Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E89A25762E817B4ABAD4AE619618A2027CDA10E65EA17AE320EAB24829F102F7/0/323830333a643638303a3a2f33322d3336203d3e20323633323234.roa
File:                     323830333a643638303a3a2f33322d3336203d3e20323633323234.roa (raw, json)
Hash identifier:          +n3huEM3xblPVx47dYQLvwI197FTSzHAUJwaNEpga4w=
Subject key identifier:   6C:20:A7:D8:D3:07:60:DA:2E:10:04:A7:EC:6B:B9:F6:03:B9:17:76
Certificate issuer:       /CN=A996A5FE83CDF4C0C2A311F22A2CF3DB1D02C478
Certificate serial:       14E85A803B8C6EB17DEA66544171BAFA6D7F7009
Authority key identifier: A9:96:A5:FE:83:CD:F4:C0:C2:A3:11:F2:2A:2C:F3:DB:1D:02:C4:78
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A996A5FE83CDF4C0C2A311F22A2CF3DB1D02C478.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E89A25762E817B4ABAD4AE619618A2027CDA10E65EA17AE320EAB24829F102F7/0/323830333a643638303a3a2f33322d3336203d3e20323633323234.roa
Signing time:             Tue 19 Mar 2024 17:55:00 +0000
ROA not before:           Tue 19 Mar 2024 17:50:00 +0000
ROA not after:            Tue 18 Mar 2025 17:55:00 +0000
asID:                     263224
IP address blocks:        2803:d680::/32 maxlen: 36

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/E89A25762E817B4ABAD4AE619618A2027CDA10E65EA17AE320EAB24829F102F7/0/A996A5FE83CDF4C0C2A311F22A2CF3DB1D02C478.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E89A25762E817B4ABAD4AE619618A2027CDA10E65EA17AE320EAB24829F102F7/0/A996A5FE83CDF4C0C2A311F22A2CF3DB1D02C478.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A996A5FE83CDF4C0C2A311F22A2CF3DB1D02C478.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:e8:5a:80:3b:8c:6e:b1:7d:ea:66:54:41:71:ba:fa:6d:7f:70:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A996A5FE83CDF4C0C2A311F22A2CF3DB1D02C478
        Validity
            Not Before: Mar 19 17:50:00 2024 GMT
            Not After : Mar 18 17:55:00 2025 GMT
        Subject: CN=6C20A7D8D30760DA2E1004A7EC6BB9F603B91776
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:94:f8:10:13:49:df:cf:d2:69:ee:95:7c:53:
                    1f:e0:44:d2:32:4a:c2:9f:63:96:9e:d4:e3:21:77:
                    ce:26:1e:63:fb:77:5f:47:b0:3f:82:ed:da:d9:e8:
                    c3:36:07:05:58:e7:83:56:27:28:00:d8:a6:f5:9f:
                    1d:ec:b4:fe:80:72:30:db:f0:57:ee:8e:8e:49:7f:
                    7f:ac:b9:df:23:ea:81:0f:17:d1:d4:25:d2:bd:29:
                    cd:fa:81:2c:9d:e3:f9:db:1b:38:fc:f4:89:0f:9b:
                    30:72:d9:d7:69:7b:d6:3f:21:e2:ee:58:6c:f1:6c:
                    f6:5e:3a:5e:f1:53:c4:22:8e:6a:89:c9:cc:be:91:
                    44:c5:fe:ea:ac:62:5c:22:bc:1a:44:e8:5c:af:7f:
                    f1:fb:83:c7:52:84:9f:3f:cb:e7:98:33:4e:af:f6:
                    8d:77:82:63:ea:5c:46:02:15:84:a2:d0:d4:d1:8e:
                    92:19:16:28:cf:4b:97:66:4a:c4:ad:31:73:f9:06:
                    9b:5a:65:c5:68:c3:44:b3:d4:2d:25:a8:7f:94:72:
                    d8:88:87:3f:b7:e7:0a:03:64:e5:94:fb:50:49:eb:
                    70:92:98:26:46:c1:ed:ed:3e:16:51:e4:be:0d:d4:
                    7f:a8:90:42:2c:03:ac:23:8d:6c:57:a6:b0:d0:d9:
                    b0:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:20:A7:D8:D3:07:60:DA:2E:10:04:A7:EC:6B:B9:F6:03:B9:17:76
            X509v3 Authority Key Identifier:
                keyid:A9:96:A5:FE:83:CD:F4:C0:C2:A3:11:F2:2A:2C:F3:DB:1D:02:C4:78

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E89A25762E817B4ABAD4AE619618A2027CDA10E65EA17AE320EAB24829F102F7/0/A996A5FE83CDF4C0C2A311F22A2CF3DB1D02C478.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A996A5FE83CDF4C0C2A311F22A2CF3DB1D02C478.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E89A25762E817B4ABAD4AE619618A2027CDA10E65EA17AE320EAB24829F102F7/0/323830333a643638303a3a2f33322d3336203d3e20323633323234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:d680::/32

