Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/28F749D15A239E7711C5BBFCD179E0221928BA4F3EBBC75B0E08C12A7EF28E69/0/323830333a396332303a3a2f33322d3438203d3e203532343638.roa
File:                     323830333a396332303a3a2f33322d3438203d3e203532343638.roa (raw, json)
Hash identifier:          AoACkg+t5Bn5GB+C28MeF7XgyxWPzxHNfCkhmn3yiO4=
Subject key identifier:   7A:CB:7D:D4:5B:D9:D3:E9:25:42:53:26:67:C2:DA:59:79:45:6B:75
Certificate issuer:       /CN=87170FE663930DA5DB9475CEAC8B0600B2C02832
Certificate serial:       77791ACCA18242EB9ED74ABD3804FCD45B6CBD9E
Authority key identifier: 87:17:0F:E6:63:93:0D:A5:DB:94:75:CE:AC:8B:06:00:B2:C0:28:32
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/87170FE663930DA5DB9475CEAC8B0600B2C02832.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/28F749D15A239E7711C5BBFCD179E0221928BA4F3EBBC75B0E08C12A7EF28E69/0/323830333a396332303a3a2f33322d3438203d3e203532343638.roa
Signing time:             Tue 05 Mar 2024 17:50:21 +0000
ROA not before:           Tue 05 Mar 2024 17:45:21 +0000
ROA not after:            Tue 04 Mar 2025 17:50:21 +0000
asID:                     52468
IP address blocks:        2803:9c20::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/28F749D15A239E7711C5BBFCD179E0221928BA4F3EBBC75B0E08C12A7EF28E69/0/87170FE663930DA5DB9475CEAC8B0600B2C02832.crl
                          rsync://repository.lacnic.net/rpki/lacnic/28F749D15A239E7711C5BBFCD179E0221928BA4F3EBBC75B0E08C12A7EF28E69/0/87170FE663930DA5DB9475CEAC8B0600B2C02832.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/87170FE663930DA5DB9475CEAC8B0600B2C02832.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:79:1a:cc:a1:82:42:eb:9e:d7:4a:bd:38:04:fc:d4:5b:6c:bd:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87170FE663930DA5DB9475CEAC8B0600B2C02832
        Validity
            Not Before: Mar  5 17:45:21 2024 GMT
            Not After : Mar  4 17:50:21 2025 GMT
        Subject: CN=7ACB7DD45BD9D3E92542532667C2DA5979456B75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:7e:05:88:6d:75:f3:10:1d:06:45:01:ce:0c:
                    d1:07:82:16:6b:8a:a1:40:d1:c7:1c:08:6a:b2:ed:
                    b5:91:7b:87:03:5b:10:fc:24:4f:63:ab:13:5d:8b:
                    9e:9f:2a:b0:a0:d6:fd:5f:fc:a8:26:b3:71:10:33:
                    c5:54:93:2a:d8:94:f7:4c:b4:9c:77:3c:af:5a:83:
                    ec:9e:55:68:ee:03:22:7f:7c:19:22:f5:00:9f:6b:
                    87:9a:7e:91:56:aa:8e:0b:cb:81:2e:07:aa:d2:13:
                    27:fc:1c:8f:7f:6c:02:74:32:c1:d7:f3:87:2d:4e:
                    b0:28:ed:fd:7a:0d:a1:86:dd:b3:bf:2b:86:91:04:
                    6b:fe:b3:a0:60:7f:31:2c:64:5c:2e:b4:c5:64:1a:
                    62:e9:54:42:3c:84:95:65:7a:cf:c0:54:71:5a:0a:
                    4f:ec:d2:50:fb:38:0f:47:66:8b:ee:49:ca:64:c5:
                    10:81:e5:31:37:28:62:21:71:4f:3a:b1:a3:d9:1b:
                    60:92:e3:cd:d6:a0:d2:04:b7:93:10:1a:f5:1e:32:
                    66:a6:2d:46:42:7c:58:0d:14:04:bd:21:b1:37:a3:
                    ac:22:e6:6e:6d:a8:57:28:b6:9a:5b:c5:fe:f0:50:
                    0a:dc:84:1f:d7:2f:45:ce:00:89:c6:31:2e:d0:91:
                    15:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:CB:7D:D4:5B:D9:D3:E9:25:42:53:26:67:C2:DA:59:79:45:6B:75
            X509v3 Authority Key Identifier:
                keyid:87:17:0F:E6:63:93:0D:A5:DB:94:75:CE:AC:8B:06:00:B2:C0:28:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/28F749D15A239E7711C5BBFCD179E0221928BA4F3EBBC75B0E08C12A7EF28E69/0/87170FE663930DA5DB9475CEAC8B0600B2C02832.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/87170FE663930DA5DB9475CEAC8B0600B2C02832.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/28F749D15A239E7711C5BBFCD179E0221928BA4F3EBBC75B0E08C12A7EF28E69/0/323830333a396332303a3a2f33322d3438203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:9c20::/32

    Signature Algorithm: sha256WithRSAEncryption
         4e:19:66:2f:85:31:d5:65:ff:7a:69:9e:c3:b0:51:b6:51:08:
         dd:6f:e0:36:13:47:d9:67:87:58:59:d5:35:15:33:03:1d:bf:
         5e:f3:4c:17:48:14:ea:e2:ce:56:81:e0:69:00:ff:07:4c:1c:
         df:ee:23:19:eb:55:c3:50:b2:96:9b:43:50:d9:32:84:dd:2b:
         02:b2:1c:dc:da:42:cd:81:6d:1f:a4:fc:2d:d9:19:af:b3:f7:
         e7:c7:e8:67:69:f3:33:74:cc:c7:ab:ac:de:7c:3f:cb:ae:09:
         06:1b:6b:c1:74:c5:44:25:74:c2:47:15:94:d1:34:5a:51:6c:
         61:e4:c3:02:27:f6:1b:c8:be:ca:98:c1:1b:bd:ba:b3:e2:3b:
         26:f5:79:60:e8:75:77:f9:38:58:40:5b:63:29:74:07:68:db:
         28:52:01:f2:f0:dd:90:b7:74:a4:c6:83:db:77:b9:89:df:9c:
         a8:37:84:82:a2:cf:fd:72:14:86:34:e3:fe:41:27:fd:80:8e:
         7a:e2:fc:ae:ea:3a:c2:90:26:46:1f:8e:d8:6f:49:4e:eb:3a:
         2d:54:4a:cc:a8:4e:49:f9:28:8e:84:5b:76:29:72:9f:6d:82:
         3e:7b:dc:07:5e:7f:15:47:46:30:17:29:93:ce:41:92:bf:dc:
         ec:a0:ec:92
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUd3kazKGCQuue10q9OAT81FtsvZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODcxNzBGRTY2MzkzMERBNURCOTQ3NUNFQUM4QjA2MDBC
MkMwMjgzMjAeFw0yNDAzMDUxNzQ1MjFaFw0yNTAzMDQxNzUwMjFaMDMxMTAvBgNV
BAMTKDdBQ0I3REQ0NUJEOUQzRTkyNTQyNTMyNjY3QzJEQTU5Nzk0NTZCNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4fgWIbXXzEB0GRQHODNEHghZr
iqFA0cccCGqy7bWRe4cDWxD8JE9jqxNdi56fKrCg1v1f/Kgms3EQM8VUkyrYlPdM
tJx3PK9ag+yeVWjuAyJ/fBki9QCfa4eafpFWqo4Ly4EuB6rSEyf8HI9/bAJ0MsHX
84ctTrAo7f16DaGG3bO/K4aRBGv+s6BgfzEsZFwutMVkGmLpVEI8hJVles/AVHFa
Ck/s0lD7OA9HZovuScpkxRCB5TE3KGIhcU86saPZG2CS483WoNIEt5MQGvUeMmam
LUZCfFgNFAS9IbE3o6wi5m5tqFcotppbxf7wUArchB/XL0XOAInGMS7QkRX9AgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUest91FvZ0+klQlMmZ8LaWXlFa3UwHwYDVR0j
BBgwFoAUhxcP5mOTDaXblHXOrIsGALLAKDIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yOEY3NDlEMTVBMjM5RTc3MTFDNUJCRkNEMTc5RTAyMjE5
MjhCQTRGM0VCQkM3NUIwRTA4QzEyQTdFRjI4RTY5LzAvODcxNzBGRTY2MzkzMERB
NURCOTQ3NUNFQUM4QjA2MDBCMkMwMjgzMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NzE3MEZFNjYzOTMwREE1REI5
NDc1Q0VBQzhCMDYwMEIyQzAyODMyLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjhGNzQ5RDE1QTIzOUU3NzExQzVCQkZDRDE3OUUwMjIxOTI4QkE0RjNF
QkJDNzVCMEUwOEMxMkE3RUYyOEU2OS8wLzMyMzgzMDMzM2EzOTYzMzIzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzIzNDM2Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA5wgMA0G
CSqGSIb3DQEBCwUAA4IBAQBOGWYvhTHVZf96aZ7DsFG2UQjdb+A2E0fZZ4dYWdU1
FTMDHb9e80wXSBTq4s5WgeBpAP8HTBzf7iMZ61XDULKWm0NQ2TKE3SsCshzc2kLN
gW0fpPwt2Rmvs/fnx+hnafMzdMzHq6zefD/LrgkGG2vBdMVEJXTCRxWU0TRaUWxh
5MMCJ/YbyL7KmMEbvbqz4jsm9Xlg6HV3+ThYQFtjKXQHaNsoUgHy8N2Qt3SkxoPb
d7mJ35yoN4SCos/9chSGNOP+QSf9gI564vyu6jrCkCZGH47Yb0lO6zotVErMqE5J
+SiOhFt2KXKfbYI+e9wHXn8VR0YwFymTzkGSv9zsoOyS
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:17:40 2024 by rpki-client on console-fra.rpki-client.org