Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/802672FE15624BDF705C3588B1C7767DD409D7594E5A7CC8FD3A384F7AA4E7EF/0/323830333a623539303a323a3a2f36342d3634203d3e20323733303038.roa
File:                     323830333a623539303a323a3a2f36342d3634203d3e20323733303038.roa (raw, json)
Hash identifier:          7KhwoMB8Eylo6la/BHQY2Pd82kX/FUz5e/sdvaDN3YA=
Subject key identifier:   8E:C4:6F:3E:B5:87:31:89:99:56:18:D5:DF:E5:AD:8C:09:30:8B:40
Certificate issuer:       /CN=D68C275AE349DFCD32C558419A7893BADFF5F3F8
Certificate serial:       2637953482D23CDFC52F5B765C7F4EB13DF6B91A
Authority key identifier: D6:8C:27:5A:E3:49:DF:CD:32:C5:58:41:9A:78:93:BA:DF:F5:F3:F8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D68C275AE349DFCD32C558419A7893BADFF5F3F8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/802672FE15624BDF705C3588B1C7767DD409D7594E5A7CC8FD3A384F7AA4E7EF/0/323830333a623539303a323a3a2f36342d3634203d3e20323733303038.roa
Signing time:             Tue 05 Mar 2024 17:46:43 +0000
ROA not before:           Tue 05 Mar 2024 17:41:43 +0000
ROA not after:            Tue 04 Mar 2025 17:46:43 +0000
asID:                     273008
IP address blocks:        2803:b590:2::/64 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/802672FE15624BDF705C3588B1C7767DD409D7594E5A7CC8FD3A384F7AA4E7EF/0/D68C275AE349DFCD32C558419A7893BADFF5F3F8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/802672FE15624BDF705C3588B1C7767DD409D7594E5A7CC8FD3A384F7AA4E7EF/0/D68C275AE349DFCD32C558419A7893BADFF5F3F8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D68C275AE349DFCD32C558419A7893BADFF5F3F8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:37:95:34:82:d2:3c:df:c5:2f:5b:76:5c:7f:4e:b1:3d:f6:b9:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D68C275AE349DFCD32C558419A7893BADFF5F3F8
        Validity
            Not Before: Mar  5 17:41:43 2024 GMT
            Not After : Mar  4 17:46:43 2025 GMT
        Subject: CN=8EC46F3EB5873189995618D5DFE5AD8C09308B40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:f2:4e:23:a1:d9:66:07:9d:86:62:25:45:2e:
                    23:38:55:68:a3:fb:10:4f:9b:58:b0:f7:69:4e:37:
                    0a:71:34:fa:10:85:d0:49:16:f5:19:d6:5e:cf:1b:
                    3f:a4:8b:46:3c:bd:23:84:c0:ad:f5:86:25:64:6c:
                    ce:c4:cc:85:33:c6:81:0c:56:74:6c:01:fc:e2:3b:
                    a2:5b:ac:de:3e:b3:99:13:c7:6a:cb:c9:ee:96:31:
                    35:4d:26:c0:35:f2:90:bc:44:c5:89:af:a1:1d:82:
                    5b:73:9a:e0:ec:b5:a2:16:38:5b:94:cd:55:07:06:
                    57:b2:ea:f4:8a:37:0d:07:4b:8e:be:fe:0d:12:1b:
                    8a:60:56:4d:8d:8a:60:42:2d:1c:b4:55:e5:c2:0d:
                    d2:76:b8:55:b3:64:41:c4:3c:29:6a:1d:cb:a7:44:
                    f1:b1:fe:ca:2a:ea:2e:1a:54:80:85:f0:ae:98:9f:
                    4c:43:75:7c:15:ae:17:01:4d:fe:c1:ae:6c:b6:97:
                    15:18:d2:24:41:15:25:8f:7b:fa:ac:26:db:77:6c:
                    b4:7c:12:d2:6a:87:b2:f9:5b:a4:8e:5d:cf:a5:b0:
                    85:49:09:55:7d:ba:c8:b4:61:69:7b:33:b8:5f:85:
                    b0:83:c1:40:3d:aa:4c:83:fa:fa:b1:62:ab:17:f6:
                    c6:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:C4:6F:3E:B5:87:31:89:99:56:18:D5:DF:E5:AD:8C:09:30:8B:40
            X509v3 Authority Key Identifier:
                keyid:D6:8C:27:5A:E3:49:DF:CD:32:C5:58:41:9A:78:93:BA:DF:F5:F3:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/802672FE15624BDF705C3588B1C7767DD409D7594E5A7CC8FD3A384F7AA4E7EF/0/D68C275AE349DFCD32C558419A7893BADFF5F3F8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D68C275AE349DFCD32C558419A7893BADFF5F3F8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/802672FE15624BDF705C3588B1C7767DD409D7594E5A7CC8FD3A384F7AA4E7EF/0/323830333a623539303a323a3a2f36342d3634203d3e20323733303038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b590:2::/64

    Signature Algorithm: sha256WithRSAEncryption
         82:76:59:39:45:56:b8:5f:f6:2f:82:23:68:77:63:ce:64:be:
         57:37:ab:93:e1:93:e1:9d:86:a2:a1:d6:72:90:74:95:fa:42:
         63:31:b5:fa:43:6e:f8:3c:eb:5d:ee:48:7c:69:d0:9b:d0:a4:
         71:45:0b:ec:32:e5:0d:dd:eb:e0:f2:60:3f:38:e6:4b:17:a1:
         55:cc:3b:b3:70:5b:69:d5:82:e3:a9:4f:86:fb:88:f6:7d:d7:
         78:8b:c7:12:dd:b4:29:13:4a:96:35:fd:78:1c:ec:01:1e:71:
         41:33:df:4d:10:5e:e7:fb:eb:97:50:d9:b0:ef:17:e8:77:79:
         26:31:77:83:51:c1:b2:99:86:07:3d:49:44:a8:1c:9d:3f:8b:
         01:13:f6:d6:79:e7:4c:ee:da:2a:e2:ec:d4:41:43:c8:cd:4e:
         59:ab:8b:87:73:96:ee:52:1a:c2:53:d0:39:fd:ee:b4:f3:9c:
         d8:8a:d8:70:2b:a0:09:e8:25:27:83:11:d7:f0:2f:41:d4:a5:
         d4:ca:e1:f4:84:53:09:02:bb:79:92:bf:96:39:ae:86:e3:0a:
         b1:16:16:45:f2:2b:7a:50:f7:0c:8d:6b:93:c6:25:cb:33:e4:
         08:08:50:ad:94:27:69:d3:b3:39:67:2e:bb:eb:a9:90:33:5f:
         cc:fc:25:00
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIUJjeVNILSPN/FL1t2XH9OsT32uRowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDY4QzI3NUFFMzQ5REZDRDMyQzU1ODQxOUE3ODkzQkFE
RkY1RjNGODAeFw0yNDAzMDUxNzQxNDNaFw0yNTAzMDQxNzQ2NDNaMDMxMTAvBgNV
BAMTKDhFQzQ2RjNFQjU4NzMxODk5OTU2MThENURGRTVBRDhDMDkzMDhCNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCd8k4jodlmB52GYiVFLiM4VWij
+xBPm1iw92lONwpxNPoQhdBJFvUZ1l7PGz+ki0Y8vSOEwK31hiVkbM7EzIUzxoEM
VnRsAfziO6JbrN4+s5kTx2rLye6WMTVNJsA18pC8RMWJr6EdgltzmuDstaIWOFuU
zVUHBley6vSKNw0HS46+/g0SG4pgVk2NimBCLRy0VeXCDdJ2uFWzZEHEPClqHcun
RPGx/soq6i4aVICF8K6Yn0xDdXwVrhcBTf7Brmy2lxUY0iRBFSWPe/qsJtt3bLR8
EtJqh7L5W6SOXc+lsIVJCVV9usi0YWl7M7hfhbCDwUA9qkyD+vqxYqsX9satAgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQUjsRvPrWHMYmZVhjV3+WtjAkwi0AwHwYDVR0j
BBgwFoAU1ownWuNJ380yxVhBmniTut/18/gwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84MDI2NzJGRTE1NjI0QkRGNzA1QzM1ODhCMUM3NzY3REQ0
MDlENzU5NEU1QTdDQzhGRDNBMzg0RjdBQTRFN0VGLzAvRDY4QzI3NUFFMzQ5REZD
RDMyQzU1ODQxOUE3ODkzQkFERkY1RjNGOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjhDMjc1QUUzNDlERkNEMzJD
NTU4NDE5QTc4OTNCQURGRjVGM0Y4LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODAyNjcyRkUxNTYyNEJERjcwNUMzNTg4QjFDNzc2N0RENDA5RDc1OTRF
NUE3Q0M4RkQzQTM4NEY3QUE0RTdFRi8wLzMyMzgzMDMzM2E2MjM1MzkzMDNhMzIz
YTNhMmYzNjM0MmQzNjM0MjAzZDNlMjAzMjM3MzMzMDMwMzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgACMAsDCQAo
A7WQAAIAADANBgkqhkiG9w0BAQsFAAOCAQEAgnZZOUVWuF/2L4IjaHdjzmS+Vzer
k+GT4Z2GoqHWcpB0lfpCYzG1+kNu+DzrXe5IfGnQm9CkcUUL7DLlDd3r4PJgPzjm
SxehVcw7s3BbadWC46lPhvuI9n3XeIvHEt20KRNKljX9eBzsAR5xQTPfTRBe5/vr
l1DZsO8X6Hd5JjF3g1HBspmGBz1JRKgcnT+LARP21nnnTO7aKuLs1EFDyM1OWauL
h3OW7lIawlPQOf3utPOc2IrYcCugCeglJ4MR1/AvQdSl1Mrh9IRTCQK7eZK/ljmu
huMKsRYWRfIrelD3DI1rk8YlyzPkCAhQrZQnadOzOWcuu+upkDNfzPwlAA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:33:01 2024 by rpki-client on console-ams.rpki-client.org