Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/323830303a643330303a3a2f32392d3438203d3e20323033.roa
File:                     323830303a643330303a3a2f32392d3438203d3e20323033.roa (raw, json)
Hash identifier:          Ua9cz356ID7+2EnwcVWH17YgUXJTUcPsge2N5Dh3+sA=
Subject key identifier:   53:74:4A:BB:51:2F:34:B4:39:77:47:67:8D:9D:48:C2:F5:C0:2F:67
Certificate issuer:       /CN=DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2
Certificate serial:       0CD1F09CB42AA7503AA1799AD742743C19AE2873
Authority key identifier: DE:D9:DD:B6:E0:5D:26:D9:3F:76:D4:43:4C:06:0C:7E:1D:26:E6:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/323830303a643330303a3a2f32392d3438203d3e20323033.roa
Signing time:             Tue 05 Mar 2024 18:02:38 +0000
ROA not before:           Tue 05 Mar 2024 17:57:38 +0000
ROA not after:            Tue 04 Mar 2025 18:02:38 +0000
asID:                     203
IP address blocks:        2800:d300::/29 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.crl
                          rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 25 Nov 2024 23:25:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:d1:f0:9c:b4:2a:a7:50:3a:a1:79:9a:d7:42:74:3c:19:ae:28:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2
        Validity
            Not Before: Mar  5 17:57:38 2024 GMT
            Not After : Mar  4 18:02:38 2025 GMT
        Subject: CN=53744ABB512F34B4397747678D9D48C2F5C02F67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:58:6e:a7:fd:dd:ea:60:7a:b2:50:77:e3:94:
                    0a:c4:a5:17:34:96:52:db:71:03:00:9c:48:54:1f:
                    07:eb:6d:b3:85:5f:81:d3:a0:4f:0a:78:74:36:8b:
                    ce:d4:6f:27:8d:2c:69:55:ea:74:92:ad:d4:f0:9d:
                    04:91:b3:6a:b1:6b:fe:0f:d8:1d:0c:38:33:90:fe:
                    aa:d1:aa:59:b6:e1:4d:14:b0:d2:bf:93:84:62:18:
                    0e:b4:6b:38:da:2c:fb:14:d9:5e:fa:ab:6e:39:d5:
                    fa:ea:0a:f0:42:b2:10:f1:94:15:dd:0d:85:85:f0:
                    55:2c:ef:dc:b8:ef:be:9e:93:0d:ec:3e:4e:41:81:
                    9d:34:d8:36:db:92:83:70:9b:7a:10:01:55:09:13:
                    f0:96:17:4d:81:89:86:d7:86:ed:f4:9a:74:68:95:
                    64:10:f9:66:71:c4:7d:1a:e1:9b:4a:90:7c:ba:a0:
                    1f:d3:e5:bb:e0:ca:55:33:7c:c1:6e:a7:da:f9:8d:
                    3a:a9:8e:b2:36:7d:b7:dd:e8:8a:aa:65:81:78:1a:
                    53:a9:08:3a:78:f3:5a:b4:d2:bf:98:b4:4a:86:d4:
                    e7:ca:6f:8e:1c:b7:99:45:47:ec:60:0c:17:9e:17:
                    c1:ac:89:71:b0:69:7f:1e:42:22:be:23:06:82:b0:
                    cf:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:74:4A:BB:51:2F:34:B4:39:77:47:67:8D:9D:48:C2:F5:C0:2F:67
            X509v3 Authority Key Identifier:
                keyid:DE:D9:DD:B6:E0:5D:26:D9:3F:76:D4:43:4C:06:0C:7E:1D:26:E6:C2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/323830303a643330303a3a2f32392d3438203d3e20323033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:d300::/29

