Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/EFD47FE509B3E64564E5815935D08E7559B5703FABFC8F219F3F8E142FFF6AA4/0/323830333a373239303a313330303a3a2f34302d3430203d3e20323732383639.roa
File:                     323830333a373239303a313330303a3a2f34302d3430203d3e20323732383639.roa (raw, json)
Hash identifier:          HtPABPm0imUbVquuBlHgYPBC6ao8rtPvCaGDsRXkbEM=
Subject key identifier:   2A:00:D9:93:62:74:FD:CA:A8:1F:AD:7D:29:B0:D5:52:C2:49:16:5D
Certificate issuer:       /CN=AEDA4138555E38BF0984DD9CC6D87B98B58F3D88
Certificate serial:       7365DA69253290130E97F4076B534A75F56764E1
Authority key identifier: AE:DA:41:38:55:5E:38:BF:09:84:DD:9C:C6:D8:7B:98:B5:8F:3D:88
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AEDA4138555E38BF0984DD9CC6D87B98B58F3D88.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/EFD47FE509B3E64564E5815935D08E7559B5703FABFC8F219F3F8E142FFF6AA4/0/323830333a373239303a313330303a3a2f34302d3430203d3e20323732383639.roa
Signing time:             Fri 17 May 2024 02:30:02 +0000
ROA not before:           Fri 17 May 2024 02:25:02 +0000
ROA not after:            Fri 16 May 2025 02:30:02 +0000
asID:                     272869
IP address blocks:        2803:7290:1300::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/EFD47FE509B3E64564E5815935D08E7559B5703FABFC8F219F3F8E142FFF6AA4/0/AEDA4138555E38BF0984DD9CC6D87B98B58F3D88.crl
                          rsync://repository.lacnic.net/rpki/lacnic/EFD47FE509B3E64564E5815935D08E7559B5703FABFC8F219F3F8E142FFF6AA4/0/AEDA4138555E38BF0984DD9CC6D87B98B58F3D88.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AEDA4138555E38BF0984DD9CC6D87B98B58F3D88.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 14 Nov 2024 04:05:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:65:da:69:25:32:90:13:0e:97:f4:07:6b:53:4a:75:f5:67:64:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AEDA4138555E38BF0984DD9CC6D87B98B58F3D88
        Validity
            Not Before: May 17 02:25:02 2024 GMT
            Not After : May 16 02:30:02 2025 GMT
        Subject: CN=2A00D9936274FDCAA81FAD7D29B0D552C249165D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c9:6e:5b:84:e1:28:52:f4:fa:d6:c3:5b:3e:
                    6a:99:7d:dc:24:74:e5:12:fc:ba:c3:01:d7:08:2e:
                    e4:7f:65:cf:39:cd:a5:38:94:7b:41:cb:c1:f2:37:
                    58:83:c4:7c:46:3a:86:2f:73:bf:b5:cf:6d:a8:bc:
                    07:f1:bb:fb:c9:c1:83:c9:76:85:e5:df:4f:65:2b:
                    d7:84:f7:54:08:e2:a3:a2:e4:e0:8c:53:e7:d8:8a:
                    fe:f9:f0:7b:3c:02:39:25:92:16:e7:04:c4:c1:2d:
                    1f:b1:71:e5:74:61:cb:46:92:18:a5:59:00:b7:eb:
                    87:ee:60:e1:00:31:48:f6:55:ef:7b:e0:9a:e6:a3:
                    4e:60:89:4e:73:dd:87:df:24:f0:8f:c1:27:ef:2e:
                    e1:25:c2:05:cd:e7:ca:b2:7d:99:b7:6f:eb:ac:88:
                    e5:68:38:1c:d9:cf:3b:4b:ae:50:d5:14:92:c5:e4:
                    bd:df:e8:47:7d:d1:8e:6f:f4:a3:e2:c1:47:cc:e5:
                    e6:0e:48:cc:85:92:9c:9b:3a:98:48:99:c1:42:3e:
                    d7:70:a4:0f:60:17:53:90:97:7c:11:a9:b9:ed:19:
                    38:2b:5b:75:1e:9d:51:1f:08:b4:a0:1c:7f:78:3e:
                    1c:4b:53:7d:bf:ac:68:06:46:94:99:22:ba:5b:b8:
                    37:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:00:D9:93:62:74:FD:CA:A8:1F:AD:7D:29:B0:D5:52:C2:49:16:5D
            X509v3 Authority Key Identifier:
                keyid:AE:DA:41:38:55:5E:38:BF:09:84:DD:9C:C6:D8:7B:98:B5:8F:3D:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/EFD47FE509B3E64564E5815935D08E7559B5703FABFC8F219F3F8E142FFF6AA4/0/AEDA4138555E38BF0984DD9CC6D87B98B58F3D88.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AEDA4138555E38BF0984DD9CC6D87B98B58F3D88.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/EFD47FE509B3E64564E5815935D08E7559B5703FABFC8F219F3F8E142FFF6AA4/0/323830333a373239303a313330303a3a2f34302d3430203d3e20323732383639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:7290:1300::/40

    Signature Algorithm: sha256WithRSAEncryption
         a8:5d:f6:72:ba:ac:1a:5d:9f:f2:e4:16:53:7b:12:9c:4f:3a:
         d7:1c:94:4a:0f:cb:8f:37:55:3e:4f:bd:a4:c5:8a:02:8c:e2:
         f3:06:fe:46:40:36:3a:c7:8e:81:4d:aa:0e:75:24:f6:78:32:
         14:02:85:64:94:e6:42:e3:89:3b:05:15:bc:23:7c:95:09:0e:
         76:78:01:0e:74:36:65:da:31:bb:dc:59:0f:23:e6:2e:b1:5d:
         c7:d2:a9:35:b1:da:5a:ff:b7:29:a5:4f:c1:e4:46:15:4d:98:
         ff:a1:2f:c4:76:58:1f:b3:10:0f:5b:f8:16:2b:2a:36:1c:64:
         7a:a6:0a:80:77:4b:d8:29:74:db:0a:07:df:fe:69:d9:94:aa:
         80:cf:6a:8d:12:2f:e4:d8:78:f8:3e:13:6b:03:57:97:5a:64:
         46:d8:cf:90:39:76:7e:34:07:d9:88:2f:de:30:38:8f:d6:38:
         8c:e7:e7:ba:9d:26:e9:16:7c:bf:a7:94:36:ed:3a:42:a3:ed:
         89:f4:37:02:89:43:cc:01:d0:36:1d:83:fa:21:3e:7e:07:7d:
         c3:2f:6d:40:0a:fe:e8:57:ec:85:bc:be:3a:b3:ad:77:cf:85:
         85:f7:97:d0:71:8f:9c:b1:2a:d3:8b:21:04:5e:38:2c:77:52:
         09:bd:cc:36
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgIUc2XaaSUykBMOl/QHa1NKdfVnZOEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUVEQTQxMzg1NTVFMzhCRjA5ODRERDlDQzZEODdCOThC
NThGM0Q4ODAeFw0yNDA1MTcwMjI1MDJaFw0yNTA1MTYwMjMwMDJaMDMxMTAvBgNV
BAMTKDJBMDBEOTkzNjI3NEZEQ0FBODFGQUQ3RDI5QjBENTUyQzI0OTE2NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClyW5bhOEoUvT61sNbPmqZfdwk
dOUS/LrDAdcILuR/Zc85zaU4lHtBy8HyN1iDxHxGOoYvc7+1z22ovAfxu/vJwYPJ
doXl309lK9eE91QI4qOi5OCMU+fYiv758Hs8AjklkhbnBMTBLR+xceV0YctGkhil
WQC364fuYOEAMUj2Ve974Jrmo05giU5z3YffJPCPwSfvLuElwgXN58qyfZm3b+us
iOVoOBzZzztLrlDVFJLF5L3f6Ed90Y5v9KPiwUfM5eYOSMyFkpybOphImcFCPtdw
pA9gF1OQl3wRqbntGTgrW3UenVEfCLSgHH94PhxLU32/rGgGRpSZIrpbuDcjAgMB
AAGjggLUMIIC0DAdBgNVHQ4EFgQUKgDZk2J0/cqoH619KbDVUsJJFl0wHwYDVR0j
BBgwFoAUrtpBOFVeOL8JhN2cxth7mLWPPYgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FRkQ0N0ZFNTA5QjNFNjQ1NjRFNTgxNTkzNUQwOEU3NTU5
QjU3MDNGQUJGQzhGMjE5RjNGOEUxNDJGRkY2QUE0LzAvQUVEQTQxMzg1NTVFMzhC
RjA5ODRERDlDQzZEODdCOThCNThGM0Q4OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BRURBNDEzODU1NUUzOEJGMDk4
NEREOUNDNkQ4N0I5OEI1OEYzRDg4LmNlcjCB0QYIKwYBBQUHAQsEgcQwgcEwgb4G
CCsGAQUFBzALhoGxcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRUZENDdGRTUwOUIzRTY0NTY0RTU4MTU5MzVEMDhFNzU1OUI1NzAzRkFC
RkM4RjIxOUYzRjhFMTQyRkZGNkFBNC8wLzMyMzgzMDMzM2EzNzMyMzkzMDNhMzEz
MzMwMzAzYTNhMmYzNDMwMmQzNDMwMjAzZDNlMjAzMjM3MzIzODM2Mzkucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAoA3KQEzANBgkqhkiG9w0BAQsFAAOCAQEAqF32crqsGl2f8uQWU3sSnE86
1xyUSg/LjzdVPk+9pMWKAozi8wb+RkA2OseOgU2qDnUk9ngyFAKFZJTmQuOJOwUV
vCN8lQkOdngBDnQ2Zdoxu9xZDyPmLrFdx9KpNbHaWv+3KaVPweRGFU2Y/6EvxHZY
H7MQD1v4FisqNhxkeqYKgHdL2Cl02woH3/5p2ZSqgM9qjRIv5Nh4+D4TawNXl1pk
RtjPkDl2fjQH2Ygv3jA4j9Y4jOfnup0m6RZ8v6eUNu06QqPtifQ3AolDzAHQNh2D
+iE+fgd9wy9tQAr+6Ffshby+OrOtd8+FhfeX0HGPnLEq04shBF44LHdSCb3MNg==
-----END CERTIFICATE-----
Generated at Sat Nov 9 09:29:39 2024 by rpki-client on console-fra.rpki-client.org