Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0112F343F1452E36A8A156373A6DF4A1F08853C62976DFAB74C02068161E8EA9/0/323830333a613736303a3a2f33322d3332203d3e20323639383535.roa
File:                     323830333a613736303a3a2f33322d3332203d3e20323639383535.roa (raw, json)
Hash identifier:          6jBKsYvTnQ/TwjMoJsWGivyXgb4JoCvEFRmcIlAavq4=
Subject key identifier:   F9:12:75:09:0B:E8:5D:BB:C9:03:A1:DA:4E:0F:48:12:DB:A2:6A:DA
Certificate issuer:       /CN=2DBD5E6445B18A49C070373764E221FE2FF0BE85
Certificate serial:       0436426EA9D50D1BF0EBAFF0127E3DE64CB5BD04
Authority key identifier: 2D:BD:5E:64:45:B1:8A:49:C0:70:37:37:64:E2:21:FE:2F:F0:BE:85
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2DBD5E6445B18A49C070373764E221FE2FF0BE85.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0112F343F1452E36A8A156373A6DF4A1F08853C62976DFAB74C02068161E8EA9/0/323830333a613736303a3a2f33322d3332203d3e20323639383535.roa
Signing time:             Tue 05 Mar 2024 17:54:40 +0000
ROA not before:           Tue 05 Mar 2024 17:49:40 +0000
ROA not after:            Tue 04 Mar 2025 17:54:40 +0000
asID:                     269855
IP address blocks:        2803:a760::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0112F343F1452E36A8A156373A6DF4A1F08853C62976DFAB74C02068161E8EA9/0/2DBD5E6445B18A49C070373764E221FE2FF0BE85.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0112F343F1452E36A8A156373A6DF4A1F08853C62976DFAB74C02068161E8EA9/0/2DBD5E6445B18A49C070373764E221FE2FF0BE85.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2DBD5E6445B18A49C070373764E221FE2FF0BE85.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:36:42:6e:a9:d5:0d:1b:f0:eb:af:f0:12:7e:3d:e6:4c:b5:bd:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2DBD5E6445B18A49C070373764E221FE2FF0BE85
        Validity
            Not Before: Mar  5 17:49:40 2024 GMT
            Not After : Mar  4 17:54:40 2025 GMT
        Subject: CN=F91275090BE85DBBC903A1DA4E0F4812DBA26ADA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:02:df:51:26:50:44:4f:ef:22:5d:48:92:bf:
                    6d:89:64:72:d5:68:c5:88:49:ca:0a:2f:3e:86:46:
                    c8:2d:09:34:2c:eb:c0:4a:2c:87:ab:27:ba:a5:d9:
                    cd:7e:35:ba:30:73:f4:4f:b8:86:1d:23:e5:33:c9:
                    19:1a:23:f4:48:a5:3f:75:4f:f3:cd:6d:26:0b:1a:
                    47:9a:01:b4:39:67:ea:01:41:03:3c:4b:0d:af:d4:
                    21:66:c9:f7:ff:43:fb:91:e7:91:9b:5f:b9:e3:48:
                    b4:57:0e:5f:90:7a:7d:fa:cc:67:e7:65:b5:44:92:
                    8a:15:bf:73:89:90:33:25:5d:58:ba:46:fe:05:4d:
                    a8:1f:02:89:ab:10:73:ce:db:22:ea:76:21:18:3e:
                    f8:fc:93:18:c7:2b:7d:57:77:f3:05:7f:f5:67:18:
                    80:62:48:fe:3f:bf:94:33:09:c3:21:4c:02:0b:c9:
                    22:8f:d7:14:f3:3f:be:33:45:8f:48:75:c9:58:18:
                    6e:ae:43:1b:47:98:ea:50:0f:be:8a:71:63:20:dc:
                    ae:a2:74:0b:e6:c3:6c:cc:b2:3c:80:9b:7e:28:81:
                    7b:6a:71:a2:24:98:f0:29:66:6a:55:0c:a0:ba:11:
                    51:ad:5c:0a:51:ce:60:2e:32:5b:0f:3c:1e:98:d0:
                    b9:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:12:75:09:0B:E8:5D:BB:C9:03:A1:DA:4E:0F:48:12:DB:A2:6A:DA
            X509v3 Authority Key Identifier:
                keyid:2D:BD:5E:64:45:B1:8A:49:C0:70:37:37:64:E2:21:FE:2F:F0:BE:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0112F343F1452E36A8A156373A6DF4A1F08853C62976DFAB74C02068161E8EA9/0/2DBD5E6445B18A49C070373764E221FE2FF0BE85.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2DBD5E6445B18A49C070373764E221FE2FF0BE85.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0112F343F1452E36A8A156373A6DF4A1F08853C62976DFAB74C02068161E8EA9/0/323830333a613736303a3a2f33322d3332203d3e20323639383535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:a760::/32

    Signature Algorithm: sha256WithRSAEncryption
         53:03:a9:33:4b:44:1a:a7:fe:25:04:f1:23:30:f7:ee:a9:68:
         88:77:49:82:0e:7f:ca:ac:5a:e2:41:c8:b3:a7:ec:a9:59:a2:
         cb:31:26:c4:ce:34:f3:3b:99:6e:1c:59:4c:3b:cf:45:9d:45:
         43:44:9d:04:33:80:54:33:bb:c1:6d:44:86:71:87:70:cd:d9:
         a9:4f:22:29:19:02:25:1f:65:6f:51:04:db:19:a1:64:71:b4:
         f6:8e:d8:5f:53:9e:ef:8a:6a:d1:e4:dd:6d:eb:9f:cd:26:03:
         36:52:27:d2:3e:b0:68:a1:c3:53:c0:b5:0d:eb:55:f3:40:28:
         53:e0:81:a4:a4:a3:04:10:69:61:6f:33:9c:88:a0:9e:ae:87:
         a1:55:30:3d:b1:cd:42:24:9d:78:46:69:74:7f:ee:0a:41:6b:
         76:2f:01:95:d6:92:92:45:86:94:20:3e:5b:1d:68:0b:cd:f7:
         62:1c:4f:c2:f2:4d:df:a8:9a:0b:75:f4:10:d9:86:97:d4:f8:
         7f:54:89:48:1b:6b:fe:a4:e1:59:a2:1f:2e:76:9b:f6:f4:66:
         e1:f6:43:e4:67:b1:39:1e:c0:d0:c1:25:c9:83:35:d2:4c:b6:
         33:8f:eb:9d:bc:19:ad:8e:f7:0b:7e:b1:d4:84:4a:d3:82:94:
         e5:01:45:a2
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUBDZCbqnVDRvw66/wEn495ky1vQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkRCRDVFNjQ0NUIxOEE0OUMwNzAzNzM3NjRFMjIxRkUy
RkYwQkU4NTAeFw0yNDAzMDUxNzQ5NDBaFw0yNTAzMDQxNzU0NDBaMDMxMTAvBgNV
BAMTKEY5MTI3NTA5MEJFODVEQkJDOTAzQTFEQTRFMEY0ODEyREJBMjZBREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7At9RJlBET+8iXUiSv22JZHLV
aMWIScoKLz6GRsgtCTQs68BKLIerJ7ql2c1+Nbowc/RPuIYdI+UzyRkaI/RIpT91
T/PNbSYLGkeaAbQ5Z+oBQQM8Sw2v1CFmyff/Q/uR55GbX7njSLRXDl+Qen36zGfn
ZbVEkooVv3OJkDMlXVi6Rv4FTagfAomrEHPO2yLqdiEYPvj8kxjHK31Xd/MFf/Vn
GIBiSP4/v5QzCcMhTAILySKP1xTzP74zRY9IdclYGG6uQxtHmOpQD76KcWMg3K6i
dAvmw2zMsjyAm34ogXtqcaIkmPApZmpVDKC6EVGtXApRzmAuMlsPPB6Y0LkrAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQU+RJ1CQvoXbvJA6HaTg9IEtuiatowHwYDVR0j
BBgwFoAULb1eZEWxiknAcDc3ZOIh/i/wvoUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMTEyRjM0M0YxNDUyRTM2QThBMTU2MzczQTZERjRBMUYw
ODg1M0M2Mjk3NkRGQUI3NEMwMjA2ODE2MUU4RUE5LzAvMkRCRDVFNjQ0NUIxOEE0
OUMwNzAzNzM3NjRFMjIxRkUyRkYwQkU4NS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yREJENUU2NDQ1QjE4QTQ5QzA3
MDM3Mzc2NEUyMjFGRTJGRjBCRTg1LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDExMkYzNDNGMTQ1MkUzNkE4QTE1NjM3M0E2REY0QTFGMDg4NTNDNjI5
NzZERkFCNzRDMDIwNjgxNjFFOEVBOS8wLzMyMzgzMDMzM2E2MTM3MzYzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzYzOTM4MzUzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDp2Aw
DQYJKoZIhvcNAQELBQADggEBAFMDqTNLRBqn/iUE8SMw9+6paIh3SYIOf8qsWuJB
yLOn7KlZossxJsTONPM7mW4cWUw7z0WdRUNEnQQzgFQzu8FtRIZxh3DN2alPIikZ
AiUfZW9RBNsZoWRxtPaO2F9Tnu+KatHk3W3rn80mAzZSJ9I+sGihw1PAtQ3rVfNA
KFPggaSkowQQaWFvM5yIoJ6uh6FVMD2xzUIknXhGaXR/7gpBa3YvAZXWkpJFhpQg
PlsdaAvN92IcT8LyTd+omgt19BDZhpfU+H9UiUgba/6k4VmiHy52m/b0ZuH2Q+Rn
sTkewNDBJcmDNdJMtjOP6528Ga2O9wt+sdSEStOClOUBRaI=
-----END CERTIFICATE-----
Generated at Wed Nov 20 14:21:29 2024 by rpki-client on console-fra.rpki-client.org