Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/323830333a663038303a633030303a3a2f33352d3433203d3e20323732303034.roa
File:                     323830333a663038303a633030303a3a2f33352d3433203d3e20323732303034.roa (raw, json)
Hash identifier:          H7Kgxuhg9n8kboBz5s3nfVmWK1Qxm5jTq+MbwSoEzjs=
Subject key identifier:   6F:03:53:C4:71:B7:2F:87:8C:0E:D1:9A:EA:50:64:81:11:99:8A:70
Certificate issuer:       /CN=D6017AACFB785EAB7EA56D24337CDCD724EAC2AD
Certificate serial:       7AE8ED70A94D88C6EEA48944C18BD3C75A14F851
Authority key identifier: D6:01:7A:AC:FB:78:5E:AB:7E:A5:6D:24:33:7C:DC:D7:24:EA:C2:AD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/323830333a663038303a633030303a3a2f33352d3433203d3e20323732303034.roa
Signing time:             Tue 05 Mar 2024 17:45:57 +0000
ROA not before:           Tue 05 Mar 2024 17:40:57 +0000
ROA not after:            Tue 04 Mar 2025 17:45:57 +0000
asID:                     272004
IP address blocks:        2803:f080:c000::/35 maxlen: 43

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:e8:ed:70:a9:4d:88:c6:ee:a4:89:44:c1:8b:d3:c7:5a:14:f8:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D6017AACFB785EAB7EA56D24337CDCD724EAC2AD
        Validity
            Not Before: Mar  5 17:40:57 2024 GMT
            Not After : Mar  4 17:45:57 2025 GMT
        Subject: CN=6F0353C471B72F878C0ED19AEA50648111998A70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:35:a2:18:75:41:db:e0:cf:49:e7:5c:4e:06:
                    79:86:d8:b4:5d:ce:cf:49:50:cc:50:81:4d:16:d6:
                    39:3a:b4:c3:bd:6c:26:88:79:29:b7:3b:0d:3a:2f:
                    e4:ae:9c:7b:d1:1b:b3:e0:0e:8b:c8:dd:eb:6f:30:
                    68:10:82:dc:ef:15:3f:96:aa:0d:4d:f8:01:40:9d:
                    3d:72:9e:2d:c6:36:2a:fd:86:b6:55:30:54:b7:0d:
                    3a:86:39:35:8d:88:f6:01:9a:24:fc:61:1c:df:2b:
                    c4:0b:d3:21:87:30:2a:23:e3:88:9f:b0:c6:09:d6:
                    31:4e:4c:0a:19:a2:1c:05:1b:54:e1:69:d2:de:ed:
                    6a:4d:25:f2:59:6f:61:ba:68:19:2d:52:3f:aa:d3:
                    97:1b:4e:d6:96:37:f6:e8:90:a8:b1:8c:e0:f1:56:
                    34:dc:6c:47:7d:25:98:bc:e2:d3:e2:4a:b0:81:44:
                    30:0f:8e:22:66:7f:38:ce:88:92:de:08:3d:95:9c:
                    b5:8b:93:72:92:2c:0b:51:b7:89:d9:b5:26:ba:0f:
                    f4:35:14:3d:b2:1b:d6:a5:93:59:fe:be:43:3b:1a:
                    33:66:68:72:7b:a4:bb:41:6e:53:49:8a:83:8f:a3:
                    ec:40:dc:83:f3:d2:0c:8f:fd:4e:64:42:ec:1a:f1:
                    3c:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:03:53:C4:71:B7:2F:87:8C:0E:D1:9A:EA:50:64:81:11:99:8A:70
            X509v3 Authority Key Identifier:
                keyid:D6:01:7A:AC:FB:78:5E:AB:7E:A5:6D:24:33:7C:DC:D7:24:EA:C2:AD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6017AACFB785EAB7EA56D24337CDCD724EAC2AD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AC21DFD96188FF031874093BEF78B7FC7E5E3CC40F23922D9CDE59CD11658C84/0/323830333a663038303a633030303a3a2f33352d3433203d3e20323732303034.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:f080:c000::/35