    Signature Algorithm: sha256WithRSAEncryption
         01:f6:f8:ab:21:1d:b5:00:f0:19:f8:6e:46:9e:63:f5:94:b7:
         fd:8b:24:24:97:27:7e:9f:e9:9b:bb:fa:ad:6b:03:e2:4b:29:
         a6:0b:a6:93:cb:61:ba:fe:32:6d:a2:9f:30:d8:88:8e:8c:97:
         8c:ae:54:77:7e:9a:4c:d8:1d:30:ff:a9:e4:87:02:5f:b9:b8:
         93:f0:44:4e:f3:01:1a:8e:99:5a:d0:b4:ef:06:45:ac:3b:32:
         ee:94:73:61:5c:60:e6:68:34:05:ec:b1:06:a9:0d:80:f8:4b:
         48:d0:e0:5a:0f:15:96:9e:7e:de:d6:18:4a:93:fa:a7:d9:f7:
         bb:11:e2:6d:e3:40:53:dd:39:a2:27:e3:3c:1a:b3:a4:53:49:
         1b:9b:95:24:23:2b:4e:cd:03:9e:4f:9b:69:09:9b:aa:f4:1d:
         2f:3e:7b:1a:f5:0c:e5:0a:31:2d:0f:5e:97:66:f3:14:fe:f1:
         e6:4a:a5:99:a5:eb:10:d3:a2:96:2b:66:ed:24:f8:db:8f:b9:
         7d:44:77:5e:7e:dc:42:27:83:2e:aa:cb:01:d8:03:95:55:1f:
         07:5d:1f:c8:91:96:df:3f:e6:e0:6a:7b:d5:0d:7e:ac:10:c5:
         c0:30:53:a3:79:14:e5:6c:3d:f4:20:8e:49:db:e1:cd:58:34:
         3a:39:19:7f
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIUDNHwnLQqp1A6oXma10J0PBmuKHMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREVEOUREQjZFMDVEMjZEOTNGNzZENDQzNEMwNjBDN0Ux
RDI2RTZDMjAeFw0yNDAzMDUxNzU3MzhaFw0yNTAzMDQxODAyMzhaMDMxMTAvBgNV
BAMTKDUzNzQ0QUJCNTEyRjM0QjQzOTc3NDc2NzhEOUQ0OEMyRjVDMDJGNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRWG6n/d3qYHqyUHfjlArEpRc0
llLbcQMAnEhUHwfrbbOFX4HToE8KeHQ2i87UbyeNLGlV6nSSrdTwnQSRs2qxa/4P
2B0MODOQ/qrRqlm24U0UsNK/k4RiGA60azjaLPsU2V76q2451frqCvBCshDxlBXd
DYWF8FUs79y4776ekw3sPk5BgZ002DbbkoNwm3oQAVUJE/CWF02BiYbXhu30mnRo
lWQQ+WZxxH0a4ZtKkHy6oB/T5bvgylUzfMFup9r5jTqpjrI2fbfd6IqqZYF4GlOp
CDp481q00r+YtEqG1OfKb44ct5lFR+xgDBeeF8GsiXGwaX8eQiK+IwaCsM9VAgMB
AAGjggLDMIICvzAdBgNVHQ4EFgQUU3RKu1EvNLQ5d0dnjZ1IwvXAL2cwHwYDVR0j
BBgwFoAU3tndtuBdJtk/dtRDTAYMfh0m5sIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yM0M3NUM5MTFCMzUyREYwQkM5NjkxRDRGRkVBMDExODI5
MEEyOTZCNDg2MThGOTVBMEQ3QkJGNDJDMjFCQjQzLzAvREVEOUREQjZFMDVEMjZE
OTNGNzZENDQzNEMwNjBDN0UxRDI2RTZDMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERUQ5RERCNkUwNUQyNkQ5M0Y3
NkQ0NDM0QzA2MEM3RTFEMjZFNkMyLmNlcjCBwQYIKwYBBQUHAQsEgbQwgbEwga4G
CCsGAQUFBzALhoGhcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjNDNzVDOTExQjM1MkRGMEJDOTY5MUQ0RkZFQTAxMTgyOTBBMjk2QjQ4
NjE4Rjk1QTBEN0JCRjQyQzIxQkI0My8wLzMyMzgzMDMwM2E2NDMzMzAzMDNhM2Ey
ZjMyMzkyZDM0MzgyMDNkM2UyMDMyMzAzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAygA0wAwDQYJKoZI
hvcNAQELBQADggEBAAH2+KshHbUA8Bn4bkaeY/WUt/2LJCSXJ36f6Zu7+q1rA+JL
KaYLppPLYbr+Mm2inzDYiI6Ml4yuVHd+mkzYHTD/qeSHAl+5uJPwRE7zARqOmVrQ
tO8GRaw7Mu6Uc2FcYOZoNAXssQapDYD4S0jQ4FoPFZaeft7WGEqT+qfZ97sR4m3j
QFPdOaIn4zwas6RTSRublSQjK07NA55Pm2kJm6r0HS8+exr1DOUKMS0PXpdm8xT+
8eZKpZml6xDTopYrZu0k+NuPuX1Ed15+3EIngy6qywHYA5VVHwddH8iRlt8/5uBq
e9UNfqwQxcAwU6N5FOVsPfQgjknb4c1YNDo5GX8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:21:44 2024 by rpki-client on console-fra.rpki-client.org