Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/323830333a6134303a3a2f34372d3438203d3e20323633383137.roa
File:                     323830333a6134303a3a2f34372d3438203d3e20323633383137.roa (raw, json)
Hash identifier:          fUhc9LVKlYgmgZVyk/VxG5SAtNhAZ7+Kg1ywg5XmzoQ=
Subject key identifier:   5D:B3:0C:86:81:74:1A:DA:DE:36:4A:B7:68:F3:64:C7:AB:52:88:AC
Certificate issuer:       /CN=BE7683A0995880FB51F3BF98293EDECD286AF6A3
Certificate serial:       2ADFFFE95A05B93F743986D631BA985FB67C2436
Authority key identifier: BE:76:83:A0:99:58:80:FB:51:F3:BF:98:29:3E:DE:CD:28:6A:F6:A3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/323830333a6134303a3a2f34372d3438203d3e20323633383137.roa
Signing time:             Tue 05 Mar 2024 17:47:25 +0000
ROA not before:           Tue 05 Mar 2024 17:42:25 +0000
ROA not after:            Tue 04 Mar 2025 17:47:25 +0000
asID:                     263817
IP address blocks:        2803:a40::/47 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 21 Jul 2024 00:45:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:df:ff:e9:5a:05:b9:3f:74:39:86:d6:31:ba:98:5f:b6:7c:24:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BE7683A0995880FB51F3BF98293EDECD286AF6A3
        Validity
            Not Before: Mar  5 17:42:25 2024 GMT
            Not After : Mar  4 17:47:25 2025 GMT
        Subject: CN=5DB30C8681741ADADE364AB768F364C7AB5288AC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:5e:77:13:b6:ce:6c:4e:51:bb:c4:a1:a3:c2:
                    60:2c:b6:75:66:83:18:d2:71:30:76:75:37:3d:1b:
                    35:ea:84:e7:77:5a:48:58:40:9c:68:6b:13:46:6d:
                    4e:af:ea:2c:40:a4:49:6a:29:22:3c:5e:21:08:84:
                    c2:b4:e8:27:49:32:86:63:33:19:dc:da:2b:21:ac:
                    05:c3:67:f2:a8:53:dd:c6:17:87:9d:d7:2e:a3:62:
                    a9:e9:82:d5:93:39:d5:43:96:ef:3b:ac:22:56:5a:
                    0c:e1:52:ff:0c:2c:45:7b:34:ad:c8:55:2f:04:e2:
                    a6:c6:b6:d1:b2:21:73:8c:49:2d:30:71:23:7e:89:
                    30:08:f7:b5:4a:a4:10:90:17:d6:bc:0d:a4:8d:17:
                    c3:af:b3:9b:5c:fc:6d:34:dc:a5:3a:37:55:d2:fc:
                    77:98:e2:f6:a6:0f:a0:42:f7:da:8b:9d:91:97:69:
                    9f:65:f4:e3:77:41:28:e0:0f:f0:71:ef:8e:f8:33:
                    be:fb:d5:b6:df:be:75:16:d8:fd:2f:74:92:7d:92:
                    24:92:59:72:3e:b7:07:db:f8:8d:6a:aa:9e:24:fb:
                    14:dc:8a:c5:39:d1:b3:17:3b:3c:8b:bc:bb:cf:5b:
                    71:de:77:cc:09:3c:29:ea:58:23:cf:10:7d:02:63:
                    13:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:B3:0C:86:81:74:1A:DA:DE:36:4A:B7:68:F3:64:C7:AB:52:88:AC
            X509v3 Authority Key Identifier:
                keyid:BE:76:83:A0:99:58:80:FB:51:F3:BF:98:29:3E:DE:CD:28:6A:F6:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/323830333a6134303a3a2f34372d3438203d3e20323633383137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:a40::/47

