Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4626A0A123ED414D3F34975B9FE3F354FCD765EED3C7E2E60DDCBB27E216988C/0/323830333a343161303a3a2f33322d3332203d3e20323637363931.roa
File:                     323830333a343161303a3a2f33322d3332203d3e20323637363931.roa (raw, json)
Hash identifier:          83JSYbjj87PNI/UjU0X6hRn8EdfknGikbGq2ZDBoMws=
Subject key identifier:   45:15:A6:A3:D7:A9:37:7F:42:16:2C:3E:40:F3:FD:1E:31:28:74:CA
Certificate issuer:       /CN=64A6B1C6C883A1694B4E88ED11BD2A96CBEEE0C3
Certificate serial:       78B7265FAD2C0CA273D727B124164D0C9CFBD241
Authority key identifier: 64:A6:B1:C6:C8:83:A1:69:4B:4E:88:ED:11:BD:2A:96:CB:EE:E0:C3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/64A6B1C6C883A1694B4E88ED11BD2A96CBEEE0C3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4626A0A123ED414D3F34975B9FE3F354FCD765EED3C7E2E60DDCBB27E216988C/0/323830333a343161303a3a2f33322d3332203d3e20323637363931.roa
Signing time:             Tue 05 Mar 2024 17:44:17 +0000
ROA not before:           Tue 05 Mar 2024 17:39:17 +0000
ROA not after:            Tue 04 Mar 2025 17:44:17 +0000
asID:                     267691
IP address blocks:        2803:41a0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4626A0A123ED414D3F34975B9FE3F354FCD765EED3C7E2E60DDCBB27E216988C/0/64A6B1C6C883A1694B4E88ED11BD2A96CBEEE0C3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4626A0A123ED414D3F34975B9FE3F354FCD765EED3C7E2E60DDCBB27E216988C/0/64A6B1C6C883A1694B4E88ED11BD2A96CBEEE0C3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/64A6B1C6C883A1694B4E88ED11BD2A96CBEEE0C3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Jun 2024 10:43:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:b7:26:5f:ad:2c:0c:a2:73:d7:27:b1:24:16:4d:0c:9c:fb:d2:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64A6B1C6C883A1694B4E88ED11BD2A96CBEEE0C3
        Validity
            Not Before: Mar  5 17:39:17 2024 GMT
            Not After : Mar  4 17:44:17 2025 GMT
        Subject: CN=4515A6A3D7A9377F42162C3E40F3FD1E312874CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:61:42:af:83:6d:1e:c1:d0:7c:53:d2:c8:a8:
                    64:c0:f4:e4:de:79:f2:31:58:72:b2:83:e0:ed:66:
                    4a:17:a7:5c:33:19:88:a8:98:28:61:76:cf:3a:db:
                    cc:6c:b1:22:09:04:14:41:e6:c6:71:da:85:6f:8e:
                    ba:63:11:21:3d:01:32:66:77:92:d3:52:a8:a4:b3:
                    be:57:e0:fe:e5:6f:13:be:8a:19:9b:5a:b8:f4:7c:
                    c0:5a:03:aa:03:27:2c:b1:d0:17:8d:37:b4:17:77:
                    47:06:8b:eb:df:1c:3a:94:56:51:a3:4b:83:b8:aa:
                    25:9a:f0:d0:ee:c2:63:03:80:e5:61:92:dd:6e:d9:
                    8d:6b:6a:08:3d:79:52:ce:2a:3f:fd:4e:47:75:01:
                    6b:03:f8:ea:89:f0:5e:88:73:cb:6a:12:b8:bf:ef:
                    3f:06:1b:da:65:09:d8:57:2f:29:3c:93:1b:17:d8:
                    3f:79:b0:d4:19:b0:82:d2:1f:a0:ac:cf:6f:2f:38:
                    70:9c:17:09:67:07:f5:7d:a3:e3:f0:3e:a3:5a:24:
                    69:7f:c1:3d:ab:8b:6d:2a:ab:b4:da:5c:50:75:a8:
                    27:1c:5c:bf:f7:b7:6c:30:5b:96:c0:35:a2:1b:0c:
                    09:e1:29:c1:78:20:a4:78:af:f6:6a:ea:f0:4e:3b:
                    e7:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:15:A6:A3:D7:A9:37:7F:42:16:2C:3E:40:F3:FD:1E:31:28:74:CA
            X509v3 Authority Key Identifier:
                keyid:64:A6:B1:C6:C8:83:A1:69:4B:4E:88:ED:11:BD:2A:96:CB:EE:E0:C3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4626A0A123ED414D3F34975B9FE3F354FCD765EED3C7E2E60DDCBB27E216988C/0/64A6B1C6C883A1694B4E88ED11BD2A96CBEEE0C3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/64A6B1C6C883A1694B4E88ED11BD2A96CBEEE0C3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4626A0A123ED414D3F34975B9FE3F354FCD765EED3C7E2E60DDCBB27E216988C/0/323830333a343161303a3a2f33322d3332203d3e20323637363931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:41a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         43:bf:6f:91:fc:54:23:e3:8b:e0:a8:ef:d8:0c:06:76:e9:bb:
         dd:b3:05:13:20:fd:ac:c0:c9:61:e8:50:10:d1:6b:e8:60:04:
         e1:f5:57:8c:98:31:46:18:fb:90:80:32:52:43:13:99:1c:0b:
         cf:48:b3:c8:9d:3e:d2:ed:7e:6a:b7:d3:48:09:48:d7:65:e3:
         69:67:2d:04:ae:43:9b:98:49:70:dc:c1:0c:37:81:eb:79:2d:
         2f:83:75:a4:e7:23:8f:f2:ec:79:bc:dc:e3:db:26:ee:ff:4c:
         71:ab:ca:12:a5:d4:5d:79:98:89:35:ed:36:66:28:aa:b5:31:
         1e:20:19:3a:56:78:4a:95:51:4e:17:97:a2:18:7a:8e:95:7c:
         42:4d:54:b6:f2:07:65:f3:21:c9:eb:fe:0e:46:91:92:11:57:
         19:10:45:90:17:44:82:68:7f:4e:4a:fc:2d:49:02:3a:a6:cd:
         05:b8:71:45:2f:eb:ef:ad:53:1d:28:f3:fc:43:c1:26:02:63:
         1f:a5:3a:0f:2f:b0:6c:4b:c8:86:36:b1:31:2b:23:b4:7a:9b:
         b7:78:e7:9a:b1:58:03:2a:3c:67:da:d0:73:62:5b:5b:f3:de:
         bc:54:5b:2b:05:33:5b:34:8f:e7:fb:12:75:07:55:f3:f4:62:
         5d:93:b4:16
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUeLcmX60sDKJz1yexJBZNDJz70kEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjRBNkIxQzZDODgzQTE2OTRCNEU4OEVEMTFCRDJBOTZD
QkVFRTBDMzAeFw0yNDAzMDUxNzM5MTdaFw0yNTAzMDQxNzQ0MTdaMDMxMTAvBgNV
BAMTKDQ1MTVBNkEzRDdBOTM3N0Y0MjE2MkMzRTQwRjNGRDFFMzEyODc0Q0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvYUKvg20ewdB8U9LIqGTA9OTe
efIxWHKyg+DtZkoXp1wzGYiomChhds8628xssSIJBBRB5sZx2oVvjrpjESE9ATJm
d5LTUqiks75X4P7lbxO+ihmbWrj0fMBaA6oDJyyx0BeNN7QXd0cGi+vfHDqUVlGj
S4O4qiWa8NDuwmMDgOVhkt1u2Y1ragg9eVLOKj/9Tkd1AWsD+OqJ8F6Ic8tqEri/
7z8GG9plCdhXLyk8kxsX2D95sNQZsILSH6Csz28vOHCcFwlnB/V9o+PwPqNaJGl/
wT2ri20qq7TaXFB1qCccXL/3t2wwW5bANaIbDAnhKcF4IKR4r/Zq6vBOO+eZAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQURRWmo9epN39CFiw+QPP9HjEodMowHwYDVR0j
BBgwFoAUZKaxxsiDoWlLTojtEb0qlsvu4MMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NjI2QTBBMTIzRUQ0MTREM0YzNDk3NUI5RkUzRjM1NEZD
RDc2NUVFRDNDN0UyRTYwRERDQkIyN0UyMTY5ODhDLzAvNjRBNkIxQzZDODgzQTE2
OTRCNEU4OEVEMTFCRDJBOTZDQkVFRTBDMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NEE2QjFDNkM4ODNBMTY5NEI0
RTg4RUQxMUJEMkE5NkNCRUVFMEMzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDYyNkEwQTEyM0VENDE0RDNGMzQ5NzVCOUZFM0YzNTRGQ0Q3NjVFRUQz
QzdFMkU2MEREQ0JCMjdFMjE2OTg4Qy8wLzMyMzgzMDMzM2EzNDMxNjEzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzYzNzM2MzkzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDQaAw
DQYJKoZIhvcNAQELBQADggEBAEO/b5H8VCPji+Co79gMBnbpu92zBRMg/azAyWHo
UBDRa+hgBOH1V4yYMUYY+5CAMlJDE5kcC89Is8idPtLtfmq300gJSNdl42lnLQSu
Q5uYSXDcwQw3get5LS+DdaTnI4/y7Hm83OPbJu7/THGryhKl1F15mIk17TZmKKq1
MR4gGTpWeEqVUU4Xl6IYeo6VfEJNVLbyB2XzIcnr/g5GkZIRVxkQRZAXRIJof05K
/C1JAjqmzQW4cUUv6++tUx0o8/xDwSYCYx+lOg8vsGxLyIY2sTErI7R6m7d455qx
WAMqPGfa0HNiW1vz3rxUWysFM1s0j+f7EnUHVfP0Yl2TtBY=
-----END CERTIFICATE-----
Generated at Fri Jun 14 16:47:21 2024 by rpki-client on console-fra.rpki-client.org