Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/323830303a3663303a3a2f33322d3438203d3e203237383233.roa
File:                     323830303a3663303a3a2f33322d3438203d3e203237383233.roa (raw, json)
Hash identifier:          PpBW3YuULerpM9Px41w28AJq9tiwTYgDzhOygugF6vE=
Subject key identifier:   AF:E6:EE:8E:5E:6B:B7:CB:B3:E3:7A:42:28:BF:A9:88:36:74:D9:F5
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       7C7BDE5F8485F9BAFE40A8F8425BA897F8FE4716
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/323830303a3663303a3a2f33322d3438203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:15 +0000
ROA not before:           Tue 04 Feb 2025 18:03:15 +0000
ROA not after:            Tue 03 Feb 2026 18:08:15 +0000
asID:                     27823
IP address blocks:        2800:6c0::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 31 Mar 2025 05:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:7b:de:5f:84:85:f9:ba:fe:40:a8:f8:42:5b:a8:97:f8:fe:47:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:15 2025 GMT
            Not After : Feb  3 18:08:15 2026 GMT
        Subject: CN=AFE6EE8E5E6BB7CBB3E37A4228BFA9883674D9F5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:d0:66:8a:48:1a:a3:9f:2c:5b:82:ce:63:5d:
                    f3:81:2c:d5:0f:ec:98:80:9a:e6:7d:04:6e:41:81:
                    05:69:c6:1b:fa:bb:6b:51:67:4c:eb:65:19:25:e7:
                    1d:d2:e0:bd:ce:f3:1c:b5:2d:bf:22:1c:ae:90:51:
                    c8:90:69:27:91:c7:12:4e:eb:51:b0:09:b8:9e:c5:
                    9f:8a:25:0b:14:b9:79:07:b7:ac:31:1f:41:8d:33:
                    bd:fa:1f:e8:41:a1:68:ab:a0:7a:8c:e1:2e:38:42:
                    2c:26:2d:0f:b9:3e:e4:69:cb:40:73:3e:62:8b:78:
                    90:13:b8:57:d3:6e:ef:b4:ac:ce:4d:3d:37:8c:dc:
                    c7:74:49:9d:5b:f0:70:fe:ef:5d:97:da:be:e2:59:
                    cf:40:42:10:8d:3e:bb:de:57:70:af:e2:2e:e8:f9:
                    2b:d7:87:a0:18:ad:ca:e6:e4:1f:49:1b:46:e9:d8:
                    bc:5a:46:bc:a5:c0:23:6c:33:8b:fd:af:d5:93:d4:
                    72:99:1d:f4:76:7d:42:da:c1:e9:f1:d7:f2:32:be:
                    fb:0d:59:20:6e:44:29:13:da:1d:35:55:ea:9b:ba:
                    0b:c1:5d:b8:8f:71:0b:d5:a4:6e:ba:7e:a0:6d:99:
                    b4:30:12:f9:9f:28:63:53:32:ee:73:e4:c8:e2:a1:
                    61:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:E6:EE:8E:5E:6B:B7:CB:B3:E3:7A:42:28:BF:A9:88:36:74:D9:F5
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/323830303a3663303a3a2f33322d3438203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:6c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         c3:7b:25:08:93:dd:44:41:7e:88:06:55:5b:d2:7f:ec:b4:ee:
         0f:d9:2e:90:6a:b1:bc:b4:3b:b4:ed:01:ef:16:f7:67:a7:92:
         c0:69:c2:45:79:94:f8:e5:6c:9a:52:18:70:b4:b4:26:bf:c9:
         c5:92:d0:16:08:5e:8c:83:59:02:d1:2b:ef:a3:11:f5:7b:d8:
         50:40:bb:14:fb:ce:3a:99:a9:78:cf:59:38:1a:8d:77:77:a1:
         bc:41:50:ec:2f:97:55:0c:32:7b:48:68:25:0f:04:48:70:6e:
         12:13:de:7c:75:94:70:9b:07:fe:79:cb:bc:0d:fc:97:ce:bf:
         c8:e7:43:ec:71:d4:ae:f0:36:09:ce:51:0d:f8:b2:40:c7:97:
         1f:69:50:69:9a:0f:5c:d7:41:85:97:d6:1e:66:dd:76:58:27:
         ce:21:f4:74:4e:38:74:0b:52:85:3f:52:6a:83:7c:99:b6:6b:
         21:7a:41:5d:71:8e:9a:0f:c3:1e:a4:74:78:c3:ac:48:5e:58:
         80:1b:41:a5:ce:dc:80:ba:81:72:06:78:26:69:80:1d:96:d6:
         e9:a2:6f:27:02:eb:06:74:17:63:dc:64:b8:74:de:83:d1:d3:
         d1:f0:93:4b:4f:bb:18:fc:64:0f:a5:91:ed:1a:21:06:d5:00:
         2d:70:68:ef
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUfHveX4SF+br+QKj4Qluol/j+RxYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTVaFw0yNjAyMDMxODA4MTVaMDMxMTAvBgNV
BAMTKEFGRTZFRThFNUU2QkI3Q0JCM0UzN0E0MjI4QkZBOTg4MzY3NEQ5RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq0GaKSBqjnyxbgs5jXfOBLNUP
7JiAmuZ9BG5BgQVpxhv6u2tRZ0zrZRkl5x3S4L3O8xy1Lb8iHK6QUciQaSeRxxJO
61GwCbiexZ+KJQsUuXkHt6wxH0GNM736H+hBoWiroHqM4S44QiwmLQ+5PuRpy0Bz
PmKLeJATuFfTbu+0rM5NPTeM3Md0SZ1b8HD+712X2r7iWc9AQhCNPrveV3Cv4i7o
+SvXh6AYrcrm5B9JG0bp2LxaRrylwCNsM4v9r9WT1HKZHfR2fULawenx1/IyvvsN
WSBuRCkT2h01VeqbugvBXbiPcQvVpG66fqBtmbQwEvmfKGNTMu5z5MjioWHDAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUr+bujl5rt8uz43pCKL+piDZ02fUwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzgzMDMwM2EzNjYzMzAzYTNhMmYz
MzMyMmQzNDM4MjAzZDNlMjAzMjM3MzgzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKAAGwDANBgkq
hkiG9w0BAQsFAAOCAQEAw3slCJPdREF+iAZVW9J/7LTuD9kukGqxvLQ7tO0B7xb3
Z6eSwGnCRXmU+OVsmlIYcLS0Jr/JxZLQFghejINZAtEr76MR9XvYUEC7FPvOOpmp
eM9ZOBqNd3ehvEFQ7C+XVQwye0hoJQ8ESHBuEhPefHWUcJsH/nnLvA38l86/yOdD
7HHUrvA2Cc5RDfiyQMeXH2lQaZoPXNdBhZfWHmbddlgnziH0dE44dAtShT9SaoN8
mbZrIXpBXXGOmg/DHqR0eMOsSF5YgBtBpc7cgLqBcgZ4JmmAHZbW6aJvJwLrBnQX
Y9xkuHTeg9HT0fCTS0+7GPxkD6WR7RohBtUALXBo7w==
-----END CERTIFICATE-----
Generated at Wed Mar 26 23:35:51 2025 by rpki-client