Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/323830333a396163303a3a2f33322d3438203d3e20323731383832.roa
File:                     323830333a396163303a3a2f33322d3438203d3e20323731383832.roa (raw, json)
Hash identifier:          llenxCGEHbHTBWngxaVbIr3Zrxb/Lh2H3C1tgusdF6E=
Subject key identifier:   B1:BD:90:5F:CA:2F:5C:D5:2B:5B:59:F5:AF:63:C6:C3:78:34:D9:2D
Certificate issuer:       /CN=089B798E1BD051786195E5F9D02238D550A5EAD7
Certificate serial:       360221333F9A16B49A48AE0B4C4F5DBD11613CD0
Authority key identifier: 08:9B:79:8E:1B:D0:51:78:61:95:E5:F9:D0:22:38:D5:50:A5:EA:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/089B798E1BD051786195E5F9D02238D550A5EAD7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/323830333a396163303a3a2f33322d3438203d3e20323731383832.roa
Signing time:             Tue 05 Mar 2024 18:08:04 +0000
ROA not before:           Tue 05 Mar 2024 18:03:04 +0000
ROA not after:            Tue 04 Mar 2025 18:08:04 +0000
asID:                     271882
IP address blocks:        2803:9ac0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/089B798E1BD051786195E5F9D02238D550A5EAD7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/089B798E1BD051786195E5F9D02238D550A5EAD7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/089B798E1BD051786195E5F9D02238D550A5EAD7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:02:21:33:3f:9a:16:b4:9a:48:ae:0b:4c:4f:5d:bd:11:61:3c:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=089B798E1BD051786195E5F9D02238D550A5EAD7
        Validity
            Not Before: Mar  5 18:03:04 2024 GMT
            Not After : Mar  4 18:08:04 2025 GMT
        Subject: CN=B1BD905FCA2F5CD52B5B59F5AF63C6C37834D92D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:36:3e:5d:ed:08:05:76:39:c1:90:43:70:50:
                    94:73:4e:1c:e7:d0:5c:4f:be:e3:38:20:43:1a:b2:
                    13:63:ea:b3:9f:d8:de:bf:1a:0b:b8:60:59:91:02:
                    cf:53:62:4d:2c:ec:dc:15:84:11:da:97:26:67:be:
                    a6:f4:2c:c0:95:4b:53:a1:73:99:38:77:ec:13:9e:
                    0f:41:2a:13:46:f5:38:ef:da:10:14:5a:78:d1:97:
                    22:b4:a2:2a:6f:0e:0b:26:39:92:37:b7:b2:c6:1c:
                    fe:db:d1:9f:d3:af:7d:e6:a8:83:3b:c5:b1:d2:4e:
                    d2:f8:7c:8a:10:e2:c8:92:84:36:01:24:d2:52:db:
                    0a:56:92:12:3a:17:69:0e:c6:1a:10:1e:66:1a:3d:
                    c3:8c:de:92:9c:7e:21:58:c5:b7:8f:1c:97:ca:d9:
                    04:28:b9:46:2d:c8:66:62:58:a6:b8:3d:d8:d3:ca:
                    e6:ac:95:a3:30:e1:f2:b9:33:90:92:c7:c9:53:47:
                    57:d3:f1:07:7f:56:25:a8:cc:36:03:11:86:6c:d1:
                    11:1d:b3:fd:39:e9:ee:89:f7:92:42:2a:14:97:8f:
                    44:57:9b:59:1e:99:a6:9d:c5:aa:95:41:fb:2d:01:
                    d8:db:4b:bb:cc:97:f7:a1:8a:4a:b3:cc:9e:83:dc:
                    0a:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:BD:90:5F:CA:2F:5C:D5:2B:5B:59:F5:AF:63:C6:C3:78:34:D9:2D
            X509v3 Authority Key Identifier:
                keyid:08:9B:79:8E:1B:D0:51:78:61:95:E5:F9:D0:22:38:D5:50:A5:EA:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/089B798E1BD051786195E5F9D02238D550A5EAD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/089B798E1BD051786195E5F9D02238D550A5EAD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/323830333a396163303a3a2f33322d3438203d3e20323731383832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:9ac0::/32

    Signature Algorithm: sha256WithRSAEncryption
         00:3c:a7:a3:57:16:2e:09:a1:bd:a9:ff:56:4c:6f:aa:27:8c:
         44:f8:85:1b:4c:1c:72:e7:c3:68:cb:0d:5f:f1:44:52:aa:68:
         ab:f5:68:91:a3:22:6c:3a:2e:2f:88:59:7a:a0:2d:2f:43:f1:
         9a:0f:05:ef:7c:1d:57:cb:44:46:c4:75:75:1d:e6:f5:3f:74:
         80:00:01:76:56:98:a0:3a:4a:d1:52:58:77:34:fe:1d:a5:20:
         5b:fb:01:9b:f4:ad:08:97:f8:ef:19:9e:37:9f:b4:7f:24:63:
         a1:de:d2:8b:51:15:74:6e:f0:f2:6c:47:73:6f:1e:a8:18:2d:
         ac:5d:b3:e9:6e:01:df:f0:79:6b:a0:50:2b:fd:dc:31:07:14:
         10:15:0c:dc:61:73:92:8d:81:83:4a:8d:43:d2:1f:5c:32:14:
         ec:85:91:e3:da:1f:35:63:cc:63:e8:e8:52:c4:76:67:a2:56:
         a4:01:96:59:de:62:38:d7:92:bf:57:02:61:de:86:d2:e2:14:
         1b:bc:32:c5:0a:ec:18:31:79:1d:03:96:17:e0:88:1b:96:07:
         67:0e:1d:5c:bc:5c:45:fb:f4:f5:98:95:82:13:2f:15:44:e1:
         9d:b7:2f:79:0b:6c:cb:9e:93:12:7f:97:8d:4a:67:ea:e8:23:
         00:0b:83:c5
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUNgIhMz+aFrSaSK4LTE9dvRFhPNAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg5Qjc5OEUxQkQwNTE3ODYxOTVFNUY5RDAyMjM4RDU1
MEE1RUFENzAeFw0yNDAzMDUxODAzMDRaFw0yNTAzMDQxODA4MDRaMDMxMTAvBgNV
BAMTKEIxQkQ5MDVGQ0EyRjVDRDUyQjVCNTlGNUFGNjNDNkMzNzgzNEQ5MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGNj5d7QgFdjnBkENwUJRzThzn
0FxPvuM4IEMashNj6rOf2N6/Ggu4YFmRAs9TYk0s7NwVhBHalyZnvqb0LMCVS1Oh
c5k4d+wTng9BKhNG9Tjv2hAUWnjRlyK0oipvDgsmOZI3t7LGHP7b0Z/Tr33mqIM7
xbHSTtL4fIoQ4siShDYBJNJS2wpWkhI6F2kOxhoQHmYaPcOM3pKcfiFYxbePHJfK
2QQouUYtyGZiWKa4PdjTyuaslaMw4fK5M5CSx8lTR1fT8Qd/ViWozDYDEYZs0REd
s/056e6J95JCKhSXj0RXm1kemaadxaqVQfstAdjbS7vMl/ehikqzzJ6D3ApDAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUsb2QX8ovXNUrW1n1r2PGw3g02S0wHwYDVR0j
BBgwFoAUCJt5jhvQUXhhleX50CI41VCl6tcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85MUYzQzFFQ0Y4NzRBNDUzQTQ5NDdFNDBFOEYwNEE5OUY0
NjhBRDNCRjE3QTgxMzIzODA3MDJFRTg3NDg3MThDLzAvMDg5Qjc5OEUxQkQwNTE3
ODYxOTVFNUY5RDAyMjM4RDU1MEE1RUFENy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wODlCNzk4RTFCRDA1MTc4NjE5
NUU1RjlEMDIyMzhENTUwQTVFQUQ3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTFGM0MxRUNGODc0QTQ1M0E0OTQ3RTQwRThGMDRBOTlGNDY4QUQzQkYx
N0E4MTMyMzgwNzAyRUU4NzQ4NzE4Qy8wLzMyMzgzMDMzM2EzOTYxNjMzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzczMTM4MzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDmsAw
DQYJKoZIhvcNAQELBQADggEBAAA8p6NXFi4Job2p/1ZMb6onjET4hRtMHHLnw2jL
DV/xRFKqaKv1aJGjImw6Li+IWXqgLS9D8ZoPBe98HVfLREbEdXUd5vU/dIAAAXZW
mKA6StFSWHc0/h2lIFv7AZv0rQiX+O8ZnjeftH8kY6He0otRFXRu8PJsR3NvHqgY
Laxds+luAd/weWugUCv93DEHFBAVDNxhc5KNgYNKjUPSH1wyFOyFkePaHzVjzGPo
6FLEdmeiVqQBllneYjjXkr9XAmHehtLiFBu8MsUK7BgxeR0DlhfgiBuWB2cOHVy8
XEX79PWYlYITLxVE4Z23L3kLbMuekxJ/l41KZ+roIwALg8U=
-----END CERTIFICATE-----
Generated at Sun Jun 16 15:56:36 2024 by rpki-client on console-ams.rpki-client.org