Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1BD745DE6CB24955B38D4AA5346D9346A926A70CA065752E75BED13470A5F487/0/323830333a313630303a3a2f33322d3332203d3e203532333839.roa
File:                     323830333a313630303a3a2f33322d3332203d3e203532333839.roa (raw, json)
Hash identifier:          AU8cEa4NSxyQAgFSGj2VXG+BZuGjXuggZOL9PPJKPv8=
Subject key identifier:   B1:C0:E8:E8:BD:77:6C:C0:5A:33:1F:11:E4:05:A2:7B:4B:59:62:02
Certificate issuer:       /CN=C2D0E7D1A59D2B829AF1B262949F4B94C6CEF0D8
Certificate serial:       7F828C5B441D2E19C251650DC3009E20A0795F39
Authority key identifier: C2:D0:E7:D1:A5:9D:2B:82:9A:F1:B2:62:94:9F:4B:94:C6:CE:F0:D8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2D0E7D1A59D2B829AF1B262949F4B94C6CEF0D8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1BD745DE6CB24955B38D4AA5346D9346A926A70CA065752E75BED13470A5F487/0/323830333a313630303a3a2f33322d3332203d3e203532333839.roa
Signing time:             Tue 05 Mar 2024 17:54:46 +0000
ROA not before:           Tue 05 Mar 2024 17:49:46 +0000
ROA not after:            Tue 04 Mar 2025 17:54:46 +0000
asID:                     52389
IP address blocks:        2803:1600::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1BD745DE6CB24955B38D4AA5346D9346A926A70CA065752E75BED13470A5F487/0/C2D0E7D1A59D2B829AF1B262949F4B94C6CEF0D8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1BD745DE6CB24955B38D4AA5346D9346A926A70CA065752E75BED13470A5F487/0/C2D0E7D1A59D2B829AF1B262949F4B94C6CEF0D8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2D0E7D1A59D2B829AF1B262949F4B94C6CEF0D8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:82:8c:5b:44:1d:2e:19:c2:51:65:0d:c3:00:9e:20:a0:79:5f:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2D0E7D1A59D2B829AF1B262949F4B94C6CEF0D8
        Validity
            Not Before: Mar  5 17:49:46 2024 GMT
            Not After : Mar  4 17:54:46 2025 GMT
        Subject: CN=B1C0E8E8BD776CC05A331F11E405A27B4B596202
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:5e:02:ce:30:e3:7d:c2:0f:dd:6f:dd:54:6e:
                    4e:02:93:14:fa:2b:00:ff:e8:c9:56:a0:ee:05:59:
                    e6:6d:04:90:da:4d:51:e4:52:e1:7c:95:7c:9b:c7:
                    12:4f:cf:22:ac:2e:bc:c2:63:33:3d:5f:be:e9:e0:
                    f8:09:9a:2f:a0:21:88:e0:ee:81:fb:5c:3d:10:87:
                    59:5b:9a:1b:3f:16:ff:b9:aa:40:00:70:47:44:9f:
                    7e:0b:94:96:33:a0:8c:79:ed:66:0c:89:95:a7:db:
                    36:22:3d:58:8b:a9:5e:c5:56:aa:f4:f6:f9:4b:7f:
                    8f:a0:1a:20:56:11:ad:9c:eb:69:32:f9:ed:93:19:
                    04:78:ac:07:26:b7:a3:f0:6d:9a:db:a0:79:7d:65:
                    86:76:b5:86:7c:ef:0c:99:20:4c:42:f1:b0:6f:7f:
                    eb:16:bb:61:b9:d9:4d:c1:0c:c0:bb:74:dd:0e:e2:
                    a1:72:b0:f3:33:12:12:48:73:57:50:d6:22:2e:2b:
                    f7:ae:86:91:07:19:94:57:d4:c7:50:dc:3c:70:4d:
                    ca:94:ff:ec:5c:25:35:1f:49:65:d3:cb:d8:76:c3:
                    d8:63:b8:2e:35:66:f5:f6:b7:76:c6:00:11:fe:f3:
                    ca:e9:89:37:f6:86:06:31:45:93:84:9b:1c:7c:0e:
                    f3:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:C0:E8:E8:BD:77:6C:C0:5A:33:1F:11:E4:05:A2:7B:4B:59:62:02
            X509v3 Authority Key Identifier:
                keyid:C2:D0:E7:D1:A5:9D:2B:82:9A:F1:B2:62:94:9F:4B:94:C6:CE:F0:D8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1BD745DE6CB24955B38D4AA5346D9346A926A70CA065752E75BED13470A5F487/0/C2D0E7D1A59D2B829AF1B262949F4B94C6CEF0D8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2D0E7D1A59D2B829AF1B262949F4B94C6CEF0D8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1BD745DE6CB24955B38D4AA5346D9346A926A70CA065752E75BED13470A5F487/0/323830333a313630303a3a2f33322d3332203d3e203532333839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:1600::/32

    Signature Algorithm: sha256WithRSAEncryption
         5b:12:ff:ba:54:16:c9:0a:dc:dd:78:f0:cf:17:4c:34:02:4e:
         ba:4a:b7:58:cf:20:3c:5b:8b:29:ea:32:b8:0f:c7:33:1d:87:
         0a:67:c6:d4:ea:38:ca:ef:78:fb:a3:a8:3b:37:08:79:48:ca:
         cb:dd:76:4c:bb:e2:15:9a:f3:4a:2f:b4:96:53:1a:b2:21:48:
         44:82:56:5d:c3:d2:1f:9d:46:b5:61:80:08:7b:f3:5c:9b:d1:
         50:6f:60:d0:0c:5e:09:7a:e3:6f:fb:6d:6f:80:cd:b3:66:73:
         70:ad:af:86:48:fe:a3:ff:5d:54:d3:fa:7e:e1:60:42:d8:a4:
         13:a6:d4:8c:e9:30:a5:6d:fb:23:51:1a:99:ce:ab:ad:9d:83:
         d7:65:6b:a3:85:48:80:5b:ef:a3:d8:39:38:eb:db:87:40:54:
         5a:83:99:ab:1e:de:db:60:96:a8:17:77:ee:2d:0e:39:84:d9:
         f5:24:23:90:b1:d4:99:6b:fa:85:f9:54:6c:1f:e9:ea:16:fd:
         06:f7:1b:0b:90:1d:56:30:92:7c:16:fe:4d:da:c8:5e:94:c5:
         f5:6e:4b:dc:c9:c9:4c:34:31:3d:fa:3b:70:b8:e9:ae:08:0e:
         bd:16:5b:48:e1:01:d6:55:ee:cf:7b:ac:68:35:56:fc:27:0b:
         fd:4a:47:37
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUf4KMW0QdLhnCUWUNwwCeIKB5XzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJEMEU3RDFBNTlEMkI4MjlBRjFCMjYyOTQ5RjRCOTRD
NkNFRjBEODAeFw0yNDAzMDUxNzQ5NDZaFw0yNTAzMDQxNzU0NDZaMDMxMTAvBgNV
BAMTKEIxQzBFOEU4QkQ3NzZDQzA1QTMzMUYxMUU0MDVBMjdCNEI1OTYyMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaXgLOMON9wg/db91Ubk4CkxT6
KwD/6MlWoO4FWeZtBJDaTVHkUuF8lXybxxJPzyKsLrzCYzM9X77p4PgJmi+gIYjg
7oH7XD0Qh1lbmhs/Fv+5qkAAcEdEn34LlJYzoIx57WYMiZWn2zYiPViLqV7FVqr0
9vlLf4+gGiBWEa2c62ky+e2TGQR4rAcmt6PwbZrboHl9ZYZ2tYZ87wyZIExC8bBv
f+sWu2G52U3BDMC7dN0O4qFysPMzEhJIc1dQ1iIuK/euhpEHGZRX1MdQ3DxwTcqU
/+xcJTUfSWXTy9h2w9hjuC41ZvX2t3bGABH+88rpiTf2hgYxRZOEmxx8DvMTAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUscDo6L13bMBaMx8R5AWie0tZYgIwHwYDVR0j
BBgwFoAUwtDn0aWdK4Ka8bJilJ9LlMbO8NgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQkQ3NDVERTZDQjI0OTU1QjM4RDRBQTUzNDZEOTM0NkE5
MjZBNzBDQTA2NTc1MkU3NUJFRDEzNDcwQTVGNDg3LzAvQzJEMEU3RDFBNTlEMkI4
MjlBRjFCMjYyOTQ5RjRCOTRDNkNFRjBEOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkQwRTdEMUE1OUQyQjgyOUFG
MUIyNjI5NDlGNEI5NEM2Q0VGMEQ4LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUJENzQ1REU2Q0IyNDk1NUIzOEQ0QUE1MzQ2RDkzNDZBOTI2QTcwQ0Ew
NjU3NTJFNzVCRUQxMzQ3MEE1RjQ4Ny8wLzMyMzgzMDMzM2EzMTM2MzAzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDM1MzIzMzM4Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAxYAMA0G
CSqGSIb3DQEBCwUAA4IBAQBbEv+6VBbJCtzdePDPF0w0Ak66SrdYzyA8W4sp6jK4
D8czHYcKZ8bU6jjK73j7o6g7Nwh5SMrL3XZMu+IVmvNKL7SWUxqyIUhEglZdw9If
nUa1YYAIe/Ncm9FQb2DQDF4JeuNv+21vgM2zZnNwra+GSP6j/11U0/p+4WBC2KQT
ptSM6TClbfsjURqZzqutnYPXZWujhUiAW++j2Dk469uHQFRag5mrHt7bYJaoF3fu
LQ45hNn1JCOQsdSZa/qF+VRsH+nqFv0G9xsLkB1WMJJ8Fv5N2shelMX1bkvcyclM
NDE9+jtwuOmuCA69FltI4QHWVe7Pe6xoNVb8Jwv9Skc3
-----END CERTIFICATE-----
Generated at Thu Nov 21 05:34:49 2024 by rpki-client on console-ams.rpki-client.org