Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/BB0C32254BADF118E3E8E1FC5E1D13916CA9F020D47B417DEF5FA9CEE16B8A7E/0/323830333a626332303a3a2f33322d3438203d3e20323634363638.roa
File:                     323830333a626332303a3a2f33322d3438203d3e20323634363638.roa (raw, json)
Hash identifier:          xRbTkkgMvi8Zp6FdDJHjm5d5xmTLyMPAdH2dOpBaZ1Y=
Subject key identifier:   B0:81:97:4D:7C:73:FE:55:1E:A2:13:AB:3A:B4:69:FB:15:71:F6:D2
Certificate issuer:       /CN=3969A916AB2A182C19F90F28E002F43BBA68A0E4
Certificate serial:       353A01FBD36D2B3815268C5C2170CF09F06F2071
Authority key identifier: 39:69:A9:16:AB:2A:18:2C:19:F9:0F:28:E0:02:F4:3B:BA:68:A0:E4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3969A916AB2A182C19F90F28E002F43BBA68A0E4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/BB0C32254BADF118E3E8E1FC5E1D13916CA9F020D47B417DEF5FA9CEE16B8A7E/0/323830333a626332303a3a2f33322d3438203d3e20323634363638.roa
Signing time:             Tue 05 Mar 2024 17:50:44 +0000
ROA not before:           Tue 05 Mar 2024 17:45:44 +0000
ROA not after:            Tue 04 Mar 2025 17:50:44 +0000
asID:                     264668
IP address blocks:        2803:bc20::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/BB0C32254BADF118E3E8E1FC5E1D13916CA9F020D47B417DEF5FA9CEE16B8A7E/0/3969A916AB2A182C19F90F28E002F43BBA68A0E4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/BB0C32254BADF118E3E8E1FC5E1D13916CA9F020D47B417DEF5FA9CEE16B8A7E/0/3969A916AB2A182C19F90F28E002F43BBA68A0E4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3969A916AB2A182C19F90F28E002F43BBA68A0E4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:3a:01:fb:d3:6d:2b:38:15:26:8c:5c:21:70:cf:09:f0:6f:20:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3969A916AB2A182C19F90F28E002F43BBA68A0E4
        Validity
            Not Before: Mar  5 17:45:44 2024 GMT
            Not After : Mar  4 17:50:44 2025 GMT
        Subject: CN=B081974D7C73FE551EA213AB3AB469FB1571F6D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:6c:e0:23:c5:81:a9:09:68:80:6f:48:73:78:
                    4d:27:bf:72:97:2a:57:d7:48:b7:d8:af:26:fd:4d:
                    92:db:f1:92:68:5f:3d:02:7a:c1:80:8b:f5:41:f2:
                    66:e2:b4:df:4e:d9:1c:7c:7f:e8:af:77:d5:ab:9f:
                    be:2e:52:5d:c8:23:58:86:4c:10:e9:d6:6c:60:c6:
                    0a:55:8e:14:ce:ff:82:03:94:69:ba:12:cc:6b:c6:
                    3e:60:89:01:ed:f2:fd:dc:11:68:a4:78:8d:ac:c8:
                    d1:0a:01:3c:09:dd:7c:04:b1:e2:98:00:f8:6c:e9:
                    ef:52:11:8b:97:a9:a3:ea:43:c1:97:45:f3:e1:38:
                    0d:c4:76:52:72:fb:86:41:6b:10:e8:93:b9:b6:63:
                    91:a1:de:65:07:81:b1:ea:95:3a:0e:11:63:a6:d6:
                    fe:89:1b:a5:ff:9e:62:a9:bd:27:4c:0d:75:5f:ac:
                    0f:86:05:3d:29:53:cb:a6:25:87:ac:b6:14:bc:6a:
                    0b:dc:79:b6:6f:77:2a:fa:e5:e2:d7:5c:cc:ee:f0:
                    3f:13:73:ae:30:77:4e:e2:c7:42:1c:6a:83:ed:b1:
                    28:90:48:b6:47:da:94:67:fc:2b:52:95:8e:a2:5e:
                    ef:ea:0a:b3:15:fe:41:ca:ab:23:b4:cc:be:df:9e:
                    39:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:81:97:4D:7C:73:FE:55:1E:A2:13:AB:3A:B4:69:FB:15:71:F6:D2
            X509v3 Authority Key Identifier:
                keyid:39:69:A9:16:AB:2A:18:2C:19:F9:0F:28:E0:02:F4:3B:BA:68:A0:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/BB0C32254BADF118E3E8E1FC5E1D13916CA9F020D47B417DEF5FA9CEE16B8A7E/0/3969A916AB2A182C19F90F28E002F43BBA68A0E4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3969A916AB2A182C19F90F28E002F43BBA68A0E4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/BB0C32254BADF118E3E8E1FC5E1D13916CA9F020D47B417DEF5FA9CEE16B8A7E/0/323830333a626332303a3a2f33322d3438203d3e20323634363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:bc20::/32

    Signature Algorithm: sha256WithRSAEncryption
         73:38:5f:60:10:ef:f2:b2:4c:d0:c6:75:96:c9:af:66:da:0d:
         bf:cf:a2:e9:14:ca:e4:7c:33:84:27:1d:34:6c:76:da:3e:c6:
         aa:6f:ce:68:e3:af:20:56:6f:c8:1c:49:aa:70:cf:d9:e7:ec:
         fe:40:27:59:0d:68:98:eb:5d:11:db:13:dc:ef:43:1d:74:8b:
         03:46:76:dc:8b:15:a7:7c:fd:a8:72:48:16:c3:cd:de:34:c1:
         73:bd:3f:94:dc:ed:20:9a:2a:74:4c:df:19:ba:e5:3d:73:95:
         09:49:68:04:6f:50:90:1f:cd:3c:4b:f2:18:40:b7:54:8d:ae:
         0a:3c:01:dc:76:f4:d8:a8:a9:26:bd:c7:27:a3:7f:a4:9c:93:
         32:1d:6c:00:fc:6d:c2:eb:5e:7c:10:78:29:38:65:c6:23:99:
         ef:43:2f:6e:35:02:c7:6b:ba:b4:b1:fc:76:e7:6f:9c:5a:3a:
         9a:c8:1e:0f:c5:3a:44:39:15:af:7d:a9:2e:f6:ba:3f:a1:60:
         7e:cc:27:e2:ea:61:00:d8:32:00:10:f5:f4:f9:56:c0:3a:e3:
         e4:a4:b0:0a:ed:43:e9:73:41:a4:ec:ba:6b:68:38:40:f2:49:
         db:34:4a:db:9e:ef:b5:2c:00:6b:71:3a:6f:f5:c8:dc:83:45:
         6d:1d:54:43
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUNToB+9NtKzgVJoxcIXDPCfBvIHEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzk2OUE5MTZBQjJBMTgyQzE5RjkwRjI4RTAwMkY0M0JC
QTY4QTBFNDAeFw0yNDAzMDUxNzQ1NDRaFw0yNTAzMDQxNzUwNDRaMDMxMTAvBgNV
BAMTKEIwODE5NzREN0M3M0ZFNTUxRUEyMTNBQjNBQjQ2OUZCMTU3MUY2RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjbOAjxYGpCWiAb0hzeE0nv3KX
KlfXSLfYryb9TZLb8ZJoXz0CesGAi/VB8mbitN9O2Rx8f+ivd9Wrn74uUl3II1iG
TBDp1mxgxgpVjhTO/4IDlGm6Esxrxj5giQHt8v3cEWikeI2syNEKATwJ3XwEseKY
APhs6e9SEYuXqaPqQ8GXRfPhOA3EdlJy+4ZBaxDok7m2Y5Gh3mUHgbHqlToOEWOm
1v6JG6X/nmKpvSdMDXVfrA+GBT0pU8umJYesthS8agvcebZvdyr65eLXXMzu8D8T
c64wd07ix0IcaoPtsSiQSLZH2pRn/CtSlY6iXu/qCrMV/kHKqyO0zL7fnjnVAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUsIGXTXxz/lUeohOrOrRp+xVx9tIwHwYDVR0j
BBgwFoAUOWmpFqsqGCwZ+Q8o4AL0O7pooOQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CQjBDMzIyNTRCQURGMTE4RTNFOEUxRkM1RTFEMTM5MTZD
QTlGMDIwRDQ3QjQxN0RFRjVGQTlDRUUxNkI4QTdFLzAvMzk2OUE5MTZBQjJBMTgy
QzE5RjkwRjI4RTAwMkY0M0JCQTY4QTBFNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zOTY5QTkxNkFCMkExODJDMTlG
OTBGMjhFMDAyRjQzQkJBNjhBMEU0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQkIwQzMyMjU0QkFERjExOEUzRThFMUZDNUUxRDEzOTE2Q0E5RjAyMEQ0
N0I0MTdERUY1RkE5Q0VFMTZCOEE3RS8wLzMyMzgzMDMzM2E2MjYzMzIzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzYzNDM2MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDvCAw
DQYJKoZIhvcNAQELBQADggEBAHM4X2AQ7/KyTNDGdZbJr2baDb/PoukUyuR8M4Qn
HTRsdto+xqpvzmjjryBWb8gcSapwz9nn7P5AJ1kNaJjrXRHbE9zvQx10iwNGdtyL
Fad8/ahySBbDzd40wXO9P5Tc7SCaKnRM3xm65T1zlQlJaARvUJAfzTxL8hhAt1SN
rgo8Adx29NioqSa9xyejf6SckzIdbAD8bcLrXnwQeCk4ZcYjme9DL241AsdrurSx
/Hbnb5xaOprIHg/FOkQ5Fa99qS72uj+hYH7MJ+LqYQDYMgAQ9fT5VsA64+SksArt
Q+lzQaTsumtoOEDySds0Stue77UsAGtxOm/1yNyDRW0dVEM=
-----END CERTIFICATE-----
Generated at Sun Jun 16 11:23:05 2024 by rpki-client on console-ams.rpki-client.org