Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/63B98F93D01E90BFE5D56BFBD45D2A441BE3B790695A98DD8BDF6BBF3CC3DC2D/0/323830333a356163303a3a2f33322d3438203d3e203633303233.roa
File:                     323830333a356163303a3a2f33322d3438203d3e203633303233.roa (raw, json)
Hash identifier:          srAuPYiCw6YXGwpjGq08szSSYOXWigMcIvouUdHUKRQ=
Subject key identifier:   82:0C:20:4F:EE:0D:4A:17:75:9B:B6:02:CF:70:20:25:F0:24:36:AB
Certificate issuer:       /CN=64CA902FE672A198EBE9410C4C09F2FFF81502BB
Certificate serial:       4BA66131831FE8FC6A0E0A4EB92D2C1C3258B577
Authority key identifier: 64:CA:90:2F:E6:72:A1:98:EB:E9:41:0C:4C:09:F2:FF:F8:15:02:BB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/64CA902FE672A198EBE9410C4C09F2FFF81502BB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/63B98F93D01E90BFE5D56BFBD45D2A441BE3B790695A98DD8BDF6BBF3CC3DC2D/0/323830333a356163303a3a2f33322d3438203d3e203633303233.roa
Signing time:             Tue 05 Mar 2024 18:09:50 +0000
ROA not before:           Tue 05 Mar 2024 18:04:50 +0000
ROA not after:            Tue 04 Mar 2025 18:09:50 +0000
asID:                     63023
IP address blocks:        2803:5ac0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/63B98F93D01E90BFE5D56BFBD45D2A441BE3B790695A98DD8BDF6BBF3CC3DC2D/0/64CA902FE672A198EBE9410C4C09F2FFF81502BB.crl
                          rsync://repository.lacnic.net/rpki/lacnic/63B98F93D01E90BFE5D56BFBD45D2A441BE3B790695A98DD8BDF6BBF3CC3DC2D/0/64CA902FE672A198EBE9410C4C09F2FFF81502BB.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/64CA902FE672A198EBE9410C4C09F2FFF81502BB.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:a6:61:31:83:1f:e8:fc:6a:0e:0a:4e:b9:2d:2c:1c:32:58:b5:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64CA902FE672A198EBE9410C4C09F2FFF81502BB
        Validity
            Not Before: Mar  5 18:04:50 2024 GMT
            Not After : Mar  4 18:09:50 2025 GMT
        Subject: CN=820C204FEE0D4A17759BB602CF702025F02436AB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:1c:82:bb:61:81:67:a9:d6:18:ff:69:7b:df:
                    ff:1b:d4:8d:f4:03:b2:bb:de:f1:61:48:4c:31:8d:
                    ea:cf:e1:3f:6a:6f:de:69:e9:12:a4:a2:e2:da:48:
                    b7:68:2b:aa:a6:c7:52:a2:b3:8a:d0:73:62:d2:57:
                    bf:de:32:ea:0a:23:bd:0b:c8:d3:08:63:fa:f3:8e:
                    55:c2:85:fe:38:3c:32:2e:3b:de:63:7d:6e:7e:b7:
                    47:6d:5a:55:01:46:53:63:01:5f:e8:39:4a:e4:76:
                    d1:b1:5c:f5:fe:06:6e:10:1f:d3:e6:d0:dc:20:7f:
                    5b:2b:07:f7:3d:61:05:f4:f8:a9:df:32:a8:b4:0f:
                    2a:89:b4:70:62:bd:9b:af:f5:d9:b5:c9:34:14:74:
                    9c:3b:18:9e:aa:c9:ce:b4:cf:a4:2c:7e:70:da:31:
                    71:50:b4:32:fc:ad:05:83:25:c9:67:91:a7:f5:ab:
                    69:b0:e1:31:5d:75:4f:dc:e8:a6:1d:8b:16:1d:f2:
                    f0:5b:ec:03:c5:f7:54:94:f9:62:6d:70:dd:6a:16:
                    25:a6:ab:e7:8e:ca:b8:fb:5f:c9:6b:58:1e:99:e8:
                    3a:49:b7:cc:b6:6d:64:ea:32:b5:99:de:43:d3:46:
                    96:5b:d5:fd:f1:68:a0:e2:90:33:ff:dc:ef:db:00:
                    eb:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:0C:20:4F:EE:0D:4A:17:75:9B:B6:02:CF:70:20:25:F0:24:36:AB
            X509v3 Authority Key Identifier:
                keyid:64:CA:90:2F:E6:72:A1:98:EB:E9:41:0C:4C:09:F2:FF:F8:15:02:BB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/63B98F93D01E90BFE5D56BFBD45D2A441BE3B790695A98DD8BDF6BBF3CC3DC2D/0/64CA902FE672A198EBE9410C4C09F2FFF81502BB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/64CA902FE672A198EBE9410C4C09F2FFF81502BB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/63B98F93D01E90BFE5D56BFBD45D2A441BE3B790695A98DD8BDF6BBF3CC3DC2D/0/323830333a356163303a3a2f33322d3438203d3e203633303233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:5ac0::/32

    Signature Algorithm: sha256WithRSAEncryption
         23:57:34:99:64:55:d4:74:26:29:7f:a9:14:99:5d:c8:f9:43:
         a8:63:8e:08:ba:69:eb:73:29:79:4a:27:34:9b:17:7b:fa:56:
         35:90:3d:9a:b1:0b:72:58:72:49:41:a5:3b:e0:16:40:2f:b3:
         4a:f2:da:79:61:41:cb:dc:ac:82:33:37:51:7c:f9:f1:98:7f:
         1e:39:18:3c:52:cc:e8:2f:ae:4a:ec:29:24:75:63:b2:50:6a:
         a7:09:74:4c:b6:a8:2f:f1:ff:de:c8:f4:df:4d:0d:86:6a:35:
         c2:ca:d5:de:40:94:bc:6e:04:2f:74:6b:72:17:49:e2:b7:0c:
         ee:45:d3:e1:9c:d3:d0:5a:e3:01:06:48:69:31:1f:50:4f:8b:
         52:24:8d:ad:24:ca:b1:89:f4:9b:2c:3b:97:9c:48:f5:77:f6:
         ab:ac:8f:42:bb:8e:13:de:b4:f7:e6:3e:26:4f:0c:5d:5d:a1:
         c6:1f:29:86:f9:55:2a:d6:48:8f:a7:d7:2b:d4:31:b8:32:a3:
         de:1d:3b:b5:8e:3d:b2:5b:b4:d8:24:b7:7f:54:12:d3:ab:d3:
         b4:2e:2f:93:96:b0:3c:c7:a3:02:b8:ac:e0:55:a3:1f:52:81:
         8d:fa:df:7f:59:01:d2:aa:4a:70:20:c6:54:b9:aa:41:ff:6f:
         94:e0:98:5c
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUS6ZhMYMf6PxqDgpOuS0sHDJYtXcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjRDQTkwMkZFNjcyQTE5OEVCRTk0MTBDNEMwOUYyRkZG
ODE1MDJCQjAeFw0yNDAzMDUxODA0NTBaFw0yNTAzMDQxODA5NTBaMDMxMTAvBgNV
BAMTKDgyMEMyMDRGRUUwRDRBMTc3NTlCQjYwMkNGNzAyMDI1RjAyNDM2QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNHIK7YYFnqdYY/2l73/8b1I30
A7K73vFhSEwxjerP4T9qb95p6RKkouLaSLdoK6qmx1Kis4rQc2LSV7/eMuoKI70L
yNMIY/rzjlXChf44PDIuO95jfW5+t0dtWlUBRlNjAV/oOUrkdtGxXPX+Bm4QH9Pm
0Nwgf1srB/c9YQX0+KnfMqi0DyqJtHBivZuv9dm1yTQUdJw7GJ6qyc60z6QsfnDa
MXFQtDL8rQWDJclnkaf1q2mw4TFddU/c6KYdixYd8vBb7APF91SU+WJtcN1qFiWm
q+eOyrj7X8lrWB6Z6DpJt8y2bWTqMrWZ3kPTRpZb1f3xaKDikDP/3O/bAOtnAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUggwgT+4NShd1m7YCz3AgJfAkNqswHwYDVR0j
BBgwFoAUZMqQL+ZyoZjr6UEMTAny//gVArswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82M0I5OEY5M0QwMUU5MEJGRTVENTZCRkJENDVEMkE0NDFC
RTNCNzkwNjk1QTk4REQ4QkRGNkJCRjNDQzNEQzJELzAvNjRDQTkwMkZFNjcyQTE5
OEVCRTk0MTBDNEMwOUYyRkZGODE1MDJCQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NENBOTAyRkU2NzJBMTk4RUJF
OTQxMEM0QzA5RjJGRkY4MTUwMkJCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjNCOThGOTNEMDFFOTBCRkU1RDU2QkZCRDQ1RDJBNDQxQkUzQjc5MDY5
NUE5OEREOEJERjZCQkYzQ0MzREMyRC8wLzMyMzgzMDMzM2EzNTYxNjMzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM2MzMzMDMyMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA1rAMA0G
CSqGSIb3DQEBCwUAA4IBAQAjVzSZZFXUdCYpf6kUmV3I+UOoY44Iumnrcyl5Sic0
mxd7+lY1kD2asQtyWHJJQaU74BZAL7NK8tp5YUHL3KyCMzdRfPnxmH8eORg8Uszo
L65K7CkkdWOyUGqnCXRMtqgv8f/eyPTfTQ2GajXCytXeQJS8bgQvdGtyF0nitwzu
RdPhnNPQWuMBBkhpMR9QT4tSJI2tJMqxifSbLDuXnEj1d/arrI9Cu44T3rT35j4m
TwxdXaHGHymG+VUq1kiPp9cr1DG4MqPeHTu1jj2yW7TYJLd/VBLTq9O0Li+TlrA8
x6MCuKzgVaMfUoGN+t9/WQHSqkpwIMZUuapB/2+U4Jhc
-----END CERTIFICATE-----
Generated at Sun Dec 8 23:48:14 2024 by rpki-client on console-fra.rpki-client.org