Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/323830333a396261303a383030303a3a2f33332d3333203d3e20323633373530.roa
File:                     323830333a396261303a383030303a3a2f33332d3333203d3e20323633373530.roa (raw, json)
Hash identifier:          Rq+nN4JD3IAjjeUFmrW/99P+fAJbTBiUipq42de5a7I=
Subject key identifier:   94:BE:DC:1C:08:DC:96:C0:39:CE:45:AE:70:47:A6:95:6F:78:DC:35
Certificate issuer:       /CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
Certificate serial:       183A99E8E39EA289274BA38D6BA27CEDF3957DA4
Authority key identifier: 1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/323830333a396261303a383030303a3a2f33332d3333203d3e20323633373530.roa
Signing time:             Fri 01 Nov 2024 13:40:00 +0000
ROA not before:           Fri 01 Nov 2024 13:35:00 +0000
ROA not after:            Fri 31 Oct 2025 13:40:00 +0000
asID:                     263750
IP address blocks:        2803:9ba0:8000::/33 maxlen: 33

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl
                          rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Dec 2024 22:45:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:3a:99:e8:e3:9e:a2:89:27:4b:a3:8d:6b:a2:7c:ed:f3:95:7d:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
        Validity
            Not Before: Nov  1 13:35:00 2024 GMT
            Not After : Oct 31 13:40:00 2025 GMT
        Subject: CN=94BEDC1C08DC96C039CE45AE7047A6956F78DC35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:b6:9c:fd:df:9a:ab:73:20:8b:9f:2b:9b:e8:
                    01:34:c4:7e:73:bc:4e:3b:3c:06:75:50:48:13:15:
                    94:35:45:e4:b6:73:40:ae:2d:09:d1:a3:41:16:3b:
                    1d:cb:d7:2a:6f:92:80:ef:ea:a5:e5:de:29:f3:f8:
                    07:11:94:53:66:a6:bb:07:f6:91:4b:1c:cc:cb:2d:
                    0c:ed:57:60:2b:fc:02:a4:ea:3d:23:5a:28:aa:7b:
                    84:ea:91:19:d2:41:b1:1e:d8:60:67:fe:7e:9a:64:
                    f6:92:46:2e:47:ab:91:00:a7:7f:bb:3c:38:c6:07:
                    e7:e5:4f:4b:ff:e5:81:c6:ac:62:b8:b0:c2:54:3a:
                    51:76:56:62:3a:45:53:61:25:5e:18:86:67:ee:84:
                    d8:ab:6d:57:d0:fe:bd:19:c7:1a:ac:cf:ea:87:c7:
                    00:4c:a3:2b:7d:30:77:4d:6d:da:b1:c0:28:ab:ed:
                    01:19:5d:36:a6:32:95:60:c8:0d:fe:c2:4d:7e:2c:
                    3d:f1:ff:af:53:af:30:ba:49:2c:6c:28:e2:be:85:
                    33:27:11:2b:34:11:97:5f:a2:52:9d:dd:6d:df:d7:
                    6a:c3:1a:06:13:c5:1d:70:60:1b:cb:81:aa:70:51:
                    1e:e1:a5:6e:0e:96:5f:f0:2c:55:86:3e:30:bb:e4:
                    11:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:BE:DC:1C:08:DC:96:C0:39:CE:45:AE:70:47:A6:95:6F:78:DC:35
            X509v3 Authority Key Identifier:
                keyid:1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/323830333a396261303a383030303a3a2f33332d3333203d3e20323633373530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:9ba0:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         03:8d:f8:16:7f:0f:4c:c0:c7:e6:c9:2c:0b:8f:28:29:6b:57:
         3e:ea:51:c5:86:84:23:b6:48:fb:98:03:95:05:d7:b9:db:61:
         32:36:35:af:10:c2:f4:f3:c0:79:5b:77:00:0f:93:3d:5d:0b:
         7b:da:77:b3:2f:86:e7:cb:a9:28:87:52:86:5e:8d:6a:a9:44:
         bb:4b:c9:df:f6:aa:59:ab:a5:a5:84:1c:ba:67:a0:9c:8a:49:
         ae:92:59:ce:1c:02:8f:3e:38:c2:2d:02:ea:d7:c5:79:10:74:
         fa:e8:bc:89:f6:26:76:aa:d8:17:83:c6:39:45:90:05:bd:7b:
         b4:2b:62:b1:8a:4a:22:4e:52:20:85:15:c3:3d:f0:7e:e0:f1:
         9d:f1:bd:3a:2c:79:43:ef:55:57:38:fb:b9:7e:5a:a5:f1:59:
         f2:c3:0d:02:31:32:f9:ec:96:58:ba:b1:52:22:ce:44:32:34:
         7f:2c:b1:42:c6:1e:59:5f:9d:a6:b7:b7:a5:e7:c0:38:11:75:
         db:e3:e5:c1:35:b3:18:9b:48:53:2e:40:84:a9:24:34:52:b3:
         ba:3e:23:28:14:be:ec:9c:66:5b:c7:e0:1c:2c:6e:96:80:e1:
         38:c3:cc:bc:15:7b:75:db:73:f6:58:5b:f7:93:25:27:a6:7b:
         43:3f:2f:0d
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgIUGDqZ6OOeooknS6ONa6J87fOVfaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUU4N0YzNDMzRkRERjIzRERDNUZDMkVDOTA4NzZGNDkw
QjYwM0Q3NDAeFw0yNDExMDExMzM1MDBaFw0yNTEwMzExMzQwMDBaMDMxMTAvBgNV
BAMTKDk0QkVEQzFDMDhEQzk2QzAzOUNFNDVBRTcwNDdBNjk1NkY3OERDMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCltpz935qrcyCLnyub6AE0xH5z
vE47PAZ1UEgTFZQ1ReS2c0CuLQnRo0EWOx3L1ypvkoDv6qXl3inz+AcRlFNmprsH
9pFLHMzLLQztV2Ar/AKk6j0jWiiqe4TqkRnSQbEe2GBn/n6aZPaSRi5Hq5EAp3+7
PDjGB+flT0v/5YHGrGK4sMJUOlF2VmI6RVNhJV4YhmfuhNirbVfQ/r0Zxxqsz+qH
xwBMoyt9MHdNbdqxwCir7QEZXTamMpVgyA3+wk1+LD3x/69TrzC6SSxsKOK+hTMn
ESs0EZdfolKd3W3f12rDGgYTxR1wYBvLgapwUR7hpW4Oll/wLFWGPjC75BF3AgMB
AAGjggLUMIIC0DAdBgNVHQ4EFgQUlL7cHAjclsA5zkWucEemlW943DUwHwYDVR0j
BBgwFoAUHofzQz/d8j3cX8LskIdvSQtgPXQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMzhEOUYxQzg3MUJCOEQxMEJFRjQ1NTgxRTk1MEJCODEz
MzFFQzREM0ZFMzg4RkUxRjQ3NDZBRUEzM0FDQjhGLzAvMUU4N0YzNDMzRkRERjIz
RERDNUZDMkVDOTA4NzZGNDkwQjYwM0Q3NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRTg3RjM0MzNGRERGMjNEREM1
RkMyRUM5MDg3NkY0OTBCNjAzRDc0LmNlcjCB0QYIKwYBBQUHAQsEgcQwgcEwgb4G
CCsGAQUFBzALhoGxcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjM4RDlGMUM4NzFCQjhEMTBCRUY0NTU4MUU5NTBCQjgxMzMxRUM0RDNG
RTM4OEZFMUY0NzQ2QUVBMzNBQ0I4Ri8wLzMyMzgzMDMzM2EzOTYyNjEzMDNhMzgz
MDMwMzAzYTNhMmYzMzMzMmQzMzMzMjAzZDNlMjAzMjM2MzMzNzM1MzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgcoA5uggDANBgkqhkiG9w0BAQsFAAOCAQEAA434Fn8PTMDH5sksC48oKWtX
PupRxYaEI7ZI+5gDlQXXudthMjY1rxDC9PPAeVt3AA+TPV0Le9p3sy+G58upKIdS
hl6NaqlEu0vJ3/aqWaulpYQcumegnIpJrpJZzhwCjz44wi0C6tfFeRB0+ui8ifYm
dqrYF4PGOUWQBb17tCtisYpKIk5SIIUVwz3wfuDxnfG9Oix5Q+9VVzj7uX5apfFZ
8sMNAjEy+eyWWLqxUiLORDI0fyyxQsYeWV+dpre3pefAOBF12+PlwTWzGJtIUy5A
hKkkNFKzuj4jKBS+7JxmW8fgHCxuloDhOMPMvBV7ddtz9lhb95MlJ6Z7Qz8vDQ==
-----END CERTIFICATE-----
Generated at Tue Dec 10 22:25:05 2024 by rpki-client on console-ams.rpki-client.org