Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AF5299F15C072EB338CD27866457F79835E18A2FD63C47002C1EE31F358F737B/0/323830333a346361303a3a2f33322d3438203d3e20323636383334.roa
File:                     323830333a346361303a3a2f33322d3438203d3e20323636383334.roa (raw, json)
Hash identifier:          BNozxT9ihVS7x7EP30OsweaoVu/vJrwDmrlxmnAPB0M=
Subject key identifier:   57:37:B8:7B:D2:1A:F4:AB:B5:D1:71:00:E9:C5:DE:19:2B:9C:44:17
Certificate issuer:       /CN=B6200CE22A13E0365B263C1B068DE612DB3FA0CC
Certificate serial:       315BE18FADC9084E871BC42F3E9252325CA645E1
Authority key identifier: B6:20:0C:E2:2A:13:E0:36:5B:26:3C:1B:06:8D:E6:12:DB:3F:A0:CC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6200CE22A13E0365B263C1B068DE612DB3FA0CC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AF5299F15C072EB338CD27866457F79835E18A2FD63C47002C1EE31F358F737B/0/323830333a346361303a3a2f33322d3438203d3e20323636383334.roa
Signing time:             Tue 05 Mar 2024 17:54:54 +0000
ROA not before:           Tue 05 Mar 2024 17:49:54 +0000
ROA not after:            Tue 04 Mar 2025 17:54:54 +0000
asID:                     266834
IP address blocks:        2803:4ca0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/AF5299F15C072EB338CD27866457F79835E18A2FD63C47002C1EE31F358F737B/0/B6200CE22A13E0365B263C1B068DE612DB3FA0CC.crl
                          rsync://repository.lacnic.net/rpki/lacnic/AF5299F15C072EB338CD27866457F79835E18A2FD63C47002C1EE31F358F737B/0/B6200CE22A13E0365B263C1B068DE612DB3FA0CC.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6200CE22A13E0365B263C1B068DE612DB3FA0CC.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:5b:e1:8f:ad:c9:08:4e:87:1b:c4:2f:3e:92:52:32:5c:a6:45:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B6200CE22A13E0365B263C1B068DE612DB3FA0CC
        Validity
            Not Before: Mar  5 17:49:54 2024 GMT
            Not After : Mar  4 17:54:54 2025 GMT
        Subject: CN=5737B87BD21AF4ABB5D17100E9C5DE192B9C4417
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:8b:dd:da:f7:2b:ab:7a:00:9a:a1:67:79:42:
                    95:5d:c8:56:7e:f6:00:a2:5c:5c:49:28:75:71:94:
                    37:ff:13:27:76:96:b8:cf:e9:ab:e1:5d:41:ca:5c:
                    29:89:59:0c:f3:69:5f:6a:51:86:4e:c7:20:6f:33:
                    0e:0d:83:28:da:56:d2:be:da:6b:75:c6:67:06:82:
                    c6:b6:0a:3a:76:d9:1d:8a:a6:a1:32:80:ab:d9:e3:
                    70:6f:d4:20:ac:4e:1e:58:76:56:0d:5f:45:bb:c4:
                    91:80:5c:24:0f:52:9e:9c:ca:07:8a:38:d2:45:12:
                    b7:f5:47:5c:f1:1a:02:29:3d:68:fd:0e:8d:90:fd:
                    e6:10:dc:f3:c7:2f:d4:ec:88:62:a2:2e:be:4c:ea:
                    3a:d9:23:c3:cd:9a:cc:0a:18:7a:03:a1:da:b9:69:
                    56:d5:5b:8d:72:87:b8:f5:71:14:ab:97:68:c9:d1:
                    3b:aa:b7:e8:00:59:d0:22:02:cd:13:80:ba:87:9e:
                    c2:df:ce:4a:a0:40:97:35:a8:9c:43:cb:66:3c:de:
                    94:24:5d:b5:36:07:65:f9:36:44:db:f0:8d:c1:df:
                    0c:46:9a:98:db:07:c3:66:d0:2a:69:5a:a6:fe:2c:
                    41:21:92:90:90:ba:cd:0a:a4:a0:0e:ab:1d:fa:e4:
                    b3:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:37:B8:7B:D2:1A:F4:AB:B5:D1:71:00:E9:C5:DE:19:2B:9C:44:17
            X509v3 Authority Key Identifier:
                keyid:B6:20:0C:E2:2A:13:E0:36:5B:26:3C:1B:06:8D:E6:12:DB:3F:A0:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AF5299F15C072EB338CD27866457F79835E18A2FD63C47002C1EE31F358F737B/0/B6200CE22A13E0365B263C1B068DE612DB3FA0CC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6200CE22A13E0365B263C1B068DE612DB3FA0CC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AF5299F15C072EB338CD27866457F79835E18A2FD63C47002C1EE31F358F737B/0/323830333a346361303a3a2f33322d3438203d3e20323636383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:4ca0::/32

    Signature Algorithm: sha256WithRSAEncryption
         44:e5:f4:60:6e:21:58:c8:5b:97:68:96:f7:14:56:62:cc:4c:
         0b:47:1e:1a:d7:19:55:27:1b:e5:64:16:b4:98:9b:e7:05:40:
         f6:7a:63:71:21:c7:76:cd:ce:3d:bc:cc:9b:7e:a4:67:bd:5a:
         07:80:6a:3d:6c:78:30:04:06:e3:f4:79:ec:f9:27:f1:ae:9d:
         73:6d:eb:a4:31:10:81:56:5d:a6:89:68:c1:ed:08:6f:47:fb:
         ec:df:37:60:da:e8:35:c5:cc:7a:0f:a8:b9:db:f5:1f:7a:31:
         81:ba:bb:e3:34:40:a7:0f:fe:30:81:da:46:8f:c7:49:be:d1:
         a8:39:17:38:96:f3:47:93:ea:7b:9e:d5:3d:b1:58:f1:55:09:
         50:37:93:32:b7:ec:0f:9c:38:e5:c3:54:8f:9c:c7:0a:32:9e:
         ce:ab:e0:48:5e:99:41:2c:cc:61:4e:fa:fe:c7:9f:0d:40:95:
         20:c8:a8:15:b1:8e:b2:bf:96:70:05:0b:96:1e:bf:d8:62:06:
         a6:15:bc:67:7a:cc:7a:19:27:36:ff:4f:ae:ca:f7:65:34:55:
         d2:03:f4:68:b3:ac:f6:76:c9:07:95:81:0e:0a:c2:ee:ad:27:
         0e:89:10:b6:ce:03:8d:a0:db:af:c9:e2:fc:6c:93:d5:1a:a1:
         4b:d8:85:b4
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUMVvhj63JCE6HG8QvPpJSMlymReEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjYyMDBDRTIyQTEzRTAzNjVCMjYzQzFCMDY4REU2MTJE
QjNGQTBDQzAeFw0yNDAzMDUxNzQ5NTRaFw0yNTAzMDQxNzU0NTRaMDMxMTAvBgNV
BAMTKDU3MzdCODdCRDIxQUY0QUJCNUQxNzEwMEU5QzVERTE5MkI5QzQ0MTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4i93a9yuregCaoWd5QpVdyFZ+
9gCiXFxJKHVxlDf/Eyd2lrjP6avhXUHKXCmJWQzzaV9qUYZOxyBvMw4NgyjaVtK+
2mt1xmcGgsa2Cjp22R2KpqEygKvZ43Bv1CCsTh5YdlYNX0W7xJGAXCQPUp6cygeK
ONJFErf1R1zxGgIpPWj9Do2Q/eYQ3PPHL9TsiGKiLr5M6jrZI8PNmswKGHoDodq5
aVbVW41yh7j1cRSrl2jJ0Tuqt+gAWdAiAs0TgLqHnsLfzkqgQJc1qJxDy2Y83pQk
XbU2B2X5NkTb8I3B3wxGmpjbB8Nm0CppWqb+LEEhkpCQus0KpKAOqx365LN5AgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUVze4e9Ia9Ku10XEA6cXeGSucRBcwHwYDVR0j
BBgwFoAUtiAM4ioT4DZbJjwbBo3mEts/oMwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BRjUyOTlGMTVDMDcyRUIzMzhDRDI3ODY2NDU3Rjc5ODM1
RTE4QTJGRDYzQzQ3MDAyQzFFRTMxRjM1OEY3MzdCLzAvQjYyMDBDRTIyQTEzRTAz
NjVCMjYzQzFCMDY4REU2MTJEQjNGQTBDQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CNjIwMENFMjJBMTNFMDM2NUIy
NjNDMUIwNjhERTYxMkRCM0ZBMENDLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUY1Mjk5RjE1QzA3MkVCMzM4Q0QyNzg2NjQ1N0Y3OTgzNUUxOEEyRkQ2
M0M0NzAwMkMxRUUzMUYzNThGNzM3Qi8wLzMyMzgzMDMzM2EzNDYzNjEzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzYzNjM4MzMzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDTKAw
DQYJKoZIhvcNAQELBQADggEBAETl9GBuIVjIW5dolvcUVmLMTAtHHhrXGVUnG+Vk
FrSYm+cFQPZ6Y3Ehx3bNzj28zJt+pGe9WgeAaj1seDAEBuP0eez5J/GunXNt66Qx
EIFWXaaJaMHtCG9H++zfN2Da6DXFzHoPqLnb9R96MYG6u+M0QKcP/jCB2kaPx0m+
0ag5FziW80eT6nue1T2xWPFVCVA3kzK37A+cOOXDVI+cxwoyns6r4EhemUEszGFO
+v7Hnw1AlSDIqBWxjrK/lnAFC5Yev9hiBqYVvGd6zHoZJzb/T67K92U0VdID9Giz
rPZ2yQeVgQ4Kwu6tJw6JELbOA42g26/J4vxsk9UaoUvYhbQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:47:01 2024 by rpki-client on console-ams.rpki-client.org