Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/323830333a323338303a3a2f33322d3332203d3e203631343930.roa
File:                     323830333a323338303a3a2f33322d3332203d3e203631343930.roa (raw, json)
Hash identifier:          1KwWGd/2BpWp5mPIoWIpmzyh2YI+lpu2d0FQuUSYHCU=
Subject key identifier:   54:E8:CD:A1:14:53:D4:62:12:FF:C0:B1:E9:7D:00:A7:E8:63:F4:03
Certificate issuer:       /CN=D74EEC332802572047CBE0FAB13F3CF2BA417AFF
Certificate serial:       39B7D53BF2F7442D3803AE445529C61A313937E9
Authority key identifier: D7:4E:EC:33:28:02:57:20:47:CB:E0:FA:B1:3F:3C:F2:BA:41:7A:FF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/323830333a323338303a3a2f33322d3332203d3e203631343930.roa
Signing time:             Tue 05 Mar 2024 17:42:43 +0000
ROA not before:           Tue 05 Mar 2024 17:37:43 +0000
ROA not after:            Tue 04 Mar 2025 17:42:43 +0000
asID:                     61490
IP address blocks:        2803:2380::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 13 Jun 2024 22:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:b7:d5:3b:f2:f7:44:2d:38:03:ae:44:55:29:c6:1a:31:39:37:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D74EEC332802572047CBE0FAB13F3CF2BA417AFF
        Validity
            Not Before: Mar  5 17:37:43 2024 GMT
            Not After : Mar  4 17:42:43 2025 GMT
        Subject: CN=54E8CDA11453D46212FFC0B1E97D00A7E863F403
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:6d:73:59:62:f0:8c:2b:ae:68:3b:88:6e:49:
                    50:ec:38:e7:5a:35:9e:4f:63:5b:50:42:0b:5c:85:
                    60:95:a7:d5:e7:c7:af:2a:f7:a2:2f:f4:35:5b:75:
                    19:34:0d:87:63:57:21:56:02:b2:5f:95:a6:37:94:
                    ec:bf:7a:f9:5b:17:da:1c:96:c4:c3:ea:58:59:54:
                    e9:3e:c0:2b:ce:1c:84:d1:06:26:37:17:e1:0d:e6:
                    72:4f:f1:f8:79:ba:65:8c:22:19:31:9b:b7:0b:5c:
                    67:4e:02:58:f1:de:f7:25:cf:19:d0:5f:95:99:f4:
                    a7:50:32:fe:00:b7:7b:d0:bf:af:bf:5e:36:1d:42:
                    58:8c:79:a4:fb:15:c4:c0:49:dc:ee:a0:ed:c9:39:
                    a7:b1:c0:51:57:c9:c1:fb:a8:29:6a:0a:fa:3e:a3:
                    97:26:ba:82:56:5c:7d:37:86:6c:8e:61:c5:7d:52:
                    10:85:96:4b:81:80:83:2c:fb:d2:6c:c8:bd:21:d4:
                    71:72:64:4d:03:51:f9:fd:ca:03:9c:41:8b:4d:a3:
                    89:91:2c:bf:c1:8b:f8:e3:94:74:35:b6:16:88:52:
                    9c:9e:aa:ae:51:3d:ab:14:d0:50:6f:94:40:a1:b3:
                    02:e5:5c:c7:11:72:c7:80:b8:11:04:a3:f6:a1:60:
                    f5:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:E8:CD:A1:14:53:D4:62:12:FF:C0:B1:E9:7D:00:A7:E8:63:F4:03
            X509v3 Authority Key Identifier:
                keyid:D7:4E:EC:33:28:02:57:20:47:CB:E0:FA:B1:3F:3C:F2:BA:41:7A:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/323830333a323338303a3a2f33322d3332203d3e203631343930.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:2380::/32

