Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/272467CD58545DB3C91B9FD59703A48BA0F1BACF3D5C56AA7C90CBE691CC6F44/0/323830333a663234303a323030303a3a2f33362d3336203d3e203631353038.roa
File:                     323830333a663234303a323030303a3a2f33362d3336203d3e203631353038.roa (raw, json)
Hash identifier:          rmJlQDnRaOeNS+89eCKXxxw25sSNy08p4qhtCg8iblg=
Subject key identifier:   F0:B6:8A:78:84:5F:ED:C1:46:5A:61:BE:A6:CB:BD:8C:E3:3E:A7:F7
Certificate issuer:       /CN=818F5B44DD813BA4BC8A04C7D255042F1AE4B2AD
Certificate serial:       2A989027189A15E40B4303C846AFCB9320CF8B0F
Authority key identifier: 81:8F:5B:44:DD:81:3B:A4:BC:8A:04:C7:D2:55:04:2F:1A:E4:B2:AD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/818F5B44DD813BA4BC8A04C7D255042F1AE4B2AD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/272467CD58545DB3C91B9FD59703A48BA0F1BACF3D5C56AA7C90CBE691CC6F44/0/323830333a663234303a323030303a3a2f33362d3336203d3e203631353038.roa
Signing time:             Tue 05 Mar 2024 17:47:28 +0000
ROA not before:           Tue 05 Mar 2024 17:42:28 +0000
ROA not after:            Tue 04 Mar 2025 17:47:28 +0000
asID:                     61508
IP address blocks:        2803:f240:2000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/272467CD58545DB3C91B9FD59703A48BA0F1BACF3D5C56AA7C90CBE691CC6F44/0/818F5B44DD813BA4BC8A04C7D255042F1AE4B2AD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/272467CD58545DB3C91B9FD59703A48BA0F1BACF3D5C56AA7C90CBE691CC6F44/0/818F5B44DD813BA4BC8A04C7D255042F1AE4B2AD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/818F5B44DD813BA4BC8A04C7D255042F1AE4B2AD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:98:90:27:18:9a:15:e4:0b:43:03:c8:46:af:cb:93:20:cf:8b:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818F5B44DD813BA4BC8A04C7D255042F1AE4B2AD
        Validity
            Not Before: Mar  5 17:42:28 2024 GMT
            Not After : Mar  4 17:47:28 2025 GMT
        Subject: CN=F0B68A78845FEDC1465A61BEA6CBBD8CE33EA7F7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:11:6d:6b:6d:40:be:fe:88:31:6b:a4:43:98:
                    77:e9:d0:18:f6:84:cb:47:bc:6f:68:e0:4c:6f:6c:
                    64:ce:8b:df:cd:c9:3c:82:73:5b:b1:52:5f:2f:45:
                    3c:ce:ce:68:56:69:f7:45:4c:2a:ad:47:8c:77:92:
                    22:d3:62:c7:76:00:b2:94:83:fd:fa:a3:45:09:c2:
                    90:d2:5c:ee:6c:e2:05:b8:48:41:ac:a6:ec:26:b3:
                    ec:7c:e5:63:1d:4d:e1:53:ce:96:e6:f9:0e:f5:b4:
                    ba:36:14:4c:c0:f9:d5:12:4a:7e:fe:a1:19:6f:2b:
                    b2:c4:68:de:7e:4a:0c:1e:28:f1:ca:ab:73:8d:0f:
                    5e:c0:39:e3:d5:36:12:ae:0d:57:52:09:c1:7e:a1:
                    28:15:f1:1a:af:fb:31:d6:e0:a3:10:6d:48:19:de:
                    d8:06:b0:98:9f:fc:78:3c:7f:61:52:f2:8d:e9:90:
                    2b:88:8f:d5:3c:2a:4e:df:16:03:22:64:e0:11:0e:
                    00:81:a3:d6:6a:17:64:42:5d:f9:d5:ad:ab:33:c8:
                    19:39:be:af:b2:05:a5:7e:0d:7c:90:28:c3:45:59:
                    8d:a6:87:d5:a8:98:f1:48:05:a6:b9:e1:91:f5:e1:
                    af:22:fa:f3:be:59:66:af:55:11:c1:cd:e8:a7:a6:
                    60:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:B6:8A:78:84:5F:ED:C1:46:5A:61:BE:A6:CB:BD:8C:E3:3E:A7:F7
            X509v3 Authority Key Identifier:
                keyid:81:8F:5B:44:DD:81:3B:A4:BC:8A:04:C7:D2:55:04:2F:1A:E4:B2:AD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/272467CD58545DB3C91B9FD59703A48BA0F1BACF3D5C56AA7C90CBE691CC6F44/0/818F5B44DD813BA4BC8A04C7D255042F1AE4B2AD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/818F5B44DD813BA4BC8A04C7D255042F1AE4B2AD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/272467CD58545DB3C91B9FD59703A48BA0F1BACF3D5C56AA7C90CBE691CC6F44/0/323830333a663234303a323030303a3a2f33362d3336203d3e203631353038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:f240:2000::/36

    Signature Algorithm: sha256WithRSAEncryption
         1f:58:f5:f3:7b:7a:d3:f9:f5:03:ea:f1:b6:7b:90:59:75:be:
         57:6e:6d:16:c7:e7:5c:ae:1f:12:51:8e:94:3e:a3:3d:64:b8:
         7c:5a:8d:04:dc:ab:cb:06:2f:c8:b7:da:da:71:ab:26:38:99:
         13:25:8b:1d:d2:69:4c:30:77:be:71:92:7a:35:79:fd:13:e1:
         ae:a1:5f:46:59:27:88:80:e9:15:36:ac:32:da:e5:8f:bf:14:
         cd:7c:96:4b:a7:7d:cb:d4:bb:36:83:6d:5f:4f:d1:93:59:ce:
         f9:28:86:24:d4:cf:a7:b1:d6:dc:59:d0:ad:43:fe:76:67:0d:
         e4:63:6e:41:1c:9f:94:37:4b:d7:37:14:f9:2a:af:d8:0e:7a:
         d0:18:51:d2:44:e7:1e:49:35:dc:4a:f2:5c:e9:3e:34:b3:15:
         5f:15:45:e5:55:a7:60:1d:4f:de:81:08:3d:80:ce:de:1c:d1:
         44:e2:a2:05:79:08:21:53:b5:c9:d0:38:92:1f:f5:77:29:04:
         6b:b9:ed:63:dc:03:bd:4a:fe:be:af:ff:77:4b:aa:17:f4:eb:
         f8:40:72:4c:7c:26:7c:3f:11:90:35:63:01:13:af:36:a3:4c:
         3f:a4:d6:5b:b9:49:70:a7:83:24:b5:c1:d4:c1:26:fb:5b:96:
         07:a1:42:eb
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIUKpiQJxiaFeQLQwPIRq/LkyDPiw8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODE4RjVCNDRERDgxM0JBNEJDOEEwNEM3RDI1NTA0MkYx
QUU0QjJBRDAeFw0yNDAzMDUxNzQyMjhaFw0yNTAzMDQxNzQ3MjhaMDMxMTAvBgNV
BAMTKEYwQjY4QTc4ODQ1RkVEQzE0NjVBNjFCRUE2Q0JCRDhDRTMzRUE3RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcEW1rbUC+/ogxa6RDmHfp0Bj2
hMtHvG9o4ExvbGTOi9/NyTyCc1uxUl8vRTzOzmhWafdFTCqtR4x3kiLTYsd2ALKU
g/36o0UJwpDSXO5s4gW4SEGspuwms+x85WMdTeFTzpbm+Q71tLo2FEzA+dUSSn7+
oRlvK7LEaN5+SgweKPHKq3OND17AOePVNhKuDVdSCcF+oSgV8Rqv+zHW4KMQbUgZ
3tgGsJif/Hg8f2FS8o3pkCuIj9U8Kk7fFgMiZOARDgCBo9ZqF2RCXfnVraszyBk5
vq+yBaV+DXyQKMNFWY2mh9WomPFIBaa54ZH14a8i+vO+WWavVRHBzeinpmCpAgMB
AAGjggLSMIICzjAdBgNVHQ4EFgQU8LaKeIRf7cFGWmG+psu9jOM+p/cwHwYDVR0j
BBgwFoAUgY9bRN2BO6S8igTH0lUELxrksq0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yNzI0NjdDRDU4NTQ1REIzQzkxQjlGRDU5NzAzQTQ4QkEw
RjFCQUNGM0Q1QzU2QUE3QzkwQ0JFNjkxQ0M2RjQ0LzAvODE4RjVCNDRERDgxM0JB
NEJDOEEwNEM3RDI1NTA0MkYxQUU0QjJBRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84MThGNUI0NEREODEzQkE0QkM4
QTA0QzdEMjU1MDQyRjFBRTRCMkFELmNlcjCBzwYIKwYBBQUHAQsEgcIwgb8wgbwG
CCsGAQUFBzALhoGvcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjcyNDY3Q0Q1ODU0NURCM0M5MUI5RkQ1OTcwM0E0OEJBMEYxQkFDRjNE
NUM1NkFBN0M5MENCRTY5MUNDNkY0NC8wLzMyMzgzMDMzM2E2NjMyMzQzMDNhMzIz
MDMwMzAzYTNhMmYzMzM2MmQzMzM2MjAzZDNlMjAzNjMxMzUzMDM4LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAI
AwYEKAPyQCAwDQYJKoZIhvcNAQELBQADggEBAB9Y9fN7etP59QPq8bZ7kFl1vldu
bRbH51yuHxJRjpQ+oz1kuHxajQTcq8sGL8i32tpxqyY4mRMlix3SaUwwd75xkno1
ef0T4a6hX0ZZJ4iA6RU2rDLa5Y+/FM18lkunfcvUuzaDbV9P0ZNZzvkohiTUz6ex
1txZ0K1D/nZnDeRjbkEcn5Q3S9c3FPkqr9gOetAYUdJE5x5JNdxK8lzpPjSzFV8V
ReVVp2AdT96BCD2Azt4c0UTiogV5CCFTtcnQOJIf9XcpBGu57WPcA71K/r6v/3dL
qhf06/hAckx8Jnw/EZA1YwETrzajTD+k1lu5SXCngyS1wdTBJvtblgehQus=
-----END CERTIFICATE-----
Generated at Wed Nov 20 11:08:59 2024 by rpki-client on console-ams.rpki-client.org