Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D986FF7194FB2000A64C23C93E048A61F1672C1CD6C5FB29EAD37980641AFCA7/0/323830333a666665303a3a2f33322d3332203d3e20323731373932.roa
File:                     323830333a666665303a3a2f33322d3332203d3e20323731373932.roa (raw, json)
Hash identifier:          mEt43U7FRj8fXeeJlqDK9YA21KXRONzxwN1z59Nay9M=
Subject key identifier:   88:9C:55:52:73:05:7C:B6:EB:34:F9:28:C5:2A:47:7C:A1:BE:C8:0F
Certificate issuer:       /CN=0A72DC25D420B15DD00FF3323CB446E7A055F3BE
Certificate serial:       011093313E94561C773F71AFA063F712CD9DFB54
Authority key identifier: 0A:72:DC:25:D4:20:B1:5D:D0:0F:F3:32:3C:B4:46:E7:A0:55:F3:BE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0A72DC25D420B15DD00FF3323CB446E7A055F3BE.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D986FF7194FB2000A64C23C93E048A61F1672C1CD6C5FB29EAD37980641AFCA7/0/323830333a666665303a3a2f33322d3332203d3e20323731373932.roa
Signing time:             Tue 05 Mar 2024 18:01:25 +0000
ROA not before:           Tue 05 Mar 2024 17:56:25 +0000
ROA not after:            Tue 04 Mar 2025 18:01:25 +0000
asID:                     271792
IP address blocks:        2803:ffe0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D986FF7194FB2000A64C23C93E048A61F1672C1CD6C5FB29EAD37980641AFCA7/0/0A72DC25D420B15DD00FF3323CB446E7A055F3BE.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D986FF7194FB2000A64C23C93E048A61F1672C1CD6C5FB29EAD37980641AFCA7/0/0A72DC25D420B15DD00FF3323CB446E7A055F3BE.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0A72DC25D420B15DD00FF3323CB446E7A055F3BE.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:10:93:31:3e:94:56:1c:77:3f:71:af:a0:63:f7:12:cd:9d:fb:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0A72DC25D420B15DD00FF3323CB446E7A055F3BE
        Validity
            Not Before: Mar  5 17:56:25 2024 GMT
            Not After : Mar  4 18:01:25 2025 GMT
        Subject: CN=889C555273057CB6EB34F928C52A477CA1BEC80F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a5:1c:75:65:98:fb:da:ae:d3:55:1c:dc:ec:
                    b6:57:8d:fc:6a:75:4d:97:2b:50:a0:9c:3e:80:f7:
                    53:29:a7:7a:84:c8:f3:17:31:a4:31:e2:eb:9c:a2:
                    cb:25:42:c2:dd:e3:8a:82:1e:34:21:98:74:2e:a2:
                    0d:bf:39:a3:f1:18:fd:b8:de:e4:74:10:19:97:95:
                    18:b2:1a:ac:43:e4:9a:de:cf:e5:7c:b5:32:27:9c:
                    81:1b:da:db:95:a6:76:cc:98:43:b4:dd:16:37:15:
                    7a:f9:bf:c0:a3:a3:39:a5:f7:b4:b9:ce:9e:85:68:
                    a0:2c:36:47:87:2f:2e:29:fa:e0:f3:15:4d:3f:7e:
                    c2:35:69:55:7c:6f:69:da:82:e5:a7:ae:24:4f:b2:
                    28:51:de:0d:c9:49:8e:54:e6:27:84:d0:ec:f1:68:
                    80:7e:23:62:b1:ec:70:5f:71:8c:29:f5:b3:38:28:
                    73:1c:82:af:ab:98:9d:ac:1b:fd:5a:1b:97:6f:3e:
                    7b:d4:e2:ff:65:f2:14:49:49:50:74:45:18:ec:4b:
                    48:13:64:f4:2b:97:2d:41:f9:48:5c:c2:3b:73:7a:
                    07:c6:50:83:41:32:6f:13:ce:a8:a4:7c:40:57:be:
                    c1:25:20:9f:d5:4b:d0:b9:61:57:d6:3b:20:9c:a9:
                    3e:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:9C:55:52:73:05:7C:B6:EB:34:F9:28:C5:2A:47:7C:A1:BE:C8:0F
            X509v3 Authority Key Identifier:
