Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32343a3a2f34382d3438203d3e20323632313931.roa
File:                     323830303a6237303a32343a3a2f34382d3438203d3e20323632313931.roa (raw, json)
Hash identifier:          pPvldcjsPTEIJh85o6ydHI5gsQMohUTw76icUTBSd+g=
Subject key identifier:   9F:EE:47:1E:15:A6:BE:0A:14:D0:F1:62:D9:E3:12:AB:E9:C8:4E:D1
Certificate issuer:       /CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
Certificate serial:       5AE270E6FDA662B93A9F07CDDAA71E0A4162C00D
Authority key identifier: 85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32343a3a2f34382d3438203d3e20323632313931.roa
Signing time:             Thu 29 May 2025 14:20:19 +0000
ROA not before:           Thu 29 May 2025 14:15:19 +0000
ROA not after:            Thu 28 May 2026 14:20:19 +0000
asID:                     262191
IP address blocks:        2800:b70:24::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Jun 2025 23:10:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:e2:70:e6:fd:a6:62:b9:3a:9f:07:cd:da:a7:1e:0a:41:62:c0:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
        Validity
            Not Before: May 29 14:15:19 2025 GMT
            Not After : May 28 14:20:19 2026 GMT
        Subject: CN=9FEE471E15A6BE0A14D0F162D9E312ABE9C84ED1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:74:92:21:a8:47:8e:c0:ff:46:9f:9a:8f:f6:
                    08:d6:b9:2a:ec:97:c6:b1:91:f6:d4:bb:5c:1e:7a:
                    ac:6a:f6:0a:40:51:f3:a0:33:fd:8b:b4:d3:1a:33:
                    ae:97:88:4d:c5:61:93:c1:78:e9:e5:ea:2e:8e:24:
                    1d:12:fa:00:d4:be:2c:1f:68:bb:0b:a2:ce:5b:67:
                    12:3a:3b:f5:35:72:5e:36:00:e2:00:36:b7:c9:5c:
                    06:e3:d4:55:31:79:e2:44:0d:c0:9e:12:fc:94:b2:
                    a8:bd:50:c6:ab:2a:f0:d1:87:57:cc:50:d7:76:30:
                    d0:eb:7b:89:8f:5d:ba:15:e3:c3:29:3f:6b:21:ec:
                    88:77:57:88:1e:55:8c:5f:0f:6c:90:d4:75:03:8e:
                    24:a2:23:37:35:d7:ab:10:cd:30:df:65:0e:03:21:
                    f6:12:a8:e8:07:53:b2:ab:b1:9c:87:a0:81:d4:82:
                    ca:d3:86:59:90:e9:92:63:71:ec:9e:6d:d9:67:33:
                    7e:19:6c:0e:58:85:98:21:e8:7b:1c:84:ba:10:42:
                    ea:24:90:5f:d4:46:d5:73:14:50:ce:86:26:bb:8f:
                    5e:d0:79:ac:d2:55:6d:97:16:c9:7b:7b:ae:68:7a:
                    f8:2d:77:ef:34:bd:ff:62:87:77:3f:44:ea:43:45:
                    03:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:EE:47:1E:15:A6:BE:0A:14:D0:F1:62:D9:E3:12:AB:E9:C8:4E:D1
            X509v3 Authority Key Identifier:
                keyid:85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32343a3a2f34382d3438203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:b70:24::/48

