Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/323830333a663038303a326130303a3a2f33392d3433203d3e203237383433.roa
File:                     323830333a663038303a326130303a3a2f33392d3433203d3e203237383433.roa (raw, json)
Hash identifier:          jpTsolc/XnS/xGh5qjtKQbmXzXGTFCxFApRsmL8IlYM=
Subject key identifier:   27:46:BD:A8:C3:ED:62:3E:74:C8:44:9D:7E:4E:A6:66:0B:7E:5E:D9
Certificate issuer:       /CN=D6017AACFB785EAB7EA56D24337CDCD724EAC2AD
Certificate serial:       63EC2D17A6C5184E52D0B6ADD15722BB52B15731
Authority key identifier: D6:01:7A:AC:FB:78:5E:AB:7E:A5:6D:24:33:7C:DC:D7:24:EA:C2:AD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/323830333a663038303a326130303a3a2f33392d3433203d3e203237383433.roa
Signing time:             Fri 19 Apr 2024 04:55:00 +0000
ROA not before:           Fri 19 Apr 2024 04:50:00 +0000
ROA not after:            Fri 18 Apr 2025 04:55:00 +0000
asID:                     27843
IP address blocks:        2803:f080:2a00::/39 maxlen: 43

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:ec:2d:17:a6:c5:18:4e:52:d0:b6:ad:d1:57:22:bb:52:b1:57:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D6017AACFB785EAB7EA56D24337CDCD724EAC2AD
        Validity
            Not Before: Apr 19 04:50:00 2024 GMT
            Not After : Apr 18 04:55:00 2025 GMT
        Subject: CN=2746BDA8C3ED623E74C8449D7E4EA6660B7E5ED9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:75:e0:69:ec:6b:b7:51:e3:a7:1a:a1:10:af:
                    ce:52:fa:8f:4c:64:13:29:64:5d:bd:00:11:b4:2b:
                    ab:dc:0d:45:4d:d9:fd:c6:15:2b:f6:49:c0:23:e1:
                    a7:c2:8e:15:b0:c4:90:a8:6b:c9:65:73:73:4a:bc:
                    00:55:5e:b5:8c:4e:95:4c:76:3f:30:6f:c8:50:7b:
                    76:ae:7b:cc:1b:a4:9e:89:5e:7b:dd:ec:99:81:fb:
                    64:ff:98:3c:f0:83:34:14:9a:3b:72:3c:3b:22:35:
                    47:01:e1:6e:21:9c:3c:d6:7e:64:08:52:4a:1c:66:
                    31:1b:d0:06:0f:bb:76:35:dd:22:70:38:91:38:37:
                    b9:54:8a:db:aa:6e:df:36:6c:4d:22:da:69:38:7c:
                    0e:a2:88:5a:0f:db:b6:35:7b:ad:02:aa:12:dd:2c:
                    1c:83:2d:d5:58:3b:60:33:bc:8b:aa:e9:d6:11:f9:
                    35:0e:04:f6:58:14:5f:3f:b5:d1:51:8a:5c:56:43:
                    78:a3:42:61:3f:f1:f7:7d:36:91:e1:c3:77:7c:17:
                    48:0d:f7:30:ac:0c:43:4b:8a:d2:6b:e4:ad:c9:78:
                    4a:2f:c9:22:8e:91:96:8d:fc:35:02:fb:65:67:9d:
                    83:8a:1b:fc:a1:98:a7:b0:74:20:16:62:80:b5:67:
                    fa:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:46:BD:A8:C3:ED:62:3E:74:C8:44:9D:7E:4E:A6:66:0B:7E:5E:D9
            X509v3 Authority Key Identifier:
                keyid:D6:01:7A:AC:FB:78:5E:AB:7E:A5:6D:24:33:7C:DC:D7:24:EA:C2:AD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/323830333a663038303a326130303a3a2f33392d3433203d3e203237383433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:f080:2a00::/39

