Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A27B7339A57F2A4D198BBD6C5D5F64CE1AF814B409354771A230A2F02198539F/0/323830333a646230303a3a2f33322d3438203d3e20323632323334.roa
File:                     323830333a646230303a3a2f33322d3438203d3e20323632323334.roa (raw, json)
Hash identifier:          LkqkZAPxFoABEGm91xfSA7G6uuRS6Cy6ghDtmc4IANY=
Subject key identifier:   C1:72:CB:C7:CF:C1:AE:E5:D6:25:EE:28:2B:7F:A5:02:72:1B:F4:F0
Certificate issuer:       /CN=220AE4263EC4510BDEEDA90B2E56F50C63919DF0
Certificate serial:       5D77B201DCEC196F307A4F67FA2C3FD24447BC64
Authority key identifier: 22:0A:E4:26:3E:C4:51:0B:DE:ED:A9:0B:2E:56:F5:0C:63:91:9D:F0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/220AE4263EC4510BDEEDA90B2E56F50C63919DF0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A27B7339A57F2A4D198BBD6C5D5F64CE1AF814B409354771A230A2F02198539F/0/323830333a646230303a3a2f33322d3438203d3e20323632323334.roa
Signing time:             Tue 05 Mar 2024 17:56:48 +0000
ROA not before:           Tue 05 Mar 2024 17:51:48 +0000
ROA not after:            Tue 04 Mar 2025 17:56:48 +0000
asID:                     262234
IP address blocks:        2803:db00::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A27B7339A57F2A4D198BBD6C5D5F64CE1AF814B409354771A230A2F02198539F/0/220AE4263EC4510BDEEDA90B2E56F50C63919DF0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A27B7339A57F2A4D198BBD6C5D5F64CE1AF814B409354771A230A2F02198539F/0/220AE4263EC4510BDEEDA90B2E56F50C63919DF0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/220AE4263EC4510BDEEDA90B2E56F50C63919DF0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:77:b2:01:dc:ec:19:6f:30:7a:4f:67:fa:2c:3f:d2:44:47:bc:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=220AE4263EC4510BDEEDA90B2E56F50C63919DF0
        Validity
            Not Before: Mar  5 17:51:48 2024 GMT
            Not After : Mar  4 17:56:48 2025 GMT
        Subject: CN=C172CBC7CFC1AEE5D625EE282B7FA502721BF4F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:dc:0a:dd:ca:ce:d7:f0:7e:4c:c3:9b:90:db:
                    b6:8b:39:fa:d4:4a:47:b5:c3:56:e2:d5:af:e8:30:
                    98:42:92:f3:ad:4a:e6:6b:57:9b:71:3b:10:9a:c9:
                    cd:3a:ad:88:19:64:c2:74:50:e1:37:83:1d:a7:ac:
                    95:97:55:dc:82:97:e3:81:30:58:dc:48:a7:d6:c5:
                    32:ae:8c:01:02:f2:e7:65:0e:0e:49:cc:a3:a9:d1:
                    91:2b:d7:41:b6:9e:f3:71:40:11:2c:a1:55:c8:da:
                    90:fd:ca:2e:23:60:dc:12:73:71:bf:63:b5:19:c8:
                    63:4c:60:ef:57:3c:bf:09:1c:81:bc:28:3b:fe:fa:
                    b2:34:0b:af:54:3b:33:0f:c1:68:27:4d:05:f7:bb:
                    3c:47:3c:c8:b0:c9:72:08:85:74:53:df:c2:9a:c4:
                    de:7f:4b:fc:a3:e1:9a:ba:4e:f6:ef:2a:91:74:3d:
                    55:91:5b:97:a0:9a:2b:8b:d5:ce:ee:9d:d8:6d:c7:
                    2c:57:10:8c:19:63:f4:9e:40:ac:b6:e4:25:51:61:
                    46:fa:e0:33:ce:b0:f0:a7:d1:b4:6e:c8:3a:a5:02:
                    b7:9c:ac:c0:b7:f2:79:1e:bc:b2:29:31:c7:6d:17:
                    a5:5d:3b:47:4a:6b:57:50:18:b3:e5:15:0e:bc:d0:
                    10:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:72:CB:C7:CF:C1:AE:E5:D6:25:EE:28:2B:7F:A5:02:72:1B:F4:F0
            X509v3 Authority Key Identifier:
                keyid:22:0A:E4:26:3E:C4:51:0B:DE:ED:A9:0B:2E:56:F5:0C:63:91:9D:F0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A27B7339A57F2A4D198BBD6C5D5F64CE1AF814B409354771A230A2F02198539F/0/220AE4263EC4510BDEEDA90B2E56F50C63919DF0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/220AE4263EC4510BDEEDA90B2E56F50C63919DF0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A27B7339A57F2A4D198BBD6C5D5F64CE1AF814B409354771A230A2F02198539F/0/323830333a646230303a3a2f33322d3438203d3e20323632323334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:db00::/32

    Signature Algorithm: sha256WithRSAEncryption
         cb:99:b6:63:e4:fa:1f:da:8c:d3:5f:f5:c9:18:29:52:62:07:
         73:d0:c5:ec:2d:09:3a:81:e1:ea:11:38:d1:ce:74:de:6c:f6:
         aa:3c:d6:ed:42:20:0a:bf:2a:3f:b5:99:70:50:79:06:54:71:
         82:96:87:29:0f:63:e8:0e:d7:74:7c:62:5e:10:6c:f0:03:5a:
         a6:90:aa:b3:05:c1:67:70:da:c4:95:3f:0e:c4:d6:c4:ae:3c:
         f2:80:18:51:40:fa:33:8d:e0:66:e3:82:98:6a:83:fd:99:bb:
         f4:51:55:d5:9f:93:5f:cb:3d:31:35:20:bf:b5:b4:9e:d3:33:
         3e:2d:f1:5c:57:66:6e:a7:ff:33:4a:94:95:88:18:39:3e:fc:
         3d:33:e1:0d:b5:1e:af:88:5c:d4:ff:41:bb:20:d5:8d:a3:a6:
         a6:1a:14:88:2e:c2:53:9c:48:52:52:cb:dd:da:cc:1e:39:3c:
         96:80:c0:ff:05:a8:8b:0e:37:bb:ca:f6:42:7b:26:22:6b:e1:
         d5:4a:fb:f1:c3:3a:52:8d:11:6a:e1:22:15:95:c4:1c:db:2f:
         47:8a:3f:95:27:7d:81:0e:66:65:b4:3f:ab:22:ad:9c:84:83:
         8b:c9:42:0a:2f:ba:68:c1:a8:21:06:8e:13:f7:a1:e6:b4:2a:
         b3:66:8d:e9
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUXXeyAdzsGW8wek9n+iw/0kRHvGQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjIwQUU0MjYzRUM0NTEwQkRFRURBOTBCMkU1NkY1MEM2
MzkxOURGMDAeFw0yNDAzMDUxNzUxNDhaFw0yNTAzMDQxNzU2NDhaMDMxMTAvBgNV
BAMTKEMxNzJDQkM3Q0ZDMUFFRTVENjI1RUUyODJCN0ZBNTAyNzIxQkY0RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp3Ardys7X8H5Mw5uQ27aLOfrU
Ske1w1bi1a/oMJhCkvOtSuZrV5txOxCayc06rYgZZMJ0UOE3gx2nrJWXVdyCl+OB
MFjcSKfWxTKujAEC8udlDg5JzKOp0ZEr10G2nvNxQBEsoVXI2pD9yi4jYNwSc3G/
Y7UZyGNMYO9XPL8JHIG8KDv++rI0C69UOzMPwWgnTQX3uzxHPMiwyXIIhXRT38Ka
xN5/S/yj4Zq6TvbvKpF0PVWRW5egmiuL1c7undhtxyxXEIwZY/SeQKy25CVRYUb6
4DPOsPCn0bRuyDqlArecrMC38nkevLIpMcdtF6VdO0dKa1dQGLPlFQ680BCNAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUwXLLx8/BruXWJe4oK3+lAnIb9PAwHwYDVR0j
BBgwFoAUIgrkJj7EUQve7akLLlb1DGORnfAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMjdCNzMzOUE1N0YyQTREMTk4QkJENkM1RDVGNjRDRTFB
RjgxNEI0MDkzNTQ3NzFBMjMwQTJGMDIxOTg1MzlGLzAvMjIwQUU0MjYzRUM0NTEw
QkRFRURBOTBCMkU1NkY1MEM2MzkxOURGMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMjBBRTQyNjNFQzQ1MTBCREVF
REE5MEIyRTU2RjUwQzYzOTE5REYwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTI3QjczMzlBNTdGMkE0RDE5OEJCRDZDNUQ1RjY0Q0UxQUY4MTRCNDA5
MzU0NzcxQTIzMEEyRjAyMTk4NTM5Ri8wLzMyMzgzMDMzM2E2NDYyMzAzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzYzMjMyMzMzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgD2wAw
DQYJKoZIhvcNAQELBQADggEBAMuZtmPk+h/ajNNf9ckYKVJiB3PQxewtCTqB4eoR
ONHOdN5s9qo81u1CIAq/Kj+1mXBQeQZUcYKWhykPY+gO13R8Yl4QbPADWqaQqrMF
wWdw2sSVPw7E1sSuPPKAGFFA+jON4Gbjgphqg/2Zu/RRVdWfk1/LPTE1IL+1tJ7T
Mz4t8VxXZm6n/zNKlJWIGDk+/D0z4Q21Hq+IXNT/Qbsg1Y2jpqYaFIguwlOcSFJS
y93azB45PJaAwP8FqIsON7vK9kJ7JiJr4dVK+/HDOlKNEWrhIhWVxBzbL0eKP5Un
fYEOZmW0P6sirZyEg4vJQgovumjBqCEGjhP3oea0KrNmjek=
-----END CERTIFICATE-----
Generated at Wed Nov 20 12:07:53 2024 by rpki-client on console-fra.rpki-client.org