Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/79D190189965DA1AAD867063CB6533400487A68736EC971F50F34C22524FC0FF/0/323830363a3363303a3a2f33322d3332203d3e20323635353233.roa
File:                     323830363a3363303a3a2f33322d3332203d3e20323635353233.roa (raw, json)
Hash identifier:          jacOWM7A9yDcXnMrxHMhTO00LJI7h+U0xGi/q2UCh3w=
Subject key identifier:   1C:A9:18:16:FE:EF:A8:F2:10:9A:82:83:56:86:B7:94:62:7C:B0:CC
Certificate issuer:       /CN=21FD9011B33FD9996D9085D654F9943A95C37269
Certificate serial:       0C6509AD969DEF54226D2D14E51395C37F508E39
Authority key identifier: 21:FD:90:11:B3:3F:D9:99:6D:90:85:D6:54:F9:94:3A:95:C3:72:69
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/21FD9011B33FD9996D9085D654F9943A95C37269.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/79D190189965DA1AAD867063CB6533400487A68736EC971F50F34C22524FC0FF/0/323830363a3363303a3a2f33322d3332203d3e20323635353233.roa
Signing time:             Tue 05 Mar 2024 17:47:10 +0000
ROA not before:           Tue 05 Mar 2024 17:42:10 +0000
ROA not after:            Tue 04 Mar 2025 17:47:10 +0000
asID:                     265523
IP address blocks:        2806:3c0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/79D190189965DA1AAD867063CB6533400487A68736EC971F50F34C22524FC0FF/0/21FD9011B33FD9996D9085D654F9943A95C37269.crl
                          rsync://repository.lacnic.net/rpki/lacnic/79D190189965DA1AAD867063CB6533400487A68736EC971F50F34C22524FC0FF/0/21FD9011B33FD9996D9085D654F9943A95C37269.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/21FD9011B33FD9996D9085D654F9943A95C37269.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 27 Jul 2024 09:18:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:65:09:ad:96:9d:ef:54:22:6d:2d:14:e5:13:95:c3:7f:50:8e:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21FD9011B33FD9996D9085D654F9943A95C37269
        Validity
            Not Before: Mar  5 17:42:10 2024 GMT
            Not After : Mar  4 17:47:10 2025 GMT
        Subject: CN=1CA91816FEEFA8F2109A82835686B794627CB0CC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:7b:7a:20:4c:79:95:e8:97:53:55:32:2a:86:
                    8c:8d:fc:29:08:b0:00:c8:ee:c6:a7:25:73:01:61:
                    a5:a2:c4:74:8b:dd:c8:9f:bf:d6:bd:36:0a:8f:3f:
                    d4:f8:05:e9:da:cc:b9:58:53:3d:20:c1:c6:72:00:
                    69:f4:ab:f8:79:c7:60:09:2e:c8:e4:89:ab:3e:32:
                    81:ba:0b:22:83:1f:03:75:13:7a:e2:9b:79:f0:bf:
                    ab:9b:8e:88:93:5f:32:36:63:e6:f1:d6:23:bb:1d:
                    39:a2:d9:18:3e:4c:ce:f0:b9:4a:61:41:9a:8b:25:
                    49:73:aa:ff:d0:be:37:a0:08:b3:3a:14:2c:00:9f:
                    19:85:61:f2:8d:c7:28:7e:15:0c:fd:da:4d:f9:dd:
                    2d:ee:be:a0:9a:d4:e3:fd:6e:b2:fc:52:9f:45:02:
                    39:a9:dc:81:86:b2:15:b8:be:69:dd:63:5e:15:61:
                    5b:67:07:62:89:74:39:35:94:e9:29:3f:c3:a6:14:
                    dd:7b:19:29:f6:8c:f0:9f:17:ee:e8:41:00:7c:29:
                    fa:d2:eb:f5:7a:d1:86:26:0f:c3:2a:14:36:1b:30:
                    5f:5b:0f:4e:c9:fc:80:60:a7:b8:41:05:db:43:07:
                    82:d1:d4:cb:f2:f4:b3:f0:f3:02:78:12:2b:59:60:
                    9e:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:A9:18:16:FE:EF:A8:F2:10:9A:82:83:56:86:B7:94:62:7C:B0:CC
            X509v3 Authority Key Identifier:
