Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DCE028F3FD2E2A68FE4A98F4EBC7C1806009E6F0964B94BA1AF0B56655F5F22B/0/323830333a656336303a3a2f33322d3332203d3e20323637383530.roa
File:                     323830333a656336303a3a2f33322d3332203d3e20323637383530.roa (raw, json)
Hash identifier:          YFX6I09v4p1SAEisN3z/53axqgSL3wSTgaA02v8TdOY=
Subject key identifier:   0D:5F:CD:B5:D3:FE:C4:90:8C:52:DE:20:61:B0:2A:28:75:3E:6E:7F
Certificate issuer:       /CN=24CD02F5861A290CB8722F495D087C5FC34EB3A8
Certificate serial:       10B244A57899F6935FC0AADF7356D3B0FF0898FA
Authority key identifier: 24:CD:02:F5:86:1A:29:0C:B8:72:2F:49:5D:08:7C:5F:C3:4E:B3:A8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/24CD02F5861A290CB8722F495D087C5FC34EB3A8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DCE028F3FD2E2A68FE4A98F4EBC7C1806009E6F0964B94BA1AF0B56655F5F22B/0/323830333a656336303a3a2f33322d3332203d3e20323637383530.roa
Signing time:             Tue 05 Mar 2024 17:51:46 +0000
ROA not before:           Tue 05 Mar 2024 17:46:46 +0000
ROA not after:            Tue 04 Mar 2025 17:51:46 +0000
asID:                     267850
IP address blocks:        2803:ec60::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DCE028F3FD2E2A68FE4A98F4EBC7C1806009E6F0964B94BA1AF0B56655F5F22B/0/24CD02F5861A290CB8722F495D087C5FC34EB3A8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DCE028F3FD2E2A68FE4A98F4EBC7C1806009E6F0964B94BA1AF0B56655F5F22B/0/24CD02F5861A290CB8722F495D087C5FC34EB3A8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/24CD02F5861A290CB8722F495D087C5FC34EB3A8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 29 Nov 2024 03:21:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:b2:44:a5:78:99:f6:93:5f:c0:aa:df:73:56:d3:b0:ff:08:98:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24CD02F5861A290CB8722F495D087C5FC34EB3A8
        Validity
            Not Before: Mar  5 17:46:46 2024 GMT
            Not After : Mar  4 17:51:46 2025 GMT
        Subject: CN=0D5FCDB5D3FEC4908C52DE2061B02A28753E6E7F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:59:c5:9d:fd:87:69:4e:26:14:38:25:f0:d9:
                    da:0c:07:08:dc:73:e4:9a:85:f8:76:9f:2e:65:2d:
                    68:2d:54:19:b1:3c:5a:35:f0:8c:29:22:55:49:6c:
                    02:6c:3b:47:07:96:28:3e:0d:3c:80:1e:4b:8a:75:
                    22:49:69:e2:06:20:16:c9:c4:61:03:77:ca:85:ec:
                    e6:e0:7c:b6:88:b8:a7:37:57:d9:c3:f5:e0:ad:03:
                    29:ec:c6:4b:21:d8:ef:56:1d:d5:00:55:39:87:09:
                    e6:16:69:e0:03:aa:a7:14:c3:13:f2:9c:46:87:37:
                    99:87:91:ea:4f:94:af:b0:08:e3:a1:88:3c:32:d8:
                    cd:67:3f:8a:b9:a0:ac:3d:04:8d:07:18:ad:1c:90:
                    b0:aa:e9:31:8a:88:fa:9f:cd:cc:48:e7:80:aa:a3:
                    35:a9:c7:0e:b5:6d:7c:ed:2d:a4:65:4b:48:0f:43:
                    54:d4:f1:c6:fc:26:e1:b2:c0:3e:ef:f5:01:ee:82:
                    55:5b:d1:3e:56:ad:51:0c:97:1d:47:03:2b:2e:1e:
                    7d:7e:b4:8b:90:d8:55:18:6f:24:46:83:a3:fe:e3:
                    98:9b:87:b6:b5:2b:50:0d:b8:c0:bd:95:db:84:45:
                    51:e6:5c:15:38:e5:5d:2a:de:0f:13:52:3b:d1:1a:
                    b6:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:5F:CD:B5:D3:FE:C4:90:8C:52:DE:20:61:B0:2A:28:75:3E:6E:7F
            X509v3 Authority Key Identifier:
                keyid:24:CD:02:F5:86:1A:29:0C:B8:72:2F:49:5D:08:7C:5F:C3:4E:B3:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DCE028F3FD2E2A68FE4A98F4EBC7C1806009E6F0964B94BA1AF0B56655F5F22B/0/24CD02F5861A290CB8722F495D087C5FC34EB3A8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/24CD02F5861A290CB8722F495D087C5FC34EB3A8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DCE028F3FD2E2A68FE4A98F4EBC7C1806009E6F0964B94BA1AF0B56655F5F22B/0/323830333a656336303a3a2f33322d3332203d3e20323637383530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:ec60::/32

    Signature Algorithm: sha256WithRSAEncryption
         b8:2b:b3:b8:d4:4c:55:ed:74:c0:45:88:b8:e1:c0:ce:15:ce:
         bb:a7:8f:93:c6:27:06:87:0d:67:59:fe:45:51:b7:e0:84:44:
         d9:90:0c:4c:e4:8c:8c:5c:e3:6c:d5:21:70:08:d0:39:54:22:
         8b:04:eb:07:2b:65:f1:6e:15:3b:bc:06:b1:8f:e2:17:a6:39:
         61:2c:95:e9:86:c4:bb:ea:8a:64:7c:62:22:ea:4a:ef:32:65:
         29:5b:3d:75:2d:f1:36:fb:7d:0e:26:ed:c7:8a:ad:1a:60:03:
         01:8a:76:d8:37:eb:aa:df:95:45:0c:2f:d8:a2:71:34:b0:7f:
         fe:85:ee:36:ae:8e:aa:a8:7c:92:bd:10:4e:fc:5f:26:76:3e:
         b9:c1:3b:d2:3d:45:3d:5b:0c:6b:fa:27:61:f6:65:e7:58:99:
         7d:bb:4a:e3:9f:fd:d3:94:47:4f:81:31:be:b2:0e:3e:ee:5d:
         b0:ba:13:c5:56:48:ab:a2:39:d0:98:0d:f0:00:0a:64:be:ff:
         fa:b4:70:11:f7:f7:5a:3c:0a:8f:5e:c5:d4:26:33:0d:5f:15:
         13:1c:72:db:11:81:b4:34:6d:20:3a:b9:5a:34:66:90:93:f8:
         39:63:b9:dd:1d:83:2a:eb:08:09:8f:27:a1:ba:2b:f4:8c:50:
         6d:c7:62:b0
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUELJEpXiZ9pNfwKrfc1bTsP8ImPowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjRDRDAyRjU4NjFBMjkwQ0I4NzIyRjQ5NUQwODdDNUZD
MzRFQjNBODAeFw0yNDAzMDUxNzQ2NDZaFw0yNTAzMDQxNzUxNDZaMDMxMTAvBgNV
BAMTKDBENUZDREI1RDNGRUM0OTA4QzUyREUyMDYxQjAyQTI4NzUzRTZFN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaWcWd/YdpTiYUOCXw2doMBwjc
c+Sahfh2ny5lLWgtVBmxPFo18IwpIlVJbAJsO0cHlig+DTyAHkuKdSJJaeIGIBbJ
xGEDd8qF7ObgfLaIuKc3V9nD9eCtAynsxksh2O9WHdUAVTmHCeYWaeADqqcUwxPy
nEaHN5mHkepPlK+wCOOhiDwy2M1nP4q5oKw9BI0HGK0ckLCq6TGKiPqfzcxI54Cq
ozWpxw61bXztLaRlS0gPQ1TU8cb8JuGywD7v9QHuglVb0T5WrVEMlx1HAysuHn1+
tIuQ2FUYbyRGg6P+45ibh7a1K1ANuMC9lduERVHmXBU45V0q3g8TUjvRGrYzAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUDV/NtdP+xJCMUt4gYbAqKHU+bn8wHwYDVR0j
BBgwFoAUJM0C9YYaKQy4ci9JXQh8X8NOs6gwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQ0UwMjhGM0ZEMkUyQTY4RkU0QTk4RjRFQkM3QzE4MDYw
MDlFNkYwOTY0Qjk0QkExQUYwQjU2NjU1RjVGMjJCLzAvMjRDRDAyRjU4NjFBMjkw
Q0I4NzIyRjQ5NUQwODdDNUZDMzRFQjNBOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNENEMDJGNTg2MUEyOTBDQjg3
MjJGNDk1RDA4N0M1RkMzNEVCM0E4LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRENFMDI4RjNGRDJFMkE2OEZFNEE5OEY0RUJDN0MxODA2MDA5RTZGMDk2
NEI5NEJBMUFGMEI1NjY1NUY1RjIyQi8wLzMyMzgzMDMzM2E2NTYzMzYzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzYzNzM4MzUzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgD7GAw
DQYJKoZIhvcNAQELBQADggEBALgrs7jUTFXtdMBFiLjhwM4Vzrunj5PGJwaHDWdZ
/kVRt+CERNmQDEzkjIxc42zVIXAI0DlUIosE6wcrZfFuFTu8BrGP4hemOWEslemG
xLvqimR8YiLqSu8yZSlbPXUt8Tb7fQ4m7ceKrRpgAwGKdtg366rflUUML9iicTSw
f/6F7jaujqqofJK9EE78XyZ2PrnBO9I9RT1bDGv6J2H2ZedYmX27SuOf/dOUR0+B
Mb6yDj7uXbC6E8VWSKuiOdCYDfAACmS+//q0cBH391o8Co9exdQmMw1fFRMcctsR
gbQ0bSA6uVo0ZpCT+Dljud0dgyrrCAmPJ6G6K/SMUG3HYrA=
-----END CERTIFICATE-----
Generated at Sun Nov 24 13:13:48 2024 by rpki-client on console-fra.rpki-client.org