Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D6CB5131E6E9F62855DC0EC50655CD810DD985ABBBFFBF4F0C653795F214ED99/0/323830333a326436303a3a2f33322d3438203d3e203134373534.roa
File:                     323830333a326436303a3a2f33322d3438203d3e203134373534.roa (raw, json)
Hash identifier:          6rv129GtVI+lQZGv0nrsv65d8wIyJRHdseNvlQmRwa8=
Subject key identifier:   4C:89:F4:B9:B6:3E:D4:16:59:46:42:9F:F4:7A:81:B0:D8:33:FF:D8
Certificate issuer:       /CN=512FC9A3066D2E0C294F0E001A94F2F0AED7270C
Certificate serial:       30FBC03ACF7916505CD963781A5D4D8194713B4D
Authority key identifier: 51:2F:C9:A3:06:6D:2E:0C:29:4F:0E:00:1A:94:F2:F0:AE:D7:27:0C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/512FC9A3066D2E0C294F0E001A94F2F0AED7270C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D6CB5131E6E9F62855DC0EC50655CD810DD985ABBBFFBF4F0C653795F214ED99/0/323830333a326436303a3a2f33322d3438203d3e203134373534.roa
Signing time:             Tue 05 Mar 2024 18:09:46 +0000
ROA not before:           Tue 05 Mar 2024 18:04:46 +0000
ROA not after:            Tue 04 Mar 2025 18:09:46 +0000
asID:                     14754
IP address blocks:        2803:2d60::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D6CB5131E6E9F62855DC0EC50655CD810DD985ABBBFFBF4F0C653795F214ED99/0/512FC9A3066D2E0C294F0E001A94F2F0AED7270C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D6CB5131E6E9F62855DC0EC50655CD810DD985ABBBFFBF4F0C653795F214ED99/0/512FC9A3066D2E0C294F0E001A94F2F0AED7270C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/512FC9A3066D2E0C294F0E001A94F2F0AED7270C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Jul 2024 11:47:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:fb:c0:3a:cf:79:16:50:5c:d9:63:78:1a:5d:4d:81:94:71:3b:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=512FC9A3066D2E0C294F0E001A94F2F0AED7270C
        Validity
            Not Before: Mar  5 18:04:46 2024 GMT
            Not After : Mar  4 18:09:46 2025 GMT
        Subject: CN=4C89F4B9B63ED4165946429FF47A81B0D833FFD8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:57:ab:5f:72:03:1f:af:58:75:77:6c:d9:22:
                    0b:6c:4b:27:a1:a8:f1:e0:5c:52:a7:d8:be:e0:c0:
                    76:73:e7:c9:cc:44:83:9a:ed:5d:1e:7e:dd:4c:61:
                    c3:80:6c:3e:b2:9a:5f:bd:54:3c:f3:d5:13:29:60:
                    56:16:03:3b:80:bf:df:7f:77:93:c0:81:b5:e4:8f:
                    93:68:ea:9d:67:c6:0a:0e:4a:a7:77:76:26:d4:fc:
                    79:55:7d:c9:c1:65:f2:6c:37:20:37:24:3d:17:43:
                    99:f3:77:af:86:ca:c1:27:ec:fd:9a:42:60:20:16:
                    d3:3f:d0:cf:58:77:45:59:af:41:eb:28:cd:bf:b2:
                    e4:c3:e2:a6:47:3f:5b:78:22:95:2f:80:18:01:f2:
                    5b:04:a3:6b:0a:72:29:00:df:40:4c:50:69:91:af:
                    d3:a0:6c:ac:ac:ef:21:5a:7c:f6:96:07:50:ea:b7:
                    4c:45:9b:8e:f8:b5:7b:a1:83:de:1f:71:da:b8:7d:
                    f5:3c:3b:49:ca:74:e4:02:a9:9b:2a:79:3d:50:f7:
                    eb:e2:eb:f0:25:e0:d3:cd:35:fe:e0:cf:f1:b6:06:
                    d6:73:68:47:b9:40:70:f8:5a:94:2f:33:ee:be:7b:
                    9d:38:49:5f:c5:f1:30:ff:77:3c:69:f9:5b:2a:ff:
                    b1:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:89:F4:B9:B6:3E:D4:16:59:46:42:9F:F4:7A:81:B0:D8:33:FF:D8
            X509v3 Authority Key Identifier:
                keyid:51:2F:C9:A3:06:6D:2E:0C:29:4F:0E:00:1A:94:F2:F0:AE:D7:27:0C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D6CB5131E6E9F62855DC0EC50655CD810DD985ABBBFFBF4F0C653795F214ED99/0/512FC9A3066D2E0C294F0E001A94F2F0AED7270C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/512FC9A3066D2E0C294F0E001A94F2F0AED7270C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D6CB5131E6E9F62855DC0EC50655CD810DD985ABBBFFBF4F0C653795F214ED99/0/323830333a326436303a3a2f33322d3438203d3e203134373534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:2d60::/32

    Signature Algorithm: sha256WithRSAEncryption
         a6:a5:6b:54:3d:1d:18:6d:49:e5:1d:ce:df:7b:b6:83:f6:36:
         f5:bb:44:68:57:48:c4:87:2b:ca:d5:38:a5:ca:6a:56:33:03:
         42:65:e8:2e:29:e2:3f:25:b4:0f:f0:62:89:98:b7:84:eb:8b:
         e1:59:bf:fe:64:2b:fb:1d:1a:7a:fd:20:ff:41:d4:24:d7:e7:
         ba:83:0a:60:6a:0b:ad:1e:f4:b5:90:db:b4:9e:32:44:3f:b2:
         58:d7:75:c2:1d:f2:65:15:10:d9:cc:6d:32:50:52:59:7c:2c:
         1d:ed:ed:99:b7:d3:9e:bd:f8:6f:d0:ee:3a:80:ee:92:19:35:
         c9:86:90:2e:34:21:09:7a:fa:f0:39:53:81:e4:99:45:3e:9e:
         f3:f2:65:27:77:4d:26:fb:a3:ea:66:ff:95:e4:be:56:14:f7:
         03:7e:ac:56:bb:53:f5:f0:b6:40:6b:11:d0:13:c2:13:aa:ca:
         a8:f9:6f:65:af:52:ae:49:5e:d6:75:17:73:96:82:01:3d:78:
         6d:fc:3c:d6:7e:0c:cd:21:c8:ba:b0:56:50:f2:f0:39:be:96:
         58:33:05:26:91:ce:09:11:d9:02:b5:43:30:89:b5:bf:6a:0d:
         22:89:6b:8c:71:ad:24:51:a9:10:97:2c:d1:90:da:f5:18:2b:
         64:40:d3:c2
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUMPvAOs95FlBc2WN4Gl1NgZRxO00wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTEyRkM5QTMwNjZEMkUwQzI5NEYwRTAwMUE5NEYyRjBB
RUQ3MjcwQzAeFw0yNDAzMDUxODA0NDZaFw0yNTAzMDQxODA5NDZaMDMxMTAvBgNV
BAMTKDRDODlGNEI5QjYzRUQ0MTY1OTQ2NDI5RkY0N0E4MUIwRDgzM0ZGRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzV6tfcgMfr1h1d2zZIgtsSyeh
qPHgXFKn2L7gwHZz58nMRIOa7V0eft1MYcOAbD6yml+9VDzz1RMpYFYWAzuAv99/
d5PAgbXkj5No6p1nxgoOSqd3dibU/HlVfcnBZfJsNyA3JD0XQ5nzd6+GysEn7P2a
QmAgFtM/0M9Yd0VZr0HrKM2/suTD4qZHP1t4IpUvgBgB8lsEo2sKcikA30BMUGmR
r9OgbKys7yFafPaWB1Dqt0xFm474tXuhg94fcdq4ffU8O0nKdOQCqZsqeT1Q9+vi
6/Al4NPNNf7gz/G2BtZzaEe5QHD4WpQvM+6+e504SV/F8TD/dzxp+Vsq/7GjAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUTIn0ubY+1BZZRkKf9HqBsNgz/9gwHwYDVR0j
BBgwFoAUUS/JowZtLgwpTw4AGpTy8K7XJwwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ENkNCNTEzMUU2RTlGNjI4NTVEQzBFQzUwNjU1Q0Q4MTBE
RDk4NUFCQkJGRkJGNEYwQzY1Mzc5NUYyMTRFRDk5LzAvNTEyRkM5QTMwNjZEMkUw
QzI5NEYwRTAwMUE5NEYyRjBBRUQ3MjcwQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81MTJGQzlBMzA2NkQyRTBDMjk0
RjBFMDAxQTk0RjJGMEFFRDcyNzBDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDZDQjUxMzFFNkU5RjYyODU1REMwRUM1MDY1NUNEODEwREQ5ODVBQkJC
RkZCRjRGMEM2NTM3OTVGMjE0RUQ5OS8wLzMyMzgzMDMzM2EzMjY0MzYzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMxMzQzNzM1MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAy1gMA0G
CSqGSIb3DQEBCwUAA4IBAQCmpWtUPR0YbUnlHc7fe7aD9jb1u0RoV0jEhyvK1Til
ympWMwNCZeguKeI/JbQP8GKJmLeE64vhWb/+ZCv7HRp6/SD/QdQk1+e6gwpgagut
HvS1kNu0njJEP7JY13XCHfJlFRDZzG0yUFJZfCwd7e2Zt9Oevfhv0O46gO6SGTXJ
hpAuNCEJevrwOVOB5JlFPp7z8mUnd00m+6PqZv+V5L5WFPcDfqxWu1P18LZAaxHQ
E8ITqsqo+W9lr1KuSV7WdRdzloIBPXht/DzWfgzNIci6sFZQ8vA5vpZYMwUmkc4J
EdkCtUMwibW/ag0iiWuMca0kUakQlyzRkNr1GCtkQNPC
-----END CERTIFICATE-----
Generated at Mon Jul 15 05:29:10 2024 by rpki-client on console-ams.rpki-client.org