Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a31393a3a2f34382d3438203d3e20323632313931.roa
File:                     323830303a6237303a31393a3a2f34382d3438203d3e20323632313931.roa (raw, json)
Hash identifier:          tYjNryAgXWsCCBfYh7nA2px8/dXlNF9dJ8Zp8OSNEv8=
Subject key identifier:   2B:EE:DD:A0:DA:CF:E8:51:B0:69:2E:C7:38:B3:1C:7E:C7:11:A4:3C
Certificate issuer:       /CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
Certificate serial:       57A19E19CD455991AFA0D52C4CF2932148911FC9
Authority key identifier: 85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a31393a3a2f34382d3438203d3e20323632313931.roa
Signing time:             Thu 29 May 2025 14:20:21 +0000
ROA not before:           Thu 29 May 2025 14:15:21 +0000
ROA not after:            Thu 28 May 2026 14:20:21 +0000
asID:                     262191
IP address blocks:        2800:b70:19::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 12 Jun 2025 14:29:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:a1:9e:19:cd:45:59:91:af:a0:d5:2c:4c:f2:93:21:48:91:1f:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
        Validity
            Not Before: May 29 14:15:21 2025 GMT
            Not After : May 28 14:20:21 2026 GMT
        Subject: CN=2BEEDDA0DACFE851B0692EC738B31C7EC711A43C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:43:b6:bb:0b:53:51:f0:08:ee:6e:7c:20:f4:
                    2b:79:f9:7b:b9:ad:36:71:fa:06:d1:47:11:bb:ef:
                    4a:b0:a6:e1:4e:ce:a1:be:be:83:83:90:34:73:2c:
                    e9:b1:84:1f:11:95:6b:d2:b9:8d:5c:8e:4c:82:d3:
                    09:15:e0:19:e6:a4:78:05:16:18:d7:0f:8f:07:67:
                    de:21:37:d0:b5:5f:45:fd:ee:bb:01:0c:c6:cd:dc:
                    30:b9:aa:a3:49:69:34:49:37:b9:2f:d2:7c:b2:e6:
                    0e:b7:c5:96:33:74:50:82:a0:c6:3a:6f:98:6f:3e:
                    21:7a:d6:7a:35:58:ef:be:e0:a7:92:9e:95:f5:c1:
                    ca:69:f3:d0:52:83:c9:a1:7f:d9:23:c7:39:22:f5:
                    23:c8:e3:a8:ce:b2:f6:31:81:2f:f1:5c:0c:9c:08:
                    b4:76:a0:79:86:24:3a:76:ac:2c:78:03:53:59:b9:
                    15:f4:16:c2:92:fc:2e:e4:be:d2:5c:7e:f9:3e:ff:
                    34:b7:34:42:ee:6e:8c:44:62:de:ee:cc:56:3b:c9:
                    91:6c:47:12:90:52:e5:13:00:4d:a8:72:52:46:58:
                    92:fe:fe:aa:a2:18:bb:26:79:8b:b3:87:03:5d:db:
                    42:82:8f:00:e8:93:6f:32:da:16:ac:d8:79:3e:0b:
                    7f:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:EE:DD:A0:DA:CF:E8:51:B0:69:2E:C7:38:B3:1C:7E:C7:11:A4:3C
            X509v3 Authority Key Identifier:
                keyid:85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a31393a3a2f34382d3438203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:b70:19::/48

    Signature Algorithm: sha256WithRSAEncryption
         9d:d7:ef:b3:db:62:cd:4e:d0:b7:4b:a0:e9:8f:9f:48:67:82:
         23:c7:e2:a2:4d:a2:38:19:74:15:17:6d:4e:70:22:97:28:39:
         76:5c:13:51:78:a2:7e:22:ce:6b:1a:0a:fe:22:7a:4b:28:19:
         45:30:87:8b:6e:50:51:05:68:ac:64:a5:f1:67:c9:1b:96:b5:
         ae:46:84:e8:e5:de:03:e5:d2:11:b3:00:5c:f7:e8:e3:65:d1:
         d0:d9:f3:68:9a:4b:41:17:29:29:11:57:3e:6d:19:4a:23:ee:
         6e:6e:34:95:20:b6:99:7d:66:72:7d:24:dd:e3:35:3a:24:0b:
         18:4f:b3:11:84:b0:aa:eb:1b:3d:a9:75:e7:2d:39:e7:de:ef:
         a8:2e:39:ed:e0:64:50:13:0a:e0:76:7c:c4:e3:79:bd:6b:0f:
         52:97:8c:05:56:3b:35:f4:9d:c6:0d:1f:67:51:ad:bc:f1:3e:
         8a:07:f3:9f:c8:3c:56:7e:ff:3c:d5:ab:15:90:26:13:1d:ea:
         07:9a:cc:94:af:01:1e:86:b4:6b:25:a0:af:2d:a7:22:fd:a8:
         18:fa:86:07:3d:b8:07:98:56:ce:0f:82:b7:da:2a:ef:67:42:
         4a:55:7c:fa:50:16:e9:36:08:e5:88:ff:dd:35:07:7c:8c:db:
         f2:a1:65:3e
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUV6GeGc1FWZGvoNUsTPKTIUiRH8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVEOUU3RDlCRUVGRUQwQjlFMTg4REI3RThDQzNCNjQ4
OTA2NkRDRDAeFw0yNTA1MjkxNDE1MjFaFw0yNjA1MjgxNDIwMjFaMDMxMTAvBgNV
BAMTKDJCRUVEREEwREFDRkU4NTFCMDY5MkVDNzM4QjMxQzdFQzcxMUE0M0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYQ7a7C1NR8Ajubnwg9Ct5+Xu5
rTZx+gbRRxG770qwpuFOzqG+voODkDRzLOmxhB8RlWvSuY1cjkyC0wkV4BnmpHgF
FhjXD48HZ94hN9C1X0X97rsBDMbN3DC5qqNJaTRJN7kv0nyy5g63xZYzdFCCoMY6
b5hvPiF61no1WO++4KeSnpX1wcpp89BSg8mhf9kjxzki9SPI46jOsvYxgS/xXAyc
CLR2oHmGJDp2rCx4A1NZuRX0FsKS/C7kvtJcfvk+/zS3NELuboxEYt7uzFY7yZFs
RxKQUuUTAE2oclJGWJL+/qqiGLsmeYuzhwNd20KCjwDok28y2has2Hk+C3/DAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUK+7doNrP6FGwaS7HOLMcfscRpDwwHwYDVR0j
BBgwFoAUhdnn2b7v7QueGI236Mw7ZIkGbc0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQUQ3MjYxQzdGRDFFNEVGRUNFQkU2RjM2MkZDRDBDNzU2
OTdFMDZCNDE0NzRCRUE4Q0FCQzcwNkY3OUVDRjNELzAvODVEOUU3RDlCRUVGRUQw
QjlFMTg4REI3RThDQzNCNjQ4OTA2NkRDRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUQ5RTdEOUJFRUZFRDBCOUUx
ODhEQjdFOENDM0I2NDg5MDY2RENELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUFENzI2MUM3RkQxRTRFRkVDRUJFNkYzNjJGQ0QwQzc1Njk3RTA2QjQx
NDc0QkVBOENBQkM3MDZGNzlFQ0YzRC8wLzMyMzgzMDMwM2E2MjM3MzAzYTMxMzkz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAtwABkwDQYJKoZIhvcNAQELBQADggEBAJ3X77PbYs1O0LdLoOmPn0hngiPH4qJN
ojgZdBUXbU5wIpcoOXZcE1F4on4izmsaCv4ieksoGUUwh4tuUFEFaKxkpfFnyRuW
ta5GhOjl3gPl0hGzAFz36ONl0dDZ82iaS0EXKSkRVz5tGUoj7m5uNJUgtpl9ZnJ9
JN3jNTokCxhPsxGEsKrrGz2pdectOefe76guOe3gZFATCuB2fMTjeb1rD1KXjAVW
OzX0ncYNH2dRrbzxPooH85/IPFZ+/zzVqxWQJhMd6geazJSvAR6GtGsloK8tpyL9
qBj6hgc9uAeYVs4PgrfaKu9nQkpVfPpQFuk2COWI/901B3yM2/KhZT4=
-----END CERTIFICATE-----
Generated at Mon Jun 9 11:27:10 2025 by rpki-client