Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C037FD9A9C5E15E31B988E54EA091666451673B3ED11475FEABE787812D334E2/0/323830333a3563303a3a2f33322d3332203d3e20323635373039.roa
File:                     323830333a3563303a3a2f33322d3332203d3e20323635373039.roa (raw, json)
Hash identifier:          VYwCyArGRhQXZ/juEhtqcqQbLItScqa/P4z6VrVIAic=
Subject key identifier:   A9:56:6C:27:D9:25:E6:70:FD:0C:AF:CF:56:40:8D:5F:6F:4A:ED:B2
Certificate issuer:       /CN=F1D8BA39D3C5ECC17DCA2A6EF54E783C5C5283F3
Certificate serial:       1B3D20B37B91647E93659D23C4C0D30B86D1B9A5
Authority key identifier: F1:D8:BA:39:D3:C5:EC:C1:7D:CA:2A:6E:F5:4E:78:3C:5C:52:83:F3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1D8BA39D3C5ECC17DCA2A6EF54E783C5C5283F3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C037FD9A9C5E15E31B988E54EA091666451673B3ED11475FEABE787812D334E2/0/323830333a3563303a3a2f33322d3332203d3e20323635373039.roa
Signing time:             Tue 05 Mar 2024 17:44:22 +0000
ROA not before:           Tue 05 Mar 2024 17:39:22 +0000
ROA not after:            Tue 04 Mar 2025 17:44:22 +0000
asID:                     265709
IP address blocks:        2803:5c0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C037FD9A9C5E15E31B988E54EA091666451673B3ED11475FEABE787812D334E2/0/F1D8BA39D3C5ECC17DCA2A6EF54E783C5C5283F3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C037FD9A9C5E15E31B988E54EA091666451673B3ED11475FEABE787812D334E2/0/F1D8BA39D3C5ECC17DCA2A6EF54E783C5C5283F3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1D8BA39D3C5ECC17DCA2A6EF54E783C5C5283F3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:3d:20:b3:7b:91:64:7e:93:65:9d:23:c4:c0:d3:0b:86:d1:b9:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F1D8BA39D3C5ECC17DCA2A6EF54E783C5C5283F3
        Validity
            Not Before: Mar  5 17:39:22 2024 GMT
            Not After : Mar  4 17:44:22 2025 GMT
        Subject: CN=A9566C27D925E670FD0CAFCF56408D5F6F4AEDB2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:7c:dc:96:46:0f:6a:c8:f3:5e:13:3a:7f:fd:
                    85:d6:39:9f:11:4c:a2:57:98:1d:21:e5:13:af:19:
                    d0:63:fb:cb:cd:29:ba:ec:7f:43:24:c5:9a:cb:0d:
                    bf:08:a3:4d:fc:67:c9:78:88:71:c4:70:f3:dc:55:
                    6d:84:ae:32:c1:af:18:8a:39:7d:07:ba:e5:79:a5:
                    c3:aa:19:70:11:c7:c8:bb:e6:bb:41:d3:56:f7:1c:
                    92:94:04:78:48:23:7e:28:fe:bd:6c:c5:49:48:a3:
                    23:0e:04:c1:ca:75:84:f4:4c:c5:72:48:ef:eb:c3:
                    16:c4:15:5c:0a:48:c3:bc:d6:b4:22:25:03:64:74:
                    94:31:02:a2:0d:80:21:9d:d9:e7:9b:39:56:5d:a0:
                    b1:5e:6b:76:e1:1b:37:21:07:c4:85:f5:62:d4:b1:
                    d9:b9:17:ab:2b:75:21:4e:0b:dd:cf:10:bd:3d:7b:
                    fa:ae:5f:d3:de:48:a3:aa:38:da:44:93:d0:45:2f:
                    ad:5a:28:ff:f8:3e:57:9f:6f:6e:3a:81:06:73:98:
                    07:ff:6f:46:5a:b3:29:1c:ab:27:a0:25:6d:92:0c:
                    33:4e:01:da:7f:1f:0f:3c:60:7c:b4:fd:23:92:2e:
                    06:1e:fc:1f:fe:90:d0:0e:50:c9:2c:52:dc:18:28:
                    7a:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:56:6C:27:D9:25:E6:70:FD:0C:AF:CF:56:40:8D:5F:6F:4A:ED:B2
            X509v3 Authority Key Identifier:
                keyid:F1:D8:BA:39:D3:C5:EC:C1:7D:CA:2A:6E:F5:4E:78:3C:5C:52:83:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C037FD9A9C5E15E31B988E54EA091666451673B3ED11475FEABE787812D334E2/0/F1D8BA39D3C5ECC17DCA2A6EF54E783C5C5283F3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1D8BA39D3C5ECC17DCA2A6EF54E783C5C5283F3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C037FD9A9C5E15E31B988E54EA091666451673B3ED11475FEABE787812D334E2/0/323830333a3563303a3a2f33322d3332203d3e20323635373039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:5c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         11:07:d1:51:cc:74:15:1d:5b:9e:6b:2c:8a:12:bd:2b:49:77:
         f6:3f:58:3c:6e:d6:24:a1:38:72:eb:e7:a2:3b:bf:57:f9:11:
         d7:6f:2c:cc:c1:7d:4f:31:93:06:c6:28:f1:17:d5:56:39:5d:
         f4:34:80:d9:c9:48:4e:f2:5d:6c:56:d1:ba:a9:40:ec:32:07:
         68:15:df:1b:03:5a:f8:19:8e:de:bf:f0:aa:8c:e3:3e:d5:7d:
         7d:4e:cf:42:cd:82:25:2c:06:5a:2a:43:33:51:18:2e:04:a4:
         dd:86:c2:69:11:d6:71:08:b4:37:00:18:3e:77:88:12:f7:b6:
         59:26:f8:6b:9d:5c:56:97:b1:a8:eb:05:ce:e8:c5:f3:34:75:
         d1:74:4b:60:35:65:67:29:52:9f:68:1e:46:ec:63:c5:d7:26:
         92:64:36:16:2f:06:6b:76:e6:6f:88:d0:d5:be:02:ec:1c:0f:
         89:53:24:3f:12:78:72:22:aa:8f:ef:96:5e:bc:3f:a6:b7:0b:
         01:73:33:d8:47:fa:41:d0:3b:eb:ed:fc:3b:e8:80:b7:f1:ff:
         38:22:6b:56:b8:52:a7:55:d2:dd:ed:1a:4f:71:d1:8b:27:5e:
         de:7f:25:4e:0e:df:e4:02:6a:56:58:68:97:d6:35:df:85:da:
         f6:8f:56:53
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUGz0gs3uRZH6TZZ0jxMDTC4bRuaUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjFEOEJBMzlEM0M1RUNDMTdEQ0EyQTZFRjU0RTc4M0M1
QzUyODNGMzAeFw0yNDAzMDUxNzM5MjJaFw0yNTAzMDQxNzQ0MjJaMDMxMTAvBgNV
BAMTKEE5NTY2QzI3RDkyNUU2NzBGRDBDQUZDRjU2NDA4RDVGNkY0QUVEQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFfNyWRg9qyPNeEzp//YXWOZ8R
TKJXmB0h5ROvGdBj+8vNKbrsf0MkxZrLDb8Io038Z8l4iHHEcPPcVW2ErjLBrxiK
OX0HuuV5pcOqGXARx8i75rtB01b3HJKUBHhII34o/r1sxUlIoyMOBMHKdYT0TMVy
SO/rwxbEFVwKSMO81rQiJQNkdJQxAqINgCGd2eebOVZdoLFea3bhGzchB8SF9WLU
sdm5F6srdSFOC93PEL09e/quX9PeSKOqONpEk9BFL61aKP/4Plefb246gQZzmAf/
b0ZasykcqyegJW2SDDNOAdp/Hw88YHy0/SOSLgYe/B/+kNAOUMksUtwYKHq5AgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUqVZsJ9kl5nD9DK/PVkCNX29K7bIwHwYDVR0j
BBgwFoAU8di6OdPF7MF9yipu9U54PFxSg/MwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DMDM3RkQ5QTlDNUUxNUUzMUI5ODhFNTRFQTA5MTY2NjQ1
MTY3M0IzRUQxMTQ3NUZFQUJFNzg3ODEyRDMzNEUyLzAvRjFEOEJBMzlEM0M1RUND
MTdEQ0EyQTZFRjU0RTc4M0M1QzUyODNGMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMUQ4QkEzOUQzQzVFQ0MxN0RD
QTJBNkVGNTRFNzgzQzVDNTI4M0YzLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzAzN0ZEOUE5QzVFMTVFMzFCOTg4RTU0RUEwOTE2NjY0NTE2NzNCM0VE
MTE0NzVGRUFCRTc4NzgxMkQzMzRFMi8wLzMyMzgzMDMzM2EzNTYzMzAzYTNhMmYz
MzMyMmQzMzMyMjAzZDNlMjAzMjM2MzUzNzMwMzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAwXAMA0G
CSqGSIb3DQEBCwUAA4IBAQARB9FRzHQVHVueayyKEr0rSXf2P1g8btYkoThy6+ei
O79X+RHXbyzMwX1PMZMGxijxF9VWOV30NIDZyUhO8l1sVtG6qUDsMgdoFd8bA1r4
GY7ev/CqjOM+1X19Ts9CzYIlLAZaKkMzURguBKTdhsJpEdZxCLQ3ABg+d4gS97ZZ
JvhrnVxWl7Go6wXO6MXzNHXRdEtgNWVnKVKfaB5G7GPF1yaSZDYWLwZrduZviNDV
vgLsHA+JUyQ/EnhyIqqP75ZevD+mtwsBczPYR/pB0Dvr7fw76IC38f84ImtWuFKn
VdLd7RpPcdGLJ17efyVODt/kAmpWWGiX1jXfhdr2j1ZT
-----END CERTIFICATE-----
Generated at Sat Jun 15 23:40:08 2024 by rpki-client on console-fra.rpki-client.org