Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/323830333a663038303a326534303a3a2f34332d3634203d3e203634313230.roa
File:                     323830333a663038303a326534303a3a2f34332d3634203d3e203634313230.roa (raw, json)
Hash identifier:          ecbqrPFk0g5a3m4cwHMZTMovFm25hUpga6RD8gHxO5g=
Subject key identifier:   5B:F4:86:71:6F:61:BB:E9:8C:ED:33:17:63:19:CF:F3:AA:74:4F:F9
Certificate issuer:       /CN=D6017AACFB785EAB7EA56D24337CDCD724EAC2AD
Certificate serial:       3E637BDBEA6A813D7AD79404B05725E794FAC953
Authority key identifier: D6:01:7A:AC:FB:78:5E:AB:7E:A5:6D:24:33:7C:DC:D7:24:EA:C2:AD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/323830333a663038303a326534303a3a2f34332d3634203d3e203634313230.roa
Signing time:             Sat 04 May 2024 16:30:00 +0000
ROA not before:           Sat 04 May 2024 16:25:00 +0000
ROA not after:            Sat 03 May 2025 16:30:00 +0000
asID:                     64120
IP address blocks:        2803:f080:2e40::/43 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:63:7b:db:ea:6a:81:3d:7a:d7:94:04:b0:57:25:e7:94:fa:c9:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D6017AACFB785EAB7EA56D24337CDCD724EAC2AD
        Validity
            Not Before: May  4 16:25:00 2024 GMT
            Not After : May  3 16:30:00 2025 GMT
        Subject: CN=5BF486716F61BBE98CED33176319CFF3AA744FF9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:8f:4d:a4:50:30:37:7d:20:15:7d:1e:e5:a0:
                    e4:5e:de:cd:26:63:b1:e4:d5:07:2c:de:b4:cb:a9:
                    1d:48:37:65:28:35:98:bd:e6:3d:20:d5:21:3f:3b:
                    ce:b5:4d:cb:0f:db:c1:ae:c6:bc:c0:35:c2:db:40:
                    25:e0:0c:cf:f3:2e:a0:24:4d:70:46:56:0b:f0:60:
                    a5:1f:3c:19:1b:57:ec:42:6f:6c:7b:9f:60:13:f0:
                    9e:21:1d:7b:f5:4d:f5:68:13:40:03:6f:52:ba:7f:
                    82:7c:88:56:fd:75:03:ed:ab:94:7d:d0:6b:19:d3:
                    fe:c1:6a:af:ee:b9:96:88:c5:da:60:09:52:3a:a0:
                    15:35:56:e1:97:4e:1f:17:49:93:fc:79:e4:10:4a:
                    27:d1:95:4d:81:c3:55:99:ee:e4:c1:75:7f:b6:36:
                    e6:21:7e:e2:f7:6e:ef:8c:37:42:ca:b1:72:63:9e:
                    7d:f5:a9:b9:bb:2b:10:bb:3d:22:44:53:8e:a6:7c:
                    54:af:04:67:d5:cc:f5:b6:f5:52:73:09:76:ec:a7:
                    45:b4:cf:90:dc:3f:90:a3:b6:ef:f2:cd:c2:f0:8a:
                    a1:b0:c6:0e:5a:49:b4:6a:ea:ac:66:87:1a:3f:1e:
                    23:43:44:c0:af:b5:ef:32:c1:9a:9e:4d:a3:4e:dc:
                    5f:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:F4:86:71:6F:61:BB:E9:8C:ED:33:17:63:19:CF:F3:AA:74:4F:F9
            X509v3 Authority Key Identifier:
                keyid:D6:01:7A:AC:FB:78:5E:AB:7E:A5:6D:24:33:7C:DC:D7:24:EA:C2:AD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/323830333a663038303a326534303a3a2f34332d3634203d3e203634313230.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:f080:2e40::/43

