56345b541e6a9f5d1923.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/23091c63c58ba27ebd4d56345b541e6a9f5d1923.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 886825 (0xd8829)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23091c63c58ba27ebd4d56345b541e6a9f5d1923
        Validity
            Not Before: Mar 24 14:28:32 2021 GMT
            Not After : Mar 24 14:28:32 2026 GMT
        Subject: CN=01e0ad86b8718dc26d08affa3e092eae08fb6e45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:7e:5c:a7:a5:6e:eb:9e:b9:9e:81:ea:1b:eb:
                    38:32:f6:99:21:06:fd:0f:fa:37:4a:6d:01:bf:01:
                    71:1a:34:74:68:2b:0c:dd:ee:4e:19:a2:82:ad:cf:
                    b2:ac:f9:e2:69:2b:df:0e:72:b2:ec:a9:fb:d4:eb:
                    41:76:7a:ef:0c:60:c6:db:7f:e9:bf:46:91:a0:0c:
                    65:a2:f4:c6:b1:5e:8e:63:b9:f9:ea:da:00:00:14:
                    f4:ef:74:36:d3:b4:97:d4:42:5e:e8:28:92:72:41:
                    5f:fd:0e:35:54:37:93:b1:cb:17:2c:5a:ae:82:7d:
                    72:89:5f:aa:8d:22:32:c7:73:41:a8:42:ba:af:a0:
                    9a:ae:74:9c:11:c4:28:f7:c1:3d:6f:1f:3c:d9:45:
                    27:97:e1:95:86:71:8f:22:ce:05:c5:9f:04:07:28:
                    2e:3a:d4:39:28:a0:21:2b:13:b5:ba:b8:3b:c1:bf:
                    df:b9:ac:ac:88:4b:90:70:16:3b:6c:df:88:98:c1:
                    b3:e4:26:d7:6d:92:8e:e3:09:45:ab:e0:16:08:93:
                    6e:f5:f2:9f:84:7a:84:e6:5b:ae:f5:ae:f3:d2:98:
                    e8:ec:a9:cb:fd:de:7a:22:2d:0e:11:17:cf:9d:90:
                    f9:c9:a8:72:5c:bc:61:dc:19:05:31:9e:31:ff:59:
                    27:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:B9:62:7C:1B:D5:FC:0F:1D:95:0F:93:9B:51:FF:3B:20:C7:9C:1E
            X509v3 Authority Key Identifier:
                keyid:FC:C5:DE:7D:91:EE:FC:28:49:91:6D:DA:53:BB:B7:7D:16:F9:53:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/23091c63c58ba27ebd4d56345b541e6a9f5d1923.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/fe0a37a0-166a-4a06-a48b-44df7521fa4e/01e0ad86b8718dc26d08affa3e092eae08fb6e45.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/fe0a37a0-166a-4a06-a48b-44df7521fa4e/23091c63c58ba27ebd4d56345b541e6a9f5d1923.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:13c7:6005::/48

    Signature Algorithm: sha256WithRSAEncryption
         41:64:00:4f:96:b2:23:6c:c9:f2:8e:e5:60:63:6c:51:6d:53:
         58:cb:8b:c9:1a:46:19:80:7e:30:c3:1b:cd:76:24:41:3c:f1:
         86:c6:7b:0c:30:c5:4f:06:38:98:7b:aa:f5:25:fc:f9:20:2e:
         d1:5d:02:9a:9a:6c:7a:f3:fe:ba:96:60:24:21:f6:64:f6:7d:
         3d:54:94:7e:48:e3:59:f1:68:86:16:b1:17:25:71:71:c2:d1:
         6f:40:53:2a:4f:85:a2:2b:52:0b:be:d8:19:27:23:31:6d:4b:
         de:ac:72:ee:37:dd:be:5a:74:c3:87:7d:36:f8:30:d9:07:3d:
         ce:de:92:b3:22:4d:d0:0d:a5:10:72:1e:73:c4:42:aa:b9:05:
         29:b7:a4:da:aa:2d:16:01:aa:8a:ca:b0:fa:c5:1b:ea:2d:81:
         04:85:68:39:32:24:2f:15:69:70:ce:64:cf:7c:63:94:bf:61:
         af:90:7b:cf:96:ba:14:33:81:03:ab:77:eb:f3:a3:02:b7:ac:
         21:fa:a0:55:a1:2a:dd:cf:27:42:35:11:a8:f2:58:39:f3:19:
         e5:8b:b4:d3:0d:3f:34:f2:d4:98:09:76:09:cc:39:44:20:83:
         97:fb:7a:f0:7d:a0:fa:94:1a:8a:81:56:db:80:f1:e1:b1:4e:
         08:bb:b9:2b
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDDYgpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIz
MDkxYzYzYzU4YmEyN2ViZDRkNTYzNDViNTQxZTZhOWY1ZDE5MjMwHhcNMjEwMzI0
MTQyODMyWhcNMjYwMzI0MTQyODMyWjAzMTEwLwYDVQQDEygwMWUwYWQ4NmI4NzE4
ZGMyNmQwOGFmZmEzZTA5MmVhZTA4ZmI2ZTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkH5cp6Vu6565noHqG+s4MvaZIQb9D/o3Sm0BvwFxGjR0aCsM
3e5OGaKCrc+yrPniaSvfDnKy7Kn71OtBdnrvDGDG23/pv0aRoAxlovTGsV6OY7n5
6toAABT073Q207SX1EJe6CiSckFf/Q41VDeTscsXLFqugn1yiV+qjSIyx3NBqEK6
r6CarnScEcQo98E9bx882UUnl+GVhnGPIs4FxZ8EByguOtQ5KKAhKxO1urg7wb/f
uaysiEuQcBY7bN+ImMGz5CbXbZKO4wlFq+AWCJNu9fKfhHqE5luu9a7z0pjo7KnL
/d56Ii0OERfPnZD5yahyXLxh3BkFMZ4x/1knWQIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFNG5Ynwb1fwPHZUPk5tR/zsgx5weMB8GA1UdIwQYMBaAFPzF3n2R7vwoSZFt
2lO7t30W+VMrMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjMwOTFj
NjNjNThiYTI3ZWJkNGQ1NjM0NWI1NDFlNmE5ZjVkMTkyMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZmUwYTM3YTAtMTY2YS00YTA2LWE0OGItNDRkZjc1
MjFmYTRlLzAxZTBhZDg2Yjg3MThkYzI2ZDA4YWZmYTNlMDkyZWFlMDhmYjZlNDUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mZTBhMzdhMC0xNjZhLTRhMDYtYTQ4Yi00NGRm
NzUyMWZhNGUvMjMwOTFjNjNjNThiYTI3ZWJkNGQ1NjM0NWI1NDFlNmE5ZjVkMTky
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABE8dgBTANBgkqhkiG9w0BAQsFAAOCAQEAQWQAT5ayI2zJ
8o7lYGNsUW1TWMuLyRpGGYB+MMMbzXYkQTzxhsZ7DDDFTwY4mHuq9SX8+SAu0V0C
mppsevP+upZgJCH2ZPZ9PVSUfkjjWfFohhaxFyVxccLRb0BTKk+FoitSC77YGScj
MW1L3qxy7jfdvlp0w4d9Nvgw2Qc9zt6SsyJN0A2lEHIec8RCqrkFKbek2qotFgGq
isqw+sUb6i2BBIVoOTIkLxVpcM5kz3xjlL9hr5B7z5a6FDOBA6t36/OjAresIfqg
VaEq3c8nQjURqPJYOfMZ5Yu00w0/NPLUmAl2Ccw5RCCDl/t68H2g+pQaioFW24Dx
4bFOCLu5Kw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:59:08 2024 by rpki-client on console-fra.rpki-client.org