    Signature Algorithm: sha256WithRSAEncryption
         9f:2c:6d:fd:f6:f8:48:19:93:6f:11:21:74:66:c2:79:bf:4d:
         53:d4:d9:d7:46:03:c2:22:ed:39:92:79:31:f9:29:79:1e:b6:
         c2:67:bc:00:62:da:19:c4:b4:a7:f4:57:97:7f:16:be:75:8f:
         a2:3e:cf:8b:d9:0e:06:54:fe:60:03:43:70:1c:ef:63:e4:51:
         dc:4b:12:3f:18:bd:41:4b:ab:e6:7f:76:b5:6c:8a:7b:2a:74:
         08:5c:d8:34:9e:2b:1c:1b:ce:52:a4:29:8e:f6:27:96:89:4a:
         02:05:0e:43:12:78:02:ab:03:6d:4a:4f:66:7b:81:d1:e8:e2:
         54:1d:1f:ef:78:88:69:e0:cc:ce:f7:9d:d3:3c:3f:0e:54:e5:
         a6:8a:26:53:a6:42:05:b6:6b:c1:39:32:8b:97:52:cc:d4:09:
         f4:3d:82:07:27:f6:f2:d6:c2:ae:59:1e:50:d5:ed:f8:4f:4c:
         24:3c:49:18:a0:c9:a8:3e:2a:1e:c8:28:7e:51:6b:2c:63:10:
         39:46:32:1d:18:40:61:cb:51:2a:d7:d4:5c:e9:34:35:ad:83:
         8a:ab:34:69:45:f3:4c:15:63:cb:77:de:f2:06:41:eb:42:fe:
         ab:e4:a7:c4:1f:c8:22:60:6e:23:37:f9:13:9e:c3:ec:7d:2c:
         bb:3e:89:21
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUObfVO/L3RC04A65EVSnGGjE5N+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDc0RUVDMzMyODAyNTcyMDQ3Q0JFMEZBQjEzRjNDRjJC
QTQxN0FGRjAeFw0yNDAzMDUxNzM3NDNaFw0yNTAzMDQxNzQyNDNaMDMxMTAvBgNV
BAMTKDU0RThDREExMTQ1M0Q0NjIxMkZGQzBCMUU5N0QwMEE3RTg2M0Y0MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCbXNZYvCMK65oO4huSVDsOOda
NZ5PY1tQQgtchWCVp9Xnx68q96Iv9DVbdRk0DYdjVyFWArJflaY3lOy/evlbF9oc
lsTD6lhZVOk+wCvOHITRBiY3F+EN5nJP8fh5umWMIhkxm7cLXGdOAljx3vclzxnQ
X5WZ9KdQMv4At3vQv6+/XjYdQliMeaT7FcTASdzuoO3JOaexwFFXycH7qClqCvo+
o5cmuoJWXH03hmyOYcV9UhCFlkuBgIMs+9JsyL0h1HFyZE0DUfn9ygOcQYtNo4mR
LL/Bi/jjlHQ1thaIUpyeqq5RPasU0FBvlEChswLlXMcRcseAuBEEo/ahYPWlAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUVOjNoRRT1GIS/8Cx6X0Ap+hj9AMwHwYDVR0j
BBgwFoAU107sMygCVyBHy+D6sT888rpBev8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yOTZDQUNGNERCRUU3NzUwMjk0MEZBRDUwMjc5NzIzQUYw
REExMzlFNUM3NUE2QjVCQ0VCQTZCMUMxNDNEQjg4LzAvRDc0RUVDMzMyODAyNTcy
MDQ3Q0JFMEZBQjEzRjNDRjJCQTQxN0FGRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENzRFRUMzMzI4MDI1NzIwNDdD
QkUwRkFCMTNGM0NGMkJBNDE3QUZGLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjk2Q0FDRjREQkVFNzc1MDI5NDBGQUQ1MDI3OTcyM0FGMERBMTM5RTVD
NzVBNkI1QkNFQkE2QjFDMTQzREI4OC8wLzMyMzgzMDMzM2EzMjMzMzgzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDM2MzEzNDM5MzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAyOAMA0G
CSqGSIb3DQEBCwUAA4IBAQCfLG399vhIGZNvESF0ZsJ5v01T1NnXRgPCIu05knkx
+Sl5HrbCZ7wAYtoZxLSn9FeXfxa+dY+iPs+L2Q4GVP5gA0NwHO9j5FHcSxI/GL1B
S6vmf3a1bIp7KnQIXNg0niscG85SpCmO9ieWiUoCBQ5DEngCqwNtSk9me4HR6OJU
HR/veIhp4MzO953TPD8OVOWmiiZTpkIFtmvBOTKLl1LM1An0PYIHJ/by1sKuWR5Q
1e34T0wkPEkYoMmoPioeyCh+UWssYxA5RjIdGEBhy1Eq19Rc6TQ1rYOKqzRpRfNM
FWPLd97yBkHrQv6r5KfEH8giYG4jN/kTnsPsfSy7Pokh
-----END CERTIFICATE-----
Generated at Sun Jun 9 10:15:52 2024 by rpki-client on console-ams.rpki-client.org