Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D82461940D6C2A48DBE16DD278C5B0DFF29C5169DCF3A2C5DDB454FE1163C9F4/0/323830333a396434303a3a2f33322d3332203d3e20323634383437.roa
File:                     323830333a396434303a3a2f33322d3332203d3e20323634383437.roa (raw, json)
Hash identifier:          poyO06PTdKLklPQVC7IwLwtzTu7G9hHVoq4Py0hV0Gc=
Subject key identifier:   39:59:2D:AB:90:C7:A2:68:E0:0C:2B:C3:61:E0:EE:88:4B:68:FE:57
Certificate issuer:       /CN=A4BCD2E8CA8A74AF5627B106DFD6C0BB2DA03D9A
Certificate serial:       2CB288A15984E79DAED9B39D057C41D0EDBC266C
Authority key identifier: A4:BC:D2:E8:CA:8A:74:AF:56:27:B1:06:DF:D6:C0:BB:2D:A0:3D:9A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A4BCD2E8CA8A74AF5627B106DFD6C0BB2DA03D9A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D82461940D6C2A48DBE16DD278C5B0DFF29C5169DCF3A2C5DDB454FE1163C9F4/0/323830333a396434303a3a2f33322d3332203d3e20323634383437.roa
Signing time:             Tue 05 Mar 2024 18:12:01 +0000
ROA not before:           Tue 05 Mar 2024 18:07:01 +0000
ROA not after:            Tue 04 Mar 2025 18:12:01 +0000
asID:                     264847
IP address blocks:        2803:9d40::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D82461940D6C2A48DBE16DD278C5B0DFF29C5169DCF3A2C5DDB454FE1163C9F4/0/A4BCD2E8CA8A74AF5627B106DFD6C0BB2DA03D9A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D82461940D6C2A48DBE16DD278C5B0DFF29C5169DCF3A2C5DDB454FE1163C9F4/0/A4BCD2E8CA8A74AF5627B106DFD6C0BB2DA03D9A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A4BCD2E8CA8A74AF5627B106DFD6C0BB2DA03D9A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:b2:88:a1:59:84:e7:9d:ae:d9:b3:9d:05:7c:41:d0:ed:bc:26:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A4BCD2E8CA8A74AF5627B106DFD6C0BB2DA03D9A
        Validity
            Not Before: Mar  5 18:07:01 2024 GMT
            Not After : Mar  4 18:12:01 2025 GMT
        Subject: CN=39592DAB90C7A268E00C2BC361E0EE884B68FE57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9e:69:b8:1f:67:e3:7e:0c:b8:ed:b1:70:85:
                    56:89:83:c4:c9:d6:b3:2c:ec:fc:44:d8:dd:13:fd:
                    5e:17:f4:04:97:93:ed:08:6b:e7:07:2e:45:fe:01:
                    70:c4:6e:7e:8f:32:06:69:9d:62:48:42:1b:83:06:
                    23:53:5b:4e:f7:a2:42:58:40:ae:8e:d1:56:1d:1e:
                    26:17:a1:ed:ac:e4:ef:33:53:2e:b0:0e:61:d3:2b:
                    59:d8:da:d2:f3:8a:f9:7e:38:0c:72:0f:bf:fb:42:
                    62:55:ce:f2:7f:5d:12:6c:0e:b2:6d:b4:dd:60:e1:
                    66:ed:4b:18:ba:cd:a3:aa:23:94:3a:9c:b9:a6:4f:
                    36:1d:de:01:88:c0:a9:d2:ce:ab:32:33:98:de:76:
                    cb:c3:63:71:2d:28:14:8c:59:3e:00:2b:8b:bb:da:
                    4d:6b:93:47:5f:a3:db:c9:52:26:ef:f4:ef:d2:5d:
                    09:ed:3a:cc:52:2d:4a:7e:92:f7:f0:c9:96:5f:2e:
                    83:c9:02:64:51:7c:16:42:d0:ba:c4:69:3f:47:4e:
                    26:78:bb:6a:f4:99:79:5a:cf:c1:ba:50:56:f8:2a:
                    0f:d9:d7:02:6d:f1:f0:f4:01:43:b0:12:cf:d4:68:
                    e8:45:07:7e:4c:9c:78:f8:fc:25:3b:5c:0b:b2:75:
                    29:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:59:2D:AB:90:C7:A2:68:E0:0C:2B:C3:61:E0:EE:88:4B:68:FE:57
            X509v3 Authority Key Identifier:
                keyid:A4:BC:D2:E8:CA:8A:74:AF:56:27:B1:06:DF:D6:C0:BB:2D:A0:3D:9A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D82461940D6C2A48DBE16DD278C5B0DFF29C5169DCF3A2C5DDB454FE1163C9F4/0/A4BCD2E8CA8A74AF5627B106DFD6C0BB2DA03D9A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A4BCD2E8CA8A74AF5627B106DFD6C0BB2DA03D9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D82461940D6C2A48DBE16DD278C5B0DFF29C5169DCF3A2C5DDB454FE1163C9F4/0/323830333a396434303a3a2f33322d3332203d3e20323634383437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:9d40::/32

    Signature Algorithm: sha256WithRSAEncryption
         b1:a3:0f:d4:11:ad:1c:1f:e5:ca:c2:c4:83:4a:74:bf:ad:55:
         ed:1c:ac:79:62:9f:06:bf:64:be:9b:f3:9d:8e:d4:5e:6e:eb:
         bb:4a:9d:3a:11:bb:91:2c:1d:ef:4e:91:68:57:e5:03:e5:eb:
         a5:1e:d1:70:08:4b:05:28:ec:46:a0:73:77:2e:82:9e:36:f3:
         9c:a2:80:71:bf:28:1b:b2:a4:f9:26:12:0b:b3:9a:9e:5f:4a:
         88:1a:07:f0:c3:dc:9f:9f:6e:0f:f8:4b:a7:55:9e:38:cd:53:
         72:ce:56:66:7b:ce:4d:9e:21:52:95:3b:60:9f:a8:37:3c:ad:
         05:2e:11:d5:14:8d:c5:64:fb:6b:c4:2b:59:d1:2b:1c:c6:06:
         c3:46:7e:47:e7:e2:bd:51:c9:a9:02:c7:fc:56:2d:a8:68:57:
         2d:b4:40:5b:e6:61:60:4c:1d:86:95:2c:32:41:a6:fc:76:a5:
         7f:57:05:db:5b:a2:0b:af:74:2d:e0:9e:5e:f4:82:18:3b:bb:
         43:b7:3e:45:de:1e:95:cc:fe:71:d4:5c:a0:11:e6:ea:96:22:
         23:88:e5:8e:ff:ac:53:90:0e:d7:ea:90:a3:64:ea:7a:a6:61:
         db:26:ac:c2:bf:58:b6:47:e5:77:9a:fd:b6:8b:d5:72:fd:47:
         1b:ec:91:2b
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIULLKIoVmE552u2bOdBXxB0O28JmwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTRCQ0QyRThDQThBNzRBRjU2MjdCMTA2REZENkMwQkIy
REEwM0Q5QTAeFw0yNDAzMDUxODA3MDFaFw0yNTAzMDQxODEyMDFaMDMxMTAvBgNV
BAMTKDM5NTkyREFCOTBDN0EyNjhFMDBDMkJDMzYxRTBFRTg4NEI2OEZFNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBnmm4H2fjfgy47bFwhVaJg8TJ
1rMs7PxE2N0T/V4X9ASXk+0Ia+cHLkX+AXDEbn6PMgZpnWJIQhuDBiNTW073okJY
QK6O0VYdHiYXoe2s5O8zUy6wDmHTK1nY2tLzivl+OAxyD7/7QmJVzvJ/XRJsDrJt
tN1g4WbtSxi6zaOqI5Q6nLmmTzYd3gGIwKnSzqsyM5jedsvDY3EtKBSMWT4AK4u7
2k1rk0dfo9vJUibv9O/SXQntOsxSLUp+kvfwyZZfLoPJAmRRfBZC0LrEaT9HTiZ4
u2r0mXlaz8G6UFb4Kg/Z1wJt8fD0AUOwEs/UaOhFB35MnHj4/CU7XAuydSltAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUOVktq5DHomjgDCvDYeDuiEto/lcwHwYDVR0j
BBgwFoAUpLzS6MqKdK9WJ7EG39bAuy2gPZowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EODI0NjE5NDBENkMyQTQ4REJFMTZERDI3OEM1QjBERkYy
OUM1MTY5RENGM0EyQzVEREI0NTRGRTExNjNDOUY0LzAvQTRCQ0QyRThDQThBNzRB
RjU2MjdCMTA2REZENkMwQkIyREEwM0Q5QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNEJDRDJFOENBOEE3NEFGNTYy
N0IxMDZERkQ2QzBCQjJEQTAzRDlBLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDgyNDYxOTQwRDZDMkE0OERCRTE2REQyNzhDNUIwREZGMjlDNTE2OURD
RjNBMkM1RERCNDU0RkUxMTYzQzlGNC8wLzMyMzgzMDMzM2EzOTY0MzQzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzYzNDM4MzQzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDnUAw
DQYJKoZIhvcNAQELBQADggEBALGjD9QRrRwf5crCxINKdL+tVe0crHlinwa/ZL6b
852O1F5u67tKnToRu5EsHe9OkWhX5QPl66Ue0XAISwUo7Eagc3cugp4285yigHG/
KBuypPkmEguzmp5fSogaB/DD3J+fbg/4S6dVnjjNU3LOVmZ7zk2eIVKVO2CfqDc8
rQUuEdUUjcVk+2vEK1nRKxzGBsNGfkfn4r1RyakCx/xWLahoVy20QFvmYWBMHYaV
LDJBpvx2pX9XBdtboguvdC3gnl70ghg7u0O3PkXeHpXM/nHUXKAR5uqWIiOI5Y7/
rFOQDtfqkKNk6nqmYdsmrMK/WLZH5Xea/baL1XL9RxvskSs=
-----END CERTIFICATE-----
Generated at Wed Nov 20 20:04:33 2024 by rpki-client on console-fra.rpki-client.org