Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F0BAB4FDC49B7DFE1D89ACB49F8C8A9225FB645AFBF6A00D832DC9DC3F39B253/0/323830333a346131303a613030303a3a2f33362d3336203d3e20323731393136.roa
File:                     323830333a346131303a613030303a3a2f33362d3336203d3e20323731393136.roa (raw, json)
Hash identifier:          5y7pXzitcyUXlmtdessQn750F5IUwLaepsZYpGaKMrc=
Subject key identifier:   E2:47:8C:C2:C8:3B:61:59:BE:AB:FE:6C:79:9B:AB:BF:52:0C:4D:37
Certificate issuer:       /CN=E45215C1ABF0099BEFF5D5807A415849759B9467
Certificate serial:       B92FDC17979B1C563BE43491C3F40033AE23C9
Authority key identifier: E4:52:15:C1:AB:F0:09:9B:EF:F5:D5:80:7A:41:58:49:75:9B:94:67
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E45215C1ABF0099BEFF5D5807A415849759B9467.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F0BAB4FDC49B7DFE1D89ACB49F8C8A9225FB645AFBF6A00D832DC9DC3F39B253/0/323830333a346131303a613030303a3a2f33362d3336203d3e20323731393136.roa
Signing time:             Tue 05 Mar 2024 17:42:28 +0000
ROA not before:           Tue 05 Mar 2024 17:37:28 +0000
ROA not after:            Tue 04 Mar 2025 17:42:28 +0000
asID:                     271916
IP address blocks:        2803:4a10:a000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/F0BAB4FDC49B7DFE1D89ACB49F8C8A9225FB645AFBF6A00D832DC9DC3F39B253/0/E45215C1ABF0099BEFF5D5807A415849759B9467.crl
                          rsync://repository.lacnic.net/rpki/lacnic/F0BAB4FDC49B7DFE1D89ACB49F8C8A9225FB645AFBF6A00D832DC9DC3F39B253/0/E45215C1ABF0099BEFF5D5807A415849759B9467.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E45215C1ABF0099BEFF5D5807A415849759B9467.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            b9:2f:dc:17:97:9b:1c:56:3b:e4:34:91:c3:f4:00:33:ae:23:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E45215C1ABF0099BEFF5D5807A415849759B9467
        Validity
            Not Before: Mar  5 17:37:28 2024 GMT
            Not After : Mar  4 17:42:28 2025 GMT
        Subject: CN=E2478CC2C83B6159BEABFE6C799BABBF520C4D37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:fe:c6:fc:89:a7:e5:20:c9:93:04:fa:a0:9a:
                    2b:25:92:2e:44:91:9f:cf:1f:c5:cb:e4:22:b1:5c:
                    14:e6:9a:5d:35:1d:d3:08:cd:73:00:ab:f5:60:45:
                    89:c2:39:9d:be:cb:31:fc:83:8a:47:b0:ac:52:37:
                    63:b6:d5:80:94:b7:0c:06:66:42:e6:9a:9b:a7:e3:
                    14:bb:66:73:84:d1:37:ed:87:42:35:3f:85:10:e4:
                    09:0a:e6:20:49:33:24:50:e1:86:38:f1:7a:3b:dd:
                    af:3b:a3:da:09:a1:e1:b5:67:71:78:02:34:12:9f:
                    e1:c9:ff:ed:02:10:0a:df:26:98:b7:a3:69:c4:f5:
                    6b:94:dc:6d:e2:52:b9:32:ee:bc:64:c5:fa:e5:9c:
                    3a:02:a8:d4:74:8f:5d:2a:48:d7:3f:7c:36:e6:3c:
                    35:1c:de:a6:c1:ee:25:1a:60:c3:7b:3b:e6:c3:63:
                    cd:a8:91:f6:18:91:53:f6:2a:ae:34:d2:80:2e:4c:
                    c4:2c:44:b7:c8:cc:dc:a2:eb:6a:27:d4:be:07:8c:
                    0a:0b:3f:69:34:25:65:a4:33:da:6c:20:b9:d6:fd:
                    dd:a0:03:3b:b6:4f:d7:8c:fb:fd:7b:4f:06:48:ac:
                    c9:5f:f2:e4:b5:3f:09:39:55:01:b0:6f:27:5c:7a:
                    a2:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:47:8C:C2:C8:3B:61:59:BE:AB:FE:6C:79:9B:AB:BF:52:0C:4D:37
            X509v3 Authority Key Identifier:
                keyid:E4:52:15:C1:AB:F0:09:9B:EF:F5:D5:80:7A:41:58:49:75:9B:94:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F0BAB4FDC49B7DFE1D89ACB49F8C8A9225FB645AFBF6A00D832DC9DC3F39B253/0/E45215C1ABF0099BEFF5D5807A415849759B9467.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E45215C1ABF0099BEFF5D5807A415849759B9467.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F0BAB4FDC49B7DFE1D89ACB49F8C8A9225FB645AFBF6A00D832DC9DC3F39B253/0/323830333a346131303a613030303a3a2f33362d3336203d3e20323731393136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:4a10:a000::/36

    Signature Algorithm: sha256WithRSAEncryption
         6b:ed:3e:0b:2f:11:87:f2:2a:2f:bb:16:12:7c:16:66