Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/86E29DCDACD07543663499A1765AA71B7314EAF464FAF151852C907C4CF852A7/0/323830333a353239303a3a2f33322d3438203d3e20323732383634.roa
File:                     323830333a353239303a3a2f33322d3438203d3e20323732383634.roa (raw, json)
Hash identifier:          PqW7YAxQDlKQ854YoCT/Eajtp+yyPWsAWqlRu4x6N6w=
Subject key identifier:   69:7C:92:78:4E:19:BA:9C:C1:67:70:11:3F:8C:00:96:D1:29:54:7E
Certificate issuer:       /CN=65C5F759AD83CD7CD2BF1A0CEC83E677929E7867
Certificate serial:       11E680CF3C6E378D2192A2FAE7A4EC07B453EDC8
Authority key identifier: 65:C5:F7:59:AD:83:CD:7C:D2:BF:1A:0C:EC:83:E6:77:92:9E:78:67
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/65C5F759AD83CD7CD2BF1A0CEC83E677929E7867.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/86E29DCDACD07543663499A1765AA71B7314EAF464FAF151852C907C4CF852A7/0/323830333a353239303a3a2f33322d3438203d3e20323732383634.roa
Signing time:             Tue 05 Mar 2024 17:42:38 +0000
ROA not before:           Tue 05 Mar 2024 17:37:38 +0000
ROA not after:            Tue 04 Mar 2025 17:42:38 +0000
asID:                     272864
IP address blocks:        2803:5290::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/86E29DCDACD07543663499A1765AA71B7314EAF464FAF151852C907C4CF852A7/0/65C5F759AD83CD7CD2BF1A0CEC83E677929E7867.crl
                          rsync://repository.lacnic.net/rpki/lacnic/86E29DCDACD07543663499A1765AA71B7314EAF464FAF151852C907C4CF852A7/0/65C5F759AD83CD7CD2BF1A0CEC83E677929E7867.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/65C5F759AD83CD7CD2BF1A0CEC83E677929E7867.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 13 Jul 2024 10:06:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:e6:80:cf:3c:6e:37:8d:21:92:a2:fa:e7:a4:ec:07:b4:53:ed:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65C5F759AD83CD7CD2BF1A0CEC83E677929E7867
        Validity
            Not Before: Mar  5 17:37:38 2024 GMT
            Not After : Mar  4 17:42:38 2025 GMT
        Subject: CN=697C92784E19BA9CC16770113F8C0096D129547E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:07:e3:93:30:67:8f:81:01:c0:84:c4:32:d3:
                    f1:2f:da:4f:39:ef:83:bd:6c:ee:d0:2f:d2:af:df:
                    9f:4a:57:b6:38:7c:fa:65:a3:31:36:65:ac:29:52:
                    dd:e0:8a:b9:87:e6:4a:89:91:86:48:35:de:57:fa:
                    6c:72:48:0f:3d:e3:c3:75:dc:0c:1a:10:23:e5:ed:
                    88:22:73:3c:5f:8a:c4:72:a1:14:3f:fa:bc:2d:7c:
                    a3:8c:1c:0e:22:5d:31:62:1c:d5:c7:80:91:14:ab:
                    8b:99:d6:e1:f2:7e:72:6c:51:a3:0b:a0:81:ae:8c:
                    8d:f7:35:fb:00:41:f5:1f:85:05:3f:b1:b7:10:52:
                    89:b9:b9:a8:79:47:fc:95:be:e6:e5:c5:4d:75:97:
                    49:4e:77:a1:a5:23:a4:14:de:7c:3f:10:93:d6:04:
                    93:e4:d5:5f:94:3d:7b:fc:65:a2:dd:f1:2d:b6:f5:
                    d6:a1:45:68:93:6c:a3:22:5b:e0:1d:b1:69:cd:16:
                    c3:02:b6:77:0f:be:fb:3e:9a:20:1f:3d:b2:08:7c:
                    59:7b:b4:c2:85:03:d5:ac:a8:13:a7:43:b7:9f:95:
                    8f:88:5e:92:fe:26:c3:8b:82:63:76:b9:c1:23:a8:
                    67:d5:bd:2a:14:6f:41:78:5f:9b:8b:ce:22:c0:28:
                    04:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:7C:92:78:4E:19:BA:9C:C1:67:70:11:3F:8C:00:96:D1:29:54:7E
            X509v3 Authority Key Identifier:
                keyid:65:C5:F7:59:AD:83:CD:7C:D2:BF:1A:0C:EC:83:E6:77:92:9E:78:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/86E29DCDACD07543663499A1765AA71B7314EAF464FAF151852C907C4CF852A7/0/65C5F759AD83CD7CD2BF1A0CEC83E677929E7867.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/65C5F759AD83CD7CD2BF1A0CEC83E677929E7867.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/86E29DCDACD07543663499A1765AA71B7314EAF464FAF151852C907C4CF852A7/0/323830333a353239303a3a2f33322d3438203d3e20323732383634.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:5290::/32

    Signature Algorithm: sha256WithRSAEncryption
         12:d6:2c:8c:4e:19:f7:d9:78:69:2c:b7:82:55:86:14:dc:c4:
         3b:a0:15:ac:35:5f:6a:18:a2:08:ab:33:26:2f:ac:c7:da:e5:
         b1:25:9d:95:81:9d:ee:d3:3d:5c:fe:be:36:0d:ad:40:5c:0b:
         82:0b:26:55:86:83:1d:69:2e:54:36:67:77:7a:7f:2f:09:67:
         1b:d8:fd:31:85:6f:9b:1d:ac:8d:d6:69:ad:60:1a:fe:76:c6:
         7c:6f:0a:68:b8:46:6c:3d:49:15:6d:62:0a:d3:ff:3b:0b:8b:
         9a:2f:2f:5a:83:ff:e1:74:e3:ad:1e:31:0f:81:77:f8:3f:62:
         6f:0a:60:f5:bb:a3:af:95:7d:e0:b3:37:b7:80:ad:fe:35:9f:
         b0:d2:7a:2e:56:e9:c1:e8:33:8b:2f:ce:79:df:05:73:49:e3:
         12:00:f0:df:84:bf:61:70:7d:11:6e:3c:6c:d1:40:43:df:8f:
         ee:cc:69:f4:8f:0b:69:d4:4f:67:b6:6e:aa:78:37:b3:85:0a:
         28:44:d6:de:6f:5c:8f:27:af:9b:05:12:8f:c6:57:1d:e2:83:
         61:62:75:35:7f:3f:13:01:e6:05:a7:95:35:4c:ad:3a:37:51:
         da:33:e8:0b:35:91:63:9e:a0:8b:b3:2e:49:2e:19:ca:e3:2b:
         e1:0e:99:54
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUEeaAzzxuN40hkqL656TsB7RT7cgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjVDNUY3NTlBRDgzQ0Q3Q0QyQkYxQTBDRUM4M0U2Nzc5
MjlFNzg2NzAeFw0yNDAzMDUxNzM3MzhaFw0yNTAzMDQxNzQyMzhaMDMxMTAvBgNV
BAMTKDY5N0M5Mjc4NEUxOUJBOUNDMTY3NzAxMTNGOEMwMDk2RDEyOTU0N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCB+OTMGePgQHAhMQy0/Ev2k85
74O9bO7QL9Kv359KV7Y4fPplozE2ZawpUt3girmH5kqJkYZINd5X+mxySA8948N1
3AwaECPl7YgiczxfisRyoRQ/+rwtfKOMHA4iXTFiHNXHgJEUq4uZ1uHyfnJsUaML
oIGujI33NfsAQfUfhQU/sbcQUom5uah5R/yVvublxU11l0lOd6GlI6QU3nw/EJPW
BJPk1V+UPXv8ZaLd8S229dahRWiTbKMiW+AdsWnNFsMCtncPvvs+miAfPbIIfFl7
tMKFA9WsqBOnQ7eflY+IXpL+JsOLgmN2ucEjqGfVvSoUb0F4X5uLziLAKASLAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUaXySeE4ZupzBZ3ARP4wAltEpVH4wHwYDVR0j
BBgwFoAUZcX3Wa2DzXzSvxoM7IPmd5KeeGcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84NkUyOURDREFDRDA3NTQzNjYzNDk5QTE3NjVBQTcxQjcz
MTRFQUY0NjRGQUYxNTE4NTJDOTA3QzRDRjg1MkE3LzAvNjVDNUY3NTlBRDgzQ0Q3
Q0QyQkYxQTBDRUM4M0U2Nzc5MjlFNzg2Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NUM1Rjc1OUFEODNDRDdDRDJC
RjFBMENFQzgzRTY3NzkyOUU3ODY3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODZFMjlEQ0RBQ0QwNzU0MzY2MzQ5OUExNzY1QUE3MUI3MzE0RUFGNDY0
RkFGMTUxODUyQzkwN0M0Q0Y4NTJBNy8wLzMyMzgzMDMzM2EzNTMyMzkzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzczMjM4MzYzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDUpAw
DQYJKoZIhvcNAQELBQADggEBABLWLIxOGffZeGkst4JVhhTcxDugFaw1X2oYogir
MyYvrMfa5bElnZWBne7TPVz+vjYNrUBcC4ILJlWGgx1pLlQ2Z3d6fy8JZxvY/TGF
b5sdrI3Waa1gGv52xnxvCmi4Rmw9SRVtYgrT/zsLi5ovL1qD/+F0460eMQ+Bd/g/
Ym8KYPW7o6+VfeCzN7eArf41n7DSei5W6cHoM4svznnfBXNJ4xIA8N+Ev2FwfRFu
PGzRQEPfj+7MafSPC2nUT2e2bqp4N7OFCihE1t5vXI8nr5sFEo/GVx3ig2FidTV/
PxMB5gWnlTVMrTo3Udoz6As1kWOeoIuzLkkuGcrjK+EOmVQ=
-----END CERTIFICATE-----
Generated at Wed Jul 10 10:02:36 2024 by rpki-client on console-ams.rpki-client.org