Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32363a3a2f34382d3438203d3e20323632313931.roa
File:                     323830303a6237303a32363a3a2f34382d3438203d3e20323632313931.roa (raw, json)
Hash identifier:          jySgp96iMt4izb/83D5lzdHzSGRym1FqbjN5nqLoRXE=
Subject key identifier:   35:1C:6E:6D:82:40:E1:03:15:C0:C2:9E:FC:F5:8E:E2:8F:0C:5B:B4
Certificate issuer:       /CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
Certificate serial:       765FAC16F9BA6E745F893B1EA57A8AAB409EF791
Authority key identifier: 85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32363a3a2f34382d3438203d3e20323632313931.roa
Signing time:             Thu 29 May 2025 14:20:20 +0000
ROA not before:           Thu 29 May 2025 14:15:20 +0000
ROA not after:            Thu 28 May 2026 14:20:20 +0000
asID:                     262191
IP address blocks:        2800:b70:26::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 17 Jun 2025 04:39:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:5f:ac:16:f9:ba:6e:74:5f:89:3b:1e:a5:7a:8a:ab:40:9e:f7:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
        Validity
            Not Before: May 29 14:15:20 2025 GMT
            Not After : May 28 14:20:20 2026 GMT
        Subject: CN=351C6E6D8240E10315C0C29EFCF58EE28F0C5BB4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:3d:a8:00:94:2f:47:21:37:25:06:77:3b:cf:
                    19:9b:ac:c3:fd:5b:ba:f7:7b:8a:28:e8:48:7c:3d:
                    c2:7f:a8:36:87:ee:ce:b3:b5:0d:a6:5c:6a:d9:b4:
                    cf:17:d6:81:fd:ae:56:0d:c6:b3:d9:05:d4:5e:92:
                    28:3d:80:c7:7b:14:3e:b9:b5:69:c0:8d:ba:54:aa:
                    f0:e0:6f:e8:96:0c:29:9f:60:bd:1b:7c:77:07:d9:
                    35:2b:f3:86:75:81:99:ae:e6:46:ad:79:32:0f:f1:
                    c9:82:a6:33:47:ed:04:94:ec:1b:dc:99:5c:71:48:
                    8a:14:b9:ca:a6:7a:88:12:5d:ae:50:50:e7:00:7c:
                    14:e0:e3:66:f7:c8:b8:60:5b:be:a2:ec:15:08:01:
                    80:33:ae:99:2a:86:23:a9:cf:03:9c:de:0f:d3:a6:
                    6c:d7:c9:e3:bd:e1:b4:32:52:60:d7:49:16:ee:4e:
                    32:82:e0:9c:12:6e:5f:12:b8:e2:82:33:7a:93:8a:
                    79:f6:bf:5f:52:ea:d4:98:52:b7:62:3d:79:0c:2f:
                    99:bb:77:eb:f8:5b:35:27:94:e5:ad:96:ee:31:78:
                    b6:41:79:44:b9:b5:e9:32:27:a1:18:c9:fc:41:9f:
                    da:3c:46:73:0e:e6:6b:e5:63:cc:db:89:10:94:eb:
                    57:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:1C:6E:6D:82:40:E1:03:15:C0:C2:9E:FC:F5:8E:E2:8F:0C:5B:B4
            X509v3 Authority Key Identifier:
                keyid:85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32363a3a2f34382d3438203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:b70:26::/48

