Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/37CFF943F3D0FB1389C93A9DA757DDADF3CB337907F05C792CF045EDB30DE20F/0/323830333a376430303a3a2f33322d3438203d3e203532333237.roa
File:                     323830333a376430303a3a2f33322d3438203d3e203532333237.roa (raw, json)
Hash identifier:          qNSEVe/4nMPZ5g2a7TbaLqInC6WNAy2GPis+rsHS5jY=
Subject key identifier:   B5:4C:D6:BB:5F:16:88:F0:AC:BD:3C:71:F4:C8:98:7E:8F:96:95:66
Certificate issuer:       /CN=0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5
Certificate serial:       41D94490EBBF27FE6A5442552AD55DC58E2EFE43
Authority key identifier: 0A:0D:46:01:A8:F3:B3:F6:CC:82:B6:D8:9F:BF:E7:8F:28:D0:DD:C5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/37CFF943F3D0FB1389C93A9DA757DDADF3CB337907F05C792CF045EDB30DE20F/0/323830333a376430303a3a2f33322d3438203d3e203532333237.roa
Signing time:             Tue 05 Mar 2024 18:15:06 +0000
ROA not before:           Tue 05 Mar 2024 18:10:06 +0000
ROA not after:            Tue 04 Mar 2025 18:15:06 +0000
asID:                     52327
IP address blocks:        2803:7d00::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/37CFF943F3D0FB1389C93A9DA757DDADF3CB337907F05C792CF045EDB30DE20F/0/0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/37CFF943F3D0FB1389C93A9DA757DDADF3CB337907F05C792CF045EDB30DE20F/0/0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 20 Jul 2024 13:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:d9:44:90:eb:bf:27:fe:6a:54:42:55:2a:d5:5d:c5:8e:2e:fe:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5
        Validity
            Not Before: Mar  5 18:10:06 2024 GMT
            Not After : Mar  4 18:15:06 2025 GMT
        Subject: CN=B54CD6BB5F1688F0ACBD3C71F4C8987E8F969566
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:22:d1:50:fc:e3:a8:50:0f:4c:c7:3e:25:c4:
                    6e:af:06:03:5f:39:6a:2f:a2:0b:9d:66:71:83:a1:
                    ba:21:c6:22:ad:35:81:36:87:bb:29:9a:94:b0:e6:
                    d4:c4:b0:2c:6f:19:5a:f9:2a:63:67:25:45:14:a9:
                    df:a6:8a:25:5f:7b:71:17:19:b9:16:f1:9b:26:1c:
                    72:ed:6f:f3:32:fd:44:a8:bf:02:ef:4f:96:6a:23:
                    53:f3:b5:76:fc:f7:76:38:7e:1b:b1:78:32:1e:51:
                    da:ee:95:a1:16:7d:b5:2a:a9:01:c9:82:ea:7b:c1:
                    4d:ba:b3:43:4a:b9:31:8a:e1:e0:f5:a8:91:eb:5e:
                    e5:87:5c:82:f8:d2:7d:f8:26:5f:51:27:96:80:ed:
                    fa:8e:80:b3:45:53:8e:e9:06:8c:42:01:b3:fd:98:
                    f9:d0:9b:9b:af:9f:d2:e9:7b:e3:ad:0d:a4:be:58:
                    22:ee:4e:88:23:c2:63:1f:e1:73:00:75:b4:04:e5:
                    05:13:86:6b:b9:85:a2:30:c5:4f:c5:39:31:4f:75:
                    56:e4:b0:a9:db:7b:59:07:f9:62:51:7f:e3:38:af:
                    c9:ff:71:23:94:10:15:b1:b4:9b:fc:19:02:f7:cd:
                    db:98:8e:d2:9c:7d:3e:06:6b:c5:7c:11:e2:b7:c8:
                    ae:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:4C:D6:BB:5F:16:88:F0:AC:BD:3C:71:F4:C8:98:7E:8F:96:95:66
            X509v3 Authority Key Identifier:
                keyid:0A:0D:46:01:A8:F3:B3:F6:CC:82:B6:D8:9F:BF:E7:8F:28:D0:DD:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/37CFF943F3D0FB1389C93A9DA757DDADF3CB337907F05C792CF045EDB30DE20F/0/0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/37CFF943F3D0FB1389C93A9DA757DDADF3CB337907F05C792CF045EDB30DE20F/0/323830333a376430303a3a2f33322d3438203d3e203532333237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:7d00::/32

    Signature Algorithm: sha256WithRSAEncryption
         14:2d:7b:ab:68:05:1b:62:2a:93:12:db:8f:cd:36:d6:3b:8c:
         6f:3a:30:1a:f8:48:af:1c:e3:1a:33:c7:17:1b:34:ca:72:7c:
         a0:66:79:02:81:62:f8:7e:9f:02:cf:d7:d8:49:15:03:e8:cf:
         83:9d:61:19:48:5c:0a:c1:f8:54:73:be:05:66:68:73:15:49:
         7b:44:50:b0:88:ed:5b:fb:35:8c:a1:31:8d:1c:30:34:4a:16:
         8f:cd:1b:f6:00:b5:e8:a0:48:ef:8f:ed:b8:f6:6c:0c:11:00:
         9d:28:ca:4c:86:3e:25:df:7a:33:ff:d1:7e:ab:40:95:c2:c3:
         90:19:87:9d:d0:41:a5:4b:0e:94:66:92:1f:fb:46:ba:ee:18:
         c0:e2:8d:68:64:fa:9d:c0:07:6e:33:53:66:85:34:23:e1:e7:
         0c:ff:dc:e4:a5:bd:5e:c7:09:37:3f:91:f3:07:6e:97:d9:07:
         07:23:cd:69:35:fd:24:05:b4:49:7f:52:0d:7c:16:0d:38:cb:
         d1:a6:df:1a:31:44:36:4c:20:27:af:72:50:7f:3e:93:e5:f1:
         9c:5d:b9:b1:02:76:64:cf:5f:f0:f5:81:ef:e8:c7:85:15:a5:
         66:ae:57:f2:9c:f9:c4:6d:a9:5f:57:49:70:f0:28:ea:b8:50:
         7d:94:42:7e
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUQdlEkOu/J/5qVEJVKtVdxY4u/kMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEEwRDQ2MDFBOEYzQjNGNkNDODJCNkQ4OUZCRkU3OEYy
OEQwRERDNTAeFw0yNDAzMDUxODEwMDZaFw0yNTAzMDQxODE1MDZaMDMxMTAvBgNV
BAMTKEI1NENENkJCNUYxNjg4RjBBQ0JEM0M3MUY0Qzg5ODdFOEY5Njk1NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoItFQ/OOoUA9Mxz4lxG6vBgNf
OWovogudZnGDobohxiKtNYE2h7spmpSw5tTEsCxvGVr5KmNnJUUUqd+miiVfe3EX
GbkW8ZsmHHLtb/My/USovwLvT5ZqI1PztXb893Y4fhuxeDIeUdrulaEWfbUqqQHJ
gup7wU26s0NKuTGK4eD1qJHrXuWHXIL40n34Jl9RJ5aA7fqOgLNFU47pBoxCAbP9
mPnQm5uvn9Lpe+OtDaS+WCLuTogjwmMf4XMAdbQE5QUThmu5haIwxU/FOTFPdVbk
sKnbe1kH+WJRf+M4r8n/cSOUEBWxtJv8GQL3zduYjtKcfT4Ga8V8EeK3yK7rAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUtUzWu18WiPCsvTxx9MiYfo+WlWYwHwYDVR0j
BBgwFoAUCg1GAajzs/bMgrbYn7/njyjQ3cUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zN0NGRjk0M0YzRDBGQjEzODlDOTNBOURBNzU3RERBREYz
Q0IzMzc5MDdGMDVDNzkyQ0YwNDVFREIzMERFMjBGLzAvMEEwRDQ2MDFBOEYzQjNG
NkNDODJCNkQ4OUZCRkU3OEYyOEQwRERDNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wQTBENDYwMUE4RjNCM0Y2Q0M4
MkI2RDg5RkJGRTc4RjI4RDBEREM1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzdDRkY5NDNGM0QwRkIxMzg5QzkzQTlEQTc1N0REQURGM0NCMzM3OTA3
RjA1Qzc5MkNGMDQ1RURCMzBERTIwRi8wLzMyMzgzMDMzM2EzNzY0MzAzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzIzMzMyMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA30AMA0G
CSqGSIb3DQEBCwUAA4IBAQAULXuraAUbYiqTEtuPzTbWO4xvOjAa+EivHOMaM8cX
GzTKcnygZnkCgWL4fp8Cz9fYSRUD6M+DnWEZSFwKwfhUc74FZmhzFUl7RFCwiO1b
+zWMoTGNHDA0ShaPzRv2ALXooEjvj+249mwMEQCdKMpMhj4l33oz/9F+q0CVwsOQ
GYed0EGlSw6UZpIf+0a67hjA4o1oZPqdwAduM1NmhTQj4ecM/9zkpb1exwk3P5Hz
B26X2QcHI81pNf0kBbRJf1INfBYNOMvRpt8aMUQ2TCAnr3JQfz6T5fGcXbmxAnZk
z1/w9YHv6MeFFaVmrlfynPnEbalfV0lw8CjquFB9lEJ+
-----END CERTIFICATE-----
Generated at Tue Jul 16 02:05:46 2024 by rpki-client on console-fra.rpki-client.org