Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/323830333a363930303a3539373a3a2f34382d3438203d3e203532343233.roa
File:                     323830333a363930303a3539373a3a2f34382d3438203d3e203532343233.roa (raw, json)
Hash identifier:          OH/JD5+C5GtGuubQBw7xaOozQXAf7eL+Wz0s5WozX5E=
Subject key identifier:   11:4D:1F:58:4D:C9:15:00:B7:73:48:97:D4:E7:1C:E5:8B:97:60:28
Certificate issuer:       /CN=522A19041F7AD8D0B4F97D6DDAFC99C2590276AB
Certificate serial:       2CABEBEF54910AB3E57337433C8B05F172DC3500
Authority key identifier: 52:2A:19:04:1F:7A:D8:D0:B4:F9:7D:6D:DA:FC:99:C2:59:02:76:AB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/522A19041F7AD8D0B4F97D6DDAFC99C2590276AB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/323830333a363930303a3539373a3a2f34382d3438203d3e203532343233.roa
Signing time:             Tue 05 Mar 2024 17:58:51 +0000
ROA not before:           Tue 05 Mar 2024 17:53:51 +0000
ROA not after:            Tue 04 Mar 2025 17:58:51 +0000
asID:                     52423
IP address blocks:        2803:6900:597::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/522A19041F7AD8D0B4F97D6DDAFC99C2590276AB.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/522A19041F7AD8D0B4F97D6DDAFC99C2590276AB.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/522A19041F7AD8D0B4F97D6DDAFC99C2590276AB.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:ab:eb:ef:54:91:0a:b3:e5:73:37:43:3c:8b:05:f1:72:dc:35:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=522A19041F7AD8D0B4F97D6DDAFC99C2590276AB
        Validity
            Not Before: Mar  5 17:53:51 2024 GMT
            Not After : Mar  4 17:58:51 2025 GMT
        Subject: CN=114D1F584DC91500B7734897D4E71CE58B976028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:77:e7:1b:87:1a:c9:d5:c4:4e:4a:eb:7b:3a:
                    c3:dd:67:c0:d3:8c:f1:42:d7:b2:3d:ac:8a:94:0e:
                    f7:db:2f:12:af:33:5e:fd:55:f9:84:7a:a7:e4:c2:
                    e8:6e:22:3f:9c:f7:70:b2:fa:de:80:48:59:ef:8a:
                    d6:4a:10:f9:21:28:ac:6c:ac:e5:00:24:89:b8:0c:
                    2d:57:2b:30:00:b9:56:ed:2a:39:81:08:bb:54:6d:
                    a8:5d:e5:52:9b:bf:7d:16:5c:6e:d1:f0:8b:3f:49:
                    99:c3:2c:51:26:3a:95:fb:11:d9:60:1b:71:03:7c:
                    44:1d:91:a2:73:ba:6b:a5:49:02:04:16:62:4f:88:
                    af:61:20:e9:f8:7b:87:f9:5e:0c:8a:42:0f:53:ce:
                    8f:a7:57:d0:65:1c:32:5b:6e:de:bb:88:42:2a:4a:
                    26:7a:9b:73:4d:90:a5:93:88:e4:3d:88:94:92:ee:
                    3f:0a:b8:79:79:f2:d0:8f:57:c2:66:5a:af:96:8c:
                    e5:0c:f7:da:05:d1:53:4a:c0:9d:94:2b:13:a5:a2:
                    99:00:e7:a8:ae:1b:5b:6f:b1:b6:a0:e8:9f:31:5f:
                    a4:0d:9a:43:b6:ba:43:65:93:a4:84:ce:8e:aa:a1:
                    73:16:60:05:04:d6:97:9a:3f:5f:c2:dd:77:57:4d:
                    bf:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:4D:1F:58:4D:C9:15:00:B7:73:48:97:D4:E7:1C:E5:8B:97:60:28
            X509v3 Authority Key Identifier:
                keyid:52:2A:19:04:1F:7A:D8:D0:B4:F9:7D:6D:DA:FC:99:C2:59:02:76:AB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/522A19041F7AD8D0B4F97D6DDAFC99C2590276AB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/522A19041F7AD8D0B4F97D6DDAFC99C2590276AB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/323830333a363930303a3539373a3a2f34382d3438203d3e203532343233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:6900:597::/48

    Signature Algorithm: sha256WithRSAEncryption
         97:c0:f0:c4:d2:00:54:13:b9:40:0b:b7:41:d3:b6:a8:56:ea:
         03:a9:e3:73:f0:e8:9d:91:30:fd:fd:16:00:b3:35:1a:47:d4:
         b2:79:d2:c6:2e:88:2f:0b:48:7f:4f:d7:3e:f7:ad:a7:07:e8:
         5c:9d:14:34:80:ba:d3:5e:28:68:8d:7c:2a:8a:40:52:b3:b2:
         66:05:9f:c2:0d:32:85:f1:c9:0e:3d:8c:39:e2:dc:5e:a0:6e:
         8b:0b:36:61:26:d3:c7:78:78:ac:10:8c:e7:a3:c8:60:3a:bd:
         06:65:03:d7:6c:14:fd:12:db:a4:ad:cd:45:66:cb:f3:54:88:
         50:2e:14:ed:28:02:72:3c:3b:c8:f4:3b:b5:2b:bb:7b:13:0b:
         28:83:71:c9:a9:d4:5a:04:7d:59:73:37:d4:30:a1:21:fc:5e:
         b5:87:6f:9c:02:04:d2:cd:03:9b:36:4e:21:f9:d3:f0:a6:0a:
         6e:26:a6:63:10:86:94:6a:01:dc:09:d9:ef:f7:50:9a:56:78:
         5d:1e:2c:71:21:2f:a2:bc:3f:92:9e:4c:98:1a:8e:e7:e7:81:
         ed:d7:2e:14:1a:3e:0e:3b:c7:78:77:02:dc:44:f3:88:1e:78:
         88:51:94:e6:ad:bb:52:a5:4f:b4:a6:c7:6a:ae:fa:86:5d:83:
         17:42:3d:0d
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIULKvr71SRCrPlczdDPIsF8XLcNQAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTIyQTE5MDQxRjdBRDhEMEI0Rjk3RDZEREFGQzk5QzI1
OTAyNzZBQjAeFw0yNDAzMDUxNzUzNTFaFw0yNTAzMDQxNzU4NTFaMDMxMTAvBgNV
BAMTKDExNEQxRjU4NERDOTE1MDBCNzczNDg5N0Q0RTcxQ0U1OEI5NzYwMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSd+cbhxrJ1cROSut7OsPdZ8DT
jPFC17I9rIqUDvfbLxKvM179VfmEeqfkwuhuIj+c93Cy+t6ASFnvitZKEPkhKKxs
rOUAJIm4DC1XKzAAuVbtKjmBCLtUbahd5VKbv30WXG7R8Is/SZnDLFEmOpX7Edlg
G3EDfEQdkaJzumulSQIEFmJPiK9hIOn4e4f5XgyKQg9Tzo+nV9BlHDJbbt67iEIq
SiZ6m3NNkKWTiOQ9iJSS7j8KuHl58tCPV8JmWq+WjOUM99oF0VNKwJ2UKxOlopkA
56iuG1tvsbag6J8xX6QNmkO2ukNlk6SEzo6qoXMWYAUE1peaP1/C3XdXTb+1AgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQUEU0fWE3JFQC3c0iX1Occ5YuXYCgwHwYDVR0j
BBgwFoAUUioZBB962NC0+X1t2vyZwlkCdqswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85MDcyQ0M3QUM5OTM1QTk2QUVDREMzQjE1NkYwQkUyODVB
QzBEMkYzRTJCMjY0NjZGODdEN0MzOTYzOUZFN0M5LzAvNTIyQTE5MDQxRjdBRDhE
MEI0Rjk3RDZEREFGQzk5QzI1OTAyNzZBQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81MjJBMTkwNDFGN0FEOEQwQjRG
OTdENkREQUZDOTlDMjU5MDI3NkFCLmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTA3MkNDN0FDOTkzNUE5NkFFQ0RDM0IxNTZGMEJFMjg1QUMwRDJGM0Uy
QjI2NDY2Rjg3RDdDMzk2MzlGRTdDOS8wLzMyMzgzMDMzM2EzNjM5MzAzMDNhMzUz
OTM3M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzMjM0MzIzMy5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMH
ACgDaQAFlzANBgkqhkiG9w0BAQsFAAOCAQEAl8DwxNIAVBO5QAu3QdO2qFbqA6nj
c/DonZEw/f0WALM1GkfUsnnSxi6ILwtIf0/XPvetpwfoXJ0UNIC6014oaI18KopA
UrOyZgWfwg0yhfHJDj2MOeLcXqBuiws2YSbTx3h4rBCM56PIYDq9BmUD12wU/RLb
pK3NRWbL81SIUC4U7SgCcjw7yPQ7tSu7exMLKINxyanUWgR9WXM31DChIfxetYdv
nAIE0s0DmzZOIfnT8KYKbiamYxCGlGoB3AnZ7/dQmlZ4XR4scSEvorw/kp5MmBqO
5+eB7dcuFBo+DjvHeHcC3ETziB54iFGU5q27UqVPtKbHaq76hl2DF0I9DQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:38:05 2024 by rpki-client on console-ams.rpki-client.org