    Signature Algorithm: sha256WithRSAEncryption
         97:06:99:8e:14:e1:24:51:79:82:62:57:a0:34:72:3e:2a:74:
         7f:cf:09:43:23:7f:5c:76:01:e8:44:45:b4:92:08:0c:4f:6c:
         6c:11:68:96:55:22:6f:9e:fa:3c:06:e8:57:eb:f7:77:12:ad:
         6d:1e:db:6f:05:c8:11:ff:2d:91:14:ad:0c:97:32:b5:ff:0f:
         e7:78:3e:51:75:5f:73:51:50:34:91:b9:02:74:9c:b6:8e:56:
         27:84:d9:cd:56:ec:39:ca:e6:dc:8d:c9:67:2c:ac:7d:85:1c:
         93:ae:42:cc:f9:ba:0a:ca:60:6a:09:57:26:76:74:d2:21:71:
         8d:e2:a0:02:b6:66:18:70:1e:46:f6:95:da:a4:3a:25:f6:ab:
         47:88:fb:f4:6f:85:22:86:9b:55:ba:17:8b:60:16:a3:98:1b:
         df:fb:36:11:2c:49:e5:b6:6a:2a:8a:54:76:da:10:b4:6d:2e:
         9b:5a:95:78:c8:96:c5:66:e2:41:d7:0c:e1:28:71:de:62:97:
         1f:85:e8:71:f1:b9:78:f6:3f:8c:ed:77:19:15:91:1c:35:85:
         9f:7f:71:da:37:a3:06:d6:d8:b6:31:0c:d8:f5:5e:20:ac:a2:
         a5:07:78:ec:48:c9:05:fd:69:12:03:c5:a1:16:e6:52:06:9a:
         fa:74:67:fb
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIUY+wtF6bFGE5S0Lat0Vciu1KxVzEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDYwMTdBQUNGQjc4NUVBQjdFQTU2RDI0MzM3Q0RDRDcy
NEVBQzJBRDAeFw0yNDA0MTkwNDUwMDBaFw0yNTA0MTgwNDU1MDBaMDMxMTAvBgNV
BAMTKDI3NDZCREE4QzNFRDYyM0U3NEM4NDQ5RDdFNEVBNjY2MEI3RTVFRDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6deBp7Gu3UeOnGqEQr85S+o9M
ZBMpZF29ABG0K6vcDUVN2f3GFSv2ScAj4afCjhWwxJCoa8llc3NKvABVXrWMTpVM
dj8wb8hQe3aue8wbpJ6JXnvd7JmB+2T/mDzwgzQUmjtyPDsiNUcB4W4hnDzWfmQI
UkocZjEb0AYPu3Y13SJwOJE4N7lUituqbt82bE0i2mk4fA6iiFoP27Y1e60CqhLd
LByDLdVYO2AzvIuq6dYR+TUOBPZYFF8/tdFRilxWQ3ijQmE/8fd9NpHhw3d8F0gN
9zCsDENLitJr5K3JeEovySKOkZaN/DUC+2VnnYOKG/yhmKewdCAWYoC1Z/r/AgMB
AAGjggLSMIICzjAdBgNVHQ4EFgQUJ0a9qMPtYj50yESdfk6mZgt+XtkwHwYDVR0j
BBgwFoAU1gF6rPt4Xqt+pW0kM3zc1yTqwq0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQzIxREZEOTYxODhGRjAzMTg3NDA5M0JFRjc4QjdGQzdF
NUUzQ0M0MEYyMzkyMkQ5Q0RFNTlDRDExNjU4Qzg0LzAvRDYwMTdBQUNGQjc4NUVB
QjdFQTU2RDI0MzM3Q0RDRDcyNEVBQzJBRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjAxN0FBQ0ZCNzg1RUFCN0VB
NTZEMjQzMzdDRENENzI0RUFDMkFELmNlcjCBzwYIKwYBBQUHAQsEgcIwgb8wgbwG
CCsGAQUFBzALhoGvcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUMyMURGRDk2MTg4RkYwMzE4NzQwOTNCRUY3OEI3RkM3RTVFM0NDNDBG
MjM5MjJEOUNERTU5Q0QxMTY1OEM4NC8wLzMyMzgzMDMzM2E2NjMwMzgzMDNhMzI2
MTMwMzAzYTNhMmYzMzM5MmQzNDMzMjAzZDNlMjAzMjM3MzgzNDMzLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAI
AwYBKAPwgCowDQYJKoZIhvcNAQELBQADggEBAJcGmY4U4SRReYJiV6A0cj4qdH/P
CUMjf1x2AehERbSSCAxPbGwRaJZVIm+e+jwG6Ffr93cSrW0e228FyBH/LZEUrQyX
MrX/D+d4PlF1X3NRUDSRuQJ0nLaOVieE2c1W7DnK5tyNyWcsrH2FHJOuQsz5ugrK
YGoJVyZ2dNIhcY3ioAK2ZhhwHkb2ldqkOiX2q0eI+/RvhSKGm1W6F4tgFqOYG9/7
NhEsSeW2aiqKVHbaELRtLptalXjIlsVm4kHXDOEocd5ilx+F6HHxuXj2P4ztdxkV
kRw1hZ9/cdo3owbW2LYxDNj1XiCsoqUHeOxIyQX9aRIDxaEW5lIGmvp0Z/s=
-----END CERTIFICATE-----
Generated at Sun Jun 16 08:54:50 2024 by rpki-client on console-fra.rpki-client.org