Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9F7AC10DF03D4997A115601963AA2A8D838C64B914027DAECEF7156C562CFD60/0/323830333a353530303a3a2f33322d3430203d3e203532343331.roa
File:                     323830333a353530303a3a2f33322d3430203d3e203532343331.roa (raw, json)
Hash identifier:          4VEuEoXJdAycoB3oOOXDmX4cOP8AbCUCh9hbpEa3hrs=
Subject key identifier:   A0:A3:4F:0F:69:DA:13:F9:84:AC:64:71:D8:84:7B:8B:84:66:D7:F3
Certificate issuer:       /CN=3637361DE43FA7164FAE0E4817E4450F8942C23D
Certificate serial:       36E9F2B058FFBDE872895BF1605857A6337DCCA3
Authority key identifier: 36:37:36:1D:E4:3F:A7:16:4F:AE:0E:48:17:E4:45:0F:89:42:C2:3D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3637361DE43FA7164FAE0E4817E4450F8942C23D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9F7AC10DF03D4997A115601963AA2A8D838C64B914027DAECEF7156C562CFD60/0/323830333a353530303a3a2f33322d3430203d3e203532343331.roa
Signing time:             Tue 05 Mar 2024 18:16:37 +0000
ROA not before:           Tue 05 Mar 2024 18:11:37 +0000
ROA not after:            Tue 04 Mar 2025 18:16:37 +0000
asID:                     52431
IP address blocks:        2803:5500::/32 maxlen: 40

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9F7AC10DF03D4997A115601963AA2A8D838C64B914027DAECEF7156C562CFD60/0/3637361DE43FA7164FAE0E4817E4450F8942C23D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9F7AC10DF03D4997A115601963AA2A8D838C64B914027DAECEF7156C562CFD60/0/3637361DE43FA7164FAE0E4817E4450F8942C23D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3637361DE43FA7164FAE0E4817E4450F8942C23D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 21 Jul 2024 04:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:e9:f2:b0:58:ff:bd:e8:72:89:5b:f1:60:58:57:a6:33:7d:cc:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3637361DE43FA7164FAE0E4817E4450F8942C23D
        Validity
            Not Before: Mar  5 18:11:37 2024 GMT
            Not After : Mar  4 18:16:37 2025 GMT
        Subject: CN=A0A34F0F69DA13F984AC6471D8847B8B8466D7F3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:36:97:8d:37:84:d2:53:68:6b:63:12:a4:8d:
                    99:f7:fc:6f:b1:b5:43:24:a1:83:ab:da:eb:af:54:
                    6d:83:d5:85:15:60:ff:03:bc:d2:57:f0:99:f4:e1:
                    59:4c:ab:1a:62:72:dd:b3:95:95:d9:72:4c:e9:6d:
                    bf:a2:43:4c:9d:21:47:dc:f4:67:d2:f6:14:36:b1:
                    41:7a:5b:9c:c0:68:b1:2e:ea:e4:9c:db:98:f6:1e:
                    1a:e6:b1:1a:6b:c6:d7:cf:db:9a:7f:65:c8:a9:be:
                    8b:d0:b6:b9:0f:8d:ee:00:a2:c3:2b:04:6f:d1:e2:
                    79:09:f5:87:2b:f3:59:12:48:09:1a:d0:12:be:22:
                    05:10:a3:bc:29:c6:da:17:c7:c9:67:47:79:eb:f2:
                    de:5b:3a:95:31:2a:47:99:85:0b:7d:e4:df:b9:77:
                    8a:c6:f2:b3:63:0d:bf:59:f8:4d:47:05:70:92:95:
                    21:6c:1f:f4:b7:cf:c5:b3:35:9c:fe:fb:e1:ef:23:
                    ec:6d:46:a6:ae:87:1d:3f:a2:a9:e5:06:b3:18:cb:
                    91:df:8a:22:9e:ff:03:03:ee:4d:18:9c:af:41:4a:
                    58:df:d9:02:0b:84:04:17:14:ca:a3:64:2a:4a:60:
                    21:e0:7d:25:f9:8f:72:c4:dd:8a:03:ea:72:da:02:
                    71:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:A3:4F:0F:69:DA:13:F9:84:AC:64:71:D8:84:7B:8B:84:66:D7:F3
            X509v3 Authority Key Identifier:
                keyid:36:37:36:1D:E4:3F:A7:16:4F:AE:0E:48:17:E4:45:0F:89:42:C2:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9F7AC10DF03D4997A115601963AA2A8D838C64B914027DAECEF7156C562CFD60/0/3637361DE43FA7164FAE0E4817E4450F8942C23D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3637361DE43FA7164FAE0E4817E4450F8942C23D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9F7AC10DF03D4997A115601963AA2A8D838C64B914027DAECEF7156C562CFD60/0/323830333a353530303a3a2f33322d3430203d3e203532343331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:5500::/32

    Signature Algorithm: sha256WithRSAEncryption
         bc:04:0b:04:d5:c1:ad:db:68:e2:69:94:98:c8:b0:90:97:51:
         cc:00:5f:24:b2:15:0a:17:59:64:49:23:bc:40:f3:7d:b3:bd:
         98:c0:fd:ad:ac:b1:1f:f2:6e:f3:fb:12:33:2d:9f:e7:db:43:
         cb:de:e3:8c:ca:79:a6:4b:37:29:e6:4a:27:2f:28:9d:8b:57:
         5c:21:97:11:9c:0e:45:4f:0b:75:81:f7:df:73:a7:f7:40:9c:
         75:47:d6:34:a2:26:15:33:ea:e0:b2:33:fe:43:ab:98:23:6d:
         38:52:21:cf:b8:12:eb:a5:99:9a:79:0e:c2:24:45:dd:5b:20:
         5d:2d:a4:22:14:d8:15:f3:e0:5e:52:c9:9d:d0:47:dc:fa:57:
         1a:6a:da:9a:ac:77:1e:1e:0b:9f:f6:32:91:0c:dc:bc:64:0a:
         0b:4c:4b:4d:8d:e5:51:21:d5:4e:79:50:fe:4b:59:f9:93:cd:
         b1:56:89:49:2c:00:34:1b:9b:ff:70:f1:cb:51:83:17:d1:60:
         43:60:40:e6:de:5f:98:be:b5:b3:1b:fd:15:e3:50:fd:3c:be:
         46:27:a5:24:27:4e:2f:06:78:8f:d6:23:1d:ae:06:66:07:24:
         9d:55:58:d0:40:98:f3:3e:f1:51:d7:61:eb:1c:83:1c:11:0f:
         2b:f2:de:b4
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUNunysFj/vehyiVvxYFhXpjN9zKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzYzNzM2MURFNDNGQTcxNjRGQUUwRTQ4MTdFNDQ1MEY4
OTQyQzIzRDAeFw0yNDAzMDUxODExMzdaFw0yNTAzMDQxODE2MzdaMDMxMTAvBgNV
BAMTKEEwQTM0RjBGNjlEQTEzRjk4NEFDNjQ3MUQ4ODQ3QjhCODQ2NkQ3RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDENpeNN4TSU2hrYxKkjZn3/G+x
tUMkoYOr2uuvVG2D1YUVYP8DvNJX8Jn04VlMqxpict2zlZXZckzpbb+iQ0ydIUfc
9GfS9hQ2sUF6W5zAaLEu6uSc25j2HhrmsRprxtfP25p/ZcipvovQtrkPje4AosMr
BG/R4nkJ9Ycr81kSSAka0BK+IgUQo7wpxtoXx8lnR3nr8t5bOpUxKkeZhQt95N+5
d4rG8rNjDb9Z+E1HBXCSlSFsH/S3z8WzNZz+++HvI+xtRqauhx0/oqnlBrMYy5Hf
iiKe/wMD7k0YnK9BSljf2QILhAQXFMqjZCpKYCHgfSX5j3LE3YoD6nLaAnFfAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUoKNPD2naE/mErGRx2IR7i4Rm1/MwHwYDVR0j
BBgwFoAUNjc2HeQ/pxZPrg5IF+RFD4lCwj0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85RjdBQzEwREYwM0Q0OTk3QTExNTYwMTk2M0FBMkE4RDgz
OEM2NEI5MTQwMjdEQUVDRUY3MTU2QzU2MkNGRDYwLzAvMzYzNzM2MURFNDNGQTcx
NjRGQUUwRTQ4MTdFNDQ1MEY4OTQyQzIzRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zNjM3MzYxREU0M0ZBNzE2NEZB
RTBFNDgxN0U0NDUwRjg5NDJDMjNELmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOUY3QUMxMERGMDNENDk5N0ExMTU2MDE5NjNBQTJBOEQ4MzhDNjRCOTE0
MDI3REFFQ0VGNzE1NkM1NjJDRkQ2MC8wLzMyMzgzMDMzM2EzNTM1MzAzMDNhM2Ey
ZjMzMzIyZDM0MzAyMDNkM2UyMDM1MzIzNDMzMzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA1UAMA0G
CSqGSIb3DQEBCwUAA4IBAQC8BAsE1cGt22jiaZSYyLCQl1HMAF8kshUKF1lkSSO8
QPN9s72YwP2trLEf8m7z+xIzLZ/n20PL3uOMynmmSzcp5konLyidi1dcIZcRnA5F
Twt1gfffc6f3QJx1R9Y0oiYVM+rgsjP+Q6uYI204UiHPuBLrpZmaeQ7CJEXdWyBd
LaQiFNgV8+BeUsmd0Efc+lcaatqarHceHguf9jKRDNy8ZAoLTEtNjeVRIdVOeVD+
S1n5k82xVolJLAA0G5v/cPHLUYMX0WBDYEDm3l+YvrWzG/0V41D9PL5GJ6UkJ04v
BniP1iMdrgZmBySdVVjQQJjzPvFR12HrHIMcEQ8r8t60
-----END CERTIFICATE-----
Generated at Wed Jul 17 07:39:21 2024 by rpki-client on console-fra.rpki-client.org