    Signature Algorithm: sha256WithRSAEncryption
         82:1c:b4:ad:4b:0b:a1:0b:8f:15:8e:df:d8:39:f6:e8:30:ff:
         9e:98:c7:ec:85:80:4c:2a:da:2f:cc:76:2f:94:4d:ac:a0:ed:
         72:86:38:ff:12:15:6a:65:b4:16:2c:2e:c7:88:55:01:39:55:
         64:90:a7:a8:0f:c8:34:1e:fc:ff:10:a7:a7:a8:88:38:ee:27:
         e7:87:0f:4b:5d:c3:37:17:94:1a:fc:04:97:96:3c:5a:34:70:
         0a:8f:d2:09:f1:c0:75:e4:0d:0c:af:b6:e2:22:fd:6f:b8:7e:
         85:38:40:13:88:21:ea:14:09:1a:a2:f1:af:f9:69:c0:49:6c:
         61:a8:10:d6:60:ec:ef:f9:c1:0b:47:d3:70:a9:1c:8d:09:0c:
         c6:cb:cb:83:e2:5e:4e:dd:86:fd:91:e5:bd:e5:ad:a5:85:99:
         7a:ad:77:06:d2:e6:da:aa:ae:56:fc:5d:15:42:7d:86:76:02:
         e4:f1:37:85:50:af:17:d1:18:ea:b3:67:a4:2b:ee:33:96:be:
         65:bc:a7:d2:c9:f9:72:d6:06:3e:eb:a1:f7:44:5e:1e:9a:e9:
         a8:37:57:55:01:40:93:c8:c4:05:e1:d4:1a:df:37:7a:1c:7f:
         49:e8:3d:44:1b:65:8c:63:10:c7:f3:9c:74:e5:41:4d:cd:e2:
         bd:6f:61:5f
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIUPmN72+pqgT1615QEsFcl55T6yVMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDYwMTdBQUNGQjc4NUVBQjdFQTU2RDI0MzM3Q0RDRDcy
NEVBQzJBRDAeFw0yNDA1MDQxNjI1MDBaFw0yNTA1MDMxNjMwMDBaMDMxMTAvBgNV
BAMTKDVCRjQ4NjcxNkY2MUJCRTk4Q0VEMzMxNzYzMTlDRkYzQUE3NDRGRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKj02kUDA3fSAVfR7loORe3s0m
Y7Hk1Qcs3rTLqR1IN2UoNZi95j0g1SE/O861TcsP28GuxrzANcLbQCXgDM/zLqAk
TXBGVgvwYKUfPBkbV+xCb2x7n2AT8J4hHXv1TfVoE0ADb1K6f4J8iFb9dQPtq5R9
0GsZ0/7Baq/uuZaIxdpgCVI6oBU1VuGXTh8XSZP8eeQQSifRlU2Bw1WZ7uTBdX+2
NuYhfuL3bu+MN0LKsXJjnn31qbm7KxC7PSJEU46mfFSvBGfVzPW29VJzCXbsp0W0
z5DcP5Cjtu/yzcLwiqGwxg5aSbRq6qxmhxo/HiNDRMCvte8ywZqeTaNO3F+/AgMB
AAGjggLTMIICzzAdBgNVHQ4EFgQUW/SGcW9hu+mM7TMXYxnP86p0T/kwHwYDVR0j
BBgwFoAU1gF6rPt4Xqt+pW0kM3zc1yTqwq0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQzIxREZEOTYxODhGRjAzMTg3NDA5M0JFRjc4QjdGQzdF
NUUzQ0M0MEYyMzkyMkQ5Q0RFNTlDRDExNjU4Qzg0LzAvRDYwMTdBQUNGQjc4NUVB
QjdFQTU2RDI0MzM3Q0RDRDcyNEVBQzJBRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjAxN0FBQ0ZCNzg1RUFCN0VB
NTZEMjQzMzdDRENENzI0RUFDMkFELmNlcjCBzwYIKwYBBQUHAQsEgcIwgb8wgbwG
CCsGAQUFBzALhoGvcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUMyMURGRDk2MTg4RkYwMzE4NzQwOTNCRUY3OEI3RkM3RTVFM0NDNDBG
MjM5MjJEOUNERTU5Q0QxMTY1OEM4NC8wLzMyMzgzMDMzM2E2NjMwMzgzMDNhMzI2
NTM0MzAzYTNhMmYzNDMzMmQzNjM0MjAzZDNlMjAzNjM0MzEzMjMwLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcFKAPwgC5AMA0GCSqGSIb3DQEBCwUAA4IBAQCCHLStSwuhC48Vjt/YOfboMP+e
mMfshYBMKtovzHYvlE2soO1yhjj/EhVqZbQWLC7HiFUBOVVkkKeoD8g0Hvz/EKen
qIg47ifnhw9LXcM3F5Qa/ASXljxaNHAKj9IJ8cB15A0Mr7biIv1vuH6FOEATiCHq
FAkaovGv+WnASWxhqBDWYOzv+cELR9NwqRyNCQzGy8uD4l5O3Yb9keW95a2lhZl6
rXcG0ubaqq5W/F0VQn2GdgLk8TeFUK8X0Rjqs2ekK+4zlr5lvKfSyfly1gY+66H3
RF4emumoN1dVAUCTyMQF4dQa3zd6HH9J6D1EG2WMYxDH85x05UFNzeK9b2Ff
-----END CERTIFICATE-----
Generated at Sun Jun 16 09:16:21 2024 by rpki-client on console-ams.rpki-client.org