Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/67236B4CCEFBC43821AA42D45D1AF2A3747087F6A0476701E6F0A871E1E15BBF/0/323830333a623065303a393938393a3a2f34382d3438203d3e20323639383632.roa
File:                     323830333a623065303a393938393a3a2f34382d3438203d3e20323639383632.roa (raw, json)
Hash identifier:          NzfCH6nmQh2y9XVow8ByQpMjxjSkodtubXxyV+ocIyo=
Subject key identifier:   51:19:E4:13:51:52:EB:45:04:54:1F:20:5A:9C:DA:68:68:37:D9:E5
Certificate issuer:       /CN=B9661B0E7FC75ED767D18B56FC749BAED21FC195
Certificate serial:       219B64557D847804E04558838062BCF003684C47
Authority key identifier: B9:66:1B:0E:7F:C7:5E:D7:67:D1:8B:56:FC:74:9B:AE:D2:1F:C1:95
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B9661B0E7FC75ED767D18B56FC749BAED21FC195.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/67236B4CCEFBC43821AA42D45D1AF2A3747087F6A0476701E6F0A871E1E15BBF/0/323830333a623065303a393938393a3a2f34382d3438203d3e20323639383632.roa
Signing time:             Tue 05 Mar 2024 18:03:44 +0000
ROA not before:           Tue 05 Mar 2024 17:58:44 +0000
ROA not after:            Tue 04 Mar 2025 18:03:44 +0000
asID:                     269862
IP address blocks:        2803:b0e0:9989::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/67236B4CCEFBC43821AA42D45D1AF2A3747087F6A0476701E6F0A871E1E15BBF/0/B9661B0E7FC75ED767D18B56FC749BAED21FC195.crl
                          rsync://repository.lacnic.net/rpki/lacnic/67236B4CCEFBC43821AA42D45D1AF2A3747087F6A0476701E6F0A871E1E15BBF/0/B9661B0E7FC75ED767D18B56FC749BAED21FC195.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B9661B0E7FC75ED767D18B56FC749BAED21FC195.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:9b:64:55:7d:84:78:04:e0:45:58:83:80:62:bc:f0:03:68:4c:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B9661B0E7FC75ED767D18B56FC749BAED21FC195
        Validity
            Not Before: Mar  5 17:58:44 2024 GMT
            Not After : Mar  4 18:03:44 2025 GMT
        Subject: CN=5119E4135152EB4504541F205A9CDA686837D9E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c5:12:50:c5:0c:04:87:58:50:88:f5:54:1e:
                    0b:e1:6a:d7:87:c3:a2:88:88:f1:84:29:4e:b9:b7:
                    44:66:d0:0d:1d:ec:f2:67:e8:58:fc:60:8a:31:51:
                    e6:0e:6e:7a:80:88:d7:b3:a8:70:8e:28:95:3a:5d:
                    21:af:7d:66:7a:98:58:21:36:e8:99:b7:e6:38:e0:
                    1e:b3:e3:af:b7:83:64:fb:84:fd:c0:61:96:ba:63:
                    c4:31:21:14:7d:cf:2c:0b:63:3b:2b:fb:6e:e3:a4:
                    73:ee:4e:e1:1d:25:e5:74:a6:99:19:4f:6b:e5:6a:
                    07:5e:b0:2f:ed:39:6a:a8:8b:4a:7d:90:ca:7e:f8:
                    f2:cc:2a:e1:3f:55:38:4a:e2:ed:4b:90:8a:df:4f:
                    20:f7:3f:03:0e:a3:a8:cb:8f:9e:51:bb:5f:dc:4f:
                    2a:7d:86:86:c4:17:7f:17:81:e5:94:29:97:2a:cd:
                    db:ba:be:d8:e9:c9:8b:94:93:63:8c:11:96:a8:da:
                    25:f9:91:ba:3c:ed:9f:a7:d8:37:11:67:63:1d:78:
                    dc:9b:27:19:70:ad:e3:8f:01:92:3a:a3:53:3b:a8:
                    6c:aa:a8:4a:e3:83:0f:c6:38:fb:f8:5a:5d:11:71:
                    48:52:20:7e:f4:0a:d4:cc:66:51:c5:a1:bb:45:e9:
                    f7:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:19:E4:13:51:52:EB:45:04:54:1F:20:5A:9C:DA:68:68:37:D9:E5
            X509v3 Authority Key Identifier:
                keyid:B9:66:1B:0E:7F:C7:5E:D7:67:D1:8B:56:FC:74:9B:AE:D2:1F:C1:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/67236B4CCEFBC43821AA42D45D1AF2A3747087F6A0476701E6F0A871E1E15BBF/0/B9661B0E7FC75ED767D18B56FC749BAED21FC195.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B9661B0E7FC75ED767D18B56FC749BAED21FC195.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/67236B4CCEFBC43821AA42D45D1AF2A3747087F6A0476701E6F0A871E1E15BBF/0/323830333a623065303a393938393a3a2f34382d3438203d3e20323639383632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b0e0:9989::/48

    Signature Algorithm: sha256WithRSAEncryption
         ac:2c:b7:7f:e7:ac:50:cc:7f:6d:26:35:fe:06:32:5b:22:ae:
         d5:1b:5c:82:75:21:92:29:24:fe:d5:76:2d:e9:34:b9:aa:eb:
         4f:cf:05:db:5c:3e:22:65:8f:51:c5:9d:0e:f9:20:43:7e:87:
         82:8c:1a:ff:18:4e:d9:ff:01:2f:b1:ad:3a:f4:57:02:10:6f:
         4a:01:3d:f3:3e:5d:bc:02:3a:9f:9a:8a:56:66:13:c5:c5:25:
         38:18:8f:7b:b3:d7:0a:ee:ae:94:86:9b:cf:da:5b:a1:04:d4:
         90:01:cb:9e:cc:ab:ca:06:1d:d4:a1:10:63:c3:ba:0c:ee:e8:
         b6:03:1a:2c:16:c6:be:91:07:53:c7:d4:22:2d:a2:76:3c:32:
         5d:88:f9:29:4f:a2:cc:0f:25:d2:fc:1b:49:2c:16:d6:47:44:
         48:15:58:8a:51:c7:54:10:33:ea:8c:d3:4f:7d:0f:7d:c6:f6:
         36:ed:4b:09:3e:29:a9:3a:b8:1e:25:43:66:1e:e8:a7:33:45:
         fb:b0:16:3c:bd:1b:52:0d:19:83:5c:6c:0e:12:25:c1:ea:c5:
         0e:cc:f9:27:1e:a4:85:a0:5e:d5:36:8e:8a:58:d0:42:db:29:
         6a:57:e7:0c:cc:1b:f2:68:d9:36:d0:a3:26:cc:b2:30:43:b0:
         3d:78:df:0d
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgIUIZtkVX2EeATgRViDgGK88ANoTEcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjk2NjFCMEU3RkM3NUVENzY3RDE4QjU2RkM3NDlCQUVE
MjFGQzE5NTAeFw0yNDAzMDUxNzU4NDRaFw0yNTAzMDQxODAzNDRaMDMxMTAvBgNV
BAMTKDUxMTlFNDEzNTE1MkVCNDUwNDU0MUYyMDVBOUNEQTY4NjgzN0Q5RTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6xRJQxQwEh1hQiPVUHgvhateH
w6KIiPGEKU65t0Rm0A0d7PJn6Fj8YIoxUeYObnqAiNezqHCOKJU6XSGvfWZ6mFgh
NuiZt+Y44B6z46+3g2T7hP3AYZa6Y8QxIRR9zywLYzsr+27jpHPuTuEdJeV0ppkZ
T2vlagdesC/tOWqoi0p9kMp++PLMKuE/VThK4u1LkIrfTyD3PwMOo6jLj55Ru1/c
Typ9hobEF38XgeWUKZcqzdu6vtjpyYuUk2OMEZao2iX5kbo87Z+n2DcRZ2MdeNyb
JxlwreOPAZI6o1M7qGyqqErjgw/GOPv4Wl0RcUhSIH70CtTMZlHFobtF6ffhAgMB
AAGjggLVMIIC0TAdBgNVHQ4EFgQUURnkE1FS60UEVB8gWpzaaGg32eUwHwYDVR0j
BBgwFoAUuWYbDn/HXtdn0YtW/HSbrtIfwZUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82NzIzNkI0Q0NFRkJDNDM4MjFBQTQyRDQ1RDFBRjJBMzc0
NzA4N0Y2QTA0NzY3MDFFNkYwQTg3MUUxRTE1QkJGLzAvQjk2NjFCMEU3RkM3NUVE
NzY3RDE4QjU2RkM3NDlCQUVEMjFGQzE5NS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9COTY2MUIwRTdGQzc1RUQ3NjdE
MThCNTZGQzc0OUJBRUQyMUZDMTk1LmNlcjCB0QYIKwYBBQUHAQsEgcQwgcEwgb4G
CCsGAQUFBzALhoGxcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjcyMzZCNENDRUZCQzQzODIxQUE0MkQ0NUQxQUYyQTM3NDcwODdGNkEw
NDc2NzAxRTZGMEE4NzFFMUUxNUJCRi8wLzMyMzgzMDMzM2E2MjMwNjUzMDNhMzkz
OTM4MzkzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM2MzkzODM2MzIucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAoA7DgmYkwDQYJKoZIhvcNAQELBQADggEBAKwst3/nrFDMf20mNf4GMlsi
rtUbXIJ1IZIpJP7Vdi3pNLmq60/PBdtcPiJlj1HFnQ75IEN+h4KMGv8YTtn/AS+x
rTr0VwIQb0oBPfM+XbwCOp+ailZmE8XFJTgYj3uz1wrurpSGm8/aW6EE1JABy57M
q8oGHdShEGPDugzu6LYDGiwWxr6RB1PH1CItonY8Ml2I+SlPoswPJdL8G0ksFtZH
REgVWIpRx1QQM+qM0099D33G9jbtSwk+Kak6uB4lQ2Ye6KczRfuwFjy9G1INGYNc
bA4SJcHqxQ7M+ScepIWgXtU2jopY0ELbKWpX5wzMG/Jo2TbQoybMsjBDsD143w0=
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:17:51 2024 by rpki-client on console-ams.rpki-client.org