    Signature Algorithm: sha256WithRSAEncryption
         8b:f1:8e:f8:da:53:d2:9a:e9:ed:72:38:99:ef:f5:9d:bb:75:
         b9:c7:39:7e:e4:f8:44:b5:1e:cf:b9:49:49:b7:66:a1:f7:5d:
         b9:7f:a5:69:64:17:a9:c1:40:3f:cd:e0:c9:c4:09:1c:f6:bd:
         64:ea:c0:12:ea:93:54:1b:5a:07:f9:85:33:e9:64:c2:c5:4f:
         a9:05:30:47:ba:d4:17:37:5e:56:98:b2:fb:10:90:35:0e:43:
         16:dd:86:91:7d:d9:04:25:a5:5b:22:17:3b:68:a6:9f:22:8c:
         52:e9:46:03:6a:8f:46:50:10:23:48:c3:23:4d:b0:01:dd:bb:
         c8:f4:2b:ed:6f:3c:0d:e2:63:1d:77:a1:2a:27:32:3f:7c:83:
         8a:86:c8:0c:ce:15:ab:1d:90:16:14:45:29:79:0f:c9:64:91:
         d4:a8:88:9b:7f:0b:c3:51:3a:ea:e0:28:39:3d:12:af:56:71:
         9e:da:ac:33:a0:36:3c:c6:d6:a3:da:42:0c:65:68:f7:e7:e9:
         5d:03:8a:63:a5:38:cf:54:30:ec:ac:5e:60:dc:fd:ab:8e:a2:
         70:b8:ef:69:25:01:4c:0b:f3:80:fb:76:7f:32:b0:2a:f5:e6:
         88:60:e0:6b:a5:e1:e6:98:15:58:08:25:f7:64:9d:1c:24:f4:
         73:99:84:9a
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUFOhagDuMbrF96mZUQXG6+m1/cAkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTk5NkE1RkU4M0NERjRDMEMyQTMxMUYyMkEyQ0YzREIx
RDAyQzQ3ODAeFw0yNDAzMTkxNzUwMDBaFw0yNTAzMTgxNzU1MDBaMDMxMTAvBgNV
BAMTKDZDMjBBN0Q4RDMwNzYwREEyRTEwMDRBN0VDNkJCOUY2MDNCOTE3NzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChlPgQE0nfz9Jp7pV8Ux/gRNIy
SsKfY5ae1OMhd84mHmP7d19HsD+C7drZ6MM2BwVY54NWJygA2Kb1nx3stP6AcjDb
8Ffujo5Jf3+sud8j6oEPF9HUJdK9Kc36gSyd4/nbGzj89IkPmzBy2ddpe9Y/IeLu
WGzxbPZeOl7xU8QijmqJycy+kUTF/uqsYlwivBpE6Fyvf/H7g8dShJ8/y+eYM06v
9o13gmPqXEYCFYSi0NTRjpIZFijPS5dmSsStMXP5BptaZcVow0Sz1C0lqH+UctiI
hz+35woDZOWU+1BJ63CSmCZGwe3tPhZR5L4N1H+okEIsA6wjjWxXprDQ2bBtAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUbCCn2NMHYNouEASn7Gu59gO5F3YwHwYDVR0j
BBgwFoAUqZal/oPN9MDCoxHyKizz2x0CxHgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FODlBMjU3NjJFODE3QjRBQkFENEFFNjE5NjE4QTIwMjdD
REExMEU2NUVBMTdBRTMyMEVBQjI0ODI5RjEwMkY3LzAvQTk5NkE1RkU4M0NERjRD
MEMyQTMxMUYyMkEyQ0YzREIxRDAyQzQ3OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BOTk2QTVGRTgzQ0RGNEMwQzJB
MzExRjIyQTJDRjNEQjFEMDJDNDc4LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTg5QTI1NzYyRTgxN0I0QUJBRDRBRTYxOTYxOEEyMDI3Q0RBMTBFNjVF
QTE3QUUzMjBFQUIyNDgyOUYxMDJGNy8wLzMyMzgzMDMzM2E2NDM2MzgzMDNhM2Ey
ZjMzMzIyZDMzMzYyMDNkM2UyMDMyMzYzMzMyMzIzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgD1oAw
DQYJKoZIhvcNAQELBQADggEBAIvxjvjaU9Ka6e1yOJnv9Z27dbnHOX7k+ES1Hs+5
SUm3ZqH3Xbl/pWlkF6nBQD/N4MnECRz2vWTqwBLqk1QbWgf5hTPpZMLFT6kFMEe6
1Bc3XlaYsvsQkDUOQxbdhpF92QQlpVsiFztopp8ijFLpRgNqj0ZQECNIwyNNsAHd
u8j0K+1vPA3iYx13oSonMj98g4qGyAzOFasdkBYURSl5D8lkkdSoiJt/C8NROurg
KDk9Eq9WcZ7arDOgNjzG1qPaQgxlaPfn6V0DimOlOM9UMOysXmDc/auOonC472kl
AUwL84D7dn8ysCr15ohg4Gul4eaYFVgIJfdknRwk9HOZhJo=
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:10:20 2024 by rpki-client on console-fra.rpki-client.org