Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32363a3a2f34382d3438203d3e20323632313931.roa
File:                     323830303a6237303a32363a3a2f34382d3438203d3e20323632313931.roa (raw, json)
Hash identifier:          e8/8HvsW2HhfWEWGfpp+X0bBV/VUJ01Jg4vxdC7euv8=
Subject key identifier:   E9:1C:B9:1F:FF:5D:3D:33:2E:87:BA:03:66:B1:C8:DC:75:69:70:25
Certificate issuer:       /CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
Certificate serial:       62936123C31E67B61D71EC4AAC38F09E9A3ACF52
Authority key identifier: 85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32363a3a2f34382d3438203d3e20323632313931.roa
Signing time:             Thu 27 Jun 2024 14:10:00 +0000
ROA not before:           Thu 27 Jun 2024 14:05:00 +0000
ROA not after:            Thu 26 Jun 2025 14:10:00 +0000
asID:                     262191
IP address blocks:        2800:b70:26::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:93:61:23:c3:1e:67:b6:1d:71:ec:4a:ac:38:f0:9e:9a:3a:cf:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
        Validity
            Not Before: Jun 27 14:05:00 2024 GMT
            Not After : Jun 26 14:10:00 2025 GMT
        Subject: CN=E91CB91FFF5D3D332E87BA0366B1C8DC75697025
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:7e:0d:c3:27:6e:42:e1:09:46:a4:33:9f:d7:
                    79:77:31:d8:21:59:bf:b6:a9:d9:28:64:a2:06:d9:
                    78:13:f7:9d:a1:63:f4:cc:7c:51:d7:bc:00:ba:83:
                    b3:83:d6:22:06:55:19:f6:17:e6:9c:e1:b4:dd:ae:
                    bc:12:4a:7f:14:ae:6e:36:7e:6a:d0:84:0f:24:55:
                    cd:50:e1:b8:d3:d2:78:be:34:f8:91:47:f9:41:57:
                    62:b4:f3:8b:f1:60:c7:c7:0a:8b:b6:59:b1:1c:da:
                    fe:15:3b:2a:77:1f:6c:e2:f2:2b:62:82:c3:a7:ad:
                    eb:e7:ad:00:5f:19:77:3c:71:1a:df:41:97:a2:43:
                    67:76:23:31:82:83:6f:fc:c2:02:69:a3:53:13:9f:
                    c4:81:91:7d:a7:c4:08:98:f3:b0:14:a7:a0:43:5b:
                    25:f0:f2:d6:73:aa:d2:63:c5:93:c0:0b:12:51:31:
                    51:c0:77:c4:8e:6e:83:e5:37:80:5d:9d:05:bb:78:
                    01:51:75:dc:61:9e:65:3a:a4:6d:c3:8b:c6:83:44:
                    2b:bb:e5:75:6e:1f:32:cc:8d:9c:97:86:f0:1e:8f:
                    99:d7:df:28:22:77:26:24:66:1a:51:a4:28:36:92:
                    76:3b:50:1d:d2:5f:3f:2f:86:ee:bf:d2:6a:40:5a:
                    8f:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:1C:B9:1F:FF:5D:3D:33:2E:87:BA:03:66:B1:C8:DC:75:69:70:25
            X509v3 Authority Key Identifier:
                keyid:85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32363a3a2f34382d3438203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:b70:26::/48

    Signature Algorithm: sha256WithRSAEncryption
