Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/404C6F00A2C6FCDBEF222273F1490E29E035A8BD1F49714394EFA282D0C290EA/0/323830333a3830303a3a2f33322d3438203d3e203235363037.roa
File:                     323830333a3830303a3a2f33322d3438203d3e203235363037.roa (raw, json)
Hash identifier:          cPKYcvgJhnOq3Hf8o9c3Wy/d/A7tURlT9bz4L0h0g4o=
Subject key identifier:   66:88:A6:FF:44:F2:47:A6:D9:1B:4F:4A:5E:64:B2:0D:05:FE:3D:B8
Certificate issuer:       /CN=EC5A33961AFB7D9D76A054078210FE8E741BDEA9
Certificate serial:       296012C0A56B14876EA0C70A36009262DE9AA61E
Authority key identifier: EC:5A:33:96:1A:FB:7D:9D:76:A0:54:07:82:10:FE:8E:74:1B:DE:A9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC5A33961AFB7D9D76A054078210FE8E741BDEA9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/404C6F00A2C6FCDBEF222273F1490E29E035A8BD1F49714394EFA282D0C290EA/0/323830333a3830303a3a2f33322d3438203d3e203235363037.roa
Signing time:             Tue 05 Mar 2024 18:16:28 +0000
ROA not before:           Tue 05 Mar 2024 18:11:28 +0000
ROA not after:            Tue 04 Mar 2025 18:16:28 +0000
asID:                     25607
IP address blocks:        2803:800::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/404C6F00A2C6FCDBEF222273F1490E29E035A8BD1F49714394EFA282D0C290EA/0/EC5A33961AFB7D9D76A054078210FE8E741BDEA9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/404C6F00A2C6FCDBEF222273F1490E29E035A8BD1F49714394EFA282D0C290EA/0/EC5A33961AFB7D9D76A054078210FE8E741BDEA9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC5A33961AFB7D9D76A054078210FE8E741BDEA9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:60:12:c0:a5:6b:14:87:6e:a0:c7:0a:36:00:92:62:de:9a:a6:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EC5A33961AFB7D9D76A054078210FE8E741BDEA9
        Validity
            Not Before: Mar  5 18:11:28 2024 GMT
            Not After : Mar  4 18:16:28 2025 GMT
        Subject: CN=6688A6FF44F247A6D91B4F4A5E64B20D05FE3DB8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:f0:0c:c9:b0:fc:7f:5f:30:c6:ee:7b:e6:1f:
                    a5:ac:b1:69:e5:87:59:59:1d:ea:d0:fb:fd:ef:ba:
                    b2:9f:1d:8f:f2:b1:ef:58:a6:36:ef:3b:94:fc:4a:
                    6d:b9:51:47:73:75:61:7d:c9:5d:2f:8c:be:ce:a0:
                    f0:0a:de:45:ca:66:d0:d0:e5:fd:79:7c:23:a9:29:
                    07:61:76:41:9c:75:fc:a8:2e:72:d2:d7:27:7b:d6:
                    99:d5:ff:d0:cf:c1:b7:c7:cb:85:e3:9c:40:3f:2d:
                    0f:a2:70:2e:03:a2:64:55:7a:21:75:99:c0:fe:cb:
                    75:26:34:dc:8f:8b:11:65:f1:1e:a5:b3:5f:5b:e2:
                    4b:0e:38:8d:ea:2a:02:2d:f5:a7:0c:bb:24:e3:09:
                    3c:52:fe:4d:10:db:b6:0d:64:dc:b4:bb:ab:17:40:
                    9f:c2:50:cd:fa:16:ca:58:dd:d9:3d:d9:e0:3f:37:
                    68:45:94:52:c0:48:04:ef:5d:04:3a:53:f8:db:c5:
                    d5:d9:6b:f7:72:a3:2b:ff:36:59:d9:af:14:cc:b0:
                    6d:ee:67:74:bf:48:5a:36:50:32:86:54:fc:a5:77:
                    71:4a:26:fe:50:ab:0c:8f:71:f5:03:55:2f:f4:2b:
                    b0:46:58:4c:dd:8d:62:be:01:55:69:24:32:9f:99:
                    ea:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:88:A6:FF:44:F2:47:A6:D9:1B:4F:4A:5E:64:B2:0D:05:FE:3D:B8
            X509v3 Authority Key Identifier:
                keyid:EC:5A:33:96:1A:FB:7D:9D:76:A0:54:07:82:10:FE:8E:74:1B:DE:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/404C6F00A2C6FCDBEF222273F1490E29E035A8BD1F49714394EFA282D0C290EA/0/EC5A33961AFB7D9D76A054078210FE8E741BDEA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC5A33961AFB7D9D76A054078210FE8E741BDEA9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/404C6F00A2C6FCDBEF222273F1490E29E035A8BD1F49714394EFA282D0C290EA/0/323830333a3830303a3a2f33322d3438203d3e203235363037.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:800::/32

    Signature Algorithm: sha256WithRSAEncryption
         53:d2:8e:44:a7:62:62:24:81:4c:1a:2e:65:2d:d4:31:ca:1c:
         d5:36:1e:64:8a:4a:6d:46:87:95:64:71:ef:a8:86:b9:c1:c1:
         7c:3b:40:38:dc:73:78:8e:bd:df:fb:da:75:fc:c5:ac:c0:be:
         d0:01:3c:08:88:ef:5a:cd:41:24:79:1b:c6:1a:8c:09:a6:52:
         ff:c3:03:ce:31:a4:5c:de:07:7d:72:84:24:4e:86:9c:a2:fb:
         c6:29:e7:49:f0:11:ef:e1:83:26:1c:d7:0c:9d:3b:f7:b7:a2:
         0a:c8:2f:1a:17:74:06:18:0b:c8:5c:15:ff:c2:96:f9:d7:97:
         14:d5:e1:ab:cf:7f:6f:4b:89:b2:89:ae:c0:be:91:06:4b:26:
         ee:e8:29:10:ae:93:0c:ef:dc:27:d3:a4:ef:5f:4f:4e:ae:51:
         3b:25:58:b5:96:d4:c0:9f:a3:a5:84:88:c5:d6:49:fa:8d:fe:
         6a:3e:f3:36:5a:95:db:59:0b:16:ea:07:e4:31:1d:12:65:72:
         7f:53:61:af:a7:c3:00:49:31:87:2b:19:85:87:34:b3:52:07:
         b9:13:36:8e:a7:39:e9:16:0c:1e:b2:b4:70:66:5d:a3:e4:fd:
         e2:d9:97:ca:69:24:55:b2:2e:ff:81:44:be:6d:11:07:5d:e5:
         6b:a7:c8:3f
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUKWASwKVrFIduoMcKNgCSYt6aph4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUM1QTMzOTYxQUZCN0Q5RDc2QTA1NDA3ODIxMEZFOEU3
NDFCREVBOTAeFw0yNDAzMDUxODExMjhaFw0yNTAzMDQxODE2MjhaMDMxMTAvBgNV
BAMTKDY2ODhBNkZGNDRGMjQ3QTZEOTFCNEY0QTVFNjRCMjBEMDVGRTNEQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ8AzJsPx/XzDG7nvmH6WssWnl
h1lZHerQ+/3vurKfHY/yse9YpjbvO5T8Sm25UUdzdWF9yV0vjL7OoPAK3kXKZtDQ
5f15fCOpKQdhdkGcdfyoLnLS1yd71pnV/9DPwbfHy4XjnEA/LQ+icC4DomRVeiF1
mcD+y3UmNNyPixFl8R6ls19b4ksOOI3qKgIt9acMuyTjCTxS/k0Q27YNZNy0u6sX
QJ/CUM36FspY3dk92eA/N2hFlFLASATvXQQ6U/jbxdXZa/dyoyv/NlnZrxTMsG3u
Z3S/SFo2UDKGVPyld3FKJv5QqwyPcfUDVS/0K7BGWEzdjWK+AVVpJDKfmeqHAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUZoim/0TyR6bZG09KXmSyDQX+PbgwHwYDVR0j
BBgwFoAU7Fozlhr7fZ12oFQHghD+jnQb3qkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80MDRDNkYwMEEyQzZGQ0RCRUYyMjIyNzNGMTQ5MEUyOUUw
MzVBOEJEMUY0OTcxNDM5NEVGQTI4MkQwQzI5MEVBLzAvRUM1QTMzOTYxQUZCN0Q5
RDc2QTA1NDA3ODIxMEZFOEU3NDFCREVBOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FQzVBMzM5NjFBRkI3RDlENzZB
MDU0MDc4MjEwRkU4RTc0MUJERUE5LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDA0QzZGMDBBMkM2RkNEQkVGMjIyMjczRjE0OTBFMjlFMDM1QThCRDFG
NDk3MTQzOTRFRkEyODJEMEMyOTBFQS8wLzMyMzgzMDMzM2EzODMwMzAzYTNhMmYz
MzMyMmQzNDM4MjAzZDNlMjAzMjM1MzYzMDM3LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKAMIADANBgkq
hkiG9w0BAQsFAAOCAQEAU9KORKdiYiSBTBouZS3UMcoc1TYeZIpKbUaHlWRx76iG
ucHBfDtAONxzeI693/vadfzFrMC+0AE8CIjvWs1BJHkbxhqMCaZS/8MDzjGkXN4H
fXKEJE6GnKL7xinnSfAR7+GDJhzXDJ0797eiCsgvGhd0BhgLyFwV/8KW+deXFNXh
q89/b0uJsomuwL6RBksm7ugpEK6TDO/cJ9Ok719PTq5ROyVYtZbUwJ+jpYSIxdZJ
+o3+aj7zNlqV21kLFuoH5DEdEmVyf1Nhr6fDAEkxhysZhYc0s1IHuRM2jqc56RYM
HrK0cGZdo+T94tmXymkkVbIu/4FEvm0RB13la6fIPw==
-----END CERTIFICATE-----
Generated at Wed Nov 20 06:22:15 2024 by rpki-client on console-ams.rpki-client.org