    Signature Algorithm: sha256WithRSAEncryption
         34:aa:7f:41:3a:4b:8d:b6:bd:af:0f:b7:ca:ed:d2:88:d9:7a:
         3c:f1:e8:06:e1:5d:83:14:4d:8b:8a:32:a4:b8:66:fd:6e:ec:
         47:0a:66:cf:d1:d7:0a:0a:0f:7b:1d:93:e9:88:c3:89:8a:d2:
         9b:27:fe:67:8f:70:52:ee:10:f9:e4:be:e0:d0:6f:a6:e6:a6:
         eb:38:f8:4d:66:1c:e7:ce:6e:29:61:68:5f:8f:b5:a3:da:66:
         48:b0:0b:ae:7a:fb:9c:ba:b1:d4:47:fa:a7:94:19:0a:82:11:
         e9:2d:7b:88:7b:cd:89:fd:45:a2:6c:d1:2b:b3:f7:86:2a:59:
         6c:6d:95:95:45:ca:20:44:84:1f:4b:8e:e9:46:63:c5:61:4b:
         b5:38:4a:9b:94:99:25:e5:b8:56:a6:f6:d3:d5:fd:f2:85:b9:
         c8:f2:77:1a:d5:76:7f:06:75:be:3f:2c:cf:ec:5d:0f:e3:39:
         50:59:01:e0:d7:f7:a4:69:2c:bc:99:3d:53:b9:b2:ce:06:fb:
         9f:a1:4f:af:4b:5a:82:17:16:a7:53:75:65:3b:cc:fb:36:cb:
         ed:e1:52:f5:ae:16:cb:1a:b4:a2:85:56:0a:83:68:e6:62:59:
         73:15:39:75:a0:1f:dc:39:85:9e:3f:c4:7b:12:23:80:fc:50:
         63:08:56:c9
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUKt//6VoFuT90OYbWMbqYX7Z8JDYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkU3NjgzQTA5OTU4ODBGQjUxRjNCRjk4MjkzRURFQ0Qy
ODZBRjZBMzAeFw0yNDAzMDUxNzQyMjVaFw0yNTAzMDQxNzQ3MjVaMDMxMTAvBgNV
BAMTKDVEQjMwQzg2ODE3NDFBREFERTM2NEFCNzY4RjM2NEM3QUI1Mjg4QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXXncTts5sTlG7xKGjwmAstnVm
gxjScTB2dTc9GzXqhOd3WkhYQJxoaxNGbU6v6ixApElqKSI8XiEIhMK06CdJMoZj
Mxnc2ishrAXDZ/KoU93GF4ed1y6jYqnpgtWTOdVDlu87rCJWWgzhUv8MLEV7NK3I
VS8E4qbGttGyIXOMSS0wcSN+iTAI97VKpBCQF9a8DaSNF8Ovs5tc/G003KU6N1XS
/HeY4vamD6BC99qLnZGXaZ9l9ON3QSjgD/Bx7474M7771bbfvnUW2P0vdJJ9kiSS
WXI+twfb+I1qqp4k+xTcisU50bMXOzyLvLvPW3Hed8wJPCnqWCPPEH0CYxNtAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUXbMMhoF0GtreNkq3aPNkx6tSiKwwHwYDVR0j
BBgwFoAUvnaDoJlYgPtR87+YKT7ezShq9qMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yODgwMjRERTg3MzYwMzMxNTQxNTEyNTM1MjU1OThDRUM4
OUI5QTBERTA3NTExN0IxM0E2MEM4QjcxMjhFMkQwLzAvQkU3NjgzQTA5OTU4ODBG
QjUxRjNCRjk4MjkzRURFQ0QyODZBRjZBMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CRTc2ODNBMDk5NTg4MEZCNTFG
M0JGOTgyOTNFREVDRDI4NkFGNkEzLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjg4MDI0REU4NzM2MDMzMTU0MTUxMjUzNTI1NTk4Q0VDODlCOUEwREUw
NzUxMTdCMTNBNjBDOEI3MTI4RTJEMC8wLzMyMzgzMDMzM2E2MTM0MzAzYTNhMmYz
NDM3MmQzNDM4MjAzZDNlMjAzMjM2MzMzODMxMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwEoAwpAAAAw
DQYJKoZIhvcNAQELBQADggEBADSqf0E6S422va8Pt8rt0ojZejzx6AbhXYMUTYuK
MqS4Zv1u7EcKZs/R1woKD3sdk+mIw4mK0psn/mePcFLuEPnkvuDQb6bmpus4+E1m
HOfObilhaF+PtaPaZkiwC656+5y6sdRH+qeUGQqCEekte4h7zYn9RaJs0Suz94Yq
WWxtlZVFyiBEhB9LjulGY8VhS7U4SpuUmSXluFam9tPV/fKFucjydxrVdn8Gdb4/
LM/sXQ/jOVBZAeDX96RpLLyZPVO5ss4G+5+hT69LWoIXFqdTdWU7zPs2y+3hUvWu
FssatKKFVgqDaOZiWXMVOXWgH9w5hZ4/xHsSI4D8UGMIVsk=
-----END CERTIFICATE-----
Generated at Tue Jul 16 19:43:46 2024 by rpki-client on console-fra.rpki-client.org