Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/323830333a393738303a3a2f33322d3438203d3e203130363137.roa
File:                     323830333a393738303a3a2f33322d3438203d3e203130363137.roa (raw, json)
Hash identifier:          CpdbZJ0yzW3tCsCLHAu0nU3K+O5dEQv495vD211SCVY=
Subject key identifier:   07:A1:34:31:65:D2:25:9B:2E:DE:43:97:02:CF:B7:F9:9A:7C:EC:A4
Certificate issuer:       /CN=991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3
Certificate serial:       1B7DF2248E969CA35D26D5736E1D78601D8C1150
Authority key identifier: 99:1C:3E:DC:C0:3E:22:70:A8:EA:AF:82:2E:C1:7B:EC:74:1B:1A:A3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/323830333a393738303a3a2f33322d3438203d3e203130363137.roa
Signing time:             Tue 05 Mar 2024 17:50:20 +0000
ROA not before:           Tue 05 Mar 2024 17:45:20 +0000
ROA not after:            Tue 04 Mar 2025 17:50:20 +0000
asID:                     10617
IP address blocks:        2803:9780::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 16 Dec 2024 01:47:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:7d:f2:24:8e:96:9c:a3:5d:26:d5:73:6e:1d:78:60:1d:8c:11:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3
        Validity
            Not Before: Mar  5 17:45:20 2024 GMT
            Not After : Mar  4 17:50:20 2025 GMT
        Subject: CN=07A1343165D2259B2EDE439702CFB7F99A7CECA4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:9d:84:ef:c1:70:17:6e:d3:91:82:5a:dc:50:
                    f3:19:fd:59:ec:73:cd:27:3b:bc:c3:78:82:8d:e8:
                    96:cb:28:52:30:ab:81:6d:45:92:17:bd:5b:1c:26:
                    ce:01:63:c0:48:36:eb:df:b2:ce:26:57:b8:00:22:
                    9b:7b:b2:11:1b:44:b0:25:29:3f:5d:78:17:62:9c:
                    13:b6:d2:94:71:66:a9:92:9c:3f:bc:83:da:65:be:
                    58:52:77:83:2c:29:a8:12:42:13:b8:c4:2e:2f:39:
                    76:92:a9:7a:62:88:95:f2:42:d1:2c:29:53:5e:57:
                    ff:ce:8b:11:1f:bf:ad:73:97:f6:79:ba:1e:f2:ac:
                    d9:9b:d1:f9:54:63:37:30:eb:17:be:3d:f4:0a:2f:
                    a3:b5:4f:ea:77:f5:f9:38:33:f6:85:6d:5f:ba:cd:
                    87:2d:df:ea:b4:1e:8b:3a:9d:6f:77:6f:3c:7e:ea:
                    7b:df:c5:3e:1d:c1:0b:22:08:98:2a:32:1b:4c:c6:
                    67:5e:9f:5d:e1:18:3d:1b:13:d3:ea:68:e5:9b:58:
                    fc:46:6b:b7:c2:12:d3:a5:10:07:22:9d:38:ef:53:
                    44:1b:c2:cf:6e:7e:39:fb:f2:7d:de:ff:01:1a:51:
                    75:8d:45:31:c7:fd:b2:25:02:c5:a5:2b:6a:75:9f:
                    04:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:A1:34:31:65:D2:25:9B:2E:DE:43:97:02:CF:B7:F9:9A:7C:EC:A4
            X509v3 Authority Key Identifier:
                keyid:99:1C:3E:DC:C0:3E:22:70:A8:EA:AF:82:2E:C1:7B:EC:74:1B:1A:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/323830333a393738303a3a2f33322d3438203d3e203130363137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:9780::/32

