Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C7EDE29EBBCF33DD905D57173E4B0C83C5E37D65E0FE36F9A7463AFD31EFE4AF/0/323830333a616131303a3a2f33322d3438203d3e20323731393236.roa
File:                     323830333a616131303a3a2f33322d3438203d3e20323731393236.roa (raw, json)
Hash identifier:          HEWB2JC/IeC2UgmmsHJNsIqHDueIca6upp/Ay5RagOU=
Subject key identifier:   4D:03:C6:F2:2C:53:74:B6:50:28:98:81:FC:5D:41:4F:5F:F1:78:7B
Certificate issuer:       /CN=866B7DC5BD9E9CD59F31693C327AB7E0AEDB840F
Certificate serial:       0224BA8BFFAC5666C6945A7B4661A1022093A15B
Authority key identifier: 86:6B:7D:C5:BD:9E:9C:D5:9F:31:69:3C:32:7A:B7:E0:AE:DB:84:0F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/866B7DC5BD9E9CD59F31693C327AB7E0AEDB840F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C7EDE29EBBCF33DD905D57173E4B0C83C5E37D65E0FE36F9A7463AFD31EFE4AF/0/323830333a616131303a3a2f33322d3438203d3e20323731393236.roa
Signing time:             Tue 05 Mar 2024 17:48:43 +0000
ROA not before:           Tue 05 Mar 2024 17:43:43 +0000
ROA not after:            Tue 04 Mar 2025 17:48:43 +0000
asID:                     271926
IP address blocks:        2803:aa10::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C7EDE29EBBCF33DD905D57173E4B0C83C5E37D65E0FE36F9A7463AFD31EFE4AF/0/866B7DC5BD9E9CD59F31693C327AB7E0AEDB840F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C7EDE29EBBCF33DD905D57173E4B0C83C5E37D65E0FE36F9A7463AFD31EFE4AF/0/866B7DC5BD9E9CD59F31693C327AB7E0AEDB840F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/866B7DC5BD9E9CD59F31693C327AB7E0AEDB840F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:24:ba:8b:ff:ac:56:66:c6:94:5a:7b:46:61:a1:02:20:93:a1:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=866B7DC5BD9E9CD59F31693C327AB7E0AEDB840F
        Validity
            Not Before: Mar  5 17:43:43 2024 GMT
            Not After : Mar  4 17:48:43 2025 GMT
        Subject: CN=4D03C6F22C5374B650289881FC5D414F5FF1787B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:68:a4:f4:fe:b9:e8:fd:65:30:a6:67:ad:4f:
                    8f:11:91:16:da:be:66:97:bc:46:10:0d:ae:59:bb:
                    c8:9f:d3:0c:6e:d8:62:3b:f2:11:12:99:40:4e:7c:
                    a3:3e:14:aa:f3:5b:b1:21:e4:f0:cb:0f:10:de:4a:
                    95:0d:b1:4f:23:40:66:e3:bf:31:71:74:22:db:f0:
                    dc:7f:7e:5c:26:cd:5a:e8:73:f6:59:19:4e:53:d1:
                    fb:16:0d:5b:43:88:eb:c4:ba:13:02:d3:6d:48:c7:
                    97:44:7e:99:20:a8:dc:6f:e7:07:66:6e:6a:4e:a6:
                    1e:2f:a6:1b:41:b3:47:b2:2e:b0:2a:a2:ed:cf:18:
                    97:eb:a9:e7:e8:e2:3b:d7:2c:24:6b:5c:27:65:60:
                    2b:b2:96:ef:e6:f5:e1:ba:63:c4:b7:53:f9:db:0b:
                    16:52:ab:6e:d4:0f:91:33:e4:2c:8a:12:12:f2:f4:
                    21:4d:7d:ff:62:fa:ff:fd:25:ba:62:1d:6f:76:33:
                    71:94:e6:cd:55:e0:fb:6c:90:b2:c7:8e:65:12:23:
                    1b:74:20:af:be:fa:1b:0f:c3:a3:bf:a9:4e:f3:66:
                    2e:a0:0d:52:06:d2:a1:97:fb:9b:22:93:e9:55:0b:
                    3b:16:cf:b5:b2:a6:6c:5b:78:c2:2a:bc:ae:6c:0c:
                    4a:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:03:C6:F2:2C:53:74:B6:50:28:98:81:FC:5D:41:4F:5F:F1:78:7B
            X509v3 Authority Key Identifier:
                keyid:86:6B:7D:C5:BD:9E:9C:D5:9F:31:69:3C:32:7A:B7:E0:AE:DB:84:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C7EDE29EBBCF33DD905D57173E4B0C83C5E37D65E0FE36F9A7463AFD31EFE4AF/0/866B7DC5BD9E9CD59F31693C327AB7E0AEDB840F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/866B7DC5BD9E9CD59F31693C327AB7E0AEDB840F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C7EDE29EBBCF33DD905D57173E4B0C83C5E37D65E0FE36F9A7463AFD31EFE4AF/0/323830333a616131303a3a2f33322d3438203d3e20323731393236.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:aa10::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:95:e8:cf:c3:48:53:05:0b:6d:61:af:91:d1:bc:a2:7a:24:
         fd:df:c7:4d:ec:7b:39:27:16:51:5f:64:0b:9b:7e:a3:26:99:
         45:36:2b:01:1c:8d:8a:2e:6a:7f:d9:59:e8:3c:10:d9:6f:58:
         b5:b5:09:11:d3:cf:7d:a0:fc:25:28:54:5f:ff:76:b2:af:4e:
         f8:4f:b4:f1:5e:54:46:48:ee:24:11:e1:5a:5c:15:cb:73:8f:
         b9:d0:bf:83:b4:0d:c0:64:3f:57:48:6b:de:1d:b8:0e:30:94:
         0a:ed:06:a8:96:4a:df:cd:94:02:ea:ae:b1:80:1b:dd:cf:32:
         82:3f:c8:95:1f:9b:8d:eb:7a:38:14:a0:e3:fc:98:16:50:09:
         d7:d5:5d:f5:0a:8b:e6:bc:e4:4f:49:a9:dd:00:d6:dc:50:7d:
         ac:db:9f:80:88:f6:b3:21:cf:64:21:d4:e2:5f:b0:58:c7:54:
         e3:23:22:f9:2e:ad:87:79:62:0e:db:82:80:9f:2a:82:6b:7f:
         a9:14:f2:bd:dc:91:e7:da:48:89:5d:2a:0f:ff:1a:3b:bc:21:
         53:88:75:b0:ac:3c:c1:e1:4d:20:6e:e1:89:1d:88:95:02:9c:
         c0:e0:9c:42:2e:78:37:15:23:33:1c:99:b7:e4:04:6e:c4:cc:
         66:71:5e:6f
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUAiS6i/+sVmbGlFp7RmGhAiCToVswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODY2QjdEQzVCRDlFOUNENTlGMzE2OTNDMzI3QUI3RTBB
RURCODQwRjAeFw0yNDAzMDUxNzQzNDNaFw0yNTAzMDQxNzQ4NDNaMDMxMTAvBgNV
BAMTKDREMDNDNkYyMkM1Mzc0QjY1MDI4OTg4MUZDNUQ0MTRGNUZGMTc4N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2aKT0/rno/WUwpmetT48RkRba
vmaXvEYQDa5Zu8if0wxu2GI78hESmUBOfKM+FKrzW7Eh5PDLDxDeSpUNsU8jQGbj
vzFxdCLb8Nx/flwmzVroc/ZZGU5T0fsWDVtDiOvEuhMC021Ix5dEfpkgqNxv5wdm
bmpOph4vphtBs0eyLrAqou3PGJfrqefo4jvXLCRrXCdlYCuylu/m9eG6Y8S3U/nb
CxZSq27UD5Ez5CyKEhLy9CFNff9i+v/9JbpiHW92M3GU5s1V4PtskLLHjmUSIxt0
IK+++hsPw6O/qU7zZi6gDVIG0qGX+5sik+lVCzsWz7WypmxbeMIqvK5sDEqHAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUTQPG8ixTdLZQKJiB/F1BT1/xeHswHwYDVR0j
BBgwFoAUhmt9xb2enNWfMWk8Mnq34K7bhA8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DN0VERTI5RUJCQ0YzM0REOTA1RDU3MTczRTRCMEM4M0M1
RTM3RDY1RTBGRTM2RjlBNzQ2M0FGRDMxRUZFNEFGLzAvODY2QjdEQzVCRDlFOUNE
NTlGMzE2OTNDMzI3QUI3RTBBRURCODQwRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NjZCN0RDNUJEOUU5Q0Q1OUYz
MTY5M0MzMjdBQjdFMEFFREI4NDBGLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzdFREUyOUVCQkNGMzNERDkwNUQ1NzE3M0U0QjBDODNDNUUzN0Q2NUUw
RkUzNkY5QTc0NjNBRkQzMUVGRTRBRi8wLzMyMzgzMDMzM2E2MTYxMzEzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzczMTM5MzIzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDqhAw
DQYJKoZIhvcNAQELBQADggEBAGiV6M/DSFMFC21hr5HRvKJ6JP3fx03sezknFlFf
ZAubfqMmmUU2KwEcjYouan/ZWeg8ENlvWLW1CRHTz32g/CUoVF//drKvTvhPtPFe
VEZI7iQR4VpcFctzj7nQv4O0DcBkP1dIa94duA4wlArtBqiWSt/NlALqrrGAG93P
MoI/yJUfm43rejgUoOP8mBZQCdfVXfUKi+a85E9Jqd0A1txQfazbn4CI9rMhz2Qh
1OJfsFjHVOMjIvkurYd5Yg7bgoCfKoJrf6kU8r3ckefaSIldKg//Gju8IVOIdbCs
PMHhTSBu4YkdiJUCnMDgnEIueDcVIzMcmbfkBG7EzGZxXm8=
-----END CERTIFICATE-----
Generated at Wed Nov 20 10:24:16 2024 by rpki-client on console-fra.rpki-client.org