Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/BAA9C58EEC0332DF1B2DCCE1CA52DA7856EE45256BB08897C5FCE1BA0D286656/0/323830333a353939303a3a2f33322d3332203d3e20323732393535.roa
File:                     323830333a353939303a3a2f33322d3332203d3e20323732393535.roa (raw, json)
Hash identifier:          sDZ4wCcwoE7P2MCNih3gE+9Sfax9RSVNfJxD1pguYhI=
Subject key identifier:   96:75:49:EF:10:69:46:9C:E5:5A:5E:8D:2F:3A:55:76:1A:F6:C1:A2
Certificate issuer:       /CN=4C7B2C7C423F9E5B99423B9FD8B0A51FE1BBC735
Certificate serial:       5A5AF09D841EDD1C5FD81A2A8867FA8143A99E50
Authority key identifier: 4C:7B:2C:7C:42:3F:9E:5B:99:42:3B:9F:D8:B0:A5:1F:E1:BB:C7:35
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4C7B2C7C423F9E5B99423B9FD8B0A51FE1BBC735.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/BAA9C58EEC0332DF1B2DCCE1CA52DA7856EE45256BB08897C5FCE1BA0D286656/0/323830333a353939303a3a2f33322d3332203d3e20323732393535.roa
Signing time:             Tue 05 Mar 2024 17:52:46 +0000
ROA not before:           Tue 05 Mar 2024 17:47:46 +0000
ROA not after:            Tue 04 Mar 2025 17:52:46 +0000
asID:                     272955
IP address blocks:        2803:5990::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/BAA9C58EEC0332DF1B2DCCE1CA52DA7856EE45256BB08897C5FCE1BA0D286656/0/4C7B2C7C423F9E5B99423B9FD8B0A51FE1BBC735.crl
                          rsync://repository.lacnic.net/rpki/lacnic/BAA9C58EEC0332DF1B2DCCE1CA52DA7856EE45256BB08897C5FCE1BA0D286656/0/4C7B2C7C423F9E5B99423B9FD8B0A51FE1BBC735.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4C7B2C7C423F9E5B99423B9FD8B0A51FE1BBC735.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:5a:f0:9d:84:1e:dd:1c:5f:d8:1a:2a:88:67:fa:81:43:a9:9e:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4C7B2C7C423F9E5B99423B9FD8B0A51FE1BBC735
        Validity
            Not Before: Mar  5 17:47:46 2024 GMT
            Not After : Mar  4 17:52:46 2025 GMT
        Subject: CN=967549EF1069469CE55A5E8D2F3A55761AF6C1A2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:1a:cd:9b:68:c4:c8:59:7c:43:44:c9:20:22:
                    b0:60:59:8c:34:22:79:46:0c:32:0e:ef:f5:72:1d:
                    25:82:09:19:32:46:b2:16:25:d5:aa:17:a0:98:df:
                    2c:cb:28:20:6b:30:eb:bf:58:8d:50:fa:40:e9:57:
                    ee:be:80:a0:ca:25:e2:1f:bc:37:b4:7c:93:c9:9a:
                    da:56:39:56:b8:81:dc:0b:47:1b:7f:88:e0:8b:f9:
                    56:49:39:34:3f:26:f0:e0:75:62:b5:1a:2c:a4:17:
                    34:05:fa:6e:98:15:6b:a0:44:51:fb:10:6f:86:7f:
                    95:7a:97:47:c4:9a:b8:43:4e:d7:32:ea:a1:43:cd:
                    e0:5d:6f:67:41:44:a8:39:bc:a1:bf:0c:77:7e:01:
                    75:3a:73:27:17:67:f4:84:7b:6a:14:0c:41:91:51:
                    94:63:84:ae:3c:93:87:0f:5e:db:09:b5:f7:d9:d2:
                    f1:3d:8a:c3:a0:41:b8:a6:05:47:26:4b:2b:83:df:
                    fc:87:b8:0a:09:1a:0d:77:cc:47:f3:26:35:72:57:
                    bf:e5:8c:db:d8:87:91:4d:f0:0e:66:c7:92:d3:cd:
                    61:db:44:e0:9e:5e:0a:90:4c:60:c1:29:55:cd:63:
                    c3:ab:64:06:53:70:9f:96:37:cb:43:9f:3f:d5:31:
                    5f:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:75:49:EF:10:69:46:9C:E5:5A:5E:8D:2F:3A:55:76:1A:F6:C1:A2
            X509v3 Authority Key Identifier:
                keyid:4C:7B:2C:7C:42:3F:9E:5B:99:42:3B:9F:D8:B0:A5:1F:E1:BB:C7:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/BAA9C58EEC0332DF1B2DCCE1CA52DA7856EE45256BB08897C5FCE1BA0D286656/0/4C7B2C7C423F9E5B99423B9FD8B0A51FE1BBC735.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4C7B2C7C423F9E5B99423B9FD8B0A51FE1BBC735.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/BAA9C58EEC0332DF1B2DCCE1CA52DA7856EE45256BB08897C5FCE1BA0D286656/0/323830333a353939303a3a2f33322d3332203d3e20323732393535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:5990::/32

    Signature Algorithm: sha256WithRSAEncryption
         4a:0b:ee:b3:ca:56:94:00:b1:14:67:0e:e8:dd:a5:6a:a4:e0:
         bf:98:a8:c4:c2:13:88:88:ea:cf:78:ba:f3:fe:a2:55:74:36:
         54:b7:cb:2b:01:b8:3f:72:5b:59:a5:a1:00:3b:e1:e1:e0:dc:
         18:fe:90:5c:50:b8:df:47:80:d8:75:20:0f:30:73:a4:69:50:
         3f:65:83:2f:0e:be:57:f5:4b:d0:f5:d5:ec:d1:8b:af:9b:c7:
         1f:6d:c6:c2:47:cd:fb:08:af:ea:4f:4f:14:fa:65:33:4d:76:
         69:63:20:a7:0d:aa:72:7e:4c:4c:55:e8:c3:0c:ee:87:29:2a:
         1d:20:b6:9e:18:de:69:ff:69:69:91:1c:ce:ce:a2:7c:e2:86:
         31:a1:1e:7a:ff:e6:76:d6:d0:b0:61:10:5f:b3:24:56:ad:01:
         2d:a3:36:65:f1:4e:08:b8:8d:af:17:a3:71:0b:41:15:b9:18:
         b7:54:c8:24:f1:df:d3:f0:cc:06:15:aa:40:bf:27:29:e6:f9:
         b5:27:19:89:cc:e0:ff:0d:33:1b:14:b9:18:80:a6:11:56:f9:
         3f:42:5f:9d:61:35:4b:ab:14:e1:68:92:0c:6b:10:ae:5e:8e:
         8f:f7:5b:00:7d:1d:32:ea:b6:e8:ff:53:b6:ba:44:7f:90:9f:
         68:6a:57:d5
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUWlrwnYQe3Rxf2BoqiGf6gUOpnlAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEM3QjJDN0M0MjNGOUU1Qjk5NDIzQjlGRDhCMEE1MUZF
MUJCQzczNTAeFw0yNDAzMDUxNzQ3NDZaFw0yNTAzMDQxNzUyNDZaMDMxMTAvBgNV
BAMTKDk2NzU0OUVGMTA2OTQ2OUNFNTVBNUU4RDJGM0E1NTc2MUFGNkMxQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzGs2baMTIWXxDRMkgIrBgWYw0
InlGDDIO7/VyHSWCCRkyRrIWJdWqF6CY3yzLKCBrMOu/WI1Q+kDpV+6+gKDKJeIf
vDe0fJPJmtpWOVa4gdwLRxt/iOCL+VZJOTQ/JvDgdWK1GiykFzQF+m6YFWugRFH7
EG+Gf5V6l0fEmrhDTtcy6qFDzeBdb2dBRKg5vKG/DHd+AXU6cycXZ/SEe2oUDEGR
UZRjhK48k4cPXtsJtffZ0vE9isOgQbimBUcmSyuD3/yHuAoJGg13zEfzJjVyV7/l
jNvYh5FN8A5mx5LTzWHbROCeXgqQTGDBKVXNY8OrZAZTcJ+WN8tDnz/VMV+fAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUlnVJ7xBpRpzlWl6NLzpVdhr2waIwHwYDVR0j
BBgwFoAUTHssfEI/nluZQjuf2LClH+G7xzUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CQUE5QzU4RUVDMDMzMkRGMUIyRENDRTFDQTUyREE3ODU2
RUU0NTI1NkJCMDg4OTdDNUZDRTFCQTBEMjg2NjU2LzAvNEM3QjJDN0M0MjNGOUU1
Qjk5NDIzQjlGRDhCMEE1MUZFMUJCQzczNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80QzdCMkM3QzQyM0Y5RTVCOTk0
MjNCOUZEOEIwQTUxRkUxQkJDNzM1LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQkFBOUM1OEVFQzAzMzJERjFCMkRDQ0UxQ0E1MkRBNzg1NkVFNDUyNTZC
QjA4ODk3QzVGQ0UxQkEwRDI4NjY1Ni8wLzMyMzgzMDMzM2EzNTM5MzkzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzczMjM5MzUzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDWZAw
DQYJKoZIhvcNAQELBQADggEBAEoL7rPKVpQAsRRnDujdpWqk4L+YqMTCE4iI6s94
uvP+olV0NlS3yysBuD9yW1mloQA74eHg3Bj+kFxQuN9HgNh1IA8wc6RpUD9lgy8O
vlf1S9D11ezRi6+bxx9txsJHzfsIr+pPTxT6ZTNNdmljIKcNqnJ+TExV6MMM7ocp
Kh0gtp4Y3mn/aWmRHM7OonzihjGhHnr/5nbW0LBhEF+zJFatAS2jNmXxTgi4ja8X
o3ELQRW5GLdUyCTx39PwzAYVqkC/Jynm+bUnGYnM4P8NMxsUuRiAphFW+T9CX51h
NUurFOFokgxrEK5ejo/3WwB9HTLqtuj/U7a6RH+Qn2hqV9U=
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:01:37 2024 by rpki-client on console-fra.rpki-client.org