Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/323830333a396261303a3a2f33322d3332203d3e20323633373530.roa
File:                     323830333a396261303a3a2f33322d3332203d3e20323633373530.roa (raw, json)
Hash identifier:          m67TRDqaCSAI2WFtdORt0xZ9PYfO7swaCrt/JXC4+4I=
Subject key identifier:   95:63:62:1C:88:05:12:D6:86:A5:0B:0F:E7:1D:B0:13:4B:00:FC:CF
Certificate issuer:       /CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
Certificate serial:       63745152A34BA4B137B0D874145952B5175F326A
Authority key identifier: 1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/323830333a396261303a3a2f33322d3332203d3e20323633373530.roa
Signing time:             Fri 01 Nov 2024 13:40:00 +0000
ROA not before:           Fri 01 Nov 2024 13:35:00 +0000
ROA not after:            Fri 31 Oct 2025 13:40:00 +0000
asID:                     263750
IP address blocks:        2803:9ba0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl
                          rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Dec 2024 22:45:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:74:51:52:a3:4b:a4:b1:37:b0:d8:74:14:59:52:b5:17:5f:32:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
        Validity
            Not Before: Nov  1 13:35:00 2024 GMT
            Not After : Oct 31 13:40:00 2025 GMT
        Subject: CN=9563621C880512D686A50B0FE71DB0134B00FCCF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:73:ff:92:5b:53:7c:c6:ed:d8:95:86:7e:0c:
                    74:d4:f9:1a:d3:db:63:05:be:5c:63:7a:3f:2b:5b:
                    be:e6:27:bf:63:bf:28:0b:51:84:cb:6e:fe:c0:ee:
                    25:b4:46:76:fc:af:0d:3d:39:73:c5:13:cf:a1:d3:
                    06:92:fe:73:6a:de:26:22:38:da:7c:65:3f:d9:39:
                    8b:aa:bd:b4:69:aa:a9:70:98:8b:b8:64:06:63:4c:
                    77:1a:8c:47:47:51:d8:b7:5b:d6:65:fe:d0:8b:3c:
                    05:de:e6:58:5f:e8:99:42:6f:20:ef:90:ad:ed:a1:
                    5c:a4:13:b5:e1:69:dc:0a:d2:4b:6d:a5:46:fe:41:
                    af:53:df:7d:da:2f:dd:1c:5e:18:7b:aa:f6:d1:eb:
                    ce:43:17:9b:07:59:1a:5c:15:3b:96:57:9d:4c:34:
                    5a:45:50:1f:9d:e7:c8:16:11:bc:4a:bc:02:ad:c0:
                    12:a8:7b:e4:9f:de:45:01:7f:a6:c3:0c:1c:87:75:
                    a2:5a:30:4b:05:1f:54:76:b7:0e:be:c2:59:d5:56:
                    86:29:f1:f0:8d:65:88:cd:db:9c:e9:bb:ba:f2:82:
                    bd:ab:dc:ff:38:e3:83:ee:d4:84:f1:97:7a:41:2f:
                    40:2d:3a:cd:50:60:e2:3e:09:31:67:2c:8b:ac:8e:
                    19:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:63:62:1C:88:05:12:D6:86:A5:0B:0F:E7:1D:B0:13:4B:00:FC:CF
            X509v3 Authority Key Identifier:
                keyid:1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/323830333a396261303a3a2f33322d3332203d3e20323633373530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:9ba0::/32

