Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/BE5C5D59D4C7A363EB6C4C85BC4088296E27FB2AC53E6DBA4C64DD2F1DC5B35D/0/323830333a313530303a3a2f33322d3430203d3e203237383030.roa
File:                     323830333a313530303a3a2f33322d3430203d3e203237383030.roa (raw, json)
Hash identifier:          b6MUAg88J3fcmgEmrKLR+KjLqrGaOqE0bZrvP4SFMvg=
Subject key identifier:   AB:AE:4B:7D:6A:3A:EF:2D:3B:08:96:3B:B1:22:A2:97:71:11:A0:EC
Certificate issuer:       /CN=2CE426DCE116C2FC2D07BDD209BC070F6D233D1C
Certificate serial:       0482FDF98DA53B1F9746C9F5EDB80E7371A81F28
Authority key identifier: 2C:E4:26:DC:E1:16:C2:FC:2D:07:BD:D2:09:BC:07:0F:6D:23:3D:1C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2CE426DCE116C2FC2D07BDD209BC070F6D233D1C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/BE5C5D59D4C7A363EB6C4C85BC4088296E27FB2AC53E6DBA4C64DD2F1DC5B35D/0/323830333a313530303a3a2f33322d3430203d3e203237383030.roa
Signing time:             Tue 05 Mar 2024 18:00:22 +0000
ROA not before:           Tue 05 Mar 2024 17:55:22 +0000
ROA not after:            Tue 04 Mar 2025 18:00:22 +0000
asID:                     27800
IP address blocks:        2803:1500::/32 maxlen: 40

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/BE5C5D59D4C7A363EB6C4C85BC4088296E27FB2AC53E6DBA4C64DD2F1DC5B35D/0/2CE426DCE116C2FC2D07BDD209BC070F6D233D1C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/BE5C5D59D4C7A363EB6C4C85BC4088296E27FB2AC53E6DBA4C64DD2F1DC5B35D/0/2CE426DCE116C2FC2D07BDD209BC070F6D233D1C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2CE426DCE116C2FC2D07BDD209BC070F6D233D1C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 07:58:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:82:fd:f9:8d:a5:3b:1f:97:46:c9:f5:ed:b8:0e:73:71:a8:1f:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2CE426DCE116C2FC2D07BDD209BC070F6D233D1C
        Validity
            Not Before: Mar  5 17:55:22 2024 GMT
            Not After : Mar  4 18:00:22 2025 GMT
        Subject: CN=ABAE4B7D6A3AEF2D3B08963BB122A2977111A0EC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:cf:c7:35:79:79:5a:37:ba:a0:52:2d:60:83:
                    a4:2f:a2:3f:49:09:79:de:60:0b:f1:a1:b7:3c:61:
                    af:21:d4:a0:de:72:56:2e:97:08:95:59:1d:5d:b8:
                    d8:59:9e:b2:e2:e4:59:18:e9:8c:1e:ad:db:fa:8c:
                    5c:e5:ac:aa:23:02:5d:0d:7e:1d:19:e4:a5:98:76:
                    07:fb:6a:e1:ef:db:a8:19:5f:17:87:b1:38:b5:75:
                    0c:33:bf:da:9f:17:cb:3c:02:04:72:1a:62:29:c8:
                    98:f2:88:cf:f3:28:0f:e2:5d:88:6e:35:9c:96:8d:
                    ca:99:69:01:2b:53:66:f2:db:22:4e:8c:52:04:4a:
                    2d:28:6b:df:8d:a9:f9:b1:7e:8f:d8:4c:05:d3:06:
                    50:a8:b1:bd:9c:fd:1e:02:36:13:45:42:53:44:09:
                    71:ae:b6:c8:43:26:39:7f:63:d1:be:9b:f3:65:77:
                    ee:c9:d8:e2:f2:83:6e:20:82:53:0a:da:47:2b:fe:
                    7c:41:7f:e7:f1:08:68:77:ab:a0:54:5a:5d:a6:d6:
                    b1:1c:71:0d:6e:c7:40:f3:59:c3:ce:0e:ae:b5:b7:
                    19:08:10:b1:ad:a7:4a:6f:01:13:d5:7f:13:31:05:
                    98:5d:02:3f:2c:7e:ca:c1:01:f4:a3:c6:02:cc:a5:
                    cc:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:AE:4B:7D:6A:3A:EF:2D:3B:08:96:3B:B1:22:A2:97:71:11:A0:EC
            X509v3 Authority Key Identifier:
                keyid:2C:E4:26:DC:E1:16:C2:FC:2D:07:BD:D2:09:BC:07:0F:6D:23:3D:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/BE5C5D59D4C7A363EB6C4C85BC4088296E27FB2AC53E6DBA4C64DD2F1DC5B35D/0/2CE426DCE116C2FC2D07BDD209BC070F6D233D1C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2CE426DCE116C2FC2D07BDD209BC070F6D233D1C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/BE5C5D59D4C7A363EB6C4C85BC4088296E27FB2AC53E6DBA4C64DD2F1DC5B35D/0/323830333a313530303a3a2f33322d3430203d3e203237383030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:1500::/32

    Signature Algorithm: sha256WithRSAEncryption
         3b:1f:a1:6d:73:6a:e1:79:e5:0e:b1:63:dd:37:fe:ac:a0:a8:
         72:ee:64:da:14:93:0b:33:c2:ee:37:24:da:9c:d6:7a:02:b2:
         c8:ad:97:28:6d:71:b0:3a:3a:51:91:91:f8:6f:31:f3:94:51:
         01:cb:11:55:cf:1b:c7:14:b5:26:d6:69:66:bd:fa:44:f5:ef:
         31:f7:b5:c5:69:7b:f1:84:8a:85:8d:aa:1c:39:70:39:a1:21:
         92:4b:21:e9:15:82:a0:83:ee:c0:b0:4c:55:0b:0f:dc:2d:54:
         5b:38:b6:7d:3d:0f:5b:93:eb:f4:e0:e7:93:be:2b:2a:71:1d:
         12:d7:f7:ba:2f:50:26:86:94:4f:e5:4a:10:33:a0:55:93:f9:
         d6:11:6b:10:df:d8:42:6a:c0:53:d2:27:1f:d0:bb:03:13:51:
         5e:05:86:c9:43:43:40:ca:0c:e7:25:ac:72:ab:b2:0c:88:f4:
         14:a3:4e:2f:d6:4a:f0:12:60:ac:15:b5:33:da:fc:be:32:14:
         34:cd:66:ec:21:0e:bb:b4:6f:e8:6f:8f:ed:70:1d:83:59:f8:
         71:9c:d0:20:ae:3a:b6:f6:c1:b6:ac:12:f0:0e:40:29:24:d2:
         e6:3c:13:b4:b7:98:8a:bd:56:63:3d:08:98:28:f7:9b:bb:34:
         5c:30:ce:11
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUBIL9+Y2lOx+XRsn17bgOc3GoHygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkNFNDI2RENFMTE2QzJGQzJEMDdCREQyMDlCQzA3MEY2
RDIzM0QxQzAeFw0yNDAzMDUxNzU1MjJaFw0yNTAzMDQxODAwMjJaMDMxMTAvBgNV
BAMTKEFCQUU0QjdENkEzQUVGMkQzQjA4OTYzQkIxMjJBMjk3NzExMUEwRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsz8c1eXlaN7qgUi1gg6Qvoj9J
CXneYAvxobc8Ya8h1KDeclYulwiVWR1duNhZnrLi5FkY6Ywerdv6jFzlrKojAl0N
fh0Z5KWYdgf7auHv26gZXxeHsTi1dQwzv9qfF8s8AgRyGmIpyJjyiM/zKA/iXYhu
NZyWjcqZaQErU2by2yJOjFIESi0oa9+Nqfmxfo/YTAXTBlCosb2c/R4CNhNFQlNE
CXGutshDJjl/Y9G+m/Nld+7J2OLyg24gglMK2kcr/nxBf+fxCGh3q6BUWl2m1rEc
cQ1ux0DzWcPODq61txkIELGtp0pvARPVfxMxBZhdAj8sfsrBAfSjxgLMpczDAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUq65LfWo67y07CJY7sSKil3ERoOwwHwYDVR0j
BBgwFoAULOQm3OEWwvwtB73SCbwHD20jPRwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CRTVDNUQ1OUQ0QzdBMzYzRUI2QzRDODVCQzQwODgyOTZF
MjdGQjJBQzUzRTZEQkE0QzY0REQyRjFEQzVCMzVELzAvMkNFNDI2RENFMTE2QzJG
QzJEMDdCREQyMDlCQzA3MEY2RDIzM0QxQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yQ0U0MjZEQ0UxMTZDMkZDMkQw
N0JERDIwOUJDMDcwRjZEMjMzRDFDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQkU1QzVENTlENEM3QTM2M0VCNkM0Qzg1QkM0MDg4Mjk2RTI3RkIyQUM1
M0U2REJBNEM2NEREMkYxREM1QjM1RC8wLzMyMzgzMDMzM2EzMTM1MzAzMDNhM2Ey
ZjMzMzIyZDM0MzAyMDNkM2UyMDMyMzczODMwMzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAxUAMA0G
CSqGSIb3DQEBCwUAA4IBAQA7H6Ftc2rheeUOsWPdN/6soKhy7mTaFJMLM8LuNyTa
nNZ6ArLIrZcobXGwOjpRkZH4bzHzlFEByxFVzxvHFLUm1mlmvfpE9e8x97XFaXvx
hIqFjaocOXA5oSGSSyHpFYKgg+7AsExVCw/cLVRbOLZ9PQ9bk+v04OeTvisqcR0S
1/e6L1AmhpRP5UoQM6BVk/nWEWsQ39hCasBT0icf0LsDE1FeBYbJQ0NAygznJaxy
q7IMiPQUo04v1krwEmCsFbUz2vy+MhQ0zWbsIQ67tG/ob4/tcB2DWfhxnNAgrjq2
9sG2rBLwDkApJNLmPBO0t5iKvVZjPQiYKPebuzRcMM4R
-----END CERTIFICATE-----
Generated at Tue Oct 29 14:09:12 2024 by rpki-client on console-fra.rpki-client.org