Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/07C0096B91EEE14598A448131C1F2250BEC9AE9D2F5809CE4A43201C1092A294/0/323830333a636332303a3a2f33322d3332203d3e20323634363638.roa
File:                     323830333a636332303a3a2f33322d3332203d3e20323634363638.roa (raw, json)
Hash identifier:          ZK5hHDZ3ZgQsORKHkl9FZHH95gOggnLw1BzXnpqlI4M=
Subject key identifier:   21:7E:19:43:EE:18:84:66:12:B6:6D:4A:95:0B:15:6B:F9:AC:F1:E4
Certificate issuer:       /CN=DD74393AEC4E41A41C6F1FD02E0D9D2806ED9D5A
Certificate serial:       7D0191DEBFDF0E43F735C7A7C07CFC360BC2525F
Authority key identifier: DD:74:39:3A:EC:4E:41:A4:1C:6F:1F:D0:2E:0D:9D:28:06:ED:9D:5A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DD74393AEC4E41A41C6F1FD02E0D9D2806ED9D5A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/07C0096B91EEE14598A448131C1F2250BEC9AE9D2F5809CE4A43201C1092A294/0/323830333a636332303a3a2f33322d3332203d3e20323634363638.roa
Signing time:             Tue 05 Mar 2024 17:48:27 +0000
ROA not before:           Tue 05 Mar 2024 17:43:27 +0000
ROA not after:            Tue 04 Mar 2025 17:48:27 +0000
asID:                     264668
IP address blocks:        2803:cc20::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/07C0096B91EEE14598A448131C1F2250BEC9AE9D2F5809CE4A43201C1092A294/0/DD74393AEC4E41A41C6F1FD02E0D9D2806ED9D5A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/07C0096B91EEE14598A448131C1F2250BEC9AE9D2F5809CE4A43201C1092A294/0/DD74393AEC4E41A41C6F1FD02E0D9D2806ED9D5A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DD74393AEC4E41A41C6F1FD02E0D9D2806ED9D5A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 20 Jun 2024 02:08:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:01:91:de:bf:df:0e:43:f7:35:c7:a7:c0:7c:fc:36:0b:c2:52:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DD74393AEC4E41A41C6F1FD02E0D9D2806ED9D5A
        Validity
            Not Before: Mar  5 17:43:27 2024 GMT
            Not After : Mar  4 17:48:27 2025 GMT
        Subject: CN=217E1943EE18846612B66D4A950B156BF9ACF1E4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d0:d6:78:36:79:46:34:a9:76:b4:04:0d:ae:
                    27:66:18:d8:f7:22:d9:b7:2d:48:d6:e2:97:ff:37:
                    d5:1d:57:34:0e:50:fe:77:e7:14:ff:7c:ba:8f:93:
                    ea:9b:6c:55:65:3d:2d:ae:4e:62:f9:36:cf:f4:e9:
                    62:a1:d1:71:c5:89:32:dd:8f:64:ba:d0:5f:c9:47:
                    93:77:81:e9:8c:46:93:53:fc:9f:a7:f7:88:89:19:
                    60:db:87:13:f6:f1:72:43:23:cf:2b:4e:ca:3b:c4:
                    5c:a0:3c:ce:98:92:53:21:d0:d0:69:87:52:b4:16:
                    b8:18:bb:a6:3e:71:98:75:65:eb:58:f9:ad:a6:9d:
                    0d:f7:c8:09:ed:b0:6b:d9:96:50:24:8e:26:1b:e3:
                    6e:19:48:e8:39:6b:63:3a:9d:65:2d:1c:70:97:6e:
                    92:42:f5:15:a1:7f:d6:82:98:9d:77:e2:c3:52:c6:
                    ab:c6:c2:17:de:52:0a:14:49:e5:78:6f:a6:aa:b3:
                    3b:38:41:5e:44:63:1c:aa:dc:01:c3:4c:eb:5a:fd:
                    17:8c:20:19:26:3d:6b:d5:2f:c6:69:b0:49:86:06:
                    2a:9c:cd:14:7d:13:65:25:92:f6:af:28:50:3c:ce:
                    65:57:a6:21:90:cd:92:41:6c:79:4e:63:27:fd:b5:
                    fa:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:7E:19:43:EE:18:84:66:12:B6:6D:4A:95:0B:15:6B:F9:AC:F1:E4
            X509v3 Authority Key Identifier:
                keyid:DD:74:39:3A:EC:4E:41:A4:1C:6F:1F:D0:2E:0D:9D:28:06:ED:9D:5A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/07C0096B91EEE14598A448131C1F2250BEC9AE9D2F5809CE4A43201C1092A294/0/DD74393AEC4E41A41C6F1FD02E0D9D2806ED9D5A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DD74393AEC4E41A41C6F1FD02E0D9D2806ED9D5A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/07C0096B91EEE14598A448131C1F2250BEC9AE9D2F5809CE4A43201C1092A294/0/323830333a636332303a3a2f33322d3332203d3e20323634363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:cc20::/32

    Signature Algorithm: sha256WithRSAEncryption
         66:d3:14:10:01:3a:9c:d7:30:d3:6a:59:5c:04:2e:ca:cb:4a:
         b7:90:ba:69:47:a5:80:c4:f2:2c:4c:6a:47:95:c2:26:0b:39:
         99:2e:c0:d1:2a:95:95:8c:eb:72:be:38:44:eb:d7:41:cc:2a:
         a5:d3:a9:35:94:64:52:ad:d5:be:12:ba:9d:4e:15:31:ea:be:
         0c:ed:83:65:d0:c2:04:9c:69:c3:22:70:ec:de:bd:06:74:b8:
         e5:3b:9a:62:a9:48:9b:18:00:ef:f5:53:f0:7b:de:31:f1:a0:
         11:9e:e6:33:7d:22:60:a7:c5:e0:4e:4c:3c:17:56:37:7e:56:
         f0:55:02:ba:25:2d:ce:de:5f:c7:be:1c:28:1b:83:25:d4:59:
         a0:df:79:ff:4a:a8:c8:86:9b:f2:44:6a:07:c0:52:62:9b:c0:
         a5:57:9c:03:f0:54:f6:5f:d5:8c:99:30:1c:8f:f1:c3:1b:18:
         28:0d:75:71:04:a3:9b:5f:d6:a1:38:21:3b:c9:96:b9:69:fe:
         0a:bd:78:a7:5b:3e:20:1e:86:bb:fb:3e:f7:96:b4:c3:38:1f:
         89:c3:fe:0e:1a:f5:ae:f1:dc:b8:9e:79:be:a9:b5:05:ae:b0:
         f9:39:0c:60:a4:1c:b2:b1:10:5e:0e:23:f6:79:5a:11:0d:72:
         36:b6:03:aa
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUfQGR3r/fDkP3NcenwHz8NgvCUl8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREQ3NDM5M0FFQzRFNDFBNDFDNkYxRkQwMkUwRDlEMjgw
NkVEOUQ1QTAeFw0yNDAzMDUxNzQzMjdaFw0yNTAzMDQxNzQ4MjdaMDMxMTAvBgNV
BAMTKDIxN0UxOTQzRUUxODg0NjYxMkI2NkQ0QTk1MEIxNTZCRjlBQ0YxRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ0NZ4NnlGNKl2tAQNridmGNj3
Itm3LUjW4pf/N9UdVzQOUP535xT/fLqPk+qbbFVlPS2uTmL5Ns/06WKh0XHFiTLd
j2S60F/JR5N3gemMRpNT/J+n94iJGWDbhxP28XJDI88rTso7xFygPM6YklMh0NBp
h1K0FrgYu6Y+cZh1ZetY+a2mnQ33yAntsGvZllAkjiYb424ZSOg5a2M6nWUtHHCX
bpJC9RWhf9aCmJ134sNSxqvGwhfeUgoUSeV4b6aqszs4QV5EYxyq3AHDTOta/ReM
IBkmPWvVL8ZpsEmGBiqczRR9E2UlkvavKFA8zmVXpiGQzZJBbHlOYyf9tfp3AgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUIX4ZQ+4YhGYStm1KlQsVa/ms8eQwHwYDVR0j
BBgwFoAU3XQ5OuxOQaQcbx/QLg2dKAbtnVowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wN0MwMDk2QjkxRUVFMTQ1OThBNDQ4MTMxQzFGMjI1MEJF
QzlBRTlEMkY1ODA5Q0U0QTQzMjAxQzEwOTJBMjk0LzAvREQ3NDM5M0FFQzRFNDFB
NDFDNkYxRkQwMkUwRDlEMjgwNkVEOUQ1QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERDc0MzkzQUVDNEU0MUE0MUM2
RjFGRDAyRTBEOUQyODA2RUQ5RDVBLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDdDMDA5NkI5MUVFRTE0NTk4QTQ0ODEzMUMxRjIyNTBCRUM5QUU5RDJG
NTgwOUNFNEE0MzIwMUMxMDkyQTI5NC8wLzMyMzgzMDMzM2E2MzYzMzIzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzYzNDM2MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDzCAw
DQYJKoZIhvcNAQELBQADggEBAGbTFBABOpzXMNNqWVwELsrLSreQumlHpYDE8ixM
akeVwiYLOZkuwNEqlZWM63K+OETr10HMKqXTqTWUZFKt1b4Sup1OFTHqvgztg2XQ
wgScacMicOzevQZ0uOU7mmKpSJsYAO/1U/B73jHxoBGe5jN9ImCnxeBOTDwXVjd+
VvBVArolLc7eX8e+HCgbgyXUWaDfef9KqMiGm/JEagfAUmKbwKVXnAPwVPZf1YyZ
MByP8cMbGCgNdXEEo5tf1qE4ITvJlrlp/gq9eKdbPiAehrv7PveWtMM4H4nD/g4a
9a7x3Lieeb6ptQWusPk5DGCkHLKxEF4OI/Z5WhENcja2A6o=
-----END CERTIFICATE-----
Generated at Mon Jun 17 02:10:02 2024 by rpki-client on console-ams.rpki-client.org