         ba:a1:7e:2c:fb:07:d8:88:c1:e9:6c:7a:b5:e1:ca:42:a3:7d:
         fc:a8:df:4d:5f:b1:4c:cf:3f:ec:5b:6a:4f:6f:d9:5a:5e:57:
         f9:20:fb:4f:fe:12:19:e1:5a:60:61:f2:62:fb:a5:0c:15:46:
         8e:e1:42:0b:a0:ef:25:85:b5:31:13:3f:bd:3e:67:8b:cb:53:
         8d:f0:7f:7f:73:ae:7d:72:61:44:55:ec:8d:ce:17:4b:bb:61:
         15:ed:ab:18:63:9e:f2:e1:38:5e:26:27:c9:d9:bc:a9:04:b7:
         a7:f8:1a:b5:24:be:4e:01:6a:c6:dc:fe:82:f9:64:a8:b9:97:
         54:94:5b:08:30:7f:6c:c7:73:bd:36:75:42:4e:fe:ae:a7:6f:
         4c:3c:f5:3f:67:ee:4c:26:d2:56:3d:6a:dd:86:a4:0e:86:7f:
         65:30:a5:ac:9e:8d:0f:4f:66:b9:02:28:48:4d:39:3e:26:27:
         5f:69:ac:11:d3:97:91:86:81:41:d4:bf:29:25:55:0f:d8:aa:
         bc:7e:ca:a2:c3:73:6c:26:7d:37:b5:16:c0:64:2c:92:6a:26:
         d0:dd:43:4a:15:24:34:30:7b:bc:49:a9:7d:80:2a:79:69:7e:
         58:65:38:eb:c5:c1:33:9f:4e:40:90:ce:a5:df:c4:5f:dc:66:
         dc:63:d6:6a
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUYpNhI8MeZ7YdcexKrDjwnpo6z1IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVEOUU3RDlCRUVGRUQwQjlFMTg4REI3RThDQzNCNjQ4
OTA2NkRDRDAeFw0yNDA2MjcxNDA1MDBaFw0yNTA2MjYxNDEwMDBaMDMxMTAvBgNV
BAMTKEU5MUNCOTFGRkY1RDNEMzMyRTg3QkEwMzY2QjFDOERDNzU2OTcwMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEfg3DJ25C4QlGpDOf13l3Mdgh
Wb+2qdkoZKIG2XgT952hY/TMfFHXvAC6g7OD1iIGVRn2F+ac4bTdrrwSSn8Urm42
fmrQhA8kVc1Q4bjT0ni+NPiRR/lBV2K084vxYMfHCou2WbEc2v4VOyp3H2zi8iti
gsOnrevnrQBfGXc8cRrfQZeiQ2d2IzGCg2/8wgJpo1MTn8SBkX2nxAiY87AUp6BD
WyXw8tZzqtJjxZPACxJRMVHAd8SOboPlN4BdnQW7eAFRddxhnmU6pG3Di8aDRCu7
5XVuHzLMjZyXhvAej5nX3ygidyYkZhpRpCg2knY7UB3SXz8vhu6/0mpAWo//AgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQU6Ry5H/9dPTMuh7oDZrHI3HVpcCUwHwYDVR0j
BBgwFoAUhdnn2b7v7QueGI236Mw7ZIkGbc0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQUQ3MjYxQzdGRDFFNEVGRUNFQkU2RjM2MkZDRDBDNzU2
OTdFMDZCNDE0NzRCRUE4Q0FCQzcwNkY3OUVDRjNELzAvODVEOUU3RDlCRUVGRUQw
QjlFMTg4REI3RThDQzNCNjQ4OTA2NkRDRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUQ5RTdEOUJFRUZFRDBCOUUx
ODhEQjdFOENDM0I2NDg5MDY2RENELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUFENzI2MUM3RkQxRTRFRkVDRUJFNkYzNjJGQ0QwQzc1Njk3RTA2QjQx
NDc0QkVBOENBQkM3MDZGNzlFQ0YzRC8wLzMyMzgzMDMwM2E2MjM3MzAzYTMyMzYz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAtwACYwDQYJKoZIhvcNAQELBQADggEBALqhfiz7B9iIwelserXhykKjffyo301f
sUzPP+xbak9v2VpeV/kg+0/+EhnhWmBh8mL7pQwVRo7hQgug7yWFtTETP70+Z4vL
U43wf39zrn1yYURV7I3OF0u7YRXtqxhjnvLhOF4mJ8nZvKkEt6f4GrUkvk4Basbc
/oL5ZKi5l1SUWwgwf2zHc702dUJO/q6nb0w89T9n7kwm0lY9at2GpA6Gf2Uwpaye
jQ9PZrkCKEhNOT4mJ19prBHTl5GGgUHUvyklVQ/Yqrx+yqLDc2wmfTe1FsBkLJJq
JtDdQ0oVJDQwe7xJqX2AKnlpflhlOOvFwTOfTkCQzqXfxF/cZtxj1mo=
-----END CERTIFICATE-----
Generated at Wed Nov 20 06:22:14 2024 by rpki-client on console-ams.rpki-client.org