Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C2DF674C07459D5A2C265B41759760556180EE516F846EEB822C213E63DF8C38/0/323830333a346536303a3a2f33322d3438203d3e20323637393136.roa
File:                     323830333a346536303a3a2f33322d3438203d3e20323637393136.roa (raw, json)
Hash identifier:          fl8o0/y2GCserE4PqqpWifcP8UykrTge1/AS2AFtNd4=
Subject key identifier:   CD:1D:12:7B:64:21:9E:BA:86:A4:4D:8A:D2:21:43:D9:9B:59:48:25
Certificate issuer:       /CN=E5FDEBC9B3A490E0C76F16D68D7E130CA5DFA8DB
Certificate serial:       293EF43CA96630D85B532D1D3CF5234331C11A93
Authority key identifier: E5:FD:EB:C9:B3:A4:90:E0:C7:6F:16:D6:8D:7E:13:0C:A5:DF:A8:DB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E5FDEBC9B3A490E0C76F16D68D7E130CA5DFA8DB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C2DF674C07459D5A2C265B41759760556180EE516F846EEB822C213E63DF8C38/0/323830333a346536303a3a2f33322d3438203d3e20323637393136.roa
Signing time:             Tue 05 Mar 2024 18:03:13 +0000
ROA not before:           Tue 05 Mar 2024 17:58:13 +0000
ROA not after:            Tue 04 Mar 2025 18:03:13 +0000
asID:                     267916
IP address blocks:        2803:4e60::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C2DF674C07459D5A2C265B41759760556180EE516F846EEB822C213E63DF8C38/0/E5FDEBC9B3A490E0C76F16D68D7E130CA5DFA8DB.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C2DF674C07459D5A2C265B41759760556180EE516F846EEB822C213E63DF8C38/0/E5FDEBC9B3A490E0C76F16D68D7E130CA5DFA8DB.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E5FDEBC9B3A490E0C76F16D68D7E130CA5DFA8DB.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 20 Jun 2024 02:08:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:3e:f4:3c:a9:66:30:d8:5b:53:2d:1d:3c:f5:23:43:31:c1:1a:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E5FDEBC9B3A490E0C76F16D68D7E130CA5DFA8DB
        Validity
            Not Before: Mar  5 17:58:13 2024 GMT
            Not After : Mar  4 18:03:13 2025 GMT
        Subject: CN=CD1D127B64219EBA86A44D8AD22143D99B594825
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:74:9e:1e:6f:71:f7:fa:ef:c1:ee:17:5e:a9:
                    da:97:8b:06:5a:25:19:b0:72:9e:45:7f:0f:50:10:
                    2f:40:50:52:b0:0d:7e:3f:72:3b:3d:a6:ba:77:5e:
                    c2:94:fd:30:e6:07:ff:d0:cf:44:85:de:1f:c1:20:
                    69:d9:f1:16:28:02:08:4f:4b:d3:33:b9:fd:25:85:
                    e3:a4:f7:ab:1d:af:2f:52:54:95:e6:7f:67:81:11:
                    b4:90:0b:54:80:ae:76:cd:f0:05:0f:2c:f4:ce:75:
                    0c:78:7e:81:71:38:fd:04:05:08:9f:c3:1e:c8:6c:
                    34:02:b3:a9:93:7b:56:0c:73:7a:50:f3:b7:ca:4b:
                    27:b7:5b:91:75:48:d5:fd:a0:94:a0:5a:d5:4a:55:
                    b1:10:09:0c:e0:77:d1:eb:d6:19:03:f4:7a:a1:11:
                    5c:74:1d:e9:1b:b2:c5:6d:a2:ec:ae:28:e2:1c:4f:
                    cb:32:48:ac:a3:0a:0a:ca:a6:e6:e5:8b:ac:51:19:
                    44:d3:40:bb:5a:a8:9e:d9:be:7d:c5:e6:04:5e:e7:
                    19:15:14:5f:c9:bb:63:45:86:80:90:47:54:e6:f3:
                    f7:31:d5:58:f5:33:08:23:fe:4d:db:67:c7:15:8f:
                    bc:c2:6d:4d:b5:ef:a9:d3:f1:29:31:ed:32:95:cd:
                    33:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:1D:12:7B:64:21:9E:BA:86:A4:4D:8A:D2:21:43:D9:9B:59:48:25
            X509v3 Authority Key Identifier:
                keyid:E5:FD:EB:C9:B3:A4:90:E0:C7:6F:16:D6:8D:7E:13:0C:A5:DF:A8:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C2DF674C07459D5A2C265B41759760556180EE516F846EEB822C213E63DF8C38/0/E5FDEBC9B3A490E0C76F16D68D7E130CA5DFA8DB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E5FDEBC9B3A490E0C76F16D68D7E130CA5DFA8DB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C2DF674C07459D5A2C265B41759760556180EE516F846EEB822C213E63DF8C38/0/323830333a346536303a3a2f33322d3438203d3e20323637393136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:4e60::/32

    Signature Algorithm: sha256WithRSAEncryption
         ad:27:de:9f:08:ae:7c:36:5f:27:83:98:4a:82:8b:ba:7b:53:
         2b:85:db:d5:0a:7a:c2:35:a5:8e:58:4c:8e:a8:bf:b0:31:c8:
         76:bb:31:8d:92:f4:97:73:d5:d0:d0:a4:fb:35:71:6c:69:98:
         1c:f5:f3:a3:d8:dd:dd:db:a7:9f:09:dc:5d:c6:85:e7:b5:c4:
         d5:50:57:c7:3e:8d:86:6a:93:31:c4:db:d3:cc:0b:11:5f:76:
         7a:76:19:c3:ad:7b:62:3b:a8:ad:73:88:75:4d:15:18:e7:f8:
         e6:9d:a3:96:69:ce:33:71:10:f5:1f:ce:78:a6:da:b9:b2:9f:
         3a:8a:c5:47:0f:13:91:2f:84:8f:a5:a8:9b:f8:91:a1:ed:7e:
         7c:08:a6:c0:18:bd:bb:3b:98:64:d2:fe:1e:7d:f7:78:bd:1b:
         32:3c:64:32:e1:34:91:f9:7a:55:b2:e1:38:0e:c4:ae:1a:35:
         3a:cd:b6:4b:10:ca:3d:96:db:ba:01:4c:f9:c4:54:c9:0c:82:
         40:2a:7f:d3:56:83:bc:c6:2c:98:f7:dc:95:8e:ec:2c:44:a4:
         48:aa:24:77:15:88:bb:81:a3:3c:fb:f8:9f:e6:9e:56:8c:68:
         0f:92:c8:93:32:84:2c:62:52:49:76:a3:fb:ba:21:a1:f3:e9:
         1f:83:d1:67
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUKT70PKlmMNhbUy0dPPUjQzHBGpMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTVGREVCQzlCM0E0OTBFMEM3NkYxNkQ2OEQ3RTEzMENB
NURGQThEQjAeFw0yNDAzMDUxNzU4MTNaFw0yNTAzMDQxODAzMTNaMDMxMTAvBgNV
BAMTKENEMUQxMjdCNjQyMTlFQkE4NkE0NEQ4QUQyMjE0M0Q5OUI1OTQ4MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHdJ4eb3H3+u/B7hdeqdqXiwZa
JRmwcp5Ffw9QEC9AUFKwDX4/cjs9prp3XsKU/TDmB//Qz0SF3h/BIGnZ8RYoAghP
S9Mzuf0lheOk96sdry9SVJXmf2eBEbSQC1SArnbN8AUPLPTOdQx4foFxOP0EBQif
wx7IbDQCs6mTe1YMc3pQ87fKSye3W5F1SNX9oJSgWtVKVbEQCQzgd9Hr1hkD9Hqh
EVx0HekbssVtouyuKOIcT8sySKyjCgrKpubli6xRGUTTQLtaqJ7Zvn3F5gRe5xkV
FF/Ju2NFhoCQR1Tm8/cx1Vj1Mwgj/k3bZ8cVj7zCbU2176nT8Skx7TKVzTO/AgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUzR0Se2QhnrqGpE2K0iFD2ZtZSCUwHwYDVR0j
BBgwFoAU5f3rybOkkODHbxbWjX4TDKXfqNswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DMkRGNjc0QzA3NDU5RDVBMkMyNjVCNDE3NTk3NjA1NTYx
ODBFRTUxNkY4NDZFRUI4MjJDMjEzRTYzREY4QzM4LzAvRTVGREVCQzlCM0E0OTBF
MEM3NkYxNkQ2OEQ3RTEzMENBNURGQThEQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FNUZERUJDOUIzQTQ5MEUwQzc2
RjE2RDY4RDdFMTMwQ0E1REZBOERCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzJERjY3NEMwNzQ1OUQ1QTJDMjY1QjQxNzU5NzYwNTU2MTgwRUU1MTZG
ODQ2RUVCODIyQzIxM0U2M0RGOEMzOC8wLzMyMzgzMDMzM2EzNDY1MzYzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzYzNzM5MzEzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDTmAw
DQYJKoZIhvcNAQELBQADggEBAK0n3p8Irnw2XyeDmEqCi7p7UyuF29UKesI1pY5Y
TI6ov7AxyHa7MY2S9Jdz1dDQpPs1cWxpmBz186PY3d3bp58J3F3Ghee1xNVQV8c+
jYZqkzHE29PMCxFfdnp2GcOte2I7qK1ziHVNFRjn+Oado5ZpzjNxEPUfznim2rmy
nzqKxUcPE5EvhI+lqJv4kaHtfnwIpsAYvbs7mGTS/h5993i9GzI8ZDLhNJH5elWy
4TgOxK4aNTrNtksQyj2W27oBTPnEVMkMgkAqf9NWg7zGLJj33JWO7CxEpEiqJHcV
iLuBozz7+J/mnlaMaA+SyJMyhCxiUkl2o/u6IaHz6R+D0Wc=
-----END CERTIFICATE-----
Generated at Mon Jun 17 02:10:04 2024 by rpki-client on console-ams.rpki-client.org