Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ff79bff4-e3d4-49e2-9e42-454af92034f6/eb05d5625dc73f42e885898cc93e6d870a8fa4da.roa
File:                     eb05d5625dc73f42e885898cc93e6d870a8fa4da.roa (raw, json)
Hash identifier:          RyVmpba3kGChXbOCRrsAzV8NLRwNPU84H0QJi9epDNo=
Subject key identifier:   63:AA:EB:B9:24:CC:98:CE:62:8B:A9:BA:B9:48:97:D1:4C:27:83:B8
Certificate issuer:       /CN=986ea0f5c8cffc44df21b81b038b788b536d285b
Certificate serial:       0D623B
Authority key identifier: 05:43:30:37:75:78:C3:ED:77:46:AB:1E:45:B3:C5:86:0B:0A:C3:89
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/986ea0f5c8cffc44df21b81b038b788b536d285b.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ff79bff4-e3d4-49e2-9e42-454af92034f6/eb05d5625dc73f42e885898cc93e6d870a8fa4da.roa
Signing time:             Wed 24 Mar 2021 14:35:00 +0000
ROA not before:           Wed 24 Mar 2021 14:35:00 +0000
ROA not after:            Tue 24 Mar 2026 14:35:00 +0000
asID:                     52467
IP address blocks:        179.0.10.0/24 maxlen: 24
                          2801:1a0::/42 maxlen: 42

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ff79bff4-e3d4-49e2-9e42-454af92034f6/986ea0f5c8cffc44df21b81b038b788b536d285b.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ff79bff4-e3d4-49e2-9e42-454af92034f6/986ea0f5c8cffc44df21b81b038b788b536d285b.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/986ea0f5c8cffc44df21b81b038b788b536d285b.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 877115 (0xd623b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=986ea0f5c8cffc44df21b81b038b788b536d285b
        Validity
            Not Before: Mar 24 14:35:00 2021 GMT
            Not After : Mar 24 14:35:00 2026 GMT
        Subject: CN=eb05d5625dc73f42e885898cc93e6d870a8fa4da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:67:f9:10:63:f7:2d:99:02:ed:f4:36:46:10:
                    72:b9:ab:f0:b1:ef:7a:92:00:14:eb:a1:19:8c:ec:
                    47:8a:b0:40:71:c9:9d:9c:3d:7a:16:f8:c6:c3:1b:
                    e3:13:f4:04:d3:63:97:a7:cd:71:7a:47:79:cf:2b:
                    6c:6d:9e:4c:83:ad:63:a0:c6:94:6e:4e:cc:ef:d7:
                    91:18:45:a2:4d:2b:79:09:95:ef:fb:8d:ce:e5:5a:
                    33:16:a6:2e:f0:88:0b:02:6c:d7:83:6c:1a:2c:09:
                    5e:82:48:2a:f5:a3:58:76:2d:8d:95:78:f2:c2:6c:
                    f5:81:cc:7d:e8:1a:bd:d9:8d:78:6a:b0:18:2e:97:
                    ee:1a:69:7c:4b:00:7c:3e:7a:0f:f9:5e:e1:3b:7c:
                    cd:d5:36:f4:a8:a8:78:5f:38:df:54:0c:a0:39:e6:
                    ef:ca:fe:16:5d:de:b0:3c:a9:c7:ec:e1:df:04:a9:
                    75:20:ea:26:07:fb:ea:74:25:51:ae:02:6d:45:f8:
                    8c:3b:51:1f:0c:ce:d1:1b:dc:37:6c:d2:77:df:4a:
                    fa:68:33:1b:44:5f:06:64:1f:a0:66:4d:15:db:cd:
                    4d:e7:aa:54:af:d5:4c:a3:f5:61:4d:2b:c2:90:fc:
                    1c:a5:6e:41:b5:66:45:53:0e:db:b6:fa:91:44:be:
                    b5:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:AA:EB:B9:24:CC:98:CE:62:8B:A9:BA:B9:48:97:D1:4C:27:83:B8
            X509v3 Authority Key Identifier:
