Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3D597C5D3A278EA56F9B0B669807AF2EA429D758CF27567E05936C3E80DC3CFE/0/323830333a336132303a3a2f33322d3438203d3e203532333237.roa
File:                     323830333a336132303a3a2f33322d3438203d3e203532333237.roa (raw, json)
Hash identifier:          u/n3ozSJU0jxUeaexK4F5qZzOLPFSN9DlmxjoPxgrtg=
Subject key identifier:   98:62:C2:A0:B5:ED:C2:B7:DD:D8:EC:D5:8A:B1:08:40:3D:2F:23:29
Certificate issuer:       /CN=6C43D070D53868DD0F1A352EAB84A7642B5CEF73
Certificate serial:       1D76E06D9121BF40BC313B4EC22C8660819E9EF9
Authority key identifier: 6C:43:D0:70:D5:38:68:DD:0F:1A:35:2E:AB:84:A7:64:2B:5C:EF:73
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6C43D070D53868DD0F1A352EAB84A7642B5CEF73.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3D597C5D3A278EA56F9B0B669807AF2EA429D758CF27567E05936C3E80DC3CFE/0/323830333a336132303a3a2f33322d3438203d3e203532333237.roa
Signing time:             Wed 06 Mar 2024 18:35:00 +0000
ROA not before:           Wed 06 Mar 2024 18:30:00 +0000
ROA not after:            Wed 05 Mar 2025 18:35:00 +0000
asID:                     52327
IP address blocks:        2803:3a20::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3D597C5D3A278EA56F9B0B669807AF2EA429D758CF27567E05936C3E80DC3CFE/0/6C43D070D53868DD0F1A352EAB84A7642B5CEF73.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3D597C5D3A278EA56F9B0B669807AF2EA429D758CF27567E05936C3E80DC3CFE/0/6C43D070D53868DD0F1A352EAB84A7642B5CEF73.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6C43D070D53868DD0F1A352EAB84A7642B5CEF73.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 21 Jul 2024 04:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:76:e0:6d:91:21:bf:40:bc:31:3b:4e:c2:2c:86:60:81:9e:9e:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6C43D070D53868DD0F1A352EAB84A7642B5CEF73
        Validity
            Not Before: Mar  6 18:30:00 2024 GMT
            Not After : Mar  5 18:35:00 2025 GMT
        Subject: CN=9862C2A0B5EDC2B7DDD8ECD58AB108403D2F2329
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:3a:7e:9a:39:a0:38:a8:a5:ce:cb:8a:05:cc:
                    30:5e:87:7c:c2:d1:b1:58:c1:e3:f5:3e:b4:3c:1d:
                    95:62:d8:57:a4:23:da:e3:e3:25:ef:9b:e9:79:29:
                    8f:2a:fc:b9:df:1f:fa:06:5a:b5:2f:cd:8e:29:29:
                    42:40:e6:bc:3f:fb:bf:03:a4:49:9e:91:5e:10:a4:
                    42:0b:8e:f1:f9:3d:61:57:dc:0c:bb:b2:5e:df:3e:
                    56:3e:72:a9:3c:72:88:54:33:5a:ef:c7:e8:1c:5c:
                    b3:22:e8:fe:b9:7c:5e:29:c4:af:8d:f2:d6:81:45:
                    a2:c0:4a:07:0b:52:76:27:74:64:76:78:56:08:a3:
                    e8:bc:85:a2:b2:58:d3:a8:59:09:99:83:d0:a9:79:
                    a4:5a:18:d9:df:0a:bc:4d:69:2b:00:aa:12:62:fe:
                    68:81:6c:85:b8:0c:48:10:0b:d0:10:4a:c4:6e:da:
                    9f:2b:c8:4e:42:50:3e:ab:16:bd:c1:f8:07:47:70:
                    f3:fb:fb:6f:83:40:de:4f:c7:96:67:c8:eb:81:62:
                    c6:ad:71:eb:ea:fc:de:59:69:ab:b8:1c:9e:31:bc:
                    b4:36:bc:03:97:2f:39:fe:ef:45:73:40:35:3a:77:
                    19:b0:89:fa:65:85:a5:99:08:56:fa:f5:ef:81:d9:
                    31:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:62:C2:A0:B5:ED:C2:B7:DD:D8:EC:D5:8A:B1:08:40:3D:2F:23:29
            X509v3 Authority Key Identifier:
                keyid:6C:43:D0:70:D5:38:68:DD:0F:1A:35:2E:AB:84:A7:64:2B:5C:EF:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3D597C5D3A278EA56F9B0B669807AF2EA429D758CF27567E05936C3E80DC3CFE/0/6C43D070D53868DD0F1A352EAB84A7642B5CEF73.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6C43D070D53868DD0F1A352EAB84A7642B5CEF73.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3D597C5D3A278EA56F9B0B669807AF2EA429D758CF27567E05936C3E80DC3CFE/0/323830333a336132303a3a2f33322d3438203d3e203532333237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:3a20::/32

    Signature Algorithm: sha256WithRSAEncryption
         63:33:7d:fd:b3:e1:38:50:1b:0d:52:f8:fa:70:26:4b:13:3e:
         14:7f:07:b2:93:59:e6:bd:35:21:01:c9:45:32:9e:00:5b:32:
         17:04:8c:d5:60:6e:10:20:7c:e0:2d:61:78:bb:52:fd:51:0c:
         0f:0c:20:57:e3:04:ad:fb:12:6f:38:3d:47:33:0d:ad:b4:39:
         98:d1:cc:cb:dc:d4:b3:30:96:fa:04:93:1e:d0:b1:17:e4:9d:
         db:d0:06:b5:31:76:cc:04:4d:ff:36:5b:73:15:3c:5f:b0:e2:
         50:cf:9f:b5:50:6d:d1:e5:e3:db:13:e9:b9:43:57:51:20:70:
         7a:48:03:fc:4d:4a:39:91:8f:e1:fe:d8:eb:83:52:75:65:29:
         d0:94:54:20:4b:f1:b2:03:20:be:ab:e5:54:b5:21:5e:05:c0:
         a4:87:09:3e:16:f2:76:2f:4b:1d:dc:4d:ad:c6:3f:d4:84:0c:
         07:5a:74:82:36:86:50:89:ed:e9:82:a4:9f:46:3f:ee:a2:36:
         24:e9:12:d0:c6:5d:ef:df:90:60:08:c2:e6:ed:03:c2:69:3a:
         10:d3:e1:bf:7c:4f:44:91:b4:63:93:97:47:2e:c7:56:74:62:
         38:be:fc:7c:0f:64:7e:e1:2d:13:93:07:17:17:b1:26:d0:7c:
         bb:0c:bf:b9
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUHXbgbZEhv0C8MTtOwiyGYIGenvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkM0M0QwNzBENTM4NjhERDBGMUEzNTJFQUI4NEE3NjQy
QjVDRUY3MzAeFw0yNDAzMDYxODMwMDBaFw0yNTAzMDUxODM1MDBaMDMxMTAvBgNV
BAMTKDk4NjJDMkEwQjVFREMyQjdEREQ4RUNENThBQjEwODQwM0QyRjIzMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgOn6aOaA4qKXOy4oFzDBeh3zC
0bFYweP1PrQ8HZVi2FekI9rj4yXvm+l5KY8q/LnfH/oGWrUvzY4pKUJA5rw/+78D
pEmekV4QpEILjvH5PWFX3Ay7sl7fPlY+cqk8cohUM1rvx+gcXLMi6P65fF4pxK+N
8taBRaLASgcLUnYndGR2eFYIo+i8haKyWNOoWQmZg9CpeaRaGNnfCrxNaSsAqhJi
/miBbIW4DEgQC9AQSsRu2p8ryE5CUD6rFr3B+AdHcPP7+2+DQN5Px5ZnyOuBYsat
cevq/N5Zaau4HJ4xvLQ2vAOXLzn+70VzQDU6dxmwifplhaWZCFb69e+B2TEdAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUmGLCoLXtwrfd2OzVirEIQD0vIykwHwYDVR0j
BBgwFoAUbEPQcNU4aN0PGjUuq4SnZCtc73MwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zRDU5N0M1RDNBMjc4RUE1NkY5QjBCNjY5ODA3QUYyRUE0
MjlENzU4Q0YyNzU2N0UwNTkzNkMzRTgwREMzQ0ZFLzAvNkM0M0QwNzBENTM4NjhE
RDBGMUEzNTJFQUI4NEE3NjQyQjVDRUY3My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82QzQzRDA3MEQ1Mzg2OEREMEYx
QTM1MkVBQjg0QTc2NDJCNUNFRjczLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0Q1OTdDNUQzQTI3OEVBNTZGOUIwQjY2OTgwN0FGMkVBNDI5RDc1OENG
Mjc1NjdFMDU5MzZDM0U4MERDM0NGRS8wLzMyMzgzMDMzM2EzMzYxMzIzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzIzMzMyMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAzogMA0G
CSqGSIb3DQEBCwUAA4IBAQBjM339s+E4UBsNUvj6cCZLEz4Ufweyk1nmvTUhAclF
Mp4AWzIXBIzVYG4QIHzgLWF4u1L9UQwPDCBX4wSt+xJvOD1HMw2ttDmY0czL3NSz
MJb6BJMe0LEX5J3b0Aa1MXbMBE3/NltzFTxfsOJQz5+1UG3R5ePbE+m5Q1dRIHB6
SAP8TUo5kY/h/tjrg1J1ZSnQlFQgS/GyAyC+q+VUtSFeBcCkhwk+FvJ2L0sd3E2t
xj/UhAwHWnSCNoZQie3pgqSfRj/uojYk6RLQxl3v35BgCMLm7QPCaToQ0+G/fE9E
kbRjk5dHLsdWdGI4vvx8D2R+4S0TkwcXF7Em0Hy7DL+5
-----END CERTIFICATE-----
Generated at Tue Jul 16 23:58:28 2024 by rpki-client on console-fra.rpki-client.org