Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0C15FD84A7B1D129FCDFF7710B48414F7BB19EC348EAC2D29EEFA7C8E9B10D9E/0/323830333a613631303a3a2f33322d3332203d3e20323731393433.roa
File:                     323830333a613631303a3a2f33322d3332203d3e20323731393433.roa (raw, json)
Hash identifier:          hfQoW9rUsGMUM3EFK+qQdnFyTd1vU9Sq9tocyOtzoqc=
Subject key identifier:   01:55:FD:2A:11:DA:31:C1:D2:B7:34:85:35:63:53:B1:AE:10:EF:F2
Certificate issuer:       /CN=1BF98E25D84D87FB5D822B785EC286F20EDF99D7
Certificate serial:       46F785A48DCF324078C586C0B371BDA5CDF579EA
Authority key identifier: 1B:F9:8E:25:D8:4D:87:FB:5D:82:2B:78:5E:C2:86:F2:0E:DF:99:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1BF98E25D84D87FB5D822B785EC286F20EDF99D7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0C15FD84A7B1D129FCDFF7710B48414F7BB19EC348EAC2D29EEFA7C8E9B10D9E/0/323830333a613631303a3a2f33322d3332203d3e20323731393433.roa
Signing time:             Tue 05 Mar 2024 17:46:20 +0000
ROA not before:           Tue 05 Mar 2024 17:41:20 +0000
ROA not after:            Tue 04 Mar 2025 17:46:20 +0000
asID:                     271943
IP address blocks:        2803:a610::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0C15FD84A7B1D129FCDFF7710B48414F7BB19EC348EAC2D29EEFA7C8E9B10D9E/0/1BF98E25D84D87FB5D822B785EC286F20EDF99D7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0C15FD84A7B1D129FCDFF7710B48414F7BB19EC348EAC2D29EEFA7C8E9B10D9E/0/1BF98E25D84D87FB5D822B785EC286F20EDF99D7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1BF98E25D84D87FB5D822B785EC286F20EDF99D7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 19:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:f7:85:a4:8d:cf:32:40:78:c5:86:c0:b3:71:bd:a5:cd:f5:79:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1BF98E25D84D87FB5D822B785EC286F20EDF99D7
        Validity
            Not Before: Mar  5 17:41:20 2024 GMT
            Not After : Mar  4 17:46:20 2025 GMT
        Subject: CN=0155FD2A11DA31C1D2B73485356353B1AE10EFF2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:35:1a:f9:1f:1c:7a:c8:f0:30:4c:3b:04:5b:
                    da:87:d2:94:60:24:08:eb:6c:54:68:4a:9a:c0:09:
                    ba:82:f3:7c:f3:38:1c:f1:b7:83:df:3f:9a:bb:4c:
                    f6:d1:9a:04:b6:2a:9b:49:bd:3a:7f:5a:f8:4d:a9:
                    3a:e4:c3:bb:e9:88:96:53:dc:98:78:8d:04:8d:02:
                    ba:07:6e:5e:9a:ba:41:61:04:42:a5:aa:89:f1:ff:
                    6e:49:d8:b8:fb:5b:b3:1e:6b:10:63:e7:2e:46:30:
                    5f:21:0d:29:72:2b:fe:67:89:e6:43:c3:47:db:c5:
                    8e:64:33:13:e1:f1:22:c2:0f:94:2b:a9:fb:3b:e3:
                    24:07:f2:3f:c1:c4:09:13:45:ce:21:36:59:be:52:
                    b0:66:a4:98:bd:fd:9f:c2:44:bf:70:ef:8b:57:d4:
                    0b:15:f9:37:90:5b:e4:7f:72:c8:37:d8:c5:ee:48:
                    a0:11:3d:31:1d:b1:4b:19:e2:11:2a:12:0a:bf:6a:
                    88:b0:f9:b0:dc:6c:86:71:64:68:12:90:09:83:01:
                    f6:c8:31:b8:a0:5c:cc:fe:e9:4e:7f:5f:63:3c:d4:
                    d8:ba:a9:60:d9:31:8a:c5:e5:e6:3f:a9:fe:8f:18:
                    87:f1:8f:37:eb:4d:4a:a0:f7:c8:a0:09:d0:3a:d7:
                    f9:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:55:FD:2A:11:DA:31:C1:D2:B7:34:85:35:63:53:B1:AE:10:EF:F2
            X509v3 Authority Key Identifier:
                keyid:1B:F9:8E:25:D8:4D:87:FB:5D:82:2B:78:5E:C2:86:F2:0E:DF:99:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0C15FD84A7B1D129FCDFF7710B48414F7BB19EC348EAC2D29EEFA7C8E9B10D9E/0/1BF98E25D84D87FB5D822B785EC286F20EDF99D7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1BF98E25D84D87FB5D822B785EC286F20EDF99D7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0C15FD84A7B1D129FCDFF7710B48414F7BB19EC348EAC2D29EEFA7C8E9B10D9E/0/323830333a613631303a3a2f33322d3332203d3e20323731393433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:a610::/32

    Signature Algorithm: sha256WithRSAEncryption
         22:b6:67:7c:8c:11:b4:77:62:2e:69:55:24:9f:02:54:48:ab:
         a6:1c:93:4b:c1:d8:70:ba:6a:c7:ba:2e:ef:d6:f2:98:da:dc:
         a4:09:97:ba:5d:9a:01:33:95:7e:aa:ea:d8:ec:37:16:df:a1:
         b7:fc:09:a4:a9:c2:78:29:7b:93:ea:2e:92:0e:66:17:48:65:
         b4:4b:54:1e:f9:cb:07:c5:b3:ea:28:7d:10:fb:8c:52:4c:9b:
         1a:ee:85:73:41:43:0b:73:79:76:56:ee:84:2e:b6:b6:16:f1:
         e8:1b:b8:c4:5a:e7:b2:00:07:0c:79:d0:4f:a9:1e:6e:43:d7:
         be:a7:a9:5f:af:6c:f1:72:ac:5f:35:29:6f:17:a2:4f:d0:cb:
         15:7a:fb:84:73:3b:4d:63:88:f4:6f:f6:07:6e:d3:e0:e2:0b:
         b4:05:92:6c:e9:5c:20:22:c8:36:93:b0:f3:dd:82:26:15:ab:
         78:c0:a4:4d:70:1c:69:75:59:b2:b6:25:c5:70:05:54:88:f1:
         7b:66:73:9f:3d:ee:13:70:46:cb:21:1c:89:9c:37:9b:0f:0d:
         94:ba:d8:0b:79:87:25:5f:b1:c1:bf:2b:7c:bf:ce:e4:5e:46:
         eb:d4:0e:39:15:98:29:62:90:81:89:74:a2:82:a8:02:77:c7:
         b4:4d:32:1c
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIURveFpI3PMkB4xYbAs3G9pc31eeowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUJGOThFMjVEODREODdGQjVEODIyQjc4NUVDMjg2RjIw
RURGOTlENzAeFw0yNDAzMDUxNzQxMjBaFw0yNTAzMDQxNzQ2MjBaMDMxMTAvBgNV
BAMTKDAxNTVGRDJBMTFEQTMxQzFEMkI3MzQ4NTM1NjM1M0IxQUUxMEVGRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVNRr5Hxx6yPAwTDsEW9qH0pRg
JAjrbFRoSprACbqC83zzOBzxt4PfP5q7TPbRmgS2KptJvTp/WvhNqTrkw7vpiJZT
3Jh4jQSNAroHbl6aukFhBEKlqonx/25J2Lj7W7MeaxBj5y5GMF8hDSlyK/5nieZD
w0fbxY5kMxPh8SLCD5Qrqfs74yQH8j/BxAkTRc4hNlm+UrBmpJi9/Z/CRL9w74tX
1AsV+TeQW+R/csg32MXuSKARPTEdsUsZ4hEqEgq/aoiw+bDcbIZxZGgSkAmDAfbI
MbigXMz+6U5/X2M81Ni6qWDZMYrF5eY/qf6PGIfxjzfrTUqg98igCdA61/mzAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUAVX9KhHaMcHStzSFNWNTsa4Q7/IwHwYDVR0j
BBgwFoAUG/mOJdhNh/tdgit4XsKG8g7fmdcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wQzE1RkQ4NEE3QjFEMTI5RkNERkY3NzEwQjQ4NDE0RjdC
QjE5RUMzNDhFQUMyRDI5RUVGQTdDOEU5QjEwRDlFLzAvMUJGOThFMjVEODREODdG
QjVEODIyQjc4NUVDMjg2RjIwRURGOTlENy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xQkY5OEUyNUQ4NEQ4N0ZCNUQ4
MjJCNzg1RUMyODZGMjBFREY5OUQ3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEMxNUZEODRBN0IxRDEyOUZDREZGNzcxMEI0ODQxNEY3QkIxOUVDMzQ4
RUFDMkQyOUVFRkE3QzhFOUIxMEQ5RS8wLzMyMzgzMDMzM2E2MTM2MzEzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzczMTM5MzQzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDphAw
DQYJKoZIhvcNAQELBQADggEBACK2Z3yMEbR3Yi5pVSSfAlRIq6Yck0vB2HC6ase6
Lu/W8pja3KQJl7pdmgEzlX6q6tjsNxbfobf8CaSpwngpe5PqLpIOZhdIZbRLVB75
ywfFs+oofRD7jFJMmxruhXNBQwtzeXZW7oQutrYW8egbuMRa57IABwx50E+pHm5D
176nqV+vbPFyrF81KW8Xok/QyxV6+4RzO01jiPRv9gdu0+DiC7QFkmzpXCAiyDaT
sPPdgiYVq3jApE1wHGl1WbK2JcVwBVSI8Xtmc5897hNwRsshHImcN5sPDZS62At5
hyVfscG/K3y/zuReRuvUDjkVmClikIGJdKKCqAJ3x7RNMhw=
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:22:24 2024 by rpki-client on console-ams.rpki-client.org