    Signature Algorithm: sha256WithRSAEncryption
         b2:4b:6d:f4:d3:dc:29:77:e2:f9:a5:83:13:0e:62:0a:d5:4c:
         cf:c3:3b:68:af:5a:9c:44:5e:bc:9f:c8:3f:cb:af:ca:0b:5b:
         9c:56:ed:25:f7:84:9d:3d:d9:11:f9:7d:d2:51:59:72:72:85:
         74:bc:95:b4:2c:f3:59:5b:ff:f9:dc:01:70:82:04:c8:07:62:
         f9:dd:10:01:91:87:39:c9:21:03:60:47:d6:12:de:93:8c:cf:
         fc:37:a3:15:83:a6:6c:3d:1c:f3:9a:70:34:88:87:b5:03:2d:
         9d:97:6d:a6:86:9d:6e:39:fb:cd:06:38:59:f0:5f:b0:e8:f3:
         22:a7:a1:fb:19:00:7f:4d:5d:9c:2a:6e:98:fa:e9:f1:cd:ad:
         38:5c:01:be:54:e4:08:45:f1:34:18:47:7a:c5:ec:40:de:0b:
         c1:b4:b0:bc:a6:73:e4:28:c1:2d:9a:8b:b2:83:6d:aa:f5:0e:
         8a:bf:8a:7f:11:52:98:81:9f:67:65:b5:fe:c1:1c:35:84:05:
         45:76:e4:f4:19:5a:df:73:25:45:5f:34:24:4c:74:25:d7:c7:
         89:86:e4:76:eb:67:a3:73:5e:a4:57:31:e7:78:e8:e3:7a:07:
         b8:08:77:99:4c:a3:46:bd:76:cc:fe:c4:ab:d3:ff:3c:ce:e6:
         9c:00:7b:e3
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUY3RRUqNLpLE3sNh0FFlStRdfMmowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUU4N0YzNDMzRkRERjIzRERDNUZDMkVDOTA4NzZGNDkw
QjYwM0Q3NDAeFw0yNDExMDExMzM1MDBaFw0yNTEwMzExMzQwMDBaMDMxMTAvBgNV
BAMTKDk1NjM2MjFDODgwNTEyRDY4NkE1MEIwRkU3MURCMDEzNEIwMEZDQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBc/+SW1N8xu3YlYZ+DHTU+RrT
22MFvlxjej8rW77mJ79jvygLUYTLbv7A7iW0Rnb8rw09OXPFE8+h0waS/nNq3iYi
ONp8ZT/ZOYuqvbRpqqlwmIu4ZAZjTHcajEdHUdi3W9Zl/tCLPAXe5lhf6JlCbyDv
kK3toVykE7XhadwK0kttpUb+Qa9T333aL90cXhh7qvbR685DF5sHWRpcFTuWV51M
NFpFUB+d58gWEbxKvAKtwBKoe+Sf3kUBf6bDDByHdaJaMEsFH1R2tw6+wlnVVoYp
8fCNZYjN25zpu7rygr2r3P8444Pu1ITxl3pBL0AtOs1QYOI+CTFnLIusjhnNAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUlWNiHIgFEtaGpQsP5x2wE0sA/M8wHwYDVR0j
BBgwFoAUHofzQz/d8j3cX8LskIdvSQtgPXQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMzhEOUYxQzg3MUJCOEQxMEJFRjQ1NTgxRTk1MEJCODEz
MzFFQzREM0ZFMzg4RkUxRjQ3NDZBRUEzM0FDQjhGLzAvMUU4N0YzNDMzRkRERjIz
RERDNUZDMkVDOTA4NzZGNDkwQjYwM0Q3NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRTg3RjM0MzNGRERGMjNEREM1
RkMyRUM5MDg3NkY0OTBCNjAzRDc0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjM4RDlGMUM4NzFCQjhEMTBCRUY0NTU4MUU5NTBCQjgxMzMxRUM0RDNG
RTM4OEZFMUY0NzQ2QUVBMzNBQ0I4Ri8wLzMyMzgzMDMzM2EzOTYyNjEzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzYzMzM3MzUzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDm6Aw
DQYJKoZIhvcNAQELBQADggEBALJLbfTT3Cl34vmlgxMOYgrVTM/DO2ivWpxEXryf
yD/Lr8oLW5xW7SX3hJ092RH5fdJRWXJyhXS8lbQs81lb//ncAXCCBMgHYvndEAGR
hznJIQNgR9YS3pOMz/w3oxWDpmw9HPOacDSIh7UDLZ2XbaaGnW45+80GOFnwX7Do
8yKnofsZAH9NXZwqbpj66fHNrThcAb5U5AhF8TQYR3rF7EDeC8G0sLymc+QowS2a
i7KDbar1Doq/in8RUpiBn2dltf7BHDWEBUV25PQZWt9zJUVfNCRMdCXXx4mG5Hbr
Z6NzXqRXMed46ON6B7gId5lMo0a9dsz+xKvT/zzO5pwAe+M=
-----END CERTIFICATE-----
Generated at Tue Dec 10 22:25:05 2024 by rpki-client on console-ams.rpki-client.org