Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B2CD1FB588CF2A3078667525D1AD957561CA57DCC94AA784C24CA84F089B85C3/0/323830333a333130303a3a2f33322d3332203d3e203136393733.roa
File:                     323830333a333130303a3a2f33322d3332203d3e203136393733.roa (raw, json)
Hash identifier:          llh5nstPEC5Bo67lk32je+Wio1ku1vh5LdyAv9lh0ZI=
Subject key identifier:   9C:F9:DD:85:B0:C4:5B:8E:39:F4:2E:41:47:F6:12:B5:CE:3E:00:1B
Certificate issuer:       /CN=71B0CD08B5DCFED6F97BF866CB6497AE603655B3
Certificate serial:       18EFB6D38AC88218E57ECF0E6737C18C613DC385
Authority key identifier: 71:B0:CD:08:B5:DC:FE:D6:F9:7B:F8:66:CB:64:97:AE:60:36:55:B3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/71B0CD08B5DCFED6F97BF866CB6497AE603655B3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B2CD1FB588CF2A3078667525D1AD957561CA57DCC94AA784C24CA84F089B85C3/0/323830333a333130303a3a2f33322d3332203d3e203136393733.roa
Signing time:             Tue 05 Mar 2024 18:11:55 +0000
ROA not before:           Tue 05 Mar 2024 18:06:55 +0000
ROA not after:            Tue 04 Mar 2025 18:11:55 +0000
asID:                     16973
IP address blocks:        2803:3100::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/B2CD1FB588CF2A3078667525D1AD957561CA57DCC94AA784C24CA84F089B85C3/0/71B0CD08B5DCFED6F97BF866CB6497AE603655B3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/B2CD1FB588CF2A3078667525D1AD957561CA57DCC94AA784C24CA84F089B85C3/0/71B0CD08B5DCFED6F97BF866CB6497AE603655B3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/71B0CD08B5DCFED6F97BF866CB6497AE603655B3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:ef:b6:d3:8a:c8:82:18:e5:7e:cf:0e:67:37:c1:8c:61:3d:c3:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71B0CD08B5DCFED6F97BF866CB6497AE603655B3
        Validity
            Not Before: Mar  5 18:06:55 2024 GMT
            Not After : Mar  4 18:11:55 2025 GMT
        Subject: CN=9CF9DD85B0C45B8E39F42E4147F612B5CE3E001B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:ff:b8:8f:1a:31:ad:af:47:ef:15:28:09:13:
                    fd:bc:32:fc:98:df:6b:d1:0d:5f:d2:33:7b:88:55:
                    14:54:c7:5f:33:22:7b:ab:5d:d9:9d:2c:65:fa:2d:
                    7b:35:59:a8:52:39:03:35:b4:8c:4a:1e:5d:96:2e:
                    c1:8b:c4:12:a6:cb:18:12:0f:31:d5:72:b5:18:57:
                    5a:a2:a8:b9:60:63:3e:43:6e:d9:f6:ec:a7:82:3b:
                    da:be:dc:8e:75:98:c6:c7:c1:54:e0:7d:1b:2e:91:
                    40:24:68:ea:eb:db:bf:34:34:cc:4e:45:20:09:bd:
                    b7:02:16:64:79:07:f6:3f:dd:58:63:61:34:49:f3:
                    e3:2b:1c:59:e1:47:f6:3d:51:13:75:8d:86:b5:3e:
                    67:28:ff:4d:6d:a6:79:3d:c3:13:91:a4:a0:c5:4b:
                    a9:82:68:69:92:5c:6e:39:15:41:fe:bf:4d:53:f1:
                    43:06:37:00:08:e3:16:23:5d:97:5e:54:0d:fc:c7:
                    3b:34:c5:6c:73:13:b9:a3:7d:4c:3e:68:ea:4b:c1:
                    48:a9:2a:1c:ac:fb:16:4b:66:85:62:d5:cd:76:1b:
                    9d:0f:92:91:2e:64:9d:35:80:56:2f:a2:e1:16:ac:
                    cb:d1:e4:3f:1a:9f:b8:13:20:ca:3b:dc:15:b8:bd:
                    92:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:F9:DD:85:B0:C4:5B:8E:39:F4:2E:41:47:F6:12:B5:CE:3E:00:1B
            X509v3 Authority Key Identifier:
                keyid:71:B0:CD:08:B5:DC:FE:D6:F9:7B:F8:66:CB:64:97:AE:60:36:55:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B2CD1FB588CF2A3078667525D1AD957561CA57DCC94AA784C24CA84F089B85C3/0/71B0CD08B5DCFED6F97BF866CB6497AE603655B3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/71B0CD08B5DCFED6F97BF866CB6497AE603655B3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B2CD1FB588CF2A3078667525D1AD957561CA57DCC94AA784C24CA84F089B85C3/0/323830333a333130303a3a2f33322d3332203d3e203136393733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:3100::/32

    Signature Algorithm: sha256WithRSAEncryption
         b4:4e:a3:d3:88:f4:90:74:19:af:e3:11:41:54:3c:f4:05:46:
         3d:c0:ad:f6:93:bd:aa:6a:d8:e6:86:77:f9:b0:3c:dc:ba:74:
         bd:40:58:05:31:e5:b4:b6:d9:b8:e5:3f:81:fe:34:11:3c:6c:
         d6:5e:b3:24:df:ad:4e:1e:5d:fb:f0:67:77:c2:d1:e3:08:fa:
         c8:46:be:6a:fe:b1:88:c6:f9:4f:4c:c1:50:ce:d8:f7:27:0b:
         fe:0a:0c:fe:76:82:d3:84:d5:1d:d7:23:a3:6c:d3:21:6c:72:
         50:15:75:96:46:62:b5:86:27:c7:4a:c4:5a:8e:6c:8e:2b:7a:
         94:94:80:76:f6:15:fd:5c:ee:a9:29:fb:30:53:1c:88:1a:98:
         7e:c8:b0:84:9c:8e:a9:5f:f9:2e:00:d0:99:d3:56:80:b2:dc:
         3a:52:62:38:ac:03:a0:39:97:b5:45:0a:53:a7:58:e5:61:58:
         ea:0e:a1:fc:5c:a7:d1:da:ce:ff:5d:0b:65:86:f8:2b:9a:9f:
         40:55:7c:e0:28:9f:2c:d5:43:66:48:6c:58:81:14:9a:1f:1e:
         fe:31:39:9a:e2:bc:7d:2f:37:d6:d6:86:b7:e8:e5:4a:f0:25:
         f4:cc:19:23:0b:25:25:a3:31:f9:e0:37:a6:ff:81:f3:43:b8:
         b2:a3:7e:24
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUGO+204rIghjlfs8OZzfBjGE9w4UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzFCMENEMDhCNURDRkVENkY5N0JGODY2Q0I2NDk3QUU2
MDM2NTVCMzAeFw0yNDAzMDUxODA2NTVaFw0yNTAzMDQxODExNTVaMDMxMTAvBgNV
BAMTKDlDRjlERDg1QjBDNDVCOEUzOUY0MkU0MTQ3RjYxMkI1Q0UzRTAwMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCL/7iPGjGtr0fvFSgJE/28MvyY
32vRDV/SM3uIVRRUx18zInurXdmdLGX6LXs1WahSOQM1tIxKHl2WLsGLxBKmyxgS
DzHVcrUYV1qiqLlgYz5Dbtn27KeCO9q+3I51mMbHwVTgfRsukUAkaOrr2780NMxO
RSAJvbcCFmR5B/Y/3VhjYTRJ8+MrHFnhR/Y9URN1jYa1Pmco/01tpnk9wxORpKDF
S6mCaGmSXG45FUH+v01T8UMGNwAI4xYjXZdeVA38xzs0xWxzE7mjfUw+aOpLwUip
Khys+xZLZoVi1c12G50PkpEuZJ01gFYvouEWrMvR5D8an7gTIMo73BW4vZJrAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUnPndhbDEW4459C5BR/YStc4+ABswHwYDVR0j
BBgwFoAUcbDNCLXc/tb5e/hmy2SXrmA2VbMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMkNEMUZCNTg4Q0YyQTMwNzg2Njc1MjVEMUFEOTU3NTYx
Q0E1N0RDQzk0QUE3ODRDMjRDQTg0RjA4OUI4NUMzLzAvNzFCMENEMDhCNURDRkVE
NkY5N0JGODY2Q0I2NDk3QUU2MDM2NTVCMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83MUIwQ0QwOEI1RENGRUQ2Rjk3
QkY4NjZDQjY0OTdBRTYwMzY1NUIzLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjJDRDFGQjU4OENGMkEzMDc4NjY3NTI1RDFBRDk1NzU2MUNBNTdEQ0M5
NEFBNzg0QzI0Q0E4NEYwODlCODVDMy8wLzMyMzgzMDMzM2EzMzMxMzAzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMxMzYzOTM3MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAzEAMA0G
CSqGSIb3DQEBCwUAA4IBAQC0TqPTiPSQdBmv4xFBVDz0BUY9wK32k72qatjmhnf5
sDzcunS9QFgFMeW0ttm45T+B/jQRPGzWXrMk361OHl378Gd3wtHjCPrIRr5q/rGI
xvlPTMFQztj3Jwv+Cgz+doLThNUd1yOjbNMhbHJQFXWWRmK1hifHSsRajmyOK3qU
lIB29hX9XO6pKfswUxyIGph+yLCEnI6pX/kuANCZ01aAstw6UmI4rAOgOZe1RQpT
p1jlYVjqDqH8XKfR2s7/XQtlhvgrmp9AVXzgKJ8s1UNmSGxYgRSaHx7+MTma4rx9
LzfW1oa36OVK8CX0zBkjCyUlozH54Dem/4HzQ7iyo34k
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:20:49 2024 by rpki-client on console-fra.rpki-client.org