Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/323830303a3531303a3a2f33322d3634203d3e203238303232.roa
File:                     323830303a3531303a3a2f33322d3634203d3e203238303232.roa (raw, json)
Hash identifier:          3fvXQA91mN76mSNPzB/CFbp5gq/cNrOKuNsdUJutRG4=
Subject key identifier:   A5:9E:3C:E6:63:F2:87:08:FE:8B:F7:7C:1B:C1:76:12:02:D4:9F:4B
Certificate issuer:       /CN=2000BFC4CE0B56183990500772974F91AC5629B4
Certificate serial:       385C1C7FA7B77658F689BAAEF30C708700E4A9EB
Authority key identifier: 20:00:BF:C4:CE:0B:56:18:39:90:50:07:72:97:4F:91:AC:56:29:B4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2000BFC4CE0B56183990500772974F91AC5629B4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/323830303a3531303a3a2f33322d3634203d3e203238303232.roa
Signing time:             Tue 05 Mar 2024 18:02:24 +0000
ROA not before:           Tue 05 Mar 2024 17:57:24 +0000
ROA not after:            Tue 04 Mar 2025 18:02:24 +0000
asID:                     28022
IP address blocks:        2800:510::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/2000BFC4CE0B56183990500772974F91AC5629B4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/2000BFC4CE0B56183990500772974F91AC5629B4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2000BFC4CE0B56183990500772974F91AC5629B4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 22 May 2024 10:19:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:5c:1c:7f:a7:b7:76:58:f6:89:ba:ae:f3:0c:70:87:00:e4:a9:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2000BFC4CE0B56183990500772974F91AC5629B4
        Validity
            Not Before: Mar  5 17:57:24 2024 GMT
            Not After : Mar  4 18:02:24 2025 GMT
        Subject: CN=A59E3CE663F28708FE8BF77C1BC1761202D49F4B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:33:11:bd:1a:f2:43:ce:9d:64:5e:ca:93:ad:
                    fb:e2:bb:a3:98:ba:d0:cf:45:02:ef:f8:92:27:e2:
                    99:bb:39:ec:8d:99:c7:79:a2:5a:a2:78:21:b6:ff:
                    ef:e7:58:a2:ca:27:0a:65:33:f0:34:f4:82:12:82:
                    15:8c:5d:68:9c:be:39:b5:07:bd:f3:e4:7f:36:67:
                    50:bd:74:65:c0:df:27:26:a3:44:20:ea:46:94:5d:
                    12:0a:66:46:1b:50:0a:4a:24:fe:6f:cd:cb:eb:d7:
                    af:ec:0f:aa:e7:4c:a6:f9:4a:3e:a5:24:1c:08:7e:
                    df:e7:12:df:a5:7c:58:b4:7f:0c:5f:b0:d7:3b:9e:
                    f3:f5:9f:f1:af:b0:3e:80:ac:d9:87:e5:a9:78:ef:
                    b6:15:29:54:59:1c:8a:4a:95:0d:75:f4:48:15:15:
                    5d:c2:fd:36:73:74:be:13:88:ac:2a:cd:90:dc:ef:
                    9a:b5:99:16:2a:0c:fd:7c:59:61:71:f2:e3:1e:58:
                    fa:6b:1c:f0:d9:b1:98:df:0e:90:24:ff:58:71:bc:
                    c0:7a:bc:bb:b8:49:13:a4:5a:3a:d3:5d:2b:96:fd:
                    19:6f:9a:4c:ec:f9:2c:60:09:45:0a:21:dd:d3:af:
                    43:60:2d:3a:c7:99:6d:7e:16:c4:3f:a5:e2:70:55:
                    64:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:9E:3C:E6:63:F2:87:08:FE:8B:F7:7C:1B:C1:76:12:02:D4:9F:4B
            X509v3 Authority Key Identifier:
                keyid:20:00:BF:C4:CE:0B:56:18:39:90:50:07:72:97:4F:91:AC:56:29:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/2000BFC4CE0B56183990500772974F91AC5629B4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2000BFC4CE0B56183990500772974F91AC5629B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/323830303a3531303a3a2f33322d3634203d3e203238303232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:510::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:b0:fc:53:29:86:50:c0:de:52:fa:5d:97:19:ef:a0:42:58:
         4c:fd:18:21:9a:5d:a2:6c:7e:03:e8:87:3a:b1:b5:4e:de:9b:
         79:97:ec:c7:ec:5b:72:ac:3e:57:66:b8:69:51:95:4a:8f:68:
         23:01:11:42:fd:b3:3f:52:7b:2f:76:96:dc:6c:9b:f2:cc:f0:
         ad:98:e5:80:2f:16:4d:14:34:c5:53:62:17:96:a6:7c:69:1d:
         d0:cb:6e:47:7e:28:99:f6:1f:7f:85:a4:69:c4:4e:9a:2c:9f:
         b8:b0:72:d6:c6:7a:8e:1f:a1:df:a1:e1:46:3e:b7:a9:ca:2d:
         9a:6f:a2:30:bc:a3:4c:bc:74:6f:9d:cd:1a:50:d4:11:8a:06:
         60:52:01:56:03:06:ed:cb:1f:ae:18:37:81:a4:79:cb:af:0e:
         89:6f:6e:03:c1:3c:56:7c:04:10:9f:90:b1:d3:9b:9c:fa:7c:
         35:45:79:70:f0:45:95:aa:a5:50:da:1a:99:5e:84:02:41:a5:
         53:2d:19:ec:27:0b:59:da:36:c0:bf:29:e3:86:d2:b2:8c:f1:
         e1:4b:d2:e9:14:54:3a:bb:ab:ad:e0:87:c8:92:76:64:01:36:
         1d:21:ed:58:fe:51:09:01:0b:fa:92:2f:27:5f:36:bd:9e:20:
         54:52:35:fd
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUOFwcf6e3dlj2ibqu8wxwhwDkqeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjAwMEJGQzRDRTBCNTYxODM5OTA1MDA3NzI5NzRGOTFB
QzU2MjlCNDAeFw0yNDAzMDUxNzU3MjRaFw0yNTAzMDQxODAyMjRaMDMxMTAvBgNV
BAMTKEE1OUUzQ0U2NjNGMjg3MDhGRThCRjc3QzFCQzE3NjEyMDJENDlGNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBMxG9GvJDzp1kXsqTrfviu6OY
utDPRQLv+JIn4pm7OeyNmcd5olqieCG2/+/nWKLKJwplM/A09IISghWMXWicvjm1
B73z5H82Z1C9dGXA3ycmo0Qg6kaUXRIKZkYbUApKJP5vzcvr16/sD6rnTKb5Sj6l
JBwIft/nEt+lfFi0fwxfsNc7nvP1n/GvsD6ArNmH5al477YVKVRZHIpKlQ119EgV
FV3C/TZzdL4TiKwqzZDc75q1mRYqDP18WWFx8uMeWPprHPDZsZjfDpAk/1hxvMB6
vLu4SROkWjrTXSuW/Rlvmkzs+SxgCUUKId3Tr0NgLTrHmW1+FsQ/peJwVWQxAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUpZ485mPyhwj+i/d8G8F2EgLUn0swHwYDVR0j
BBgwFoAUIAC/xM4LVhg5kFAHcpdPkaxWKbQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82NTFCMDZDNTlBMEIxNjJCRUUyNUQwNTkxMzMzQUVDMkVD
MTkyMUIyNjNFODlFRTc2MERDN0I3NUZBRkFCRjU1LzAvMjAwMEJGQzRDRTBCNTYx
ODM5OTA1MDA3NzI5NzRGOTFBQzU2MjlCNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMDAwQkZDNENFMEI1NjE4Mzk5
MDUwMDc3Mjk3NEY5MUFDNTYyOUI0LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjUxQjA2QzU5QTBCMTYyQkVFMjVEMDU5MTMzM0FFQzJFQzE5MjFCMjYz
RTg5RUU3NjBEQzdCNzVGQUZBQkY1NS8wLzMyMzgzMDMwM2EzNTMxMzAzYTNhMmYz
MzMyMmQzNjM0MjAzZDNlMjAzMjM4MzAzMjMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKAAFEDANBgkq
hkiG9w0BAQsFAAOCAQEAS7D8UymGUMDeUvpdlxnvoEJYTP0YIZpdomx+A+iHOrG1
Tt6beZfsx+xbcqw+V2a4aVGVSo9oIwERQv2zP1J7L3aW3Gyb8szwrZjlgC8WTRQ0
xVNiF5amfGkd0MtuR34omfYff4WkacROmiyfuLBy1sZ6jh+h36HhRj63qcotmm+i
MLyjTLx0b53NGlDUEYoGYFIBVgMG7csfrhg3gaR5y68OiW9uA8E8VnwEEJ+QsdOb
nPp8NUV5cPBFlaqlUNoamV6EAkGlUy0Z7CcLWdo2wL8p44bSsozx4UvS6RRUOrur
reCHyJJ2ZAE2HSHtWP5RCQEL+pIvJ182vZ4gVFI1/Q==
-----END CERTIFICATE-----
Generated at Sat May 18 16:19:21 2024 by rpki-client on console-fra.rpki-client.org