Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2F601B5A3ECAE9686A4E8C35BD9B838989DF81F7466CD880863EB98969D1BC1E/0/323830333a393134303a3a2f33322d3332203d3e2033333536.roa
File:                     323830333a393134303a3a2f33322d3332203d3e2033333536.roa (raw, json)
Hash identifier:          8h9p3UgKiQTVp+afwu0ZhZACQJMsaFknupicp4POM3c=
Subject key identifier:   E4:84:FD:80:5F:64:2E:03:59:F3:F6:3D:0F:A6:A6:60:79:7E:98:10
Certificate issuer:       /CN=928F2A88614C6122C25510F7A3362CB8F48CEFB3
Certificate serial:       61D8CA9944D2D96565C738E523DAC63485D1AAD9
Authority key identifier: 92:8F:2A:88:61:4C:61:22:C2:55:10:F7:A3:36:2C:B8:F4:8C:EF:B3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/928F2A88614C6122C25510F7A3362CB8F48CEFB3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2F601B5A3ECAE9686A4E8C35BD9B838989DF81F7466CD880863EB98969D1BC1E/0/323830333a393134303a3a2f33322d3332203d3e2033333536.roa
Signing time:             Tue 20 May 2025 21:15:00 +0000
ROA not before:           Tue 20 May 2025 21:10:00 +0000
ROA not after:            Tue 19 May 2026 21:15:00 +0000
asID:                     3356
IP address blocks:        2803:9140::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2F601B5A3ECAE9686A4E8C35BD9B838989DF81F7466CD880863EB98969D1BC1E/0/928F2A88614C6122C25510F7A3362CB8F48CEFB3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2F601B5A3ECAE9686A4E8C35BD9B838989DF81F7466CD880863EB98969D1BC1E/0/928F2A88614C6122C25510F7A3362CB8F48CEFB3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/928F2A88614C6122C25510F7A3362CB8F48CEFB3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 05:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:d8:ca:99:44:d2:d9:65:65:c7:38:e5:23:da:c6:34:85:d1:aa:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=928F2A88614C6122C25510F7A3362CB8F48CEFB3
        Validity
            Not Before: May 20 21:10:00 2025 GMT
            Not After : May 19 21:15:00 2026 GMT
        Subject: CN=E484FD805F642E0359F3F63D0FA6A660797E9810
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:4b:d2:d3:b0:7c:ca:85:a9:48:ad:aa:92:8c:
                    7c:f9:10:9a:75:f6:29:f4:49:3e:b0:31:19:94:70:
                    ac:31:aa:df:b3:7b:ae:28:a1:dc:23:61:a3:7c:de:
                    d6:af:4c:0b:b4:a1:02:df:b6:28:a2:3d:9d:99:a6:
                    fb:60:4d:79:11:8a:3d:9c:80:4a:eb:30:a4:8a:8a:
                    4c:e6:55:48:d0:ec:43:42:c5:b8:5c:3a:a6:0a:80:
                    9e:fb:78:e8:04:d6:c4:ee:73:2c:b3:18:ec:9f:a5:
                    47:1b:78:02:aa:41:51:8f:df:9d:b6:05:47:22:10:
                    03:e8:4e:c7:b0:80:dd:d5:6d:c1:41:1e:51:a1:7f:
                    7b:ae:d0:b7:4e:92:06:3c:ac:45:73:ab:7f:5e:1d:
                    6d:15:37:14:b6:df:e8:f0:e1:2a:d4:f4:9c:1c:1b:
                    05:a9:91:d6:e0:05:85:92:7b:71:da:4d:0c:ae:12:
                    1c:11:b6:65:ac:fe:85:34:de:3b:ec:1f:8f:98:72:
                    84:ec:86:b4:dc:00:be:95:b0:27:21:7e:82:4b:90:
                    31:84:4f:be:40:c0:21:f7:00:72:f8:1a:31:3a:0c:
                    c7:13:d0:18:41:27:79:f7:3e:ea:32:98:3c:23:0f:
                    68:c7:b5:fb:1e:d0:04:ab:e7:6f:75:5b:59:23:86:
                    55:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:84:FD:80:5F:64:2E:03:59:F3:F6:3D:0F:A6:A6:60:79:7E:98:10
            X509v3 Authority Key Identifier:
                keyid:92:8F:2A:88:61:4C:61:22:C2:55:10:F7:A3:36:2C:B8:F4:8C:EF:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2F601B5A3ECAE9686A4E8C35BD9B838989DF81F7466CD880863EB98969D1BC1E/0/928F2A88614C6122C25510F7A3362CB8F48CEFB3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/928F2A88614C6122C25510F7A3362CB8F48CEFB3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2F601B5A3ECAE9686A4E8C35BD9B838989DF81F7466CD880863EB98969D1BC1E/0/323830333a393134303a3a2f33322d3332203d3e2033333536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:9140::/32

    Signature Algorithm: sha256WithRSAEncryption
         50:c8:b5:df:a9:41:84:9b:e8:73:a1:42:e5:ce:c3:d5:99:10:
         56:58:a9:2d:88:f8:10:b4:77:be:e3:ca:e5:7d:00:28:e1:51:
         f8:59:d2:5e:16:ef:25:cf:03:a9:4c:cd:06:41:54:78:33:09:
         8b:95:82:f0:0a:f0:be:0d:fd:80:c5:6e:cd:3c:8e:51:ec:c2:
         2c:20:a7:e3:a0:b0:69:07:4b:38:c8:95:0a:a5:57:bd:3b:67:
         da:b9:b2:7f:55:6c:eb:83:3a:6b:61:73:f7:26:26:77:ef:f9:
         0d:8f:fb:4d:97:e9:0f:e9:44:19:b7:3d:c6:2e:8d:3a:05:9c:
         e4:f9:42:ff:54:de:40:e1:3d:b7:d3:60:11:99:a3:95:f9:aa:
         9e:75:e5:d2:08:98:74:f5:81:2a:ce:5f:b0:d9:40:0a:9e:06:
         b1:bf:ab:99:6c:e1:99:2d:08:2e:6c:e5:11:32:04:67:9e:a1:
         79:31:8d:2f:65:29:69:07:f5:b0:3e:23:1f:4d:54:89:43:61:
         42:68:8f:ff:ba:61:a1:2e:c7:98:5b:b9:09:bc:fb:02:19:b2:
         c7:e4:50:46:99:7e:c0:2c:72:3b:af:93:6e:2f:f2:16:f1:cc:
         79:a7:4b:84:7e:a4:b4:44:2c:15:65:0c:c5:74:50:ba:74:22:
         87:4e:b9:ba
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUYdjKmUTS2WVlxzjlI9rGNIXRqtkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTI4RjJBODg2MTRDNjEyMkMyNTUxMEY3QTMzNjJDQjhG
NDhDRUZCMzAeFw0yNTA1MjAyMTEwMDBaFw0yNjA1MTkyMTE1MDBaMDMxMTAvBgNV
BAMTKEU0ODRGRDgwNUY2NDJFMDM1OUYzRjYzRDBGQTZBNjYwNzk3RTk4MTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvS9LTsHzKhalIraqSjHz5EJp1
9in0ST6wMRmUcKwxqt+ze64oodwjYaN83tavTAu0oQLftiiiPZ2ZpvtgTXkRij2c
gErrMKSKikzmVUjQ7ENCxbhcOqYKgJ77eOgE1sTucyyzGOyfpUcbeAKqQVGP3522
BUciEAPoTsewgN3VbcFBHlGhf3uu0LdOkgY8rEVzq39eHW0VNxS23+jw4SrU9Jwc
GwWpkdbgBYWSe3HaTQyuEhwRtmWs/oU03jvsH4+YcoTshrTcAL6VsCchfoJLkDGE
T75AwCH3AHL4GjE6DMcT0BhBJ3n3PuoymDwjD2jHtfse0ASr5291W1kjhlWvAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQU5IT9gF9kLgNZ8/Y9D6amYHl+mBAwHwYDVR0j
BBgwFoAUko8qiGFMYSLCVRD3ozYsuPSM77MwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yRjYwMUI1QTNFQ0FFOTY4NkE0RThDMzVCRDlCODM4OTg5
REY4MUY3NDY2Q0Q4ODA4NjNFQjk4OTY5RDFCQzFFLzAvOTI4RjJBODg2MTRDNjEy
MkMyNTUxMEY3QTMzNjJDQjhGNDhDRUZCMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85MjhGMkE4ODYxNEM2MTIyQzI1
NTEwRjdBMzM2MkNCOEY0OENFRkIzLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMkY2MDFCNUEzRUNBRTk2ODZBNEU4QzM1QkQ5QjgzODk4OURGODFGNzQ2
NkNEODgwODYzRUI5ODk2OUQxQkMxRS8wLzMyMzgzMDMzM2EzOTMxMzQzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMzMzMzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKAORQDANBgkq
hkiG9w0BAQsFAAOCAQEAUMi136lBhJvoc6FC5c7D1ZkQVlipLYj4ELR3vuPK5X0A
KOFR+FnSXhbvJc8DqUzNBkFUeDMJi5WC8Arwvg39gMVuzTyOUezCLCCn46CwaQdL
OMiVCqVXvTtn2rmyf1Vs64M6a2Fz9yYmd+/5DY/7TZfpD+lEGbc9xi6NOgWc5PlC
/1TeQOE9t9NgEZmjlfmqnnXl0giYdPWBKs5fsNlACp4Gsb+rmWzhmS0ILmzlETIE
Z56heTGNL2UpaQf1sD4jH01UiUNhQmiP/7phoS7HmFu5Cbz7Ahmyx+RQRpl+wCxy
O6+Tbi/yFvHMeadLhH6ktEQsFWUMxXRQunQih065ug==
-----END CERTIFICATE-----
Generated at Tue Jun 10 00:50:23 2025 by rpki-client