Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/BEE9537672DB3897F6CA78363FBA95E7FE602B9E908873F0179889A112DC6B9B/0/323830333a313439303a3a2f33322d3332203d3e20323732383232.roa
File:                     323830333a313439303a3a2f33322d3332203d3e20323732383232.roa (raw, json)
Hash identifier:          /KDIIpS8omplxGU1p6UtcC72rzwbmhmFfajBNZRObzo=
Subject key identifier:   13:FD:09:4D:74:D1:3C:AF:AB:1D:28:97:26:22:74:2A:E7:96:88:70
Certificate issuer:       /CN=53C52096D7FFB235A3DF184910FA4B7547FE2D56
Certificate serial:       4534E0D6AD4CD05A37B3DC47A3C62FA3B8A33DDE
Authority key identifier: 53:C5:20:96:D7:FF:B2:35:A3:DF:18:49:10:FA:4B:75:47:FE:2D:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/53C52096D7FFB235A3DF184910FA4B7547FE2D56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/BEE9537672DB3897F6CA78363FBA95E7FE602B9E908873F0179889A112DC6B9B/0/323830333a313439303a3a2f33322d3332203d3e20323732383232.roa
Signing time:             Tue 04 Feb 2025 18:50:08 +0000
ROA not before:           Tue 04 Feb 2025 18:45:08 +0000
ROA not after:            Tue 03 Feb 2026 18:50:08 +0000
asID:                     272822
IP address blocks:        2803:1490::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/BEE9537672DB3897F6CA78363FBA95E7FE602B9E908873F0179889A112DC6B9B/0/53C52096D7FFB235A3DF184910FA4B7547FE2D56.crl
                          rsync://repository.lacnic.net/rpki/lacnic/BEE9537672DB3897F6CA78363FBA95E7FE602B9E908873F0179889A112DC6B9B/0/53C52096D7FFB235A3DF184910FA4B7547FE2D56.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/53C52096D7FFB235A3DF184910FA4B7547FE2D56.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 09 Apr 2025 02:24:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:34:e0:d6:ad:4c:d0:5a:37:b3:dc:47:a3:c6:2f:a3:b8:a3:3d:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53C52096D7FFB235A3DF184910FA4B7547FE2D56
        Validity
            Not Before: Feb  4 18:45:08 2025 GMT
            Not After : Feb  3 18:50:08 2026 GMT
        Subject: CN=13FD094D74D13CAFAB1D28972622742AE7968870
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:f9:5c:7c:a0:14:a2:2b:c2:9b:08:a7:2c:cb:
                    5d:6c:0e:95:70:2f:a5:31:11:69:b1:0c:a1:b6:45:
                    33:a6:f8:4b:ff:1a:72:1c:6c:dc:a3:d9:f0:a8:b6:
                    01:af:ed:40:c5:d5:2d:f5:b0:6b:72:48:4e:b2:de:
                    7f:ac:9d:6b:cb:ca:fa:22:69:c7:70:62:e3:55:ae:
                    54:27:32:09:c3:37:4f:a1:84:bf:3b:42:40:37:90:
                    6a:2c:c1:ac:0f:d1:4a:15:5a:f1:24:59:8a:da:a9:
                    89:d5:d4:4d:3e:6e:96:7a:5a:42:76:d3:d4:47:8a:
                    fb:38:a6:9b:1d:2d:b1:fd:10:97:e0:c4:63:d8:53:
                    94:4a:e7:a5:cf:c6:61:39:b9:fa:9b:e1:a5:ea:4d:
                    82:47:f6:37:95:11:d4:32:0f:42:27:d1:e4:db:4e:
                    74:f7:09:83:f2:18:44:ba:b9:6a:2f:af:04:07:ff:
                    6c:a0:0a:4d:cf:cf:ea:5a:98:8d:6c:d3:5b:1c:29:
                    dd:87:84:50:92:f1:aa:2d:d7:6d:9b:6e:6f:88:41:
                    06:64:cc:07:27:91:3d:17:c1:04:4f:4d:19:7f:8e:
                    8f:e0:3f:5d:45:27:e4:47:ef:33:ff:6f:41:82:1d:
                    03:32:84:99:ba:44:17:c7:06:a1:56:7c:5a:33:38:
                    17:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:FD:09:4D:74:D1:3C:AF:AB:1D:28:97:26:22:74:2A:E7:96:88:70
            X509v3 Authority Key Identifier:
