Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2151456ECDFC8A26052FCE51735B942C27E605457BA8BC7C0246661CEEA49339/0/323830333a383561303a3a2f33322d3438203d3e20323637373234.roa
File:                     323830333a383561303a3a2f33322d3438203d3e20323637373234.roa (raw, json)
Hash identifier:          ecnzqPIeIavXypyYT4vuLEEFnjddnfRuL90MIIIWoM4=
Subject key identifier:   C5:72:78:55:46:17:0E:6A:C7:43:16:20:00:5A:32:F0:08:7B:FD:8A
Certificate issuer:       /CN=FCD0BC7A73B5457DC06566536ED52A642564A6F1
Certificate serial:       12781596BFF51CC2511F71618A2D725852E24BC4
Authority key identifier: FC:D0:BC:7A:73:B5:45:7D:C0:65:66:53:6E:D5:2A:64:25:64:A6:F1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FCD0BC7A73B5457DC06566536ED52A642564A6F1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2151456ECDFC8A26052FCE51735B942C27E605457BA8BC7C0246661CEEA49339/0/323830333a383561303a3a2f33322d3438203d3e20323637373234.roa
Signing time:             Tue 05 Mar 2024 18:16:29 +0000
ROA not before:           Tue 05 Mar 2024 18:11:29 +0000
ROA not after:            Tue 04 Mar 2025 18:16:29 +0000
asID:                     267724
IP address blocks:        2803:85a0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2151456ECDFC8A26052FCE51735B942C27E605457BA8BC7C0246661CEEA49339/0/FCD0BC7A73B5457DC06566536ED52A642564A6F1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2151456ECDFC8A26052FCE51735B942C27E605457BA8BC7C0246661CEEA49339/0/FCD0BC7A73B5457DC06566536ED52A642564A6F1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FCD0BC7A73B5457DC06566536ED52A642564A6F1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:78:15:96:bf:f5:1c:c2:51:1f:71:61:8a:2d:72:58:52:e2:4b:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FCD0BC7A73B5457DC06566536ED52A642564A6F1
        Validity
            Not Before: Mar  5 18:11:29 2024 GMT
            Not After : Mar  4 18:16:29 2025 GMT
        Subject: CN=C572785546170E6AC7431620005A32F0087BFD8A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:ef:27:45:b5:ed:2c:8b:0d:a1:cc:8a:8a:40:
                    be:07:e6:b8:a5:92:58:28:eb:2c:ab:31:8b:2f:8d:
                    0a:1f:5a:ee:43:4c:23:83:73:d4:77:ef:67:f0:0f:
                    d0:6d:a8:b1:7f:31:da:50:dd:b4:e8:79:86:5c:2d:
                    8a:d8:d2:46:66:83:6d:bf:65:1d:4c:72:b4:77:5e:
                    4b:08:84:54:02:98:42:d5:49:75:91:34:76:cd:4d:
                    dd:98:b7:de:16:8c:d6:89:7e:d5:d9:52:38:7b:cc:
                    c4:f3:38:bb:1c:25:51:3d:cb:a8:e1:a6:da:f1:e9:
                    fe:5c:2b:21:a6:d8:2e:5b:f2:a4:e7:37:ac:ea:83:
                    d4:19:23:3b:d3:f2:e0:9e:5f:02:46:b8:70:32:8d:
                    2d:06:61:01:43:f7:b0:0f:76:ec:eb:ec:e5:66:4c:
                    c5:b7:25:53:92:25:41:72:f1:76:0f:15:6f:dc:01:
                    20:a6:d7:f6:25:d4:0b:b1:f5:b8:6c:60:ce:54:d5:
                    2f:3c:c2:c4:91:9e:7c:7d:1b:06:83:9e:da:4b:64:
                    a1:d3:0b:34:7d:f1:a5:72:a1:ef:9c:b3:d4:b3:c9:
                    46:0d:6d:df:48:b3:ed:fd:a6:96:d1:48:28:43:9e:
                    15:23:f5:71:b4:82:6d:3c:1b:a7:c2:d5:99:38:e9:
                    fa:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:72:78:55:46:17:0E:6A:C7:43:16:20:00:5A:32:F0:08:7B:FD:8A
            X509v3 Authority Key Identifier:
                keyid:FC:D0:BC:7A:73:B5:45:7D:C0:65:66:53:6E:D5:2A:64:25:64:A6:F1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2151456ECDFC8A26052FCE51735B942C27E605457BA8BC7C0246661CEEA49339/0/FCD0BC7A73B5457DC06566536ED52A642564A6F1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FCD0BC7A73B5457DC06566536ED52A642564A6F1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2151456ECDFC8A26052FCE51735B942C27E605457BA8BC7C0246661CEEA49339/0/323830333a383561303a3a2f33322d3438203d3e20323637373234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:85a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         79:4a:bf:6e:d0:bf:29:9e:d4:81:fb:97:52:16:b7:3c:d4:79:
         df:e0:63:cf:1a:50:47:ef:ec:be:80:9c:c2:f5:74:62:0a:7a:
         e4:03:b5:56:9d:2e:2f:12:f2:83:9b:b9:47:72:e5:bf:05:db:
         f9:3b:bb:47:4f:2f:b6:b9:4a:1f:26:bc:da:94:3d:38:bb:20:
         69:58:70:73:3e:ce:d4:63:5a:67:de:b9:df:fe:ef:ab:a3:f0:
         5e:4c:76:a5:4f:1c:65:b0:19:87:97:8d:0b:73:16:b4:8d:52:
         32:d5:6d:c8:27:cb:5d:87:a9:2a:98:48:37:54:98:38:36:f6:
         df:68:a1:86:ee:b5:ac:91:77:93:8c:bc:52:1c:04:f3:ba:4f:
         5c:1e:32:73:c0:26:23:bd:43:6d:c9:6b:12:9a:08:2a:b3:7f:
         10:41:89:be:c0:60:f7:af:89:be:5f:0b:0d:cc:16:41:8f:bd:
         01:dc:33:c8:bb:76:b8:85:a6:2d:bd:29:0f:62:a7:70:ce:70:
         09:59:78:f4:4b:cb:09:db:87:c9:6e:2c:5d:3a:ac:23:35:4a:
         67:0e:1c:31:72:02:b8:c9:c5:b1:2c:4d:d5:d6:8c:f6:24:20:
         07:e0:b2:fc:54:7d:5d:b7:92:93:aa:d3:c9:59:59:99:7a:dc:
         96:71:16:c3
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUEngVlr/1HMJRH3Fhii1yWFLiS8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNEMEJDN0E3M0I1NDU3REMwNjU2NjUzNkVENTJBNjQy
NTY0QTZGMTAeFw0yNDAzMDUxODExMjlaFw0yNTAzMDQxODE2MjlaMDMxMTAvBgNV
BAMTKEM1NzI3ODU1NDYxNzBFNkFDNzQzMTYyMDAwNUEzMkYwMDg3QkZEOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU7ydFte0siw2hzIqKQL4H5ril
klgo6yyrMYsvjQofWu5DTCODc9R372fwD9BtqLF/MdpQ3bToeYZcLYrY0kZmg22/
ZR1McrR3XksIhFQCmELVSXWRNHbNTd2Yt94WjNaJftXZUjh7zMTzOLscJVE9y6jh
ptrx6f5cKyGm2C5b8qTnN6zqg9QZIzvT8uCeXwJGuHAyjS0GYQFD97APduzr7OVm
TMW3JVOSJUFy8XYPFW/cASCm1/Yl1Aux9bhsYM5U1S88wsSRnnx9GwaDntpLZKHT
CzR98aVyoe+cs9SzyUYNbd9Is+39ppbRSChDnhUj9XG0gm08G6fC1Zk46fofAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUxXJ4VUYXDmrHQxYgAFoy8Ah7/YowHwYDVR0j
BBgwFoAU/NC8enO1RX3AZWZTbtUqZCVkpvEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMTUxNDU2RUNERkM4QTI2MDUyRkNFNTE3MzVCOTQyQzI3
RTYwNTQ1N0JBOEJDN0MwMjQ2NjYxQ0VFQTQ5MzM5LzAvRkNEMEJDN0E3M0I1NDU3
REMwNjU2NjUzNkVENTJBNjQyNTY0QTZGMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GQ0QwQkM3QTczQjU0NTdEQzA2
NTY2NTM2RUQ1MkE2NDI1NjRBNkYxLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjE1MTQ1NkVDREZDOEEyNjA1MkZDRTUxNzM1Qjk0MkMyN0U2MDU0NTdC
QThCQzdDMDI0NjY2MUNFRUE0OTMzOS8wLzMyMzgzMDMzM2EzODM1NjEzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzYzNzM3MzIzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDhaAw
DQYJKoZIhvcNAQELBQADggEBAHlKv27Qvyme1IH7l1IWtzzUed/gY88aUEfv7L6A
nML1dGIKeuQDtVadLi8S8oObuUdy5b8F2/k7u0dPL7a5Sh8mvNqUPTi7IGlYcHM+
ztRjWmfeud/+76uj8F5MdqVPHGWwGYeXjQtzFrSNUjLVbcgny12HqSqYSDdUmDg2
9t9ooYbutayRd5OMvFIcBPO6T1weMnPAJiO9Q23JaxKaCCqzfxBBib7AYPevib5f
Cw3MFkGPvQHcM8i7driFpi29KQ9ip3DOcAlZePRLywnbh8luLF06rCM1SmcOHDFy
ArjJxbEsTdXWjPYkIAfgsvxUfV23kpOq08lZWZl63JZxFsM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:24:17 2024 by rpki-client on console-ams.rpki-client.org