Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/CB47BEC5845FEF89B4F49F9AED43CA62E31AA56C53BA38AEC090599569E48945/0/323830333a396130303a3137653a3a2f34372d3634203d3e20323632323339.roa
File:                     323830333a396130303a3137653a3a2f34372d3634203d3e20323632323339.roa (raw, json)
Hash identifier:          K9tkSrEUjm72lYCbXlbrgA65xW0q3bT8fbwxj29eyA8=
Subject key identifier:   16:2E:A8:2A:91:01:D5:E2:B3:55:DB:46:CC:C2:84:CA:82:9A:47:EF
Certificate issuer:       /CN=39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF
Certificate serial:       66C197A81D350E401B2EAD0FB69796575312C1BD
Authority key identifier: 39:44:6F:5E:8A:4A:60:A5:A4:F4:26:FB:E7:E7:29:68:C1:6C:1E:FF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/CB47BEC5845FEF89B4F49F9AED43CA62E31AA56C53BA38AEC090599569E48945/0/323830333a396130303a3137653a3a2f34372d3634203d3e20323632323339.roa
Signing time:             Tue 04 Feb 2025 18:01:38 +0000
ROA not before:           Tue 04 Feb 2025 17:56:38 +0000
ROA not after:            Tue 03 Feb 2026 18:01:38 +0000
asID:                     262239
IP address blocks:        2803:9a00:17e::/47 maxlen: 64
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/CB47BEC5845FEF89B4F49F9AED43CA62E31AA56C53BA38AEC090599569E48945/0/39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/CB47BEC5845FEF89B4F49F9AED43CA62E31AA56C53BA38AEC090599569E48945/0/39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 20 Feb 2025 16:28:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:c1:97:a8:1d:35:0e:40:1b:2e:ad:0f:b6:97:96:57:53:12:c1:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF
        Validity
            Not Before: Feb  4 17:56:38 2025 GMT
            Not After : Feb  3 18:01:38 2026 GMT
        Subject: CN=162EA82A9101D5E2B355DB46CCC284CA829A47EF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:64:5c:ea:1a:8e:61:d8:a2:34:95:91:74:3c:
                    a8:99:31:93:ae:34:fb:c9:49:49:47:79:f0:2f:66:
                    62:7b:74:ad:bb:dc:81:62:1f:ed:1e:59:4d:19:fa:
                    8a:00:03:ae:82:58:bb:24:b4:0f:bc:c9:f5:5e:28:
                    29:35:0e:d0:ee:3c:b7:93:32:e6:fe:98:01:74:1e:
                    ce:61:11:23:33:33:b6:aa:bb:37:e6:4c:48:f5:de:
                    89:0a:1f:2c:2a:7f:1a:ac:a0:e3:b2:15:6d:cc:42:
                    4d:1b:2a:cc:1c:51:2d:1a:96:b9:01:54:97:5f:ed:
                    9b:4c:36:df:85:67:20:87:c8:51:7e:6b:e1:11:0d:
                    0a:ba:6f:e5:ac:2f:9b:f2:9a:cc:69:a3:c4:48:96:
                    30:68:d1:1c:61:45:2a:53:e8:b5:91:77:8c:73:8b:
                    61:03:62:c0:e2:83:b0:26:22:6a:28:0a:a6:75:f9:
                    09:9a:ac:86:91:ce:39:74:6f:65:37:e5:8e:1f:78:
                    62:4e:93:bb:7d:dc:0f:21:e5:16:be:23:e1:1a:a4:
                    50:85:8e:eb:48:01:0b:37:3c:2f:98:12:6a:20:4c:
                    ef:3a:ca:0f:fc:f1:0e:6d:3a:f9:d9:14:a9:bc:24:
                    78:f7:e4:47:86:88:3b:cf:d6:80:4f:e1:c5:5b:62:
                    aa:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:2E:A8:2A:91:01:D5:E2:B3:55:DB:46:CC:C2:84:CA:82:9A:47:EF
            X509v3 Authority Key Identifier:
                keyid:39:44:6F:5E:8A:4A:60:A5:A4:F4:26:FB:E7:E7:29:68:C1:6C:1E:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/CB47BEC5845FEF89B4F49F9AED43CA62E31AA56C53BA38AEC090599569E48945/0/39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/CB47BEC5845FEF89B4F49F9AED43CA62E31AA56C53BA38AEC090599569E48945/0/323830333a396130303a3137653a3a2f34372d3634203d3e20323632323339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:9a00:17e::/47

    Signature Algorithm: sha256WithRSAEncryption
         67:38:be:a4:e2:a6:eb:ef:fa:34:42:15:e8:b7:29:15:04:08:
         23:34:40:de:ab:01:aa:3f:b2:9e:e1:18:5f:b2:b3:05:f3:f3:
         ee:ff:c2:59:aa:d9:be:a8:6a:62:78:d9:ee:3a:25:84:c8:88:
         f7:9d:b0:9a:f2:0e:60:14:0d:a4:76:82:8e:cc:0d:b3:60:46:
         52:9e:4b:cb:f0:87:50:27:ad:44:06:db:2f:bd:9a:00:45:f2:
         f9:75:27:df:53:27:68:d0:c5:59:67:51:73:23:c3:58:b8:7d:
         e7:70:b0:b1:01:44:67:af:12:5d:d5:f7:c8:23:56:55:b8:6f:
         0e:8f:7c:9b:44:3b:42:eb:d3:38:bf:a7:7e:b3:d2:d1:59:91:
         18:1d:17:bc:a5:4e:04:e8:ed:ae:7a:26:ec:28:44:21:bf:e6:
         83:1f:50:81:64:4c:d9:0f:1e:3a:b4:77:80:96:1b:1c:c0:37:
         40:15:2f:d3:c2:eb:12:87:f5:c3:21:cb:b2:be:27:2f:d5:ce:
         e9:46:2b:6a:ab:68:68:35:25:12:96:66:d2:ea:31:de:cf:a6:
         68:b6:03:07:dd:60:24:15:ef:75:01:25:9d:6e:1f:12:50:e9:
         87:d0:7f:21:62:6d:fb:b4:40:cf:a5:39:f1:f9:ad:4c:2f:8e:
         da:54:64:4b
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIUZsGXqB01DkAbLq0PtpeWV1MSwb0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzk0NDZGNUU4QTRBNjBBNUE0RjQyNkZCRTdFNzI5NjhD
MTZDMUVGRjAeFw0yNTAyMDQxNzU2MzhaFw0yNjAyMDMxODAxMzhaMDMxMTAvBgNV
BAMTKDE2MkVBODJBOTEwMUQ1RTJCMzU1REI0NkNDQzI4NENBODI5QTQ3RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhZFzqGo5h2KI0lZF0PKiZMZOu
NPvJSUlHefAvZmJ7dK273IFiH+0eWU0Z+ooAA66CWLsktA+8yfVeKCk1DtDuPLeT
Mub+mAF0Hs5hESMzM7aquzfmTEj13okKHywqfxqsoOOyFW3MQk0bKswcUS0alrkB
VJdf7ZtMNt+FZyCHyFF+a+ERDQq6b+WsL5vymsxpo8RIljBo0RxhRSpT6LWRd4xz
i2EDYsDig7AmImooCqZ1+QmarIaRzjl0b2U35Y4feGJOk7t93A8h5Ra+I+EapFCF
jutIAQs3PC+YEmogTO86yg/88Q5tOvnZFKm8JHj35EeGiDvP1oBP4cVbYqqBAgMB
AAGjggLTMIICzzAdBgNVHQ4EFgQUFi6oKpEB1eKzVdtGzMKEyoKaR+8wHwYDVR0j
BBgwFoAUOURvXopKYKWk9Cb75+cpaMFsHv8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DQjQ3QkVDNTg0NUZFRjg5QjRGNDlGOUFFRDQzQ0E2MkUz
MUFBNTZDNTNCQTM4QUVDMDkwNTk5NTY5RTQ4OTQ1LzAvMzk0NDZGNUU4QTRBNjBB
NUE0RjQyNkZCRTdFNzI5NjhDMTZDMUVGRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zOTQ0NkY1RThBNEE2MEE1QTRG
NDI2RkJFN0U3Mjk2OEMxNkMxRUZGLmNlcjCBzwYIKwYBBQUHAQsEgcIwgb8wgbwG
CCsGAQUFBzALhoGvcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQ0I0N0JFQzU4NDVGRUY4OUI0RjQ5RjlBRUQ0M0NBNjJFMzFBQTU2QzUz
QkEzOEFFQzA5MDU5OTU2OUU0ODk0NS8wLzMyMzgzMDMzM2EzOTYxMzAzMDNhMzEz
NzY1M2EzYTJmMzQzNzJkMzYzNDIwM2QzZTIwMzIzNjMyMzIzMzM5LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcBKAOaAAF+MA0GCSqGSIb3DQEBCwUAA4IBAQBnOL6k4qbr7/o0QhXotykVBAgj
NEDeqwGqP7Ke4RhfsrMF8/Pu/8JZqtm+qGpieNnuOiWEyIj3nbCa8g5gFA2kdoKO
zA2zYEZSnkvL8IdQJ61EBtsvvZoARfL5dSffUydo0MVZZ1FzI8NYuH3ncLCxAURn
rxJd1ffII1ZVuG8Oj3ybRDtC69M4v6d+s9LRWZEYHRe8pU4E6O2ueibsKEQhv+aD
H1CBZEzZDx46tHeAlhscwDdAFS/TwusSh/XDIcuyvicv1c7pRitqq2hoNSUSlmbS
6jHez6ZotgMH3WAkFe91ASWdbh8SUOmH0H8hYm37tEDPpTnx+a1ML47aVGRL
-----END CERTIFICATE-----
Generated at Mon Feb 17 01:29:38 2025 by rpki-client