                keyid:53:C5:20:96:D7:FF:B2:35:A3:DF:18:49:10:FA:4B:75:47:FE:2D:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/BEE9537672DB3897F6CA78363FBA95E7FE602B9E908873F0179889A112DC6B9B/0/53C52096D7FFB235A3DF184910FA4B7547FE2D56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/53C52096D7FFB235A3DF184910FA4B7547FE2D56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/BEE9537672DB3897F6CA78363FBA95E7FE602B9E908873F0179889A112DC6B9B/0/323830333a313439303a3a2f33322d3332203d3e20323732383232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:1490::/32

    Signature Algorithm: sha256WithRSAEncryption
         0c:c8:e2:08:f0:cb:49:4a:6c:2a:ac:20:86:fa:0e:06:32:0f:
         30:77:5d:54:a8:03:96:de:6c:14:fa:2b:56:d4:d9:25:f7:ae:
         41:76:bd:8e:77:21:97:18:97:f6:e2:49:8d:3b:07:12:a6:ab:
         47:14:96:62:d1:21:87:b7:9a:9c:15:12:d3:8e:43:e8:f5:43:
         4c:e8:94:82:cc:eb:05:46:c6:9a:a3:8e:91:54:54:b8:81:ab:
         fb:4b:d1:89:02:87:38:b3:73:21:be:1a:17:f8:5f:0d:2e:09:
         20:fa:9f:fd:dd:6f:cd:e2:e0:84:84:de:ab:6e:6d:0f:56:54:
         45:6d:31:ab:8b:22:00:20:97:c1:b8:2b:69:00:8a:71:de:5e:
         28:e9:ae:97:6b:49:ee:46:1b:1b:52:10:58:b5:bd:30:4f:95:
         dc:34:4f:f7:8a:d2:35:78:1d:52:c3:26:f9:2b:7b:b8:cc:c0:
         02:ce:c9:ef:b6:47:1f:59:f7:3e:b2:d4:01:3b:a9:c5:f0:c4:
         b4:29:9e:7d:29:00:44:c5:4d:0f:1f:b9:88:18:c7:64:20:91:
         9a:58:57:20:a0:80:b7:96:61:4a:6b:50:20:ae:07:9d:b9:b2:
         5b:23:aa:54:d7:65:e2:70:26:8d:4b:55:0f:7c:a0:0c:eb:01:
         2b:24:a6:78
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIURTTg1q1M0Fo3s9xHo8Yvo7ijPd4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTNDNTIwOTZEN0ZGQjIzNUEzREYxODQ5MTBGQTRCNzU0
N0ZFMkQ1NjAeFw0yNTAyMDQxODQ1MDhaFw0yNjAyMDMxODUwMDhaMDMxMTAvBgNV
BAMTKDEzRkQwOTRENzREMTNDQUZBQjFEMjg5NzI2MjI3NDJBRTc5Njg4NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ+Vx8oBSiK8KbCKcsy11sDpVw
L6UxEWmxDKG2RTOm+Ev/GnIcbNyj2fCotgGv7UDF1S31sGtySE6y3n+snWvLyvoi
acdwYuNVrlQnMgnDN0+hhL87QkA3kGoswawP0UoVWvEkWYraqYnV1E0+bpZ6WkJ2
09RHivs4ppsdLbH9EJfgxGPYU5RK56XPxmE5ufqb4aXqTYJH9jeVEdQyD0In0eTb
TnT3CYPyGES6uWovrwQH/2ygCk3Pz+pamI1s01scKd2HhFCS8aot122bbm+IQQZk
zAcnkT0XwQRPTRl/jo/gP11FJ+RH7zP/b0GCHQMyhJm6RBfHBqFWfFozOBf5AgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUE/0JTXTRPK+rHSiXJiJ0KueWiHAwHwYDVR0j
BBgwFoAUU8Ugltf/sjWj3xhJEPpLdUf+LVYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CRUU5NTM3NjcyREIzODk3RjZDQTc4MzYzRkJBOTVFN0ZF
NjAyQjlFOTA4ODczRjAxNzk4ODlBMTEyREM2QjlCLzAvNTNDNTIwOTZEN0ZGQjIz
NUEzREYxODQ5MTBGQTRCNzU0N0ZFMkQ1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81M0M1MjA5NkQ3RkZCMjM1QTNE
RjE4NDkxMEZBNEI3NTQ3RkUyRDU2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQkVFOTUzNzY3MkRCMzg5N0Y2Q0E3ODM2M0ZCQTk1RTdGRTYwMkI5RTkw
ODg3M0YwMTc5ODg5QTExMkRDNkI5Qi8wLzMyMzgzMDMzM2EzMTM0MzkzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzczMjM4MzIzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDFJAw
DQYJKoZIhvcNAQELBQADggEBAAzI4gjwy0lKbCqsIIb6DgYyDzB3XVSoA5bebBT6
K1bU2SX3rkF2vY53IZcYl/biSY07BxKmq0cUlmLRIYe3mpwVEtOOQ+j1Q0zolILM
6wVGxpqjjpFUVLiBq/tL0YkChzizcyG+Ghf4Xw0uCSD6n/3db83i4ISE3qtubQ9W
VEVtMauLIgAgl8G4K2kAinHeXijprpdrSe5GGxtSEFi1vTBPldw0T/eK0jV4HVLD
Jvkre7jMwALOye+2Rx9Z9z6y1AE7qcXwxLQpnn0pAETFTQ8fuYgYx2QgkZpYVyCg
gLeWYUprUCCuB525slsjqlTXZeJwJo1LVQ98oAzrASskpng=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:32:49 2025 by rpki-client