                keyid:05:43:30:37:75:78:C3:ED:77:46:AB:1E:45:B3:C5:86:0B:0A:C3:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/986ea0f5c8cffc44df21b81b038b788b536d285b.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ff79bff4-e3d4-49e2-9e42-454af92034f6/eb05d5625dc73f42e885898cc93e6d870a8fa4da.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ff79bff4-e3d4-49e2-9e42-454af92034f6/986ea0f5c8cffc44df21b81b038b788b536d285b.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.0.10.0/24
                IPv6:
                  2801:1a0::/42

    Signature Algorithm: sha256WithRSAEncryption
         00:ba:83:26:ad:2d:c4:70:71:c8:d9:44:8a:ed:82:15:b1:93:
         7b:3b:87:01:5e:ae:cb:2c:91:3d:02:09:88:0d:37:30:c8:f9:
         0b:8c:31:1b:a9:7c:0a:1d:02:d3:9f:ad:2f:6b:ef:7e:d0:13:
         06:07:c5:4d:29:75:43:bb:a9:77:fe:79:4f:db:94:41:99:4a:
         a6:91:ef:21:1e:82:5a:b9:fd:fb:65:8d:3f:f5:80:2a:a5:49:
         d6:2c:34:0c:b8:fc:3a:42:8a:72:53:f3:d7:b6:d3:a9:a9:38:
         5c:bf:1a:af:32:8d:0b:58:f0:cb:7c:13:0e:a7:2c:86:03:27:
         7c:5e:bd:ee:1f:52:2f:bf:18:03:df:4d:c0:56:cf:e8:2d:55:
         f1:8b:20:52:03:41:44:69:9a:6a:19:38:35:85:f7:9f:6a:3c:
         51:9d:03:4c:a0:37:d7:f8:8e:1b:cb:26:3a:dc:35:ca:e1:bc:
         10:96:b1:a5:fa:98:b2:c1:84:a9:65:9d:85:f4:34:6f:39:29:
         0a:1c:02:6b:e1:11:67:af:52:b2:c8:48:ec:bc:a9:04:32:a3:
         fb:ba:53:54:8a:40:07:78:32:11:c0:16:05:bb:14:60:77:08:
         ed:fe:fd:3c:a7:b0:b3:4a:cc:eb:48:df:e4:e6:1a:06:c6:f4:
         0d:2b:61:ee
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIDDWI7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDk4
NmVhMGY1YzhjZmZjNDRkZjIxYjgxYjAzOGI3ODhiNTM2ZDI4NWIwHhcNMjEwMzI0
MTQzNTAwWhcNMjYwMzI0MTQzNTAwWjAzMTEwLwYDVQQDEyhlYjA1ZDU2MjVkYzcz
ZjQyZTg4NTg5OGNjOTNlNmQ4NzBhOGZhNGRhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvGf5EGP3LZkC7fQ2RhByuavwse96kgAU66EZjOxHirBAccmd
nD16FvjGwxvjE/QE02OXp81xekd5zytsbZ5Mg61joMaUbk7M79eRGEWiTSt5CZXv
+43O5VozFqYu8IgLAmzXg2waLAlegkgq9aNYdi2NlXjywmz1gcx96Bq92Y14arAY
LpfuGml8SwB8PnoP+V7hO3zN1Tb0qKh4XzjfVAygOebvyv4WXd6wPKnH7OHfBKl1
IOomB/vqdCVRrgJtRfiMO1EfDM7RG9w3bNJ330r6aDMbRF8GZB+gZk0V281N56pU
r9VMo/VhTSvCkPwcpW5BtWZFUw7btvqRRL61dQIDAQABo4ICbDCCAmgwHQYDVR0O
BBYEFGOq67kkzJjOYoupurlIl9FMJ4O4MB8GA1UdIwQYMBaAFAVDMDd1eMPtd0ar
HkWzxYYLCsOJMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTg2ZWEw
ZjVjOGNmZmM0NGRmMjFiODFiMDM4Yjc4OGI1MzZkMjg1Yi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZmY3OWJmZjQtZTNkNC00OWUyLTllNDItNDU0YWY5
MjAzNGY2L2ViMDVkNTYyNWRjNzNmNDJlODg1ODk4Y2M5M2U2ZDg3MGE4ZmE0ZGEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mZjc5YmZmNC1lM2Q0LTQ5ZTItOWU0Mi00NTRh
ZjkyMDM0ZjYvOTg2ZWEwZjVjOGNmZmM0NGRmMjFiODFiMDM4Yjc4OGI1MzZkMjg1
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEALMACjAPBAIAAjAJAwcGKAEBoAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAAuoMmrS3EcHHI2USK7YIVsZN7O4cBXq7LLJE9AgmIDTcwyPkLjDEbqXwK
HQLTn60va+9+0BMGB8VNKXVDu6l3/nlP25RBmUqmke8hHoJauf37ZY0/9YAqpUnW
LDQMuPw6QopyU/PXttOpqThcvxqvMo0LWPDLfBMOpyyGAyd8Xr3uH1IvvxgD303A
Vs/oLVXxiyBSA0FEaZpqGTg1hfefajxRnQNMoDfX+I4byyY63DXK4bwQlrGl+piy
wYSpZZ2F9DRvOSkKHAJr4RFnr1KyyEjsvKkEMqP7ulNUikAHeDIRwBYFuxRgdwjt
/v08p7CzSszrSN/k5hoGxvQNK2Hu
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:44:02 2024 by rpki-client on console-fra.rpki-client.org