Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/527E3926928299A7706301114EBC9E9DDEC7277138E6390FCBFD7F60F67B00C1/0/323830333a363732303a3a2f33322d3332203d3e20323637373439.roa
File:                     323830333a363732303a3a2f33322d3332203d3e20323637373439.roa (raw, json)
Hash identifier:          S0a7hxNDik2RzZnsvTAHTWMVp3zySts4NoiB39m2ZKY=
Subject key identifier:   C0:C4:FC:FB:59:82:32:2A:A8:39:EE:A4:19:9C:4B:B5:BA:28:90:81
Certificate issuer:       /CN=D5767ECDC104A4B4552F12CA53FE6F2F06C312B8
Certificate serial:       1148373EC62738FB3990A205222F9C912A5D62F0
Authority key identifier: D5:76:7E:CD:C1:04:A4:B4:55:2F:12:CA:53:FE:6F:2F:06:C3:12:B8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D5767ECDC104A4B4552F12CA53FE6F2F06C312B8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/527E3926928299A7706301114EBC9E9DDEC7277138E6390FCBFD7F60F67B00C1/0/323830333a363732303a3a2f33322d3332203d3e20323637373439.roa
Signing time:             Tue 05 Mar 2024 18:15:11 +0000
ROA not before:           Tue 05 Mar 2024 18:10:11 +0000
ROA not after:            Tue 04 Mar 2025 18:15:11 +0000
asID:                     267749
IP address blocks:        2803:6720::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/527E3926928299A7706301114EBC9E9DDEC7277138E6390FCBFD7F60F67B00C1/0/D5767ECDC104A4B4552F12CA53FE6F2F06C312B8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/527E3926928299A7706301114EBC9E9DDEC7277138E6390FCBFD7F60F67B00C1/0/D5767ECDC104A4B4552F12CA53FE6F2F06C312B8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D5767ECDC104A4B4552F12CA53FE6F2F06C312B8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 19:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:48:37:3e:c6:27:38:fb:39:90:a2:05:22:2f:9c:91:2a:5d:62:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D5767ECDC104A4B4552F12CA53FE6F2F06C312B8
        Validity
            Not Before: Mar  5 18:10:11 2024 GMT
            Not After : Mar  4 18:15:11 2025 GMT
        Subject: CN=C0C4FCFB5982322AA839EEA4199C4BB5BA289081
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:e2:57:b1:2c:14:dd:31:ff:27:c0:80:de:0e:
                    ad:71:32:18:83:24:3c:fe:f4:f4:a8:dd:f0:97:d1:
                    51:45:47:b8:0f:a0:93:be:d6:50:62:5a:47:bb:b7:
                    11:02:f3:f4:b8:72:d2:d7:0f:17:ff:b0:6a:c9:8f:
                    5c:64:12:b7:15:d3:aa:9d:7c:3e:6d:1e:33:af:e0:
                    a7:4f:ec:95:75:a0:b3:c0:99:b0:ba:24:11:bc:fe:
                    1d:a3:3b:89:19:6d:70:bd:ec:b9:ca:36:92:9e:36:
                    94:17:73:3c:52:30:a1:83:e6:1b:a7:14:d0:44:3d:
                    11:f1:22:b1:b1:c4:90:e6:8e:d2:f1:8f:7b:22:f6:
                    51:ca:fc:61:31:76:73:1b:4b:e5:b7:20:48:46:b7:
                    9e:d2:f2:2f:33:6b:d6:b8:c1:d0:4d:9c:cd:ee:51:
                    75:fb:a4:6f:c8:ee:8c:56:a0:c6:93:51:0f:d2:5a:
                    af:2f:bb:5b:27:a6:0e:3d:fe:0b:11:25:f8:ab:c0:
                    db:79:90:52:d1:b1:cc:f4:27:63:9c:df:8b:5b:7d:
                    2e:6d:37:85:28:2a:f3:4b:e6:44:ba:6e:82:e8:41:
                    d3:ea:82:0a:3d:fa:e3:37:d4:62:fe:5a:73:29:4c:
                    34:47:eb:76:be:b2:57:1e:1e:86:a7:5d:c9:60:a3:
                    06:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:C4:FC:FB:59:82:32:2A:A8:39:EE:A4:19:9C:4B:B5:BA:28:90:81
            X509v3 Authority Key Identifier:
