Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/827761D6DF437C41C78D55A4DCB7E4C0339170DCB435DE300AFE2B316FA31FEC/0/323830313a31303a643030303a3a2f34382d3438203d3e20323634383334.roa
File:                     323830313a31303a643030303a3a2f34382d3438203d3e20323634383334.roa (raw, json)
Hash identifier:          5jf8t6fDd2muqTgVovCoV8J7b/7obzm/zsI8EvslDPk=
Subject key identifier:   22:8A:89:ED:94:5E:6A:C6:76:1A:EB:B3:28:BE:40:AC:ED:C6:EC:3D
Certificate issuer:       /CN=EC26663ACAE29445E5B6D7E1004A10C38B71FA71
Certificate serial:       078BE813C8DC8C6AB6D42AEB366BE3E53EA1D80E
Authority key identifier: EC:26:66:3A:CA:E2:94:45:E5:B6:D7:E1:00:4A:10:C3:8B:71:FA:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC26663ACAE29445E5B6D7E1004A10C38B71FA71.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/827761D6DF437C41C78D55A4DCB7E4C0339170DCB435DE300AFE2B316FA31FEC/0/323830313a31303a643030303a3a2f34382d3438203d3e20323634383334.roa
Signing time:             Tue 05 Mar 2024 18:13:37 +0000
ROA not before:           Tue 05 Mar 2024 18:08:37 +0000
ROA not after:            Tue 04 Mar 2025 18:13:37 +0000
asID:                     264834
IP address blocks:        2801:10:d000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/827761D6DF437C41C78D55A4DCB7E4C0339170DCB435DE300AFE2B316FA31FEC/0/EC26663ACAE29445E5B6D7E1004A10C38B71FA71.crl
                          rsync://repository.lacnic.net/rpki/lacnic/827761D6DF437C41C78D55A4DCB7E4C0339170DCB435DE300AFE2B316FA31FEC/0/EC26663ACAE29445E5B6D7E1004A10C38B71FA71.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC26663ACAE29445E5B6D7E1004A10C38B71FA71.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:8b:e8:13:c8:dc:8c:6a:b6:d4:2a:eb:36:6b:e3:e5:3e:a1:d8:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EC26663ACAE29445E5B6D7E1004A10C38B71FA71
        Validity
            Not Before: Mar  5 18:08:37 2024 GMT
            Not After : Mar  4 18:13:37 2025 GMT
        Subject: CN=228A89ED945E6AC6761AEBB328BE40ACEDC6EC3D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b7:dd:c6:42:d9:22:5c:0d:83:d0:07:4c:58:
                    f4:a3:fe:9a:40:f3:74:11:79:a5:de:75:03:aa:cc:
                    b4:07:ed:53:86:f4:d0:27:4e:47:da:f6:87:a5:e4:
                    62:b6:a7:a3:64:e6:62:98:41:c0:f0:29:d0:29:85:
                    70:eb:d0:85:08:47:b7:00:c0:5c:ce:cd:71:b1:20:
                    c4:b7:28:11:1b:44:eb:62:d8:cb:19:dd:5d:0b:d1:
                    7d:ae:bd:ab:06:46:af:b0:7a:12:cd:22:f3:20:6c:
                    19:4a:d8:10:83:18:eb:34:e3:90:f5:8c:e9:f0:cb:
                    30:01:f6:d5:32:be:a4:66:d3:1c:5c:d9:75:af:12:
                    dc:49:9b:cc:4e:69:30:9d:55:63:2f:2f:2b:70:33:
                    72:d2:bd:e6:49:2d:ca:6f:20:be:b7:74:9d:dc:ad:
                    4f:39:fd:8b:5d:8a:76:03:d0:06:ab:e3:59:1d:6f:
                    09:33:44:26:df:cc:95:cc:fa:61:66:5c:f2:86:dc:
                    97:04:66:60:5e:fb:91:b7:f8:eb:4b:4e:28:22:82:
                    eb:64:fd:ef:3b:e8:df:95:8b:f5:bd:ea:15:d9:2d:
                    7b:2b:49:fe:9b:be:8e:e1:28:dc:0a:10:ae:42:47:
                    36:7e:a6:ae:26:6d:dc:01:6b:c4:3c:9b:75:77:94:
                    d2:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:8A:89:ED:94:5E:6A:C6:76:1A:EB:B3:28:BE:40:AC:ED:C6:EC:3D
            X509v3 Authority Key Identifier:
                keyid:EC:26:66:3A:CA:E2:94:45:E5:B6:D7:E1:00:4A:10:C3:8B:71:FA:71