    Signature Algorithm: sha256WithRSAEncryption
         be:6b:45:15:6e:c1:92:6b:72:79:17:23:fe:22:b8:7a:41:f1:
         a2:50:3a:82:4d:a5:9b:44:18:cc:58:7f:65:b6:ae:c1:85:e0:
         c0:48:fb:81:49:94:44:44:3a:67:e8:f4:0e:cc:9f:e4:c9:8a:
         01:92:76:47:8e:42:f3:02:9f:8f:dd:d2:33:73:fb:01:0a:00:
         69:80:6c:55:2f:e5:7c:37:cc:4a:9d:30:ce:d0:4a:17:33:39:
         32:14:74:7b:76:80:71:90:20:ba:81:67:13:74:5a:d6:a0:97:
         3e:ac:17:57:38:1f:81:6b:b1:8d:72:dd:91:1f:6d:2b:f6:21:
         01:51:9f:c1:db:27:03:6f:86:54:e7:37:60:7a:ce:a6:46:ea:
         5f:66:0a:44:76:cb:02:74:39:3f:cd:be:2c:3d:bc:1c:4b:53:
         40:19:36:5d:d1:9a:e7:f1:c4:e8:9b:ef:96:18:2f:7a:1a:3c:
         d7:41:17:51:fb:13:a8:31:88:b0:a0:e3:54:95:2a:3d:26:fa:
         bc:c3:51:66:85:b9:ce:eb:4b:fa:71:23:57:4f:13:f0:92:14:
         71:31:bd:f8:07:38:f3:4e:95:c5:5e:44:d3:8a:7e:e8:18:d0:
         f0:d8:4d:a4:84:c5:6a:a3:63:eb:09:e9:9a:e4:89:aa:eb:70:
         cf:84:60:b6
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUG33yJI6WnKNdJtVzbh14YB2MEVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTkxQzNFRENDMDNFMjI3MEE4RUFBRjgyMkVDMTdCRUM3
NDFCMUFBMzAeFw0yNDAzMDUxNzQ1MjBaFw0yNTAzMDQxNzUwMjBaMDMxMTAvBgNV
BAMTKDA3QTEzNDMxNjVEMjI1OUIyRURFNDM5NzAyQ0ZCN0Y5OUE3Q0VDQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCunYTvwXAXbtORglrcUPMZ/Vns
c80nO7zDeIKN6JbLKFIwq4FtRZIXvVscJs4BY8BINuvfss4mV7gAIpt7shEbRLAl
KT9deBdinBO20pRxZqmSnD+8g9plvlhSd4MsKagSQhO4xC4vOXaSqXpiiJXyQtEs
KVNeV//OixEfv61zl/Z5uh7yrNmb0flUYzcw6xe+PfQKL6O1T+p39fk4M/aFbV+6
zYct3+q0Hos6nW93bzx+6nvfxT4dwQsiCJgqMhtMxmden13hGD0bE9PqaOWbWPxG
a7fCEtOlEAcinTjvU0Qbws9ufjn78n3e/wEaUXWNRTHH/bIlAsWlK2p1nwQFAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUB6E0MWXSJZsu3kOXAs+3+Zp87KQwHwYDVR0j
BBgwFoAUmRw+3MA+InCo6q+CLsF77HQbGqMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NjJGRkYzM0MzMUM3ODlCMzgxMDYwRDE4NzY0RUZDMUIz
OUY2NzdGQTg5NTAzQzg5OUEyNjA5MDNCRjUyQUU1LzAvOTkxQzNFRENDMDNFMjI3
MEE4RUFBRjgyMkVDMTdCRUM3NDFCMUFBMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OTFDM0VEQ0MwM0UyMjcwQThF
QUFGODIyRUMxN0JFQzc0MUIxQUEzLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDYyRkZGMzNDMzFDNzg5QjM4MTA2MEQxODc2NEVGQzFCMzlGNjc3RkE4
OTUwM0M4OTlBMjYwOTAzQkY1MkFFNS8wLzMyMzgzMDMzM2EzOTM3MzgzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMxMzAzNjMxMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA5eAMA0G
CSqGSIb3DQEBCwUAA4IBAQC+a0UVbsGSa3J5FyP+Irh6QfGiUDqCTaWbRBjMWH9l
tq7BheDASPuBSZRERDpn6PQOzJ/kyYoBknZHjkLzAp+P3dIzc/sBCgBpgGxVL+V8
N8xKnTDO0EoXMzkyFHR7doBxkCC6gWcTdFrWoJc+rBdXOB+Ba7GNct2RH20r9iEB
UZ/B2ycDb4ZU5zdges6mRupfZgpEdssCdDk/zb4sPbwcS1NAGTZd0Zrn8cTom++W
GC96GjzXQRdR+xOoMYiwoONUlSo9Jvq8w1FmhbnO60v6cSNXTxPwkhRxMb34Bzjz
TpXFXkTTin7oGNDw2E2khMVqo2PrCema5Imq63DPhGC2
-----END CERTIFICATE-----
Generated at Thu Dec 12 02:35:04 2024 by rpki-client on console-ams.rpki-client.org