Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4E2DB3758A19E3B8E1C876BF71FB32DC8502434CB84B581342AF174B7783D5DF/0/323830333a626661303a666530303a3a2f34302d3430203d3e20323632353839.roa
File:                     323830333a626661303a666530303a3a2f34302d3430203d3e20323632353839.roa (raw, json)
Hash identifier:          F6pQEg3gRytZWVyZHim7jL6YKo2Xmm6YnirvRDWc5nk=
Subject key identifier:   72:A2:D0:7B:CE:62:55:19:EC:62:8A:9D:D0:73:B6:57:C2:AF:B9:E9
Certificate issuer:       /CN=7C03E0A5C9816B574B54A163EC5F6E686D499DF2
Certificate serial:       0F0FC3701359FC3747FE13C08F1DB3FAC6A577E4
Authority key identifier: 7C:03:E0:A5:C9:81:6B:57:4B:54:A1:63:EC:5F:6E:68:6D:49:9D:F2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7C03E0A5C9816B574B54A163EC5F6E686D499DF2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4E2DB3758A19E3B8E1C876BF71FB32DC8502434CB84B581342AF174B7783D5DF/0/323830333a626661303a666530303a3a2f34302d3430203d3e20323632353839.roa
Signing time:             Tue 05 Mar 2024 18:14:27 +0000
ROA not before:           Tue 05 Mar 2024 18:09:27 +0000
ROA not after:            Tue 04 Mar 2025 18:14:27 +0000
asID:                     262589
IP address blocks:        2803:bfa0:fe00::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4E2DB3758A19E3B8E1C876BF71FB32DC8502434CB84B581342AF174B7783D5DF/0/7C03E0A5C9816B574B54A163EC5F6E686D499DF2.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4E2DB3758A19E3B8E1C876BF71FB32DC8502434CB84B581342AF174B7783D5DF/0/7C03E0A5C9816B574B54A163EC5F6E686D499DF2.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7C03E0A5C9816B574B54A163EC5F6E686D499DF2.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:0f:c3:70:13:59:fc:37:47:fe:13:c0:8f:1d:b3:fa:c6:a5:77:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7C03E0A5C9816B574B54A163EC5F6E686D499DF2
        Validity
            Not Before: Mar  5 18:09:27 2024 GMT
            Not After : Mar  4 18:14:27 2025 GMT
        Subject: CN=72A2D07BCE625519EC628A9DD073B657C2AFB9E9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:07:81:85:11:f8:0e:48:b3:18:b3:df:d3:48:
                    e4:db:e1:cb:c2:8b:61:c9:ec:92:1b:ec:fb:d8:e8:
                    0e:9b:7b:06:60:b4:07:4b:4d:d0:93:9e:7b:97:cf:
                    c6:5b:b7:89:af:fd:fc:11:e9:35:ab:63:1e:13:a2:
                    5d:d2:90:64:85:68:c4:2b:d6:ad:97:ed:55:14:93:
                    d8:1c:61:ce:44:55:a4:7b:db:a3:a0:b7:b3:35:3a:
                    03:d0:03:96:a4:38:43:84:24:42:5f:6a:83:9f:a0:
                    aa:03:cc:fb:8d:26:34:a6:dc:16:e8:e0:5d:98:03:
                    bb:80:0d:e0:3c:9f:2a:8a:36:93:57:c5:4a:2c:af:
                    3a:05:ce:92:d1:bc:03:71:3a:1b:0a:d9:80:b4:cc:
                    39:1a:32:8b:27:dd:15:60:3a:5c:fb:e4:1e:48:ed:
                    22:6a:23:c1:aa:b3:67:a6:f4:bd:8b:ab:70:a6:b2:
                    49:3c:70:cb:dc:43:aa:7d:a0:c9:9c:6b:f3:a0:22:
                    08:1b:80:07:29:37:0a:53:c1:72:b6:8d:d8:44:4f:
                    e4:c7:ee:3a:5c:db:9e:ef:2e:ad:e2:53:90:af:3c:
                    7b:e4:fa:1d:5e:22:4d:c7:bb:f4:4d:bb:ba:1a:06:
                    d8:6a:c7:fb:46:9c:22:b9:00:c7:04:01:92:52:80:
                    9f:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:A2:D0:7B:CE:62:55:19:EC:62:8A:9D:D0:73:B6:57:C2:AF:B9:E9
            X509v3 Authority Key Identifier:
                keyid:7C:03:E0:A5:C9:81:6B:57:4B:54:A1:63:EC:5F:6E:68:6D:49:9D:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4E2DB3758A19E3B8E1C876BF71FB32DC8502434CB84B581342AF174B7783D5DF/0/7C03E0A5C9816B574B54A163EC5F6E686D499DF2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7C03E0A5C9816B574B54A163EC5F6E686D499DF2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4E2DB3758A19E3B8E1C876BF71FB32DC8502434CB84B581342AF174B7783D5DF/0/323830333a626661303a666530303a3a2f34302d3430203d3e20323632353839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:bfa0:fe00::/40

    Signature Algorithm: sha256WithRSAEncryption
         40:f6:cb:da:57:d8:24:5b:8f:13:d5:2c:a1:d4:9a:83:60:0c:
         2e:dd:fe:30:86:66:c4:7f:d0:e5:76:7a:61:35:ba:6f:eb:00:
         ba:2d:53:34:6d:61:74:aa:29:fa:3e:7b:4a:96:1a:b1:be:7f:
         de:81:ba:b7:75:6e:0c:a6:3f:e9:72:fe:17:e6:34:e0:cc:54:
         9c:ac:51:ac:86:77:7e:25:9e:d1:ef:a3:cb:14:97:1a:ac:cf:
         1e:2e:6d:43:88:84:82:bc:86:c7:8c:35:78:f3:db:20:85:b4:
         63:e0:a7:9e:49:74:32:0f:48:6b:aa:98:63:ed:83:da:d0:84:
         f1:0b:0e:9d:3e:71:36:22:66:fd:0a:89:22:90:cd:e0:8a:a7:
         80:35:65:02:56:f4:ec:d1:71:dc:a0:75:6f:54:a6:da:6e:0c:
         65:2c:5a:7e:95:10:18:9d:9f:d6:5f:9f:4f:e8:2f:53:70:fc:
         43:25:09:2f:5e:16:0e:05:90:9b:e5:72:d1:06:b2:26:06:b3:
         5b:f7:cc:1e:ea:e0:3d:84:4c:9e:bf:fe:23:3c:47:f7:79:26:
         57:04:15:6e:04:04:48:a4:17:ef:d1:19:f5:77:75:c8:32:0b:
         f6:43:44:8d:18:f3:77:20:10:1f:cc:87:59:ff:f0:46:58:85:
         80:82:ed:96
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgIUDw/DcBNZ/DdH/hPAjx2z+sald+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0MwM0UwQTVDOTgxNkI1NzRCNTRBMTYzRUM1RjZFNjg2
RDQ5OURGMjAeFw0yNDAzMDUxODA5MjdaFw0yNTAzMDQxODE0MjdaMDMxMTAvBgNV
BAMTKDcyQTJEMDdCQ0U2MjU1MTlFQzYyOEE5REQwNzNCNjU3QzJBRkI5RTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgB4GFEfgOSLMYs9/TSOTb4cvC
i2HJ7JIb7PvY6A6bewZgtAdLTdCTnnuXz8Zbt4mv/fwR6TWrYx4Tol3SkGSFaMQr
1q2X7VUUk9gcYc5EVaR726Ogt7M1OgPQA5akOEOEJEJfaoOfoKoDzPuNJjSm3Bbo
4F2YA7uADeA8nyqKNpNXxUosrzoFzpLRvANxOhsK2YC0zDkaMosn3RVgOlz75B5I
7SJqI8Gqs2em9L2Lq3Cmskk8cMvcQ6p9oMmca/OgIggbgAcpNwpTwXK2jdhET+TH
7jpc257vLq3iU5CvPHvk+h1eIk3Hu/RNu7oaBthqx/tGnCK5AMcEAZJSgJ+TAgMB
AAGjggLUMIIC0DAdBgNVHQ4EFgQUcqLQe85iVRnsYoqd0HO2V8KvuekwHwYDVR0j
BBgwFoAUfAPgpcmBa1dLVKFj7F9uaG1JnfIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80RTJEQjM3NThBMTlFM0I4RTFDODc2QkY3MUZCMzJEQzg1
MDI0MzRDQjg0QjU4MTM0MkFGMTc0Qjc3ODNENURGLzAvN0MwM0UwQTVDOTgxNkI1
NzRCNTRBMTYzRUM1RjZFNjg2RDQ5OURGMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83QzAzRTBBNUM5ODE2QjU3NEI1
NEExNjNFQzVGNkU2ODZENDk5REYyLmNlcjCB0QYIKwYBBQUHAQsEgcQwgcEwgb4G
CCsGAQUFBzALhoGxcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNEUyREIzNzU4QTE5RTNCOEUxQzg3NkJGNzFGQjMyREM4NTAyNDM0Q0I4
NEI1ODEzNDJBRjE3NEI3NzgzRDVERi8wLzMyMzgzMDMzM2E2MjY2NjEzMDNhNjY2
NTMwMzAzYTNhMmYzNDMwMmQzNDMwMjAzZDNlMjAzMjM2MzIzNTM4Mzkucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAoA7+g/jANBgkqhkiG9w0BAQsFAAOCAQEAQPbL2lfYJFuPE9UsodSag2AM
Lt3+MIZmxH/Q5XZ6YTW6b+sAui1TNG1hdKop+j57SpYasb5/3oG6t3VuDKY/6XL+
F+Y04MxUnKxRrIZ3fiWe0e+jyxSXGqzPHi5tQ4iEgryGx4w1ePPbIIW0Y+Cnnkl0
Mg9Ia6qYY+2D2tCE8QsOnT5xNiJm/QqJIpDN4IqngDVlAlb07NFx3KB1b1Sm2m4M
ZSxafpUQGJ2f1l+fT+gvU3D8QyUJL14WDgWQm+Vy0QayJgazW/fMHurgPYRMnr/+
IzxH93kmVwQVbgQESKQX79EZ9Xd1yDIL9kNEjRjzdyAQH8yHWf/wRliFgILtlg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:45:26 2024 by rpki-client on console-ams.rpki-client.org