Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8F8B058EEBE5F0126CB5CF857141D29C8C547C2202AB9F080385A4F3CF857438/0/323830333a623861303a3a2f33322d3438203d3e20323636383134.roa
File:                     323830333a623861303a3a2f33322d3438203d3e20323636383134.roa (raw, json)
Hash identifier:          USvfkd6haI1Y5ZSo3O/0uWvaWr33gnTOEwZbt2sc3kg=
Subject key identifier:   B7:1E:76:2A:55:01:94:31:CB:4F:0A:3F:F4:DB:D3:4F:16:90:09:21
Certificate issuer:       /CN=0DA02DE51F3AE9D4444B29FE5FC85286C264521F
Certificate serial:       173177113CFCE04E5BCA856DCA622DBEEFF67462
Authority key identifier: 0D:A0:2D:E5:1F:3A:E9:D4:44:4B:29:FE:5F:C8:52:86:C2:64:52:1F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0DA02DE51F3AE9D4444B29FE5FC85286C264521F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8F8B058EEBE5F0126CB5CF857141D29C8C547C2202AB9F080385A4F3CF857438/0/323830333a623861303a3a2f33322d3438203d3e20323636383134.roa
Signing time:             Tue 05 Mar 2024 17:40:59 +0000
ROA not before:           Tue 05 Mar 2024 17:35:59 +0000
ROA not after:            Tue 04 Mar 2025 17:40:59 +0000
asID:                     266814
IP address blocks:        2803:b8a0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8F8B058EEBE5F0126CB5CF857141D29C8C547C2202AB9F080385A4F3CF857438/0/0DA02DE51F3AE9D4444B29FE5FC85286C264521F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8F8B058EEBE5F0126CB5CF857141D29C8C547C2202AB9F080385A4F3CF857438/0/0DA02DE51F3AE9D4444B29FE5FC85286C264521F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0DA02DE51F3AE9D4444B29FE5FC85286C264521F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:31:77:11:3c:fc:e0:4e:5b:ca:85:6d:ca:62:2d:be:ef:f6:74:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0DA02DE51F3AE9D4444B29FE5FC85286C264521F
        Validity
            Not Before: Mar  5 17:35:59 2024 GMT
            Not After : Mar  4 17:40:59 2025 GMT
        Subject: CN=B71E762A55019431CB4F0A3FF4DBD34F16900921
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:0e:f3:0d:cf:9d:ce:87:ad:87:4e:69:72:dd:
                    cb:2c:31:45:32:69:fc:8c:bc:c8:59:c5:ed:ab:da:
                    92:5a:ca:93:72:1e:32:37:32:f5:22:95:68:4d:75:
                    a2:fb:8d:d5:05:7c:94:b6:e1:e7:5c:17:13:f3:26:
                    6e:57:e2:76:90:35:b3:ce:e2:ad:78:86:12:27:a0:
                    83:a9:6f:62:bd:19:43:30:cb:19:75:3e:a9:a9:95:
                    c6:af:69:b0:81:10:e7:a9:fc:3c:11:b1:19:c7:1b:
                    2a:86:20:04:b8:93:8f:0e:62:dd:13:c0:8d:2a:05:
                    7d:31:5e:22:9e:2a:19:4e:db:8a:aa:50:3a:30:0b:
                    46:d2:6f:a9:70:a7:6e:58:eb:87:0a:5f:ac:d8:4e:
                    ec:53:11:56:07:71:c4:72:fd:71:0c:16:fd:ba:52:
                    b6:8c:8a:bf:3c:23:b7:40:45:95:2d:a3:b1:f8:fd:
                    69:05:9e:54:a2:46:11:fd:b5:99:7c:a1:16:82:9d:
                    52:dd:fe:35:3c:4e:b4:6a:b7:27:0c:4c:ff:be:6c:
                    64:7e:a5:b4:e7:e3:1f:d4:c4:de:82:13:e5:90:03:
                    17:33:3e:65:55:42:33:9e:a7:94:6a:1e:60:83:7d:
                    e2:b1:fb:9a:49:9c:db:30:c1:31:4d:cd:a5:df:67:
                    5a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:1E:76:2A:55:01:94:31:CB:4F:0A:3F:F4:DB:D3:4F:16:90:09:21
            X509v3 Authority Key Identifier:
                keyid:0D:A0:2D:E5:1F:3A:E9:D4:44:4B:29:FE:5F:C8:52:86:C2:64:52:1F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8F8B058EEBE5F0126CB5CF857141D29C8C547C2202AB9F080385A4F3CF857438/0/0DA02DE51F3AE9D4444B29FE5FC85286C264521F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0DA02DE51F3AE9D4444B29FE5FC85286C264521F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8F8B058EEBE5F0126CB5CF857141D29C8C547C2202AB9F080385A4F3CF857438/0/323830333a623861303a3a2f33322d3438203d3e20323636383134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b8a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         97:5a:16:1a:20:0f:83:2e:b3:2a:04:12:d1:67:38:7c:34:0b:
         98:94:08:cb:90:b1:52:da:25:71:03:d0:5f:b9:cd:b4:18:5c:
         24:9f:2f:12:08:d7:ad:ec:60:dc:d1:e2:fb:dd:20:1c:dd:1d:
         91:33:08:47:3c:93:02:82:5d:13:ab:56:84:de:82:3a:5b:bb:
         13:c2:37:1a:3b:2b:46:11:9f:a0:c4:44:eb:8e:66:8f:4e:fd:
         bf:a2:06:2b:2d:14:55:1a:e1:70:fe:05:e9:0e:8b:02:95:5b:
         f7:4c:d6:6b:6a:19:47:bc:86:be:0b:82:10:fc:c1:2a:c1:9f:
         7d:44:f3:8b:d3:a0:14:0b:0b:cd:0d:a9:13:85:6a:c4:0e:42:
         d4:98:6f:8c:4c:cd:f2:54:b6:03:6a:86:41:9d:03:35:20:a3:
         22:4b:77:21:28:41:d3:a1:3a:a5:28:a5:4a:0b:7b:ac:9d:13:
         69:c1:09:5c:11:94:f6:86:71:32:42:20:25:30:a4:bc:b4:02:
         03:66:d3:c5:b7:cd:4a:95:a3:11:51:f4:2f:9a:c5:78:85:0d:
         50:cc:29:35:25:36:18:39:0f:6e:1b:cb:41:76:4c:3c:8a:19:
         eb:53:29:95:dd:fa:f4:59:6a:ba:67:36:35:c7:5f:d7:ef:33:
         12:e4:19:0c
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUFzF3ETz84E5byoVtymItvu/2dGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMERBMDJERTUxRjNBRTlENDQ0NEIyOUZFNUZDODUyODZD
MjY0NTIxRjAeFw0yNDAzMDUxNzM1NTlaFw0yNTAzMDQxNzQwNTlaMDMxMTAvBgNV
BAMTKEI3MUU3NjJBNTUwMTk0MzFDQjRGMEEzRkY0REJEMzRGMTY5MDA5MjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4DvMNz53Oh62HTmly3cssMUUy
afyMvMhZxe2r2pJaypNyHjI3MvUilWhNdaL7jdUFfJS24edcFxPzJm5X4naQNbPO
4q14hhInoIOpb2K9GUMwyxl1PqmplcavabCBEOep/DwRsRnHGyqGIAS4k48OYt0T
wI0qBX0xXiKeKhlO24qqUDowC0bSb6lwp25Y64cKX6zYTuxTEVYHccRy/XEMFv26
UraMir88I7dARZUto7H4/WkFnlSiRhH9tZl8oRaCnVLd/jU8TrRqtycMTP++bGR+
pbTn4x/UxN6CE+WQAxczPmVVQjOep5RqHmCDfeKx+5pJnNswwTFNzaXfZ1oDAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUtx52KlUBlDHLTwo/9NvTTxaQCSEwHwYDVR0j
BBgwFoAUDaAt5R866dRESyn+X8hShsJkUh8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84RjhCMDU4RUVCRTVGMDEyNkNCNUNGODU3MTQxRDI5QzhD
NTQ3QzIyMDJBQjlGMDgwMzg1QTRGM0NGODU3NDM4LzAvMERBMDJERTUxRjNBRTlE
NDQ0NEIyOUZFNUZDODUyODZDMjY0NTIxRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wREEwMkRFNTFGM0FFOUQ0NDQ0
QjI5RkU1RkM4NTI4NkMyNjQ1MjFGLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEY4QjA1OEVFQkU1RjAxMjZDQjVDRjg1NzE0MUQyOUM4QzU0N0MyMjAy
QUI5RjA4MDM4NUE0RjNDRjg1NzQzOC8wLzMyMzgzMDMzM2E2MjM4NjEzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzYzNjM4MzEzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDuKAw
DQYJKoZIhvcNAQELBQADggEBAJdaFhogD4MusyoEEtFnOHw0C5iUCMuQsVLaJXED
0F+5zbQYXCSfLxII163sYNzR4vvdIBzdHZEzCEc8kwKCXROrVoTegjpbuxPCNxo7
K0YRn6DEROuOZo9O/b+iBistFFUa4XD+BekOiwKVW/dM1mtqGUe8hr4LghD8wSrB
n31E84vToBQLC80NqROFasQOQtSYb4xMzfJUtgNqhkGdAzUgoyJLdyEoQdOhOqUo
pUoLe6ydE2nBCVwRlPaGcTJCICUwpLy0AgNm08W3zUqVoxFR9C+axXiFDVDMKTUl
Nhg5D24by0F2TDyKGetTKZXd+vRZarpnNjXHX9fvMxLkGQw=
-----END CERTIFICATE-----
Generated at Wed Nov 20 05:43:19 2024 by rpki-client on console-fra.rpki-client.org