    Signature Algorithm: sha256WithRSAEncryption
         84:06:80:f0:14:8d:a1:ca:00:f7:a3:e8:5a:66:21:bc:ce:c2:
         36:5e:38:eb:14:7f:1a:fb:79:3f:ac:69:01:94:4c:4c:f3:42:
         39:c4:1d:7e:62:e9:b9:b3:e1:9c:99:09:81:2c:f1:65:cf:df:
         b0:98:56:93:e8:28:1e:a9:f5:8e:95:96:9d:30:3d:8f:51:8c:
         f9:38:a7:5e:4c:5c:1d:3d:81:b7:bb:b4:3e:00:e2:f7:e5:43:
         31:8a:8e:54:c0:6b:27:90:8d:09:23:af:40:f7:1e:5b:8d:02:
         30:93:d2:82:d2:87:43:97:0f:9f:1a:3a:ae:1d:18:8a:6c:5f:
         4a:99:60:3a:39:6c:58:53:cf:9d:1a:71:1d:7a:af:7e:a0:85:
         15:01:a7:95:f6:90:be:b8:0c:b0:25:bd:da:eb:45:06:87:b4:
         fb:f9:60:fe:1d:ce:f1:69:da:67:ab:17:d1:48:be:01:f2:9a:
         b2:dc:10:f0:63:3a:7a:99:96:d9:0c:94:86:ee:0d:96:c0:aa:
         0b:87:b5:72:99:2a:bb:6c:c8:9c:4b:e7:12:38:34:22:91:d2:
         14:34:ba:fd:60:49:6e:86:a4:7f:8f:31:19:35:0b:bd:a0:35:
         82:55:2c:e9:13:2f:69:c6:2c:17:42:37:9e:d6:b4:70:2b:65:
         27:b1:e4:1e
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUdl+sFvm6bnRfiTsepXqKq0Ce95EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVEOUU3RDlCRUVGRUQwQjlFMTg4REI3RThDQzNCNjQ4
OTA2NkRDRDAeFw0yNTA1MjkxNDE1MjBaFw0yNjA1MjgxNDIwMjBaMDMxMTAvBgNV
BAMTKDM1MUM2RTZEODI0MEUxMDMxNUMwQzI5RUZDRjU4RUUyOEYwQzVCQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDPagAlC9HITclBnc7zxmbrMP9
W7r3e4oo6Eh8PcJ/qDaH7s6ztQ2mXGrZtM8X1oH9rlYNxrPZBdRekig9gMd7FD65
tWnAjbpUqvDgb+iWDCmfYL0bfHcH2TUr84Z1gZmu5kateTIP8cmCpjNH7QSU7Bvc
mVxxSIoUucqmeogSXa5QUOcAfBTg42b3yLhgW76i7BUIAYAzrpkqhiOpzwOc3g/T
pmzXyeO94bQyUmDXSRbuTjKC4JwSbl8SuOKCM3qTinn2v19S6tSYUrdiPXkML5m7
d+v4WzUnlOWtlu4xeLZBeUS5tekyJ6EYyfxBn9o8RnMO5mvlY8zbiRCU61eBAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUNRxubYJA4QMVwMKe/PWO4o8MW7QwHwYDVR0j
BBgwFoAUhdnn2b7v7QueGI236Mw7ZIkGbc0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQUQ3MjYxQzdGRDFFNEVGRUNFQkU2RjM2MkZDRDBDNzU2
OTdFMDZCNDE0NzRCRUE4Q0FCQzcwNkY3OUVDRjNELzAvODVEOUU3RDlCRUVGRUQw
QjlFMTg4REI3RThDQzNCNjQ4OTA2NkRDRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUQ5RTdEOUJFRUZFRDBCOUUx
ODhEQjdFOENDM0I2NDg5MDY2RENELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUFENzI2MUM3RkQxRTRFRkVDRUJFNkYzNjJGQ0QwQzc1Njk3RTA2QjQx
NDc0QkVBOENBQkM3MDZGNzlFQ0YzRC8wLzMyMzgzMDMwM2E2MjM3MzAzYTMyMzYz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAtwACYwDQYJKoZIhvcNAQELBQADggEBAIQGgPAUjaHKAPej6FpmIbzOwjZeOOsU
fxr7eT+saQGUTEzzQjnEHX5i6bmz4ZyZCYEs8WXP37CYVpPoKB6p9Y6Vlp0wPY9R
jPk4p15MXB09gbe7tD4A4vflQzGKjlTAayeQjQkjr0D3HluNAjCT0oLSh0OXD58a
Oq4dGIpsX0qZYDo5bFhTz50acR16r36ghRUBp5X2kL64DLAlvdrrRQaHtPv5YP4d
zvFp2merF9FIvgHymrLcEPBjOnqZltkMlIbuDZbAqguHtXKZKrtsyJxL5xI4NCKR
0hQ0uv1gSW6GpH+PMRk1C72gNYJVLOkTL2nGLBdCN57WtHArZSex5B4=
-----END CERTIFICATE-----
Generated at Thu Jun 12 22:02:53 2025 by rpki-client