Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8E7E39E7D390C8FC7CA81144BFE08B122B427B0A0513324D744447A43C76A3A9/0/323830333a363835303a323a3a2f34382d3438203d3e20323733313133.roa
File:                     323830333a363835303a323a3a2f34382d3438203d3e20323733313133.roa (raw, json)
Hash identifier:          02jiKBYAixOQ8bacGyYNPegfLFueoYt0vy5SwEpFCaw=
Subject key identifier:   31:55:03:BC:85:27:6B:38:1A:DE:56:AD:F2:B3:B9:65:9B:89:42:D5
Certificate issuer:       /CN=1642A8D6C14F94500E7FF6111DCC5D5107143798
Certificate serial:       3DD4A6B4E0813986609B89A71CD18C3FAF31919E
Authority key identifier: 16:42:A8:D6:C1:4F:94:50:0E:7F:F6:11:1D:CC:5D:51:07:14:37:98
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1642A8D6C14F94500E7FF6111DCC5D5107143798.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8E7E39E7D390C8FC7CA81144BFE08B122B427B0A0513324D744447A43C76A3A9/0/323830333a363835303a323a3a2f34382d3438203d3e20323733313133.roa
Signing time:             Tue 05 Mar 2024 18:09:12 +0000
ROA not before:           Tue 05 Mar 2024 18:04:12 +0000
ROA not after:            Tue 04 Mar 2025 18:09:12 +0000
asID:                     273113
IP address blocks:        2803:6850:2::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8E7E39E7D390C8FC7CA81144BFE08B122B427B0A0513324D744447A43C76A3A9/0/1642A8D6C14F94500E7FF6111DCC5D5107143798.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8E7E39E7D390C8FC7CA81144BFE08B122B427B0A0513324D744447A43C76A3A9/0/1642A8D6C14F94500E7FF6111DCC5D5107143798.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1642A8D6C14F94500E7FF6111DCC5D5107143798.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:d4:a6:b4:e0:81:39:86:60:9b:89:a7:1c:d1:8c:3f:af:31:91:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1642A8D6C14F94500E7FF6111DCC5D5107143798
        Validity
            Not Before: Mar  5 18:04:12 2024 GMT
            Not After : Mar  4 18:09:12 2025 GMT
        Subject: CN=315503BC85276B381ADE56ADF2B3B9659B8942D5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:93:f3:12:ba:e2:e4:67:a5:d7:54:44:81:90:
                    c8:23:96:09:3e:f4:f9:ef:7e:29:09:80:2d:41:bb:
                    63:82:76:88:fc:cf:d8:25:5b:7f:24:bf:d2:a2:f7:
                    ae:6f:c5:e0:69:23:db:40:24:54:49:e2:58:d9:47:
                    4d:8d:cb:8a:85:0c:17:53:87:f9:a8:35:27:a9:40:
                    ce:d3:78:63:ea:10:33:82:ab:ca:c1:c3:83:21:ab:
                    42:d9:45:cb:c7:00:fd:b9:42:ba:b9:78:9d:15:57:
                    38:a2:56:74:f6:89:d1:82:eb:a2:56:67:8e:64:72:
                    f0:d2:61:23:2c:13:bb:d7:91:5d:23:9b:b8:24:c3:
                    a1:d4:eb:87:61:63:03:ec:64:3a:33:09:2f:9d:c5:
                    33:cd:41:52:1d:d7:80:c5:78:76:60:c3:10:64:8d:
                    3f:69:59:ca:a8:bd:1f:69:67:c1:6e:e5:4a:cf:95:
                    e9:21:12:ab:e7:15:b7:ad:e8:16:8e:7f:73:0b:be:
                    a6:d1:0c:9d:8e:80:ff:b7:9a:34:78:eb:24:65:dc:
                    6a:94:58:78:e2:05:2f:8d:6e:cb:36:01:f3:34:48:
                    7e:64:24:10:c6:94:da:d9:fd:e2:eb:1a:89:58:8c:
                    3a:a0:11:70:22:25:c4:f6:3c:d2:98:44:b8:bf:ad:
                    f4:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:55:03:BC:85:27:6B:38:1A:DE:56:AD:F2:B3:B9:65:9B:89:42:D5
            X509v3 Authority Key Identifier:
                keyid:16:42:A8:D6:C1:4F:94:50:0E:7F:F6:11:1D:CC:5D:51:07:14:37:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8E7E39E7D390C8FC7CA81144BFE08B122B427B0A0513324D744447A43C76A3A9/0/1642A8D6C14F94500E7FF6111DCC5D5107143798.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1642A8D6C14F94500E7FF6111DCC5D5107143798.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8E7E39E7D390C8FC7CA81144BFE08B122B427B0A0513324D744447A43C76A3A9/0/323830333a363835303a323a3a2f34382d3438203d3e20323733313133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:6850:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         ac:02:a2:40:ce:d9:2c:1d:28:ed:15:e1:f5:c8:59:dd:64:f6:
         cb:ff:28:a0:ff:79:57:cd:6a:2b:42:0f:e4:4c:03:8f:f4:10:
         75:68:29:31:05:63:2f:17:2b:52:e0:0d:ca:36:79:0c:21:4c:
         34:7b:b2:84:b8:75:ed:8e:e0:2c:bb:d0:fe:c5:df:50:40:ab:
         a6:cd:7c:88:93:8a:71:61:ff:ab:44:36:42:1e:c6:d9:c1:65:
         19:68:7b:1f:45:66:42:fa:94:7e:6e:96:e5:c4:e8:7f:be:a1:
         06:73:e4:98:44:72:c8:95:d6:ac:79:9a:a3:f8:e7:e5:62:aa:
         76:9d:a4:66:30:37:55:6b:a9:f0:2a:6d:65:10:f6:64:36:47:
         57:d3:51:df:de:99:d4:c6:23:89:35:6f:f4:0b:90:85:56:40:
         b2:a6:40:50:36:8e:9d:cc:ea:8b:19:ad:06:15:6d:07:54:b9:
         9a:a1:88:74:30:3b:e5:0c:97:90:4c:c6:17:b2:61:d6:dd:b9:
         f0:9b:bb:b4:dd:ea:79:6a:cd:5c:5c:9b:34:c7:c6:f7:0f:ca:
         e5:25:be:b5:57:4d:29:9a:42:81:e7:68:f7:84:24:09:02:86:
         87:24:3b:9a:b8:e8:b2:3f:26:e5:d7:17:64:c7:c1:78:25:bf:
         10:0f:c3:e5
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUPdSmtOCBOYZgm4mnHNGMP68xkZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTY0MkE4RDZDMTRGOTQ1MDBFN0ZGNjExMURDQzVENTEw
NzE0Mzc5ODAeFw0yNDAzMDUxODA0MTJaFw0yNTAzMDQxODA5MTJaMDMxMTAvBgNV
BAMTKDMxNTUwM0JDODUyNzZCMzgxQURFNTZBREYyQjNCOTY1OUI4OTQyRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0k/MSuuLkZ6XXVESBkMgjlgk+
9PnvfikJgC1Bu2OCdoj8z9glW38kv9Ki965vxeBpI9tAJFRJ4ljZR02Ny4qFDBdT
h/moNSepQM7TeGPqEDOCq8rBw4Mhq0LZRcvHAP25Qrq5eJ0VVziiVnT2idGC66JW
Z45kcvDSYSMsE7vXkV0jm7gkw6HU64dhYwPsZDozCS+dxTPNQVId14DFeHZgwxBk
jT9pWcqovR9pZ8Fu5UrPlekhEqvnFbet6BaOf3MLvqbRDJ2OgP+3mjR46yRl3GqU
WHjiBS+Nbss2AfM0SH5kJBDGlNrZ/eLrGolYjDqgEXAiJcT2PNKYRLi/rfTPAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUMVUDvIUnazga3lat8rO5ZZuJQtUwHwYDVR0j
BBgwFoAUFkKo1sFPlFAOf/YRHcxdUQcUN5gwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84RTdFMzlFN0QzOTBDOEZDN0NBODExNDRCRkUwOEIxMjJC
NDI3QjBBMDUxMzMyNEQ3NDQ0NDdBNDNDNzZBM0E5LzAvMTY0MkE4RDZDMTRGOTQ1
MDBFN0ZGNjExMURDQzVENTEwNzE0Mzc5OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNjQyQThENkMxNEY5NDUwMEU3
RkY2MTExRENDNUQ1MTA3MTQzNzk4LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEU3RTM5RTdEMzkwQzhGQzdDQTgxMTQ0QkZFMDhCMTIyQjQyN0IwQTA1
MTMzMjRENzQ0NDQ3QTQzQzc2QTNBOS8wLzMyMzgzMDMzM2EzNjM4MzUzMDNhMzIz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM3MzMzMTMxMzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
A2hQAAIwDQYJKoZIhvcNAQELBQADggEBAKwCokDO2SwdKO0V4fXIWd1k9sv/KKD/
eVfNaitCD+RMA4/0EHVoKTEFYy8XK1LgDco2eQwhTDR7soS4de2O4Cy70P7F31BA
q6bNfIiTinFh/6tENkIextnBZRloex9FZkL6lH5uluXE6H++oQZz5JhEcsiV1qx5
mqP45+ViqnadpGYwN1VrqfAqbWUQ9mQ2R1fTUd/emdTGI4k1b/QLkIVWQLKmQFA2
jp3M6osZrQYVbQdUuZqhiHQwO+UMl5BMxheyYdbdufCbu7Td6nlqzVxcmzTHxvcP
yuUlvrVXTSmaQoHnaPeEJAkChockO5q46LI/JuXXF2THwXglvxAPw+U=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:29:58 2024 by rpki-client on console-fra.rpki-client.org