                keyid:21:FD:90:11:B3:3F:D9:99:6D:90:85:D6:54:F9:94:3A:95:C3:72:69

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/79D190189965DA1AAD867063CB6533400487A68736EC971F50F34C22524FC0FF/0/21FD9011B33FD9996D9085D654F9943A95C37269.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/21FD9011B33FD9996D9085D654F9943A95C37269.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/79D190189965DA1AAD867063CB6533400487A68736EC971F50F34C22524FC0FF/0/323830363a3363303a3a2f33322d3332203d3e20323635353233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2806:3c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         7e:e5:a1:1d:e5:b3:9d:8a:2b:26:0b:5b:89:a7:1e:c0:32:38:
         47:f1:19:41:a4:8e:c5:e0:34:83:5b:3c:4e:c6:ce:13:67:0a:
         91:89:42:69:40:6c:73:4f:73:67:69:c8:1e:fb:7f:b7:02:7d:
         c1:d9:f8:7a:6f:52:ad:64:e0:be:7d:b1:f1:50:d6:66:7c:79:
         fd:4b:15:cc:17:c9:50:1b:1c:62:a7:da:1f:85:79:ab:16:f2:
         d1:b5:9c:94:52:20:35:7b:18:22:97:db:71:8c:4c:89:d6:6e:
         06:13:8c:1b:d4:6e:40:78:9a:93:bf:d1:3a:6a:ac:89:80:34:
         3a:7f:d0:db:09:b7:a7:90:df:d6:44:e5:a5:b1:11:dc:2c:85:
         1e:79:e4:c9:14:e0:7e:29:6e:88:7c:02:ac:32:da:d4:ac:aa:
         c7:23:53:2c:71:90:7a:26:fd:2e:07:fb:96:13:1f:81:8d:df:
         50:80:e8:d2:28:97:3c:b4:d1:fc:e6:94:4b:9d:67:15:e8:49:
         f8:b3:3d:05:f5:cc:a5:64:55:84:2e:54:7c:6b:02:05:14:2f:
         7f:47:33:34:1a:f5:17:8c:52:c7:b2:7e:a9:69:8d:8b:11:03:
         db:4b:b1:0a:1a:b2:7c:31:83:e5:53:8b:17:33:ef:14:d3:40:
         fd:04:89:59
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUDGUJrZad71QibS0U5ROVw39QjjkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjFGRDkwMTFCMzNGRDk5OTZEOTA4NUQ2NTRGOTk0M0E5
NUMzNzI2OTAeFw0yNDAzMDUxNzQyMTBaFw0yNTAzMDQxNzQ3MTBaMDMxMTAvBgNV
BAMTKDFDQTkxODE2RkVFRkE4RjIxMDlBODI4MzU2ODZCNzk0NjI3Q0IwQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDae3ogTHmV6JdTVTIqhoyN/CkI
sADI7sanJXMBYaWixHSL3cifv9a9NgqPP9T4BenazLlYUz0gwcZyAGn0q/h5x2AJ
Lsjkias+MoG6CyKDHwN1E3rim3nwv6ubjoiTXzI2Y+bx1iO7HTmi2Rg+TM7wuUph
QZqLJUlzqv/QvjegCLM6FCwAnxmFYfKNxyh+FQz92k353S3uvqCa1OP9brL8Up9F
Ajmp3IGGshW4vmndY14VYVtnB2KJdDk1lOkpP8OmFN17GSn2jPCfF+7oQQB8KfrS
6/V60YYmD8MqFDYbMF9bD07J/IBgp7hBBdtDB4LR1Mvy9LPw8wJ4EitZYJ7lAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUHKkYFv7vqPIQmoKDVoa3lGJ8sMwwHwYDVR0j
BBgwFoAUIf2QEbM/2ZltkIXWVPmUOpXDcmkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83OUQxOTAxODk5NjVEQTFBQUQ4NjcwNjNDQjY1MzM0MDA0
ODdBNjg3MzZFQzk3MUY1MEYzNEMyMjUyNEZDMEZGLzAvMjFGRDkwMTFCMzNGRDk5
OTZEOTA4NUQ2NTRGOTk0M0E5NUMzNzI2OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMUZEOTAxMUIzM0ZEOTk5NkQ5
MDg1RDY1NEY5OTQzQTk1QzM3MjY5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzlEMTkwMTg5OTY1REExQUFEODY3MDYzQ0I2NTMzNDAwNDg3QTY4NzM2
RUM5NzFGNTBGMzRDMjI1MjRGQzBGRi8wLzMyMzgzMDM2M2EzMzYzMzAzYTNhMmYz
MzMyMmQzMzMyMjAzZDNlMjAzMjM2MzUzNTMyMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoBgPAMA0G
CSqGSIb3DQEBCwUAA4IBAQB+5aEd5bOdiismC1uJpx7AMjhH8RlBpI7F4DSDWzxO
xs4TZwqRiUJpQGxzT3Nnacge+3+3An3B2fh6b1KtZOC+fbHxUNZmfHn9SxXMF8lQ
Gxxip9ofhXmrFvLRtZyUUiA1exgil9txjEyJ1m4GE4wb1G5AeJqTv9E6aqyJgDQ6
f9DbCbenkN/WROWlsRHcLIUeeeTJFOB+KW6IfAKsMtrUrKrHI1MscZB6Jv0uB/uW
Ex+Bjd9QgOjSKJc8tNH85pRLnWcV6En4sz0F9cylZFWELlR8awIFFC9/RzM0GvUX
jFLHsn6paY2LEQPbS7EKGrJ8MYPlU4sXM+8U00D9BIlZ
-----END CERTIFICATE-----
Generated at Tue Jul 23 01:08:54 2024 by rpki-client on console-ams.rpki-client.org