                keyid:D5:76:7E:CD:C1:04:A4:B4:55:2F:12:CA:53:FE:6F:2F:06:C3:12:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/527E3926928299A7706301114EBC9E9DDEC7277138E6390FCBFD7F60F67B00C1/0/D5767ECDC104A4B4552F12CA53FE6F2F06C312B8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D5767ECDC104A4B4552F12CA53FE6F2F06C312B8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/527E3926928299A7706301114EBC9E9DDEC7277138E6390FCBFD7F60F67B00C1/0/323830333a363732303a3a2f33322d3332203d3e20323637373439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:6720::/32

    Signature Algorithm: sha256WithRSAEncryption
         34:2d:cc:6f:93:31:1d:31:de:02:bf:93:51:eb:0b:7b:db:7d:
         50:dd:03:65:2d:8b:26:4a:ed:85:16:17:79:b2:ee:f3:e9:1b:
         03:9d:3c:76:b8:c3:1a:85:00:9b:b6:14:0e:a2:8b:d1:ef:6b:
         f0:71:12:b3:be:6b:f0:4d:86:6b:3e:7d:b0:46:67:f1:d1:32:
         be:b4:cf:c8:22:d9:a8:0f:c3:f2:9f:fc:51:bc:f2:26:25:b5:
         bb:73:76:94:90:2f:68:b3:23:aa:93:db:92:df:03:33:28:5e:
         aa:cd:e6:18:18:3a:ca:85:51:12:e4:11:54:83:71:65:66:4d:
         3b:50:65:99:e3:fa:b3:4c:cf:ca:b0:96:e2:94:d0:0e:58:66:
         29:c7:c4:42:61:e4:bd:64:30:b7:9f:bc:bc:ed:e5:09:22:8d:
         dd:52:f0:07:0d:3c:26:32:b1:46:cf:19:c1:91:1a:23:b7:74:
         51:4e:78:37:7e:2b:12:2d:52:ba:9b:8d:a2:63:86:db:1d:0a:
         64:35:75:9a:e3:f9:a5:d2:cd:2e:6d:f9:77:02:67:ee:94:7b:
         aa:5a:d3:23:c7:ac:64:87:15:4f:19:ec:0f:ae:70:25:a8:e0:
         62:c2:7e:04:72:0d:db:37:26:8b:38:13:bd:7c:b4:9d:0b:c3:
         8f:3f:b6:a2
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUEUg3PsYnOPs5kKIFIi+ckSpdYvAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDU3NjdFQ0RDMTA0QTRCNDU1MkYxMkNBNTNGRTZGMkYw
NkMzMTJCODAeFw0yNDAzMDUxODEwMTFaFw0yNTAzMDQxODE1MTFaMDMxMTAvBgNV
BAMTKEMwQzRGQ0ZCNTk4MjMyMkFBODM5RUVBNDE5OUM0QkI1QkEyODkwODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ4lexLBTdMf8nwIDeDq1xMhiD
JDz+9PSo3fCX0VFFR7gPoJO+1lBiWke7txEC8/S4ctLXDxf/sGrJj1xkErcV06qd
fD5tHjOv4KdP7JV1oLPAmbC6JBG8/h2jO4kZbXC97LnKNpKeNpQXczxSMKGD5hun
FNBEPRHxIrGxxJDmjtLxj3si9lHK/GExdnMbS+W3IEhGt57S8i8za9a4wdBNnM3u
UXX7pG/I7oxWoMaTUQ/SWq8vu1snpg49/gsRJfirwNt5kFLRscz0J2Oc34tbfS5t
N4UoKvNL5kS6boLoQdPqggo9+uM31GL+WnMpTDRH63a+slceHoanXclgowY5AgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUwMT8+1mCMiqoOe6kGZxLtbookIEwHwYDVR0j
BBgwFoAU1XZ+zcEEpLRVLxLKU/5vLwbDErgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MjdFMzkyNjkyODI5OUE3NzA2MzAxMTE0RUJDOUU5RERF
QzcyNzcxMzhFNjM5MEZDQkZEN0Y2MEY2N0IwMEMxLzAvRDU3NjdFQ0RDMTA0QTRC
NDU1MkYxMkNBNTNGRTZGMkYwNkMzMTJCOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENTc2N0VDREMxMDRBNEI0NTUy
RjEyQ0E1M0ZFNkYyRjA2QzMxMkI4LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTI3RTM5MjY5MjgyOTlBNzcwNjMwMTExNEVCQzlFOURERUM3Mjc3MTM4
RTYzOTBGQ0JGRDdGNjBGNjdCMDBDMS8wLzMyMzgzMDMzM2EzNjM3MzIzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzYzNzM3MzQzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDZyAw
DQYJKoZIhvcNAQELBQADggEBADQtzG+TMR0x3gK/k1HrC3vbfVDdA2UtiyZK7YUW
F3my7vPpGwOdPHa4wxqFAJu2FA6ii9Hva/BxErO+a/BNhms+fbBGZ/HRMr60z8gi
2agPw/Kf/FG88iYltbtzdpSQL2izI6qT25LfAzMoXqrN5hgYOsqFURLkEVSDcWVm
TTtQZZnj+rNMz8qwluKU0A5YZinHxEJh5L1kMLefvLzt5Qkijd1S8AcNPCYysUbP
GcGRGiO3dFFOeDd+KxItUrqbjaJjhtsdCmQ1dZrj+aXSzS5t+XcCZ+6Ue6pa0yPH
rGSHFU8Z7A+ucCWo4GLCfgRyDds3Jos4E718tJ0Lw48/tqI=
-----END CERTIFICATE-----
Generated at Tue Dec 10 09:56:09 2024 by rpki-client on console-ams.rpki-client.org