Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8BFDD1555C8465C71EA51AF7C4CD118BC7FE6DC1EAA27054049776BBD68D9AAA/0/323830363a3363643a3a2f33322d3332203d3e20323635353233.roa
File:                     323830363a3363643a3a2f33322d3332203d3e20323635353233.roa (raw, json)
Hash identifier:          WppZORShr3z0SrpqGPohITaTZrvFJdHGntLOsbSBgDo=
Subject key identifier:   8A:7D:5E:22:DF:8B:D8:EA:DE:88:1E:B9:00:34:7A:3A:BE:27:A3:C8
Certificate issuer:       /CN=AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6
Certificate serial:       1057464D9407E73F582AD41B1BFB938124345909
Authority key identifier: AA:EB:3F:98:55:C7:BF:65:86:9D:EB:D3:AA:FD:93:46:BF:C1:E6:F6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8BFDD1555C8465C71EA51AF7C4CD118BC7FE6DC1EAA27054049776BBD68D9AAA/0/323830363a3363643a3a2f33322d3332203d3e20323635353233.roa
Signing time:             Tue 05 Mar 2024 17:45:46 +0000
ROA not before:           Tue 05 Mar 2024 17:40:46 +0000
ROA not after:            Tue 04 Mar 2025 17:45:46 +0000
asID:                     265523
IP address blocks:        2806:3cd::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8BFDD1555C8465C71EA51AF7C4CD118BC7FE6DC1EAA27054049776BBD68D9AAA/0/AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8BFDD1555C8465C71EA51AF7C4CD118BC7FE6DC1EAA27054049776BBD68D9AAA/0/AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 25 Jul 2024 06:55:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:57:46:4d:94:07:e7:3f:58:2a:d4:1b:1b:fb:93:81:24:34:59:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6
        Validity
            Not Before: Mar  5 17:40:46 2024 GMT
            Not After : Mar  4 17:45:46 2025 GMT
        Subject: CN=8A7D5E22DF8BD8EADE881EB900347A3ABE27A3C8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:5a:fb:a7:c1:e2:ef:7d:7f:fe:3a:33:28:04:
                    f9:7e:53:04:67:98:25:3b:78:5b:9a:7d:c4:cd:04:
                    59:5c:c1:07:48:61:d3:ae:ca:3f:62:e8:99:f1:7d:
                    10:9f:58:02:9d:61:fa:53:5f:e9:1e:91:b8:93:20:
                    f9:cb:ac:70:0c:d2:11:de:58:77:f6:32:2b:21:39:
                    50:84:b3:b3:b7:74:97:83:78:60:b7:e8:c3:65:f4:
                    15:64:3c:0f:a0:a8:35:73:fc:cc:1a:38:42:2a:99:
                    bf:73:96:2f:20:98:6b:d2:df:2d:69:f1:24:56:b3:
                    ff:1c:27:d7:ef:a7:7a:fd:79:95:88:79:23:09:05:
                    44:b5:68:fd:6b:3d:32:f1:7e:17:c0:4d:02:df:b1:
                    34:a7:d3:e5:c2:fb:29:29:b1:10:5c:61:15:70:67:
                    df:d7:6d:60:a7:5b:3c:c7:d8:4c:5c:e4:e3:0e:d3:
                    36:a1:78:dc:57:d3:91:84:2e:84:19:4e:5b:ce:77:
                    87:1a:2a:46:c4:5b:8e:d1:45:1e:6e:d4:0c:b3:12:
                    cc:09:29:0c:8d:20:f8:8f:43:c7:19:da:d9:9d:c4:
                    b4:0b:f3:00:25:f7:86:cd:cf:ce:3f:d5:72:19:db:
                    5b:9e:e3:ba:95:71:5d:34:70:31:f5:e2:d8:f6:2d:
                    8d:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:7D:5E:22:DF:8B:D8:EA:DE:88:1E:B9:00:34:7A:3A:BE:27:A3:C8
            X509v3 Authority Key Identifier:
                keyid:AA:EB:3F:98:55:C7:BF:65:86:9D:EB:D3:AA:FD:93:46:BF:C1:E6:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8BFDD1555C8465C71EA51AF7C4CD118BC7FE6DC1EAA27054049776BBD68D9AAA/0/AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8BFDD1555C8465C71EA51AF7C4CD118BC7FE6DC1EAA27054049776BBD68D9AAA/0/323830363a3363643a3a2f33322d3332203d3e20323635353233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2806:3cd::/32

    Signature Algorithm: sha256WithRSAEncryption
         34:93:b5:80:1f:4f:48:5e:0b:01:4d:9d:69:8e:51:64:0a:5e:
         7d:d4:8d:ab:94:2a:b7:19:ee:ef:16:7f:83:7a:49:f6:b1:f5:
         1e:da:a9:85:a3:3f:a8:7d:af:6d:96:37:83:9d:85:ad:94:f7:
         84:92:24:d7:04:f5:71:79:0a:cc:aa:e1:4e:f9:3e:8e:56:ca:
         5d:75:9b:f3:8d:83:b7:8f:97:ca:b8:ba:f3:94:9b:cb:a7:ea:
         56:09:16:8c:84:2f:2f:b1:8f:3e:25:70:a3:db:e0:00:6f:70:
         c3:50:ff:0b:2c:2c:f6:3f:f8:82:54:d7:fa:3d:00:2c:65:36:
         0d:63:2b:37:95:f4:88:2f:9b:df:ec:48:9d:51:e1:e5:14:f9:
         b9:2c:6b:a4:18:55:8d:79:4f:2b:de:1a:a4:0c:e6:7f:3b:69:
         7a:da:63:12:b6:8b:52:91:04:cf:f4:36:ee:a5:cf:0e:1a:7f:
         a8:6d:56:74:ff:72:0f:6a:fd:49:94:04:2b:97:12:20:9a:f0:
         82:54:a3:ff:9f:08:03:bf:0c:39:f0:aa:cb:e4:69:f9:9a:cf:
         cd:ac:40:91:cc:31:0f:05:ea:8a:03:24:4f:92:28:2f:3c:d6:
         5b:a1:df:ec:18:a7:39:66:a7:e3:24:b0:07:1e:81:3a:e8:91:
         97:b7:af:12
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUEFdGTZQH5z9YKtQbG/uTgSQ0WQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUFFQjNGOTg1NUM3QkY2NTg2OURFQkQzQUFGRDkzNDZC
RkMxRTZGNjAeFw0yNDAzMDUxNzQwNDZaFw0yNTAzMDQxNzQ1NDZaMDMxMTAvBgNV
BAMTKDhBN0Q1RTIyREY4QkQ4RUFERTg4MUVCOTAwMzQ3QTNBQkUyN0EzQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdWvunweLvfX/+OjMoBPl+UwRn
mCU7eFuafcTNBFlcwQdIYdOuyj9i6JnxfRCfWAKdYfpTX+kekbiTIPnLrHAM0hHe
WHf2MishOVCEs7O3dJeDeGC36MNl9BVkPA+gqDVz/MwaOEIqmb9zli8gmGvS3y1p
8SRWs/8cJ9fvp3r9eZWIeSMJBUS1aP1rPTLxfhfATQLfsTSn0+XC+ykpsRBcYRVw
Z9/XbWCnWzzH2Exc5OMO0zaheNxX05GELoQZTlvOd4caKkbEW47RRR5u1AyzEswJ
KQyNIPiPQ8cZ2tmdxLQL8wAl94bNz84/1XIZ21ue47qVcV00cDH14tj2LY2RAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUin1eIt+L2OreiB65ADR6Or4no8gwHwYDVR0j
BBgwFoAUqus/mFXHv2WGnevTqv2TRr/B5vYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84QkZERDE1NTVDODQ2NUM3MUVBNTFBRjdDNENEMTE4QkM3
RkU2REMxRUFBMjcwNTQwNDk3NzZCQkQ2OEQ5QUFBLzAvQUFFQjNGOTg1NUM3QkY2
NTg2OURFQkQzQUFGRDkzNDZCRkMxRTZGNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BQUVCM0Y5ODU1QzdCRjY1ODY5
REVCRDNBQUZEOTM0NkJGQzFFNkY2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEJGREQxNTU1Qzg0NjVDNzFFQTUxQUY3QzRDRDExOEJDN0ZFNkRDMUVB
QTI3MDU0MDQ5Nzc2QkJENjhEOUFBQS8wLzMyMzgzMDM2M2EzMzYzNjQzYTNhMmYz
MzMyMmQzMzMyMjAzZDNlMjAzMjM2MzUzNTMyMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoBgPNMA0G
CSqGSIb3DQEBCwUAA4IBAQA0k7WAH09IXgsBTZ1pjlFkCl591I2rlCq3Ge7vFn+D
ekn2sfUe2qmFoz+ofa9tljeDnYWtlPeEkiTXBPVxeQrMquFO+T6OVspddZvzjYO3
j5fKuLrzlJvLp+pWCRaMhC8vsY8+JXCj2+AAb3DDUP8LLCz2P/iCVNf6PQAsZTYN
Yys3lfSIL5vf7EidUeHlFPm5LGukGFWNeU8r3hqkDOZ/O2l62mMStotSkQTP9Dbu
pc8OGn+obVZ0/3IPav1JlAQrlxIgmvCCVKP/nwgDvww58KrL5Gn5ms/NrECRzDEP
BeqKAyRPkigvPNZbod/sGKc5ZqfjJLAHHoE66JGXt68S
-----END CERTIFICATE-----
Generated at Sun Jul 21 16:27:52 2024 by rpki-client on console-fra.rpki-client.org