    Signature Algorithm: sha256WithRSAEncryption
         29:16:e3:2e:05:9f:fb:31:6b:a7:cb:8a:fb:5c:18:fb:6f:7e:
         7c:8d:88:98:7b:76:19:82:a6:ba:bc:c5:3e:62:60:86:c8:d3:
         21:bb:f2:77:52:24:e0:2b:ff:69:76:b2:cf:52:f8:7d:da:fd:
         48:f8:2d:6d:7f:78:ca:ab:cf:c6:25:a1:b2:4f:23:bc:c1:d8:
         9a:fa:44:19:4b:d3:eb:1d:e4:d2:7a:f7:10:bd:ff:21:0b:1f:
         04:d3:a3:a7:23:39:86:47:d1:ef:f7:bb:3f:9e:62:61:1b:8b:
         34:17:5f:bc:53:90:9a:d1:1e:e6:4b:e6:8b:eb:2d:e6:08:b3:
         02:23:b7:12:bb:4c:95:aa:fb:6f:dd:c9:e4:65:a8:e6:68:b8:
         9f:7b:98:5e:2e:d7:26:09:91:f5:91:4f:b6:95:a4:96:53:0d:
         f7:9b:33:47:08:85:d6:7b:d2:cf:28:50:a1:bd:2e:08:35:96:
         0c:62:b1:07:39:40:a0:b2:e6:93:98:9f:21:e3:ae:8d:20:82:
         00:85:ee:04:63:40:7d:5d:84:77:81:a5:f8:e7:36:eb:59:18:
         85:60:39:3b:10:1e:1e:b4:29:d5:92:b9:25:7d:79:97:6a:c7:
         27:0d:4b:45:d3:37:a5:c0:b4:cf:64:5c:74:c3:81:a3:e2:34:
         71:a1:5c:58
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgIUeujtcKlNiMbupIlEwYvTx1oU+FEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDYwMTdBQUNGQjc4NUVBQjdFQTU2RDI0MzM3Q0RDRDcy
NEVBQzJBRDAeFw0yNDAzMDUxNzQwNTdaFw0yNTAzMDQxNzQ1NTdaMDMxMTAvBgNV
BAMTKDZGMDM1M0M0NzFCNzJGODc4QzBFRDE5QUVBNTA2NDgxMTE5OThBNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0NaIYdUHb4M9J51xOBnmG2LRd
zs9JUMxQgU0W1jk6tMO9bCaIeSm3Ow06L+SunHvRG7PgDovI3etvMGgQgtzvFT+W
qg1N+AFAnT1yni3GNir9hrZVMFS3DTqGOTWNiPYBmiT8YRzfK8QL0yGHMCoj44if
sMYJ1jFOTAoZohwFG1ThadLe7WpNJfJZb2G6aBktUj+q05cbTtaWN/bokKixjODx
VjTcbEd9JZi84tPiSrCBRDAPjiJmfzjOiJLeCD2VnLWLk3KSLAtRt4nZtSa6D/Q1
FD2yG9alk1n+vkM7GjNmaHJ7pLtBblNJioOPo+xA3IPz0gyP/U5kQuwa8TxnAgMB
AAGjggLUMIIC0DAdBgNVHQ4EFgQUbwNTxHG3L4eMDtGa6lBkgRGZinAwHwYDVR0j
BBgwFoAU1gF6rPt4Xqt+pW0kM3zc1yTqwq0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQzIxREZEOTYxODhGRjAzMTg3NDA5M0JFRjc4QjdGQzdF
NUUzQ0M0MEYyMzkyMkQ5Q0RFNTlDRDExNjU4Qzg0LzAvRDYwMTdBQUNGQjc4NUVB
QjdFQTU2RDI0MzM3Q0RDRDcyNEVBQzJBRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjAxN0FBQ0ZCNzg1RUFCN0VB
NTZEMjQzMzdDRENENzI0RUFDMkFELmNlcjCB0QYIKwYBBQUHAQsEgcQwgcEwgb4G
CCsGAQUFBzALhoGxcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUMyMURGRDk2MTg4RkYwMzE4NzQwOTNCRUY3OEI3RkM3RTVFM0NDNDBG
MjM5MjJEOUNERTU5Q0QxMTY1OEM4NC8wLzMyMzgzMDMzM2E2NjMwMzgzMDNhNjMz
MDMwMzAzYTNhMmYzMzM1MmQzNDMzMjAzZDNlMjAzMjM3MzIzMDMwMzQucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgUoA/CAwDANBgkqhkiG9w0BAQsFAAOCAQEAKRbjLgWf+zFrp8uK+1wY+29+
fI2ImHt2GYKmurzFPmJghsjTIbvyd1Ik4Cv/aXayz1L4fdr9SPgtbX94yqvPxiWh
sk8jvMHYmvpEGUvT6x3k0nr3EL3/IQsfBNOjpyM5hkfR7/e7P55iYRuLNBdfvFOQ
mtEe5kvmi+st5gizAiO3ErtMlar7b93J5GWo5mi4n3uYXi7XJgmR9ZFPtpWkllMN
95szRwiF1nvSzyhQob0uCDWWDGKxBzlAoLLmk5ifIeOujSCCAIXuBGNAfV2Ed4Gl
+Oc261kYhWA5OxAeHrQp1ZK5JX15l2rHJw1LRdM3pcC0z2RcdMOBo+I0caFcWA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 09:16:21 2024 by rpki-client on console-ams.rpki-client.org