Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DA9596D212E8B66A1192B768B89FF2DAE8E4961D3D9E226AC4978FC6E6AD9F56/0/323830333a356338303a3a2f33322d3438203d3e203239383032.roa
File:                     323830333a356338303a3a2f33322d3438203d3e203239383032.roa (raw, json)
Hash identifier:          olo3dGcrPc6qexEVQkw8kFT+Np95Rydc1w0oIuIRXUw=
Subject key identifier:   4A:3B:10:4B:07:91:E9:48:DD:99:23:7B:0A:03:FA:D5:BE:31:B0:5B
Certificate issuer:       /CN=E95D7FD5CE56E96E336A6E85C6DE12078D92206F
Certificate serial:       44D8644275E121982B173630975D792D8E180D59
Authority key identifier: E9:5D:7F:D5:CE:56:E9:6E:33:6A:6E:85:C6:DE:12:07:8D:92:20:6F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E95D7FD5CE56E96E336A6E85C6DE12078D92206F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DA9596D212E8B66A1192B768B89FF2DAE8E4961D3D9E226AC4978FC6E6AD9F56/0/323830333a356338303a3a2f33322d3438203d3e203239383032.roa
Signing time:             Tue 05 Mar 2024 17:44:03 +0000
ROA not before:           Tue 05 Mar 2024 17:39:03 +0000
ROA not after:            Tue 04 Mar 2025 17:44:03 +0000
asID:                     29802
IP address blocks:        2803:5c80::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DA9596D212E8B66A1192B768B89FF2DAE8E4961D3D9E226AC4978FC6E6AD9F56/0/E95D7FD5CE56E96E336A6E85C6DE12078D92206F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DA9596D212E8B66A1192B768B89FF2DAE8E4961D3D9E226AC4978FC6E6AD9F56/0/E95D7FD5CE56E96E336A6E85C6DE12078D92206F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E95D7FD5CE56E96E336A6E85C6DE12078D92206F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:d8:64:42:75:e1:21:98:2b:17:36:30:97:5d:79:2d:8e:18:0d:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E95D7FD5CE56E96E336A6E85C6DE12078D92206F
        Validity
            Not Before: Mar  5 17:39:03 2024 GMT
            Not After : Mar  4 17:44:03 2025 GMT
        Subject: CN=4A3B104B0791E948DD99237B0A03FAD5BE31B05B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:eb:28:b5:7b:c7:9f:b5:fa:58:ec:d5:c7:e8:
                    c7:a9:51:da:9d:df:d0:12:e0:35:d3:58:59:d7:36:
                    7d:20:61:2c:b1:91:57:b5:2f:be:2c:c3:7f:bb:e6:
                    c8:ec:3d:51:69:8b:f1:e3:f1:5a:71:57:af:b0:30:
                    7d:f1:46:73:28:e6:1a:13:43:c2:be:5f:21:15:d0:
                    a1:37:f6:68:32:1f:ce:24:ac:6a:d5:a6:1e:11:a5:
                    47:c4:ae:f0:fd:18:56:b2:12:9c:b4:de:fd:53:9c:
                    7b:ee:6b:05:8e:a6:dd:86:c2:28:21:1c:a2:5b:00:
                    6d:f7:19:1d:4d:ec:b7:16:18:72:30:e4:35:24:f7:
                    e1:3d:5c:70:91:e3:1a:d7:30:51:68:42:b3:34:52:
                    2e:15:93:30:e0:7b:bd:d5:4b:f3:c8:10:46:39:b1:
                    3b:68:82:a1:56:b9:83:ea:ba:26:d5:32:a6:5a:ed:
                    37:d7:7a:94:38:a5:ed:18:80:0b:d1:9b:f2:ba:56:
                    3f:a0:69:52:42:9d:5a:b8:b1:69:2d:00:71:fd:c6:
                    d9:09:ac:45:b4:9e:e4:83:0b:30:21:35:6f:9b:e4:
                    a1:9e:0e:51:41:ab:3e:48:d2:fb:83:b5:2c:6a:98:
                    48:e3:38:bf:56:26:4c:b1:be:82:5d:25:88:90:fd:
                    a2:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:3B:10:4B:07:91:E9:48:DD:99:23:7B:0A:03:FA:D5:BE:31:B0:5B
            X509v3 Authority Key Identifier:
                keyid:E9:5D:7F:D5:CE:56:E9:6E:33:6A:6E:85:C6:DE:12:07:8D:92:20:6F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DA9596D212E8B66A1192B768B89FF2DAE8E4961D3D9E226AC4978FC6E6AD9F56/0/E95D7FD5CE56E96E336A6E85C6DE12078D92206F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E95D7FD5CE56E96E336A6E85C6DE12078D92206F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DA9596D212E8B66A1192B768B89FF2DAE8E4961D3D9E226AC4978FC6E6AD9F56/0/323830333a356338303a3a2f33322d3438203d3e203239383032.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:5c80::/32

    Signature Algorithm: sha256WithRSAEncryption
         37:24:6d:53:97:9c:ee:ac:43:6b:30:0d:fb:7c:df:21:da:d3:
         93:f6:8d:8d:7c:bb:f6:78:1a:40:5e:e6:98:70:6d:d3:15:00:
         09:26:9a:3e:6b:3a:4a:95:e2:78:da:83:be:6d:da:b9:ec:4e:
         f3:08:03:2d:4a:30:e2:ca:c4:93:b7:d7:54:05:b4:16:42:d0:
         c9:db:03:87:c3:8f:18:28:ce:68:fb:87:fb:3b:0b:41:ac:1c:
         e7:22:eb:2f:3b:b8:60:55:20:bb:c4:5b:c7:9a:ec:58:c5:c6:
         d0:6e:22:3c:06:4b:57:71:b1:ef:a5:f4:67:f4:f8:24:f9:1d:
         c4:ea:ad:31:79:ec:50:2a:87:a6:c8:1c:85:94:e6:7b:0b:c4:
         3a:16:0d:c7:0a:69:f0:32:7f:8a:92:6b:03:9e:67:1b:48:cb:
         df:cc:1c:90:3d:a9:90:56:ed:2c:2b:c2:d9:88:86:5e:9f:c3:
         79:8e:42:04:60:a2:3e:77:62:66:b9:ee:9e:b2:3a:11:5c:3b:
         6c:4c:e9:01:5b:eb:4d:f3:39:4c:21:97:d8:ec:c4:f2:27:67:
         99:8d:33:cb:29:fb:c4:ce:e2:2b:01:ec:fb:80:c3:32:77:73:
         02:52:be:d5:86:98:49:57:10:be:68:f9:cf:6b:a4:b0:aa:e8:
         e3:05:3f:78
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIURNhkQnXhIZgrFzYwl115LY4YDVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTk1RDdGRDVDRTU2RTk2RTMzNkE2RTg1QzZERTEyMDc4
RDkyMjA2RjAeFw0yNDAzMDUxNzM5MDNaFw0yNTAzMDQxNzQ0MDNaMDMxMTAvBgNV
BAMTKDRBM0IxMDRCMDc5MUU5NDhERDk5MjM3QjBBMDNGQUQ1QkUzMUIwNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC66yi1e8eftfpY7NXH6MepUdqd
39AS4DXTWFnXNn0gYSyxkVe1L74sw3+75sjsPVFpi/Hj8VpxV6+wMH3xRnMo5hoT
Q8K+XyEV0KE39mgyH84krGrVph4RpUfErvD9GFayEpy03v1TnHvuawWOpt2Gwigh
HKJbAG33GR1N7LcWGHIw5DUk9+E9XHCR4xrXMFFoQrM0Ui4VkzDge73VS/PIEEY5
sTtogqFWuYPquibVMqZa7TfXepQ4pe0YgAvRm/K6Vj+gaVJCnVq4sWktAHH9xtkJ
rEW0nuSDCzAhNW+b5KGeDlFBqz5I0vuDtSxqmEjjOL9WJkyxvoJdJYiQ/aJbAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUSjsQSweR6UjdmSN7CgP61b4xsFswHwYDVR0j
BBgwFoAU6V1/1c5W6W4zam6Fxt4SB42SIG8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQTk1OTZEMjEyRThCNjZBMTE5MkI3NjhCODlGRjJEQUU4
RTQ5NjFEM0Q5RTIyNkFDNDk3OEZDNkU2QUQ5RjU2LzAvRTk1RDdGRDVDRTU2RTk2
RTMzNkE2RTg1QzZERTEyMDc4RDkyMjA2Ri5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FOTVEN0ZENUNFNTZFOTZFMzM2
QTZFODVDNkRFMTIwNzhEOTIyMDZGLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREE5NTk2RDIxMkU4QjY2QTExOTJCNzY4Qjg5RkYyREFFOEU0OTYxRDNE
OUUyMjZBQzQ5NzhGQzZFNkFEOUY1Ni8wLzMyMzgzMDMzM2EzNTYzMzgzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA1yAMA0G
CSqGSIb3DQEBCwUAA4IBAQA3JG1Tl5zurENrMA37fN8h2tOT9o2NfLv2eBpAXuaY
cG3TFQAJJpo+azpKleJ42oO+bdq57E7zCAMtSjDiysSTt9dUBbQWQtDJ2wOHw48Y
KM5o+4f7OwtBrBznIusvO7hgVSC7xFvHmuxYxcbQbiI8BktXcbHvpfRn9Pgk+R3E
6q0xeexQKoemyByFlOZ7C8Q6Fg3HCmnwMn+KkmsDnmcbSMvfzByQPamQVu0sK8LZ
iIZen8N5jkIEYKI+d2Jmue6esjoRXDtsTOkBW+tN8zlMIZfY7MTyJ2eZjTPLKfvE
zuIrAez7gMMyd3MCUr7VhphJVxC+aPnPa6SwqujjBT94
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:45:27 2024 by rpki-client on console-ams.rpki-client.org