Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/323830333a333430303a3a2f33322d3438203d3e203134373534.roa
File:                     323830333a333430303a3a2f33322d3438203d3e203134373534.roa (raw, json)
Hash identifier:          gmUvfK0Rm6LP465AklxbsQhgrxGY07WjOBov2PPp5qk=
Subject key identifier:   A7:92:38:D3:FA:76:29:A3:8C:C1:1D:EA:D4:39:18:AD:43:1D:2B:B9
Certificate issuer:       /CN=F07AC2C3313D74F22585389241B3BE2A7B89D7BF
Certificate serial:       378DDD73B6BC7E9C1109291C3AB5D6EDB0794D5A
Authority key identifier: F0:7A:C2:C3:31:3D:74:F2:25:85:38:92:41:B3:BE:2A:7B:89:D7:BF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/323830333a333430303a3a2f33322d3438203d3e203134373534.roa
Signing time:             Tue 05 Mar 2024 18:18:11 +0000
ROA not before:           Tue 05 Mar 2024 18:13:11 +0000
ROA not after:            Tue 04 Mar 2025 18:18:11 +0000
asID:                     14754
IP address blocks:        2803:3400::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 21 Jul 2024 04:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:8d:dd:73:b6:bc:7e:9c:11:09:29:1c:3a:b5:d6:ed:b0:79:4d:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F07AC2C3313D74F22585389241B3BE2A7B89D7BF
        Validity
            Not Before: Mar  5 18:13:11 2024 GMT
            Not After : Mar  4 18:18:11 2025 GMT
        Subject: CN=A79238D3FA7629A38CC11DEAD43918AD431D2BB9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:33:7d:eb:c1:74:dd:49:06:0a:18:e2:df:32:
                    d3:29:ed:da:23:1d:84:13:ff:4e:20:76:f5:25:35:
                    d5:8a:4a:f2:d5:20:07:e1:b9:d7:65:74:65:4c:8d:
                    63:6c:5e:21:8c:6b:9a:1d:bf:b5:03:99:1c:95:41:
                    a6:d5:ce:87:70:a0:38:4f:07:4f:f3:c1:09:d7:50:
                    cd:4c:7a:c1:f7:a4:49:98:92:1b:d6:f6:85:66:05:
                    b4:f7:90:da:81:4e:39:51:e5:07:4a:c6:9f:2e:cf:
                    17:ab:7a:17:dc:29:77:c8:f6:80:72:8d:ac:67:7f:
                    9e:60:54:1f:60:68:cf:c4:bd:f1:fb:3e:c0:cb:b7:
                    9f:35:7e:00:93:08:5b:dd:16:13:60:1a:46:08:ac:
                    04:08:18:7d:fa:e1:8f:e6:68:90:ef:c6:02:3f:53:
                    d7:0d:fa:70:a4:c7:4f:7b:5d:db:95:53:3d:60:5a:
                    f9:4c:52:bb:be:d6:8a:8a:97:07:d1:f2:24:f6:f6:
                    ab:e2:c8:32:26:2d:e3:6c:7a:91:e3:40:3a:4e:9d:
                    fe:98:4a:66:f8:e1:e0:1b:8b:20:28:4c:df:2b:11:
                    e5:5d:c2:5d:ee:96:cd:69:c6:47:4a:ce:32:74:d7:
                    44:1c:dd:57:4f:6e:8e:3a:f8:8a:7d:84:f0:fc:2e:
                    dc:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:92:38:D3:FA:76:29:A3:8C:C1:1D:EA:D4:39:18:AD:43:1D:2B:B9
            X509v3 Authority Key Identifier:
                keyid:F0:7A:C2:C3:31:3D:74:F2:25:85:38:92:41:B3:BE:2A:7B:89:D7:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/323830333a333430303a3a2f33322d3438203d3e203134373534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:3400::/32

