Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/53B9153FFCAEB4CF2A7968E8D6F7FB7CA0B3038EDB131F741D6686B5E2A35DA8/0/323830333a383335303a3a2f33322d3332203d3e2033333536.roa
File:                     323830333a383335303a3a2f33322d3332203d3e2033333536.roa (raw, json)
Hash identifier:          9/o1lRS2AZrlsfiZ5e0f4SzOnQf1ryMXSQJCXq549G0=
Subject key identifier:   19:C6:AE:7F:AF:BA:A7:1C:D1:D3:E0:31:AA:CC:2D:F6:A7:3B:27:F4
Certificate issuer:       /CN=A97E9F94EBF479C68B3A578173FFC7C436AD1F1B
Certificate serial:       5F5B8D649CF98024036A7FBD6DBF77B1635F8A91
Authority key identifier: A9:7E:9F:94:EB:F4:79:C6:8B:3A:57:81:73:FF:C7:C4:36:AD:1F:1B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A97E9F94EBF479C68B3A578173FFC7C436AD1F1B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/53B9153FFCAEB4CF2A7968E8D6F7FB7CA0B3038EDB131F741D6686B5E2A35DA8/0/323830333a383335303a3a2f33322d3332203d3e2033333536.roa
Signing time:             Mon 28 Apr 2025 20:20:00 +0000
ROA not before:           Mon 28 Apr 2025 20:15:00 +0000
ROA not after:            Mon 27 Apr 2026 20:20:00 +0000
asID:                     3356
IP address blocks:        2803:8350::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/53B9153FFCAEB4CF2A7968E8D6F7FB7CA0B3038EDB131F741D6686B5E2A35DA8/0/A97E9F94EBF479C68B3A578173FFC7C436AD1F1B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/53B9153FFCAEB4CF2A7968E8D6F7FB7CA0B3038EDB131F741D6686B5E2A35DA8/0/A97E9F94EBF479C68B3A578173FFC7C436AD1F1B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A97E9F94EBF479C68B3A578173FFC7C436AD1F1B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 07:59:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:5b:8d:64:9c:f9:80:24:03:6a:7f:bd:6d:bf:77:b1:63:5f:8a:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A97E9F94EBF479C68B3A578173FFC7C436AD1F1B
        Validity
            Not Before: Apr 28 20:15:00 2025 GMT
            Not After : Apr 27 20:20:00 2026 GMT
        Subject: CN=19C6AE7FAFBAA71CD1D3E031AACC2DF6A73B27F4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:4b:24:64:7e:df:e5:ba:cc:09:d2:ad:dd:7e:
                    d3:ab:e5:74:b3:ee:11:c5:d6:2e:c6:77:89:9d:7d:
                    c3:d4:3c:9b:5e:41:0d:7a:76:ad:c6:4e:73:ed:84:
                    0f:cf:12:4a:10:65:9d:a7:1c:c6:69:14:4f:8d:be:
                    ec:73:7e:16:69:68:1b:d9:fe:5b:28:3f:f2:52:5f:
                    f7:74:85:58:18:bc:88:11:b3:25:9c:16:49:4f:1c:
                    1e:37:e1:c4:a7:06:37:46:fd:c7:bf:45:c8:8e:60:
                    04:5c:a3:5d:0b:22:af:e0:5c:9d:3a:dc:4a:ee:88:
                    3e:94:88:73:92:10:bd:e8:50:8f:dc:41:09:a2:7d:
                    57:58:d4:cb:4e:57:07:77:8f:94:64:96:7d:86:40:
                    4e:13:71:e5:b7:fa:a6:09:bf:6a:5b:e8:65:fe:f1:
                    f1:2f:12:a9:51:ea:9b:49:c3:ba:b0:df:b3:88:dc:
                    35:ca:21:02:fb:cf:6f:97:a7:ed:87:66:ac:2c:64:
                    c5:85:48:bc:6f:75:fe:6f:e1:83:60:55:5f:76:e1:
                    82:16:4b:e7:e6:89:37:32:b4:54:5d:00:66:10:79:
                    4e:97:ef:32:ef:f6:67:3d:14:d6:58:08:fe:22:8b:
                    0c:be:3e:78:a6:d2:aa:ad:02:59:2f:b6:08:c3:8c:
                    98:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:C6:AE:7F:AF:BA:A7:1C:D1:D3:E0:31:AA:CC:2D:F6:A7:3B:27:F4
            X509v3 Authority Key Identifier:
                keyid:A9:7E:9F:94:EB:F4:79:C6:8B:3A:57:81:73:FF:C7:C4:36:AD:1F:1B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/53B9153FFCAEB4CF2A7968E8D6F7FB7CA0B3038EDB131F741D6686B5E2A35DA8/0/A97E9F94EBF479C68B3A578173FFC7C436AD1F1B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A97E9F94EBF479C68B3A578173FFC7C436AD1F1B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/53B9153FFCAEB4CF2A7968E8D6F7FB7CA0B3038EDB131F741D6686B5E2A35DA8/0/323830333a383335303a3a2f33322d3332203d3e2033333536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:8350::/32

    Signature Algorithm: sha256WithRSAEncryption
         a1:31:02:4a:ab:c2:32:06:72:7c:fa:dc:a1:31:ff:3d:31:bf:
         9d:58:38:b2:b9:c4:02:0f:5d:58:f8:00:9b:37:bb:87:f9:3a:
         66:9c:77:94:64:1a:b4:93:8b:d2:aa:02:7d:0a:c7:ff:6c:fd:
         c0:d7:9b:27:c9:3e:75:4a:59:30:77:99:2c:fa:e9:9d:34:db:
         1b:03:2e:5f:fa:68:e0:53:55:42:ef:19:9b:64:41:67:88:92:
         22:dd:1b:da:45:84:44:47:3c:2a:32:91:0a:d7:ca:83:64:e0:
         eb:35:ca:3e:42:f8:02:6b:70:3d:f8:ea:a0:5b:20:e5:3c:c9:
         c5:d9:73:96:4a:b4:4e:46:43:18:cf:ef:e7:f7:8f:c5:cf:50:
         11:aa:f1:d9:e5:55:0b:a1:9e:b8:f4:8a:cf:61:70:d6:8c:06:
         7a:b5:77:6e:8a:24:b6:15:c1:d8:c4:4f:ab:df:e9:42:aa:33:
         70:f6:cd:04:49:a1:03:c1:51:0f:4a:ab:e4:88:a6:df:18:13:
         cf:ca:a6:c5:3d:c5:67:f7:38:9b:b6:e3:23:4d:b0:54:71:6f:
         b7:d9:41:be:6d:ab:b8:09:ca:8f:50:86:ac:88:d3:55:c3:7d:
         29:2d:75:c5:a5:dd:29:6c:53:e4:fa:81:b2:23:1b:fd:da:28:
         90:c7:0d:32
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUX1uNZJz5gCQDan+9bb93sWNfipEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTk3RTlGOTRFQkY0NzlDNjhCM0E1NzgxNzNGRkM3QzQz
NkFEMUYxQjAeFw0yNTA0MjgyMDE1MDBaFw0yNjA0MjcyMDIwMDBaMDMxMTAvBgNV
BAMTKDE5QzZBRTdGQUZCQUE3MUNEMUQzRTAzMUFBQ0MyREY2QTczQjI3RjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTSyRkft/luswJ0q3dftOr5XSz
7hHF1i7Gd4mdfcPUPJteQQ16dq3GTnPthA/PEkoQZZ2nHMZpFE+NvuxzfhZpaBvZ
/lsoP/JSX/d0hVgYvIgRsyWcFklPHB434cSnBjdG/ce/RciOYARco10LIq/gXJ06
3EruiD6UiHOSEL3oUI/cQQmifVdY1MtOVwd3j5Rkln2GQE4TceW3+qYJv2pb6GX+
8fEvEqlR6ptJw7qw37OI3DXKIQL7z2+Xp+2HZqwsZMWFSLxvdf5v4YNgVV924YIW
S+fmiTcytFRdAGYQeU6X7zLv9mc9FNZYCP4iiwy+Pnim0qqtAlkvtgjDjJgtAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUGcauf6+6pxzR0+Axqswt9qc7J/QwHwYDVR0j
BBgwFoAUqX6flOv0ecaLOleBc//HxDatHxswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81M0I5MTUzRkZDQUVCNENGMkE3OTY4RThENkY3RkI3Q0Ew
QjMwMzhFREIxMzFGNzQxRDY2ODZCNUUyQTM1REE4LzAvQTk3RTlGOTRFQkY0NzlD
NjhCM0E1NzgxNzNGRkM3QzQzNkFEMUYxQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BOTdFOUY5NEVCRjQ3OUM2OEIz
QTU3ODE3M0ZGQzdDNDM2QUQxRjFCLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTNCOTE1M0ZGQ0FFQjRDRjJBNzk2OEU4RDZGN0ZCN0NBMEIzMDM4RURC
MTMxRjc0MUQ2Njg2QjVFMkEzNURBOC8wLzMyMzgzMDMzM2EzODMzMzUzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMzMzMzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKAODUDANBgkq
hkiG9w0BAQsFAAOCAQEAoTECSqvCMgZyfPrcoTH/PTG/nVg4srnEAg9dWPgAmze7
h/k6Zpx3lGQatJOL0qoCfQrH/2z9wNebJ8k+dUpZMHeZLPrpnTTbGwMuX/po4FNV
Qu8Zm2RBZ4iSIt0b2kWEREc8KjKRCtfKg2Tg6zXKPkL4AmtwPfjqoFsg5TzJxdlz
lkq0TkZDGM/v5/ePxc9QEarx2eVVC6GeuPSKz2Fw1owGerV3bookthXB2MRPq9/p
QqozcPbNBEmhA8FRD0qr5Iim3xgTz8qmxT3FZ/c4m7bjI02wVHFvt9lBvm2ruAnK
j1CGrIjTVcN9KS11xaXdKWxT5PqBsiMb/dookMcNMg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 04:22:09 2025 by rpki-client