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/827761D6DF437C41C78D55A4DCB7E4C0339170DCB435DE300AFE2B316FA31FEC/0/EC26663ACAE29445E5B6D7E1004A10C38B71FA71.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC26663ACAE29445E5B6D7E1004A10C38B71FA71.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/827761D6DF437C41C78D55A4DCB7E4C0339170DCB435DE300AFE2B316FA31FEC/0/323830313a31303a643030303a3a2f34382d3438203d3e20323634383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:10:d000::/48

    Signature Algorithm: sha256WithRSAEncryption
         05:9f:ea:8b:1f:11:98:79:93:81:79:40:98:db:54:10:bf:c2:
         6c:3d:bd:86:db:0b:db:67:27:00:3a:76:aa:8f:45:09:09:8c:
         98:10:e2:13:fb:16:71:e1:66:8d:30:ae:5c:ee:d7:44:f8:01:
         0f:3a:91:87:6b:84:a2:0d:bd:a8:7b:a6:a1:96:b2:2c:4c:bd:
         24:c9:4f:bb:a7:68:7b:c9:c5:e3:2e:d1:f7:63:ea:92:88:d7:
         4a:9e:da:23:60:4b:d1:ac:32:d8:a2:7c:6a:46:9c:42:83:05:
         b5:86:3c:94:de:f8:1a:1c:cb:04:98:c0:92:7f:f4:23:e2:37:
         90:cf:42:e5:6e:f9:17:88:fa:99:ce:ac:89:e0:31:94:0d:6d:
         03:5e:1e:fe:fc:3f:9a:07:66:86:c3:f3:15:2c:7c:93:bc:f5:
         a4:0e:5a:b8:03:e7:74:44:28:24:fe:8a:60:d9:4d:70:b3:84:
         2a:57:79:92:42:99:a9:e5:8d:c8:ba:f0:56:6d:c1:69:7a:41:
         ad:10:90:fe:5a:74:df:fb:f3:4b:65:64:e9:cd:8b:4e:eb:4d:
         9d:75:f6:fd:76:b9:24:93:3e:31:09:90:9e:52:ff:8e:6a:9e:
         a0:d9:5a:a8:ff:08:b6:d1:16:0f:fc:0c:88:fa:53:76:3b:71:
         e3:e4:8f:2f
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIUB4voE8jcjGq21CrrNmvj5T6h2A4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUMyNjY2M0FDQUUyOTQ0NUU1QjZEN0UxMDA0QTEwQzM4
QjcxRkE3MTAeFw0yNDAzMDUxODA4MzdaFw0yNTAzMDQxODEzMzdaMDMxMTAvBgNV
BAMTKDIyOEE4OUVEOTQ1RTZBQzY3NjFBRUJCMzI4QkU0MEFDRURDNkVDM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCt93GQtkiXA2D0AdMWPSj/ppA
83QReaXedQOqzLQH7VOG9NAnTkfa9oel5GK2p6Nk5mKYQcDwKdAphXDr0IUIR7cA
wFzOzXGxIMS3KBEbROti2MsZ3V0L0X2uvasGRq+wehLNIvMgbBlK2BCDGOs045D1
jOnwyzAB9tUyvqRm0xxc2XWvEtxJm8xOaTCdVWMvLytwM3LSveZJLcpvIL63dJ3c
rU85/YtdinYD0Aar41kdbwkzRCbfzJXM+mFmXPKG3JcEZmBe+5G3+OtLTigigutk
/e876N+Vi/W96hXZLXsrSf6bvo7hKNwKEK5CRzZ+pq4mbdwBa8Q8m3V3lNJ9AgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQUIoqJ7ZReasZ2GuuzKL5ArO3G7D0wHwYDVR0j
BBgwFoAU7CZmOsrilEXlttfhAEoQw4tx+nEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84Mjc3NjFENkRGNDM3QzQxQzc4RDU1QTREQ0I3RTRDMDMz
OTE3MERDQjQzNURFMzAwQUZFMkIzMTZGQTMxRkVDLzAvRUMyNjY2M0FDQUUyOTQ0
NUU1QjZEN0UxMDA0QTEwQzM4QjcxRkE3MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FQzI2NjYzQUNBRTI5NDQ1RTVC
NkQ3RTEwMDRBMTBDMzhCNzFGQTcxLmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODI3NzYxRDZERjQzN0M0MUM3OEQ1NUE0RENCN0U0QzAzMzkxNzBEQ0I0
MzVERTMwMEFGRTJCMzE2RkEzMUZFQy8wLzMyMzgzMDMxM2EzMTMwM2E2NDMwMzAz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzYzNDM4MzMzNC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMH
ACgBABDQADANBgkqhkiG9w0BAQsFAAOCAQEABZ/qix8RmHmTgXlAmNtUEL/CbD29
htsL22cnADp2qo9FCQmMmBDiE/sWceFmjTCuXO7XRPgBDzqRh2uEog29qHumoZay
LEy9JMlPu6doe8nF4y7R92PqkojXSp7aI2BL0awy2KJ8akacQoMFtYY8lN74GhzL
BJjAkn/0I+I3kM9C5W75F4j6mc6sieAxlA1tA14e/vw/mgdmhsPzFSx8k7z1pA5a
uAPndEQoJP6KYNlNcLOEKld5kkKZqeWNyLrwVm3BaXpBrRCQ/lp03/vzS2Vk6c2L
TutNnXX2/Xa5JJM+MQmQnlL/jmqeoNlaqP8IttEWD/wMiPpTdjtx4+SPLw==
-----END CERTIFICATE-----
Generated at Wed Nov 20 13:43:36 2024 by rpki-client on console-ams.rpki-client.org