Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0584C0A79D263758AD366ABC70AEE595CCAACB41A6F6A9C77347396AA83FBBAF/0/323830333a633465303a393030303a3a2f33362d3336203d3e20323639383039.roa
File:                     323830333a633465303a393030303a3a2f33362d3336203d3e20323639383039.roa (raw, json)
Hash identifier:          +qiN4F1mYAj4Z5sIYaqznGHigEY6A9hu6iAcLbRApQk=
Subject key identifier:   2F:E6:DC:D1:76:4A:9F:33:F3:2E:60:5C:AC:D8:30:02:0D:28:6D:7E
Certificate issuer:       /CN=3D77237A7C9B2196D17146B7FDD8C031BE81DBF4
Certificate serial:       7164114765841FC0D3203613B9A1364D2F20A195
Authority key identifier: 3D:77:23:7A:7C:9B:21:96:D1:71:46:B7:FD:D8:C0:31:BE:81:DB:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D77237A7C9B2196D17146B7FDD8C031BE81DBF4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0584C0A79D263758AD366ABC70AEE595CCAACB41A6F6A9C77347396AA83FBBAF/0/323830333a633465303a393030303a3a2f33362d3336203d3e20323639383039.roa
Signing time:             Tue 05 Mar 2024 18:06:33 +0000
ROA not before:           Tue 05 Mar 2024 18:01:33 +0000
ROA not after:            Tue 04 Mar 2025 18:06:33 +0000
asID:                     269809
IP address blocks:        2803:c4e0:9000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0584C0A79D263758AD366ABC70AEE595CCAACB41A6F6A9C77347396AA83FBBAF/0/3D77237A7C9B2196D17146B7FDD8C031BE81DBF4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0584C0A79D263758AD366ABC70AEE595CCAACB41A6F6A9C77347396AA83FBBAF/0/3D77237A7C9B2196D17146B7FDD8C031BE81DBF4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D77237A7C9B2196D17146B7FDD8C031BE81DBF4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:64:11:47:65:84:1f:c0:d3:20:36:13:b9:a1:36:4d:2f:20:a1:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3D77237A7C9B2196D17146B7FDD8C031BE81DBF4
        Validity
            Not Before: Mar  5 18:01:33 2024 GMT
            Not After : Mar  4 18:06:33 2025 GMT
        Subject: CN=2FE6DCD1764A9F33F32E605CACD830020D286D7E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:3b:3f:36:98:eb:b7:bf:69:fb:46:e0:9e:74:
                    97:09:98:8d:a4:18:f6:15:e9:96:b3:c5:91:76:16:
                    25:5f:c8:1f:ee:a6:cd:e7:86:ee:78:31:4d:61:08:
                    a2:b9:be:f3:7e:9a:ea:eb:61:dd:c2:f7:f1:8b:04:
                    8e:d4:76:a8:d8:24:4e:bd:19:ca:fc:7d:da:fb:40:
                    cf:58:5e:8a:f0:b8:ef:4b:d3:06:67:ab:59:19:d5:
                    99:92:1f:cb:1a:ff:44:b8:f7:2b:26:39:8f:64:6d:
                    29:b4:54:22:f3:a9:c7:13:27:2d:62:13:ff:a7:b6:
                    a4:ca:73:d0:d3:f2:a8:73:49:32:78:a0:7c:25:f8:
                    3f:a9:6d:04:cc:1f:b1:f3:69:ac:3e:32:fa:e9:1b:
                    77:e2:6d:db:d3:67:6e:6b:5e:4f:f8:18:4e:bd:c8:
                    4f:6e:08:49:e9:c8:10:a3:85:54:85:51:be:c9:a9:
                    9b:bc:39:d7:3d:55:b6:4d:b1:ad:2a:af:21:9e:b2:
                    9e:4f:77:b9:44:fe:1e:3b:af:4c:78:3a:ae:83:95:
                    78:f2:54:8f:45:aa:d9:47:b1:4d:6d:7a:d8:d6:88:
                    68:cb:35:30:1f:e6:38:a5:b7:6a:0f:d7:6c:d2:1e:
                    41:aa:93:0d:cf:b9:7f:28:47:31:6c:4c:e4:a3:c1:
                    2f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:E6:DC:D1:76:4A:9F:33:F3:2E:60:5C:AC:D8:30:02:0D:28:6D:7E
            X509v3 Authority Key Identifier:
                keyid:3D:77:23:7A:7C:9B:21:96:D1:71:46:B7:FD:D8:C0:31:BE:81:DB:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0584C0A79D263758AD366ABC70AEE595CCAACB41A6F6A9C77347396AA83FBBAF/0/3D77237A7C9B2196D17146B7FDD8C031BE81DBF4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D77237A7C9B2196D17146B7FDD8C031BE81DBF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0584C0A79D263758AD366ABC70AEE595CCAACB41A6F6A9C77347396AA83FBBAF/0/323830333a633465303a393030303a3a2f33362d3336203d3e20323639383039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:c4e0:9000::/36

    Signature Algorithm: sha256WithRSAEncryption
         22:8e:c4:16:4d:c0:8d:96:b1:4e:0b:26:bd:a2:2f:5b:c6:03:
         e4:86:4a:3a:bd:0b:30:6e:e6:fb:11:c0:cb:55:06:bf:83:a0:
         7b:83:5a:b9:f8:85:44:22:43:24:56:9b:ad:24:84:22:de:d9:
         7f:78:8d:76:7f:b1:7d:27:66:48:4f:a8:79:f3:c6:a6:89:64:
         65:da:5f:ae:da:00:b1:d1:e1:d4:bb:0a:cb:88:20:98:5f:02:
         6c:43:5b:6d:5d:11:50:41:14:a7:a7:e1:90:df:34:83:0a:69:
         62:ad:57:ed:52:57:75:38:2d:8e:71:b4:aa:cc:0e:ca:38:2d:
         8a:0e:23:98:47:e4:43:04:43:9e:a3:89:7b:78:87:59:68:7f:
         2e:53:00:ef:78:17:90:71:8b:22:48:d4:00:c7:54:f4:13:5e:
         25:ba:8f:2d:54:a2:22:a8:9f:d9:54:ae:e0:38:6a:b8:01:1a:
         8b:36:c0:a4:b6:24:dd:b1:1f:12:d8:7b:2f:5d:77:d0:d8:88:
         e1:72:d0:e4:38:60:b9:f4:9e:1e:3e:e8:3a:69:2c:89:b9:63:
         56:07:31:1e:48:38:2d:87:56:ca:e2:49:23:f9:07:99:b1:72:
         e6:a6:95:b1:99:78:d9:c8:ec:4b:f9:ae:20:98:fe:11:51:8f:
         0b:34:39:36
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgIUcWQRR2WEH8DTIDYTuaE2TS8goZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Q3NzIzN0E3QzlCMjE5NkQxNzE0NkI3RkREOEMwMzFC
RTgxREJGNDAeFw0yNDAzMDUxODAxMzNaFw0yNTAzMDQxODA2MzNaMDMxMTAvBgNV
BAMTKDJGRTZEQ0QxNzY0QTlGMzNGMzJFNjA1Q0FDRDgzMDAyMEQyODZEN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4Oz82mOu3v2n7RuCedJcJmI2k
GPYV6ZazxZF2FiVfyB/ups3nhu54MU1hCKK5vvN+murrYd3C9/GLBI7UdqjYJE69
Gcr8fdr7QM9YXorwuO9L0wZnq1kZ1ZmSH8sa/0S49ysmOY9kbSm0VCLzqccTJy1i
E/+ntqTKc9DT8qhzSTJ4oHwl+D+pbQTMH7Hzaaw+MvrpG3fibdvTZ25rXk/4GE69
yE9uCEnpyBCjhVSFUb7JqZu8Odc9VbZNsa0qryGesp5Pd7lE/h47r0x4Oq6DlXjy
VI9FqtlHsU1tetjWiGjLNTAf5jilt2oP12zSHkGqkw3PuX8oRzFsTOSjwS8/AgMB
AAGjggLUMIIC0DAdBgNVHQ4EFgQUL+bc0XZKnzPzLmBcrNgwAg0obX4wHwYDVR0j
BBgwFoAUPXcjenybIZbRcUa3/djAMb6B2/QwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wNTg0QzBBNzlEMjYzNzU4QUQzNjZBQkM3MEFFRTU5NUND
QUFDQjQxQTZGNkE5Qzc3MzQ3Mzk2QUE4M0ZCQkFGLzAvM0Q3NzIzN0E3QzlCMjE5
NkQxNzE0NkI3RkREOEMwMzFCRTgxREJGNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRDc3MjM3QTdDOUIyMTk2RDE3
MTQ2QjdGREQ4QzAzMUJFODFEQkY0LmNlcjCB0QYIKwYBBQUHAQsEgcQwgcEwgb4G
CCsGAQUFBzALhoGxcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDU4NEMwQTc5RDI2Mzc1OEFEMzY2QUJDNzBBRUU1OTVDQ0FBQ0I0MUE2
RjZBOUM3NzM0NzM5NkFBODNGQkJBRi8wLzMyMzgzMDMzM2E2MzM0NjUzMDNhMzkz
MDMwMzAzYTNhMmYzMzM2MmQzMzM2MjAzZDNlMjAzMjM2MzkzODMwMzkucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQoA8TgkDANBgkqhkiG9w0BAQsFAAOCAQEAIo7EFk3AjZaxTgsmvaIvW8YD
5IZKOr0LMG7m+xHAy1UGv4Oge4NaufiFRCJDJFabrSSEIt7Zf3iNdn+xfSdmSE+o
efPGpolkZdpfrtoAsdHh1LsKy4ggmF8CbENbbV0RUEEUp6fhkN80gwppYq1X7VJX
dTgtjnG0qswOyjgtig4jmEfkQwRDnqOJe3iHWWh/LlMA73gXkHGLIkjUAMdU9BNe
JbqPLVSiIqif2VSu4DhquAEaizbApLYk3bEfEth7L1130NiI4XLQ5DhgufSeHj7o
OmksibljVgcxHkg4LYdWyuJJI/kHmbFy5qaVsZl42cjsS/muIJj+EVGPCzQ5Ng==
-----END CERTIFICATE-----
Generated at Tue Nov 19 23:16:56 2024 by rpki-client on console-ams.rpki-client.org