Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/03F888EBA74869DBA1334916A08AC126039599947A03095A373950F414C20BEB/0/323830333a613232303a3a2f33322d3438203d3e20323635383335.roa
File:                     323830333a613232303a3a2f33322d3438203d3e20323635383335.roa (raw, json)
Hash identifier:          3nPftxvB/TJU3qQCqz9KamjsXqzMF6ekrUhkxu6A+hw=
Subject key identifier:   52:7F:D3:E4:EE:D2:A5:D9:A2:46:E4:7B:3E:8A:4B:3F:D0:22:A6:31
Certificate issuer:       /CN=9C2B9D6548DE9B20F9025DC759F9761A3D463E62
Certificate serial:       0665A00C3AB76C8E440BBAE1F67F50797EAFB55F
Authority key identifier: 9C:2B:9D:65:48:DE:9B:20:F9:02:5D:C7:59:F9:76:1A:3D:46:3E:62
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9C2B9D6548DE9B20F9025DC759F9761A3D463E62.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/03F888EBA74869DBA1334916A08AC126039599947A03095A373950F414C20BEB/0/323830333a613232303a3a2f33322d3438203d3e20323635383335.roa
Signing time:             Tue 05 Mar 2024 17:51:33 +0000
ROA not before:           Tue 05 Mar 2024 17:46:33 +0000
ROA not after:            Tue 04 Mar 2025 17:51:33 +0000
asID:                     265835
IP address blocks:        2803:a220::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/03F888EBA74869DBA1334916A08AC126039599947A03095A373950F414C20BEB/0/9C2B9D6548DE9B20F9025DC759F9761A3D463E62.crl
                          rsync://repository.lacnic.net/rpki/lacnic/03F888EBA74869DBA1334916A08AC126039599947A03095A373950F414C20BEB/0/9C2B9D6548DE9B20F9025DC759F9761A3D463E62.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9C2B9D6548DE9B20F9025DC759F9761A3D463E62.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 16 Jul 2024 13:09:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:65:a0:0c:3a:b7:6c:8e:44:0b:ba:e1:f6:7f:50:79:7e:af:b5:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9C2B9D6548DE9B20F9025DC759F9761A3D463E62
        Validity
            Not Before: Mar  5 17:46:33 2024 GMT
            Not After : Mar  4 17:51:33 2025 GMT
        Subject: CN=527FD3E4EED2A5D9A246E47B3E8A4B3FD022A631
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:7e:56:64:6a:b5:0a:38:35:6f:b8:d6:8a:be:
                    c2:eb:9a:45:f1:d5:65:2c:f2:fa:f5:3e:e3:06:65:
                    92:b6:7a:96:a9:d6:6d:43:27:8e:6e:cb:47:f0:e7:
                    10:0d:93:e6:34:a3:66:93:ae:cb:31:4c:04:7e:c7:
                    0b:09:ef:90:86:a2:c5:af:f0:5c:8f:6b:68:c6:b2:
                    2a:74:d1:d6:0c:48:09:bd:91:67:1c:e4:5d:f1:17:
                    7d:a1:f0:2c:fa:80:9d:6c:85:aa:14:93:18:f8:c6:
                    51:71:8a:2b:b2:45:89:85:de:9d:b1:5b:ae:02:a2:
                    7b:e2:c4:58:f8:48:9d:d1:d0:af:cc:a8:51:f5:b7:
                    24:b8:6b:38:af:a3:57:23:99:61:e9:41:db:2e:fe:
                    68:4c:2f:d1:e2:33:48:93:49:2d:ae:b2:b0:9e:00:
                    ca:b4:d7:38:ec:4a:be:c5:aa:93:c1:cc:ef:2c:e4:
                    de:d0:74:fa:79:1a:3e:8d:53:7e:98:83:e2:76:64:
                    86:32:04:18:36:7a:6c:14:e3:55:03:f4:d5:e8:de:
                    7f:82:0a:9f:e1:04:ad:15:12:f8:e0:cb:ca:34:f9:
                    a1:64:af:13:ab:25:53:d8:6c:86:da:95:2e:19:a9:
                    12:0b:f9:8b:00:1a:bf:16:3a:44:19:99:95:d8:f9:
                    a9:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:7F:D3:E4:EE:D2:A5:D9:A2:46:E4:7B:3E:8A:4B:3F:D0:22:A6:31
            X509v3 Authority Key Identifier:
                keyid:9C:2B:9D:65:48:DE:9B:20:F9:02:5D:C7:59:F9:76:1A:3D:46:3E:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/03F888EBA74869DBA1334916A08AC126039599947A03095A373950F414C20BEB/0/9C2B9D6548DE9B20F9025DC759F9761A3D463E62.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9C2B9D6548DE9B20F9025DC759F9761A3D463E62.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/03F888EBA74869DBA1334916A08AC126039599947A03095A373950F414C20BEB/0/323830333a613232303a3a2f33322d3438203d3e20323635383335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:a220::/32

    Signature Algorithm: sha256WithRSAEncryption
         1f:2c:22:f9:89:d7:c6:2a:96:e3:6f:c1:12:4b:2b:f0:fc:17:
         81:6d:6a:13:48:e5:8e:49:b4:86:be:31:0e:1e:90:2a:b7:f0:
         ae:9b:bc:27:e5:56:77:6b:e8:77:eb:71:71:fc:0a:9f:ba:59:
         c5:de:5a:12:9e:fb:fa:e2:bc:02:24:28:d2:b4:53:f5:65:a6:
         1a:e3:35:96:63:83:37:82:71:63:a1:e3:b4:52:87:a8:3f:3c:
         53:87:71:e0:5a:d5:73:7f:a7:f0:bb:4e:b0:fc:b3:ca:90:fc:
         b0:33:c4:ea:db:66:1e:78:d8:2d:91:cb:e7:13:cb:8e:0e:60:
         bf:f6:6a:4b:37:96:50:f5:05:5c:18:1b:f9:ad:a6:42:77:f4:
         d7:a7:7c:a0:ca:21:86:43:bb:49:f6:07:48:71:97:22:c5:d9:
         00:cd:e6:dd:b0:b8:0d:08:63:64:e1:b9:da:f4:44:7a:23:0f:
         54:51:86:a7:61:53:61:b4:44:dc:a3:2a:8b:07:18:c8:99:58:
         e8:3d:9c:a2:ad:02:02:0f:fd:64:91:3d:72:34:94:8c:95:e5:
         9d:78:22:86:65:ee:54:cb:27:36:3b:b0:f1:10:7e:b8:8f:f8:
         9b:4f:a3:f1:71:f6:28:8c:9c:6a:1c:5d:9f:aa:09:54:7b:bd:
         f2:ee:04:c3
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUBmWgDDq3bI5EC7rh9n9QeX6vtV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUMyQjlENjU0OERFOUIyMEY5MDI1REM3NTlGOTc2MUEz
RDQ2M0U2MjAeFw0yNDAzMDUxNzQ2MzNaFw0yNTAzMDQxNzUxMzNaMDMxMTAvBgNV
BAMTKDUyN0ZEM0U0RUVEMkE1RDlBMjQ2RTQ3QjNFOEE0QjNGRDAyMkE2MzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAflZkarUKODVvuNaKvsLrmkXx
1WUs8vr1PuMGZZK2epap1m1DJ45uy0fw5xANk+Y0o2aTrssxTAR+xwsJ75CGosWv
8FyPa2jGsip00dYMSAm9kWcc5F3xF32h8Cz6gJ1shaoUkxj4xlFxiiuyRYmF3p2x
W64ConvixFj4SJ3R0K/MqFH1tyS4azivo1cjmWHpQdsu/mhML9HiM0iTSS2usrCe
AMq01zjsSr7FqpPBzO8s5N7QdPp5Gj6NU36Yg+J2ZIYyBBg2emwU41UD9NXo3n+C
Cp/hBK0VEvjgy8o0+aFkrxOrJVPYbIbalS4ZqRIL+YsAGr8WOkQZmZXY+anhAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUUn/T5O7SpdmiRuR7PopLP9AipjEwHwYDVR0j
BBgwFoAUnCudZUjemyD5Al3HWfl2Gj1GPmIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wM0Y4ODhFQkE3NDg2OURCQTEzMzQ5MTZBMDhBQzEyNjAz
OTU5OTk0N0EwMzA5NUEzNzM5NTBGNDE0QzIwQkVCLzAvOUMyQjlENjU0OERFOUIy
MEY5MDI1REM3NTlGOTc2MUEzRDQ2M0U2Mi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85QzJCOUQ2NTQ4REU5QjIwRjkw
MjVEQzc1OUY5NzYxQTNENDYzRTYyLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDNGODg4RUJBNzQ4NjlEQkExMzM0OTE2QTA4QUMxMjYwMzk1OTk5NDdB
MDMwOTVBMzczOTUwRjQxNEMyMEJFQi8wLzMyMzgzMDMzM2E2MTMyMzIzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzYzNTM4MzMzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDoiAw
DQYJKoZIhvcNAQELBQADggEBAB8sIvmJ18YqluNvwRJLK/D8F4FtahNI5Y5JtIa+
MQ4ekCq38K6bvCflVndr6HfrcXH8Cp+6WcXeWhKe+/rivAIkKNK0U/VlphrjNZZj
gzeCcWOh47RSh6g/PFOHceBa1XN/p/C7TrD8s8qQ/LAzxOrbZh542C2Ry+cTy44O
YL/2aks3llD1BVwYG/mtpkJ39NenfKDKIYZDu0n2B0hxlyLF2QDN5t2wuA0IY2Th
udr0RHojD1RRhqdhU2G0RNyjKosHGMiZWOg9nKKtAgIP/WSRPXI0lIyV5Z14IoZl
7lTLJzY7sPEQfriP+JtPo/Fx9iiMnGocXZ+qCVR7vfLuBMM=
-----END CERTIFICATE-----
Generated at Thu Jul 11 17:24:51 2024 by rpki-client on console-fra.rpki-client.org