                keyid:0A:72:DC:25:D4:20:B1:5D:D0:0F:F3:32:3C:B4:46:E7:A0:55:F3:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D986FF7194FB2000A64C23C93E048A61F1672C1CD6C5FB29EAD37980641AFCA7/0/0A72DC25D420B15DD00FF3323CB446E7A055F3BE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0A72DC25D420B15DD00FF3323CB446E7A055F3BE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D986FF7194FB2000A64C23C93E048A61F1672C1CD6C5FB29EAD37980641AFCA7/0/323830333a666665303a3a2f33322d3332203d3e20323731373932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:ffe0::/32

    Signature Algorithm: sha256WithRSAEncryption
         91:a4:4d:20:2f:99:84:41:1f:e7:cd:60:2f:49:ac:f2:5b:82:
         75:6f:e2:a4:3d:e3:3b:3a:70:81:e7:dd:5e:6d:d9:2a:1a:44:
         8c:3c:17:78:c0:d6:d2:4b:75:bf:b6:e1:55:30:10:57:21:77:
         ea:28:64:0f:53:83:8b:fb:c6:af:fc:71:d5:b0:c1:d3:28:be:
         af:84:7d:e2:22:84:71:a8:d9:a2:b5:ea:a2:d1:1b:a1:d8:08:
         42:84:1c:d2:c2:a8:c3:97:b0:0c:f0:16:72:ab:aa:64:31:7d:
         81:8d:c1:e0:7c:aa:47:fc:8d:77:88:2a:cd:a3:f5:87:1f:f4:
         92:98:e6:57:6e:92:41:1d:ea:b9:c7:10:61:e3:df:91:bb:6d:
         00:70:5f:fc:59:65:1c:42:84:8a:66:78:00:32:e8:51:49:56:
         7f:5f:a7:9e:39:7c:15:8a:5e:76:a7:38:d3:53:41:ec:b8:07:
         ff:22:a8:76:1c:98:0d:85:9e:74:ab:72:3a:62:4c:be:da:8e:
         a1:cd:69:e0:f8:35:f7:4f:cd:27:10:1e:7e:68:4c:00:83:89:
         59:9f:7d:a4:5b:2e:24:d8:af:ee:9b:80:6f:eb:c7:96:07:08:
         60:a2:31:6e:23:56:0c:17:3c:a8:50:36:a8:f3:4a:24:0b:d7:
         9e:7e:77:92
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUARCTMT6UVhx3P3GvoGP3Es2d+1QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEE3MkRDMjVENDIwQjE1REQwMEZGMzMyM0NCNDQ2RTdB
MDU1RjNCRTAeFw0yNDAzMDUxNzU2MjVaFw0yNTAzMDQxODAxMjVaMDMxMTAvBgNV
BAMTKDg4OUM1NTUyNzMwNTdDQjZFQjM0RjkyOEM1MkE0NzdDQTFCRUM4MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrpRx1ZZj72q7TVRzc7LZXjfxq
dU2XK1CgnD6A91Mpp3qEyPMXMaQx4uucosslQsLd44qCHjQhmHQuog2/OaPxGP24
3uR0EBmXlRiyGqxD5Jrez+V8tTInnIEb2tuVpnbMmEO03RY3FXr5v8Cjozml97S5
zp6FaKAsNkeHLy4p+uDzFU0/fsI1aVV8b2naguWnriRPsihR3g3JSY5U5ieE0Ozx
aIB+I2Kx7HBfcYwp9bM4KHMcgq+rmJ2sG/1aG5dvPnvU4v9l8hRJSVB0RRjsS0gT
ZPQrly1B+UhcwjtzegfGUINBMm8TzqikfEBXvsElIJ/VS9C5YVfWOyCcqT7fAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUiJxVUnMFfLbrNPkoxSpHfKG+yA8wHwYDVR0j
BBgwFoAUCnLcJdQgsV3QD/MyPLRG56BV874wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EOTg2RkY3MTk0RkIyMDAwQTY0QzIzQzkzRTA0OEE2MUYx
NjcyQzFDRDZDNUZCMjlFQUQzNzk4MDY0MUFGQ0E3LzAvMEE3MkRDMjVENDIwQjE1
REQwMEZGMzMyM0NCNDQ2RTdBMDU1RjNCRS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wQTcyREMyNUQ0MjBCMTVERDAw
RkYzMzIzQ0I0NDZFN0EwNTVGM0JFLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDk4NkZGNzE5NEZCMjAwMEE2NEMyM0M5M0UwNDhBNjFGMTY3MkMxQ0Q2
QzVGQjI5RUFEMzc5ODA2NDFBRkNBNy8wLzMyMzgzMDMzM2E2NjY2NjUzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzczMTM3MzkzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgD/+Aw
DQYJKoZIhvcNAQELBQADggEBAJGkTSAvmYRBH+fNYC9JrPJbgnVv4qQ94zs6cIHn
3V5t2SoaRIw8F3jA1tJLdb+24VUwEFchd+ooZA9Tg4v7xq/8cdWwwdMovq+EfeIi
hHGo2aK16qLRG6HYCEKEHNLCqMOXsAzwFnKrqmQxfYGNweB8qkf8jXeIKs2j9Ycf
9JKY5ldukkEd6rnHEGHj35G7bQBwX/xZZRxChIpmeAAy6FFJVn9fp545fBWKXnan
ONNTQey4B/8iqHYcmA2FnnSrcjpiTL7ajqHNaeD4NfdPzScQHn5oTACDiVmffaRb
LiTYr+6bgG/rx5YHCGCiMW4jVgwXPKhQNqjzSiQL155+d5I=
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:17:52 2024 by rpki-client on console-ams.rpki-client.org