    Signature Algorithm: sha256WithRSAEncryption
         23:d4:da:88:d1:35:8a:f6:26:d8:3b:02:04:94:b5:2c:fb:a8:
         b6:64:78:02:3d:3b:41:55:2a:f8:cf:05:ff:df:82:98:50:eb:
         78:01:58:c7:5b:15:4f:51:50:33:b8:3e:89:ef:c5:33:10:4b:
         19:e1:ad:2b:68:78:db:cb:43:fd:e4:cf:44:e2:94:72:b5:88:
         4a:90:4c:dc:9c:65:5c:69:53:dd:61:fe:c8:92:7d:95:16:fe:
         cf:1e:a5:e7:63:49:7e:d2:ca:d3:cd:d8:73:02:cd:9a:9f:71:
         0d:8c:2f:26:99:ce:af:aa:18:9e:a5:92:4c:15:ca:90:bd:cd:
         45:df:83:88:fc:3c:ba:b8:cc:73:1b:a7:3d:03:6d:8a:cd:43:
         ac:e0:ef:e0:2c:ae:41:c0:0c:eb:a2:60:14:c9:ff:df:af:96:
         90:13:4d:d6:61:22:aa:4c:2e:b0:e5:52:45:69:d7:6c:c1:ec:
         65:a2:86:24:15:a6:09:6d:96:24:2a:6d:a9:d3:5b:41:3d:a6:
         cc:82:d4:ad:9d:3a:06:13:9e:84:d2:be:d2:0c:6f:84:cc:da:
         6c:e1:0c:7b:7b:61:55:4a:56:03:7c:ad:3d:78:01:c4:52:1b:
         91:e2:06:75:7d:52:ee:14:05:c9:c5:a4:b5:59:3b:7c:76:17:
         95:20:95:8b
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUWuJw5v2mYrk6nwfN2qceCkFiwA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVEOUU3RDlCRUVGRUQwQjlFMTg4REI3RThDQzNCNjQ4
OTA2NkRDRDAeFw0yNTA1MjkxNDE1MTlaFw0yNjA1MjgxNDIwMTlaMDMxMTAvBgNV
BAMTKDlGRUU0NzFFMTVBNkJFMEExNEQwRjE2MkQ5RTMxMkFCRTlDODRFRDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNdJIhqEeOwP9Gn5qP9gjWuSrs
l8axkfbUu1weeqxq9gpAUfOgM/2LtNMaM66XiE3FYZPBeOnl6i6OJB0S+gDUviwf
aLsLos5bZxI6O/U1cl42AOIANrfJXAbj1FUxeeJEDcCeEvyUsqi9UMarKvDRh1fM
UNd2MNDre4mPXboV48MpP2sh7Ih3V4geVYxfD2yQ1HUDjiSiIzc116sQzTDfZQ4D
IfYSqOgHU7KrsZyHoIHUgsrThlmQ6ZJjceyebdlnM34ZbA5YhZgh6HschLoQQuok
kF/URtVzFFDOhia7j17QeazSVW2XFsl7e65oevgtd+80vf9ih3c/ROpDRQNlAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUn+5HHhWmvgoU0PFi2eMSq+nITtEwHwYDVR0j
BBgwFoAUhdnn2b7v7QueGI236Mw7ZIkGbc0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQUQ3MjYxQzdGRDFFNEVGRUNFQkU2RjM2MkZDRDBDNzU2
OTdFMDZCNDE0NzRCRUE4Q0FCQzcwNkY3OUVDRjNELzAvODVEOUU3RDlCRUVGRUQw
QjlFMTg4REI3RThDQzNCNjQ4OTA2NkRDRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUQ5RTdEOUJFRUZFRDBCOUUx
ODhEQjdFOENDM0I2NDg5MDY2RENELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUFENzI2MUM3RkQxRTRFRkVDRUJFNkYzNjJGQ0QwQzc1Njk3RTA2QjQx
NDc0QkVBOENBQkM3MDZGNzlFQ0YzRC8wLzMyMzgzMDMwM2E2MjM3MzAzYTMyMzQz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAtwACQwDQYJKoZIhvcNAQELBQADggEBACPU2ojRNYr2Jtg7AgSUtSz7qLZkeAI9
O0FVKvjPBf/fgphQ63gBWMdbFU9RUDO4PonvxTMQSxnhrStoeNvLQ/3kz0TilHK1
iEqQTNycZVxpU91h/siSfZUW/s8epedjSX7SytPN2HMCzZqfcQ2MLyaZzq+qGJ6l
kkwVypC9zUXfg4j8PLq4zHMbpz0DbYrNQ6zg7+AsrkHADOuiYBTJ/9+vlpATTdZh
IqpMLrDlUkVp12zB7GWihiQVpgltliQqbanTW0E9psyC1K2dOgYTnoTSvtIMb4TM
2mzhDHt7YVVKVgN8rT14AcRSG5HiBnV9Uu4UBcnFpLVZO3x2F5UglYs=
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:16:12 2025 by rpki-client