    Signature Algorithm: sha256WithRSAEncryption
         8a:97:37:75:26:c3:d0:c6:90:b2:75:b8:ab:11:75:75:88:4d:
         f1:71:fb:5a:0a:94:d1:28:0e:6a:6a:26:ea:0f:99:8d:1e:39:
         26:09:2e:f1:35:fa:aa:e0:f7:8f:93:eb:d1:72:20:58:80:7d:
         6a:63:15:49:d0:c1:7a:a4:75:56:13:d4:45:9c:8f:c5:3b:28:
         82:b7:7d:b1:35:6d:a1:a6:32:54:e8:49:ee:21:ae:e7:7e:3c:
         aa:2f:49:c1:c5:6a:21:6d:d2:68:b7:3d:31:6e:98:69:0b:59:
         45:62:79:46:10:60:0a:03:32:fc:61:62:dd:ad:7b:2a:41:32:
         89:7f:62:e5:b3:e1:23:99:df:47:eb:21:0c:ab:4c:33:fe:d3:
         d6:85:6e:a0:fa:b1:1d:08:5c:fb:5a:b3:c3:5d:34:bb:cb:60:
         96:1e:1b:9f:4f:6d:04:d6:10:4d:14:03:f6:5c:fb:63:1a:73:
         2b:96:6d:60:43:fa:25:6f:00:a2:8a:c9:95:1e:ff:1c:b6:48:
         43:59:2a:84:36:09:c8:6d:dc:68:16:be:73:d5:a8:52:52:86:
         e3:1e:9f:38:71:6b:25:17:97:d6:b2:86:b2:59:b2:44:62:0f:
         10:5a:59:de:be:10:96:38:62:f3:0d:f5:f0:59:19:20:0d:3c:
         82:fa:7b:79
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUN43dc7a8fpwRCSkcOrXW7bB5TVowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjA3QUMyQzMzMTNENzRGMjI1ODUzODkyNDFCM0JFMkE3
Qjg5RDdCRjAeFw0yNDAzMDUxODEzMTFaFw0yNTAzMDQxODE4MTFaMDMxMTAvBgNV
BAMTKEE3OTIzOEQzRkE3NjI5QTM4Q0MxMURFQUQ0MzkxOEFENDMxRDJCQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIM33rwXTdSQYKGOLfMtMp7doj
HYQT/04gdvUlNdWKSvLVIAfhuddldGVMjWNsXiGMa5odv7UDmRyVQabVzodwoDhP
B0/zwQnXUM1MesH3pEmYkhvW9oVmBbT3kNqBTjlR5QdKxp8uzxerehfcKXfI9oBy
jaxnf55gVB9gaM/EvfH7PsDLt581fgCTCFvdFhNgGkYIrAQIGH364Y/maJDvxgI/
U9cN+nCkx097XduVUz1gWvlMUru+1oqKlwfR8iT29qviyDImLeNsepHjQDpOnf6Y
Smb44eAbiyAoTN8rEeVdwl3uls1pxkdKzjJ010Qc3VdPbo46+Ip9hPD8LtxhAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUp5I40/p2KaOMwR3q1DkYrUMdK7kwHwYDVR0j
BBgwFoAU8HrCwzE9dPIlhTiSQbO+KnuJ178wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wNEIyNTg1QjFERTVFRjRFRjdDRjA3MjBENzhENTIxNDYx
RjM2RDczMjg2MjE4NURFNzVCRDhCNTg5NkZEMjQyLzAvRjA3QUMyQzMzMTNENzRG
MjI1ODUzODkyNDFCM0JFMkE3Qjg5RDdCRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMDdBQzJDMzMxM0Q3NEYyMjU4
NTM4OTI0MUIzQkUyQTdCODlEN0JGLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDRCMjU4NUIxREU1RUY0RUY3Q0YwNzIwRDc4RDUyMTQ2MUYzNkQ3MzI4
NjIxODVERTc1QkQ4QjU4OTZGRDI0Mi8wLzMyMzgzMDMzM2EzMzM0MzAzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMxMzQzNzM1MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAzQAMA0G
CSqGSIb3DQEBCwUAA4IBAQCKlzd1JsPQxpCydbirEXV1iE3xcftaCpTRKA5qaibq
D5mNHjkmCS7xNfqq4PePk+vRciBYgH1qYxVJ0MF6pHVWE9RFnI/FOyiCt32xNW2h
pjJU6EnuIa7nfjyqL0nBxWohbdJotz0xbphpC1lFYnlGEGAKAzL8YWLdrXsqQTKJ
f2Lls+Ejmd9H6yEMq0wz/tPWhW6g+rEdCFz7WrPDXTS7y2CWHhufT20E1hBNFAP2
XPtjGnMrlm1gQ/olbwCiismVHv8ctkhDWSqENgnIbdxoFr5z1ahSUobjHp84cWsl
F5fWsoayWbJEYg8QWlnevhCWOGLzDfXwWRkgDTyC+nt5
-----END CERTIFICATE-----
Generated at Wed Jul 17 07:39:20 2024 by rpki-client on console-fra.rpki-client.org