Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/91F567FEDE79E51A1AC53027E7D2AFF210379EB44F0F42B253ED4465152E33FD/0/323830333a333139303a653030303a3a2f33392d3438203d3e20323732393337.roa
File:                     323830333a333139303a653030303a3a2f33392d3438203d3e20323732393337.roa (raw, json)
Hash identifier:          CIMduMNDj/9AVHL70RWEAv5lDwzEFFZY7X5YzDlskgQ=
Subject key identifier:   45:FD:1F:1E:96:DE:06:4A:5C:F2:F3:CF:7C:C5:8B:15:28:50:6E:B2
Certificate issuer:       /CN=70AA6E04C5764B26B4887EF1675B2E9C4EF84863
Certificate serial:       48E44029A5554C24964FD3245C89981BA9E76A28
Authority key identifier: 70:AA:6E:04:C5:76:4B:26:B4:88:7E:F1:67:5B:2E:9C:4E:F8:48:63
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/70AA6E04C5764B26B4887EF1675B2E9C4EF84863.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/91F567FEDE79E51A1AC53027E7D2AFF210379EB44F0F42B253ED4465152E33FD/0/323830333a333139303a653030303a3a2f33392d3438203d3e20323732393337.roa
Signing time:             Wed 27 Nov 2024 22:20:00 +0000
ROA not before:           Wed 27 Nov 2024 22:15:00 +0000
ROA not after:            Wed 26 Nov 2025 22:20:00 +0000
asID:                     272937
IP address blocks:        2803:3190:e000::/39 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/91F567FEDE79E51A1AC53027E7D2AFF210379EB44F0F42B253ED4465152E33FD/0/70AA6E04C5764B26B4887EF1675B2E9C4EF84863.crl
                          rsync://repository.lacnic.net/rpki/lacnic/91F567FEDE79E51A1AC53027E7D2AFF210379EB44F0F42B253ED4465152E33FD/0/70AA6E04C5764B26B4887EF1675B2E9C4EF84863.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/70AA6E04C5764B26B4887EF1675B2E9C4EF84863.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 17 Jan 2025 02:03:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:e4:40:29:a5:55:4c:24:96:4f:d3:24:5c:89:98:1b:a9:e7:6a:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70AA6E04C5764B26B4887EF1675B2E9C4EF84863
        Validity
            Not Before: Nov 27 22:15:00 2024 GMT
            Not After : Nov 26 22:20:00 2025 GMT
        Subject: CN=45FD1F1E96DE064A5CF2F3CF7CC58B1528506EB2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:48:95:be:c1:24:78:8f:13:42:cd:63:3c:f8:
                    a8:f9:3c:a8:59:86:d3:34:de:d5:f1:ef:93:42:dd:
                    ae:95:f4:9d:98:53:b2:4e:b6:71:1d:58:fe:6f:bb:
                    1e:ef:54:0c:92:64:15:90:3a:be:5a:74:79:68:3c:
                    37:38:86:c6:12:d1:98:88:50:b3:6c:c9:a7:ca:20:
                    ec:69:65:0a:92:0a:2f:1a:17:fa:aa:9c:e2:f6:e5:
                    3f:9e:98:f5:62:df:f9:f2:ec:10:f2:01:32:28:c6:
                    47:6e:2f:c0:55:e6:14:24:f7:3b:07:1b:6b:ee:82:
                    15:f5:b5:ff:c0:05:64:1f:d4:be:6d:b5:66:a1:ce:
                    f3:fc:39:97:db:d3:c7:e1:0b:bd:99:a3:5e:50:c2:
                    f7:59:18:7a:f0:99:8a:32:28:6a:b1:fb:03:f4:3e:
                    77:32:9d:fe:a1:dc:24:df:be:f4:4e:60:d7:43:46:
                    d8:e7:f0:3e:56:cf:91:eb:9a:a8:9d:0a:58:fc:12:
                    f6:f5:58:fc:ed:50:6c:e8:d4:84:90:e7:61:f9:a4:
                    17:2d:d1:b3:95:45:3e:6b:44:57:de:86:8e:2b:98:
                    20:19:3b:29:62:46:76:d1:33:0c:1d:b3:74:5f:de:
                    f7:a1:d4:cd:e1:b8:7d:75:2c:34:43:51:1e:a6:0c:
                    bc:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:FD:1F:1E:96:DE:06:4A:5C:F2:F3:CF:7C:C5:8B:15:28:50:6E:B2
            X509v3 Authority Key Identifier:
                keyid:70:AA:6E:04:C5:76:4B:26:B4:88:7E:F1:67:5B:2E:9C:4E:F8:48:63

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/91F567FEDE79E51A1AC53027E7D2AFF210379EB44F0F42B253ED4465152E33FD/0/70AA6E04C5764B26B4887EF1675B2E9C4EF84863.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/70AA6E04C5764B26B4887EF1675B2E9C4EF84863.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/91F567FEDE79E51A1AC53027E7D2AFF210379EB44F0F42B253ED4465152E33FD/0/323830333a333139303a653030303a3a2f33392d3438203d3e20323732393337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:3190:e000::/39

    Signature Algorithm: sha256WithRSAEncryption
         5a:2c:29:e1:3d:da:d8:7b:89:d8:e2:16:57:31:22:1d:5d:06:
         59:c3:c4:29:ed:d3:4f:34:21:53:46:80:27:d8:3f:71:cc:f7:
         54:71:b6:d2:7b:99:54:48:a0:0e:3c:f2:66:98:99:c1:4a:05:
         a7:70:85:2b:53:4b:b5:9f:a6:7b:33:8c:c8:75:85:f2:f3:11:
         04:15:7b:ca:4e:2b:6f:2c:e3:e1:3a:f8:fa:eb:c3:49:dd:ee:
         79:49:a7:82:d9:86:6e:94:08:d0:e6:04:69:f3:52:4f:9f:ff:
         27:c3:65:b5:46:fd:46:c3:2b:a2:90:b9:2a:37:a2:2a:62:8c:
         57:9d:a3:ec:12:39:86:04:ba:ac:f6:90:e0:65:84:1c:1f:73:
         5d:92:a8:94:5a:9e:39:20:01:59:35:08:76:29:11:7a:a2:75:
         82:98:99:e4:cd:78:9b:35:67:6a:c6:15:ed:96:51:97:40:44:
         ac:a2:2d:51:45:b5:e2:e0:2c:b6:0c:f2:71:bc:e3:39:27:19:
         55:a6:95:ee:e9:7a:33:64:29:e2:f2:41:12:86:cb:9e:9e:08:
         c5:31:16:f5:33:13:aa:6d:cd:54:dd:ad:9c:48:6e:df:8b:99:
         41:13:3c:df:5b:fb:72:de:18:c6:9f:58:66:42:74:fb:92:14:
         01:2f:51:70
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgIUSORAKaVVTCSWT9MkXImYG6nnaigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBBQTZFMDRDNTc2NEIyNkI0ODg3RUYxNjc1QjJFOUM0
RUY4NDg2MzAeFw0yNDExMjcyMjE1MDBaFw0yNTExMjYyMjIwMDBaMDMxMTAvBgNV
BAMTKDQ1RkQxRjFFOTZERTA2NEE1Q0YyRjNDRjdDQzU4QjE1Mjg1MDZFQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCSJW+wSR4jxNCzWM8+Kj5PKhZ
htM03tXx75NC3a6V9J2YU7JOtnEdWP5vux7vVAySZBWQOr5adHloPDc4hsYS0ZiI
ULNsyafKIOxpZQqSCi8aF/qqnOL25T+emPVi3/ny7BDyATIoxkduL8BV5hQk9zsH
G2vughX1tf/ABWQf1L5ttWahzvP8OZfb08fhC72Zo15QwvdZGHrwmYoyKGqx+wP0
Pncynf6h3CTfvvROYNdDRtjn8D5Wz5HrmqidClj8Evb1WPztUGzo1ISQ52H5pBct
0bOVRT5rRFfeho4rmCAZOyliRnbRMwwds3Rf3veh1M3huH11LDRDUR6mDLybAgMB
AAGjggLUMIIC0DAdBgNVHQ4EFgQURf0fHpbeBkpc8vPPfMWLFShQbrIwHwYDVR0j
BBgwFoAUcKpuBMV2Sya0iH7xZ1sunE74SGMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85MUY1NjdGRURFNzlFNTFBMUFDNTMwMjdFN0QyQUZGMjEw
Mzc5RUI0NEYwRjQyQjI1M0VENDQ2NTE1MkUzM0ZELzAvNzBBQTZFMDRDNTc2NEIy
NkI0ODg3RUYxNjc1QjJFOUM0RUY4NDg2My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83MEFBNkUwNEM1NzY0QjI2QjQ4
ODdFRjE2NzVCMkU5QzRFRjg0ODYzLmNlcjCB0QYIKwYBBQUHAQsEgcQwgcEwgb4G
CCsGAQUFBzALhoGxcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTFGNTY3RkVERTc5RTUxQTFBQzUzMDI3RTdEMkFGRjIxMDM3OUVCNDRG
MEY0MkIyNTNFRDQ0NjUxNTJFMzNGRC8wLzMyMzgzMDMzM2EzMzMxMzkzMDNhNjUz
MDMwMzAzYTNhMmYzMzM5MmQzNDM4MjAzZDNlMjAzMjM3MzIzOTMzMzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEoAzGQ4DANBgkqhkiG9w0BAQsFAAOCAQEAWiwp4T3a2HuJ2OIWVzEiHV0G
WcPEKe3TTzQhU0aAJ9g/ccz3VHG20nuZVEigDjzyZpiZwUoFp3CFK1NLtZ+mezOM
yHWF8vMRBBV7yk4rbyzj4Tr4+uvDSd3ueUmngtmGbpQI0OYEafNST5//J8NltUb9
RsMropC5KjeiKmKMV52j7BI5hgS6rPaQ4GWEHB9zXZKolFqeOSABWTUIdikReqJ1
gpiZ5M14mzVnasYV7ZZRl0BErKItUUW14uAstgzycbzjOScZVaaV7ul6M2Qp4vJB
EobLnp4IxTEW9TMTqm3NVN2tnEhu34uZQRM831v7ct4Yxp9YZkJ0+5IUAS9RcA==
-----END CERTIFICATE-----
Generated at Tue Jan 14 01:12:18 2025 by rpki-client on console-ams.rpki-client.org