Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/323830303a3637303a3a2f33322d3332203d3e20323632353839.roa
File:                     323830303a3637303a3a2f33322d3332203d3e20323632353839.roa (raw, json)
Hash identifier:          pBz1v5DA2sdhGg2tVGie1foK9CEWgbjRKJICh+Q7upY=
Subject key identifier:   0D:FD:88:96:66:DC:CE:20:02:48:AC:FD:B2:19:F8:64:86:19:DF:4A
Certificate issuer:       /CN=2152913C2D5333E6F48DA45B339F5C285841364B
Certificate serial:       79DEF953A9E5507F2C3E0D312DFA17D75F6214C3
Authority key identifier: 21:52:91:3C:2D:53:33:E6:F4:8D:A4:5B:33:9F:5C:28:58:41:36:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2152913C2D5333E6F48DA45B339F5C285841364B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/323830303a3637303a3a2f33322d3332203d3e20323632353839.roa
Signing time:             Fri 26 Jun 2026 13:50:00 +0000
ROA not before:           Fri 26 Jun 2026 13:45:00 +0000
ROA not after:            Fri 25 Jun 2027 13:50:00 +0000
asID:                     262589
IP address blocks:        2800:670::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/2152913C2D5333E6F48DA45B339F5C285841364B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/2152913C2D5333E6F48DA45B339F5C285841364B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2152913C2D5333E6F48DA45B339F5C285841364B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 04 Jul 2026 05:10:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:de:f9:53:a9:e5:50:7f:2c:3e:0d:31:2d:fa:17:d7:5f:62:14:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2152913C2D5333E6F48DA45B339F5C285841364B
        Validity
            Not Before: Jun 26 13:45:00 2026 GMT
            Not After : Jun 25 13:50:00 2027 GMT
        Subject: CN=0DFD889666DCCE200248ACFDB219F8648619DF4A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:9e:fb:29:aa:a7:69:60:44:9c:c4:5f:3f:27:
                    52:67:23:b2:9b:77:5c:48:a0:b4:9f:1c:18:45:35:
                    77:c2:8a:d1:3a:ef:5c:6e:f1:23:83:ea:d3:f1:17:
                    7e:bf:48:e1:d5:0f:e0:4b:13:6b:cf:f3:cc:b4:6b:
                    3d:32:d8:c6:02:ec:fc:89:96:4b:42:1c:f9:ee:2d:
                    2b:21:5b:fe:47:32:b4:3c:ac:e6:92:1f:d8:40:4f:
                    d9:49:81:bd:62:61:aa:40:1d:71:c9:8f:13:1e:59:
                    c6:e2:63:4a:47:9d:8b:5d:62:5b:53:6e:fa:30:25:
                    20:7c:28:69:0b:33:9e:10:87:a5:91:2d:19:36:5c:
                    08:01:64:ef:a9:a6:af:52:9e:31:0f:14:30:c2:67:
                    bc:26:b9:d3:a5:2e:19:5b:a5:e9:b0:24:fc:b2:88:
                    2b:2b:f5:0f:6e:ce:50:63:d4:df:81:c6:b0:af:de:
                    82:96:18:08:fb:88:6b:27:fb:a0:cb:fb:0c:cc:a2:
                    67:1e:71:95:8b:02:f9:e5:d7:70:84:d0:f7:28:2b:
                    b9:1b:55:e1:8a:d3:8d:3d:2f:73:0a:a1:4a:3a:ee:
                    6f:26:c0:c1:c4:df:b6:33:b5:3d:e3:4a:cc:ec:5f:
                    1b:a0:68:15:a6:11:ae:e0:26:20:9b:6f:fa:47:88:
                    fd:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:FD:88:96:66:DC:CE:20:02:48:AC:FD:B2:19:F8:64:86:19:DF:4A
            X509v3 Authority Key Identifier:
                keyid:21:52:91:3C:2D:53:33:E6:F4:8D:A4:5B:33:9F:5C:28:58:41:36:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/2152913C2D5333E6F48DA45B339F5C285841364B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2152913C2D5333E6F48DA45B339F5C285841364B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/323830303a3637303a3a2f33322d3332203d3e20323632353839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:670::/32

    Signature Algorithm: sha256WithRSAEncryption
         b0:e4:ee:62:89:ea:2d:bd:00:6d:5b:81:b3:c2:89:37:2e:1b:
         45:06:d5:35:ff:73:4e:fe:c9:2f:bb:50:3d:02:dd:2a:b6:a7:
         64:c1:31:c4:f5:56:e4:c2:24:e5:43:22:38:04:cb:f4:b4:3a:
         9a:cd:c1:fa:ee:ae:c4:16:55:c3:7f:b0:24:3a:13:a5:12:f2:
         06:44:ed:6e:cd:d4:4a:6c:32:19:97:54:1e:19:25:55:db:18:
         1a:0e:2b:05:cd:1f:d6:8e:3f:82:43:ad:ee:b0:e2:47:71:31:
         a6:f4:ae:9a:05:73:f0:39:99:a4:ce:01:40:c2:35:0a:31:45:
         54:76:42:c2:2c:61:2e:5f:d0:74:53:28:04:a2:49:ac:0a:91:
         b6:b6:92:5d:90:10:85:18:70:b2:19:68:d8:d2:36:8f:0f:f6:
         a5:0e:02:11:28:03:b1:73:7e:c4:1b:f4:6b:ee:9f:2c:3d:2b:
         e3:a2:5e:68:11:b6:79:60:6d:ab:41:5c:9a:9a:4b:fd:2b:06:
         a4:3d:ff:2c:53:2d:f9:a0:2b:79:8d:45:f8:28:91:8b:7c:83:
         ac:2f:2c:e4:53:84:34:4e:1d:f7:7c:86:4b:d6:5c:8c:21:96:
         b4:d6:da:a5:16:72:06:0f:4c:7c:88:99:c2:23:cc:2c:96:00:
         4f:9a:fa:4c
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUed75U6nlUH8sPg0xLfoX119iFMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE1MjkxM0MyRDUzMzNFNkY0OERBNDVCMzM5RjVDMjg1
ODQxMzY0QjAeFw0yNjA2MjYxMzQ1MDBaFw0yNzA2MjUxMzUwMDBaMDMxMTAvBgNV
BAMTKDBERkQ4ODk2NjZEQ0NFMjAwMjQ4QUNGREIyMTlGODY0ODYxOURGNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsnvspqqdpYEScxF8/J1JnI7Kb
d1xIoLSfHBhFNXfCitE671xu8SOD6tPxF36/SOHVD+BLE2vP88y0az0y2MYC7PyJ
lktCHPnuLSshW/5HMrQ8rOaSH9hAT9lJgb1iYapAHXHJjxMeWcbiY0pHnYtdYltT
bvowJSB8KGkLM54Qh6WRLRk2XAgBZO+ppq9SnjEPFDDCZ7wmudOlLhlbpemwJPyy
iCsr9Q9uzlBj1N+BxrCv3oKWGAj7iGsn+6DL+wzMomcecZWLAvnl13CE0PcoK7kb
VeGK0409L3MKoUo67m8mwMHE37YztT3jSszsXxugaBWmEa7gJiCbb/pHiP2JAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUDf2IlmbcziACSKz9shn4ZIYZ30owHwYDVR0j
BBgwFoAUIVKRPC1TM+b0jaRbM59cKFhBNkswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83MTRBQTlFNjM2M0QwNDBCQUUwODgwMTAwNUREOEE4MzM1
QUU1MEQ0NkRGRjUzQjMzNTlFNDZCQ0FGNDJGMEQ2LzAvMjE1MjkxM0MyRDUzMzNF
NkY0OERBNDVCMzM5RjVDMjg1ODQxMzY0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMTUyOTEzQzJENTMzM0U2RjQ4
REE0NUIzMzlGNUMyODU4NDEzNjRCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzE0QUE5RTYzNjNEMDQwQkFFMDg4MDEwMDVERDhBODMzNUFFNTBENDZE
RkY1M0IzMzU5RTQ2QkNBRjQyRjBENi8wLzMyMzgzMDMwM2EzNjM3MzAzYTNhMmYz
MzMyMmQzMzMyMjAzZDNlMjAzMjM2MzIzNTM4Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAAZwMA0G
CSqGSIb3DQEBCwUAA4IBAQCw5O5iieotvQBtW4Gzwok3LhtFBtU1/3NO/skvu1A9
At0qtqdkwTHE9VbkwiTlQyI4BMv0tDqazcH67q7EFlXDf7AkOhOlEvIGRO1uzdRK
bDIZl1QeGSVV2xgaDisFzR/Wjj+CQ63usOJHcTGm9K6aBXPwOZmkzgFAwjUKMUVU
dkLCLGEuX9B0UygEokmsCpG2tpJdkBCFGHCyGWjY0jaPD/alDgIRKAOxc37EG/Rr
7p8sPSvjol5oEbZ5YG2rQVyamkv9KwakPf8sUy35oCt5jUX4KJGLfIOsLyzkU4Q0
Th33fIZL1lyMIZa01tqlFnIGD0x8iJnCI8wslgBPmvpM
-----END CERTIFICATE-----
Generated at Wed Jul 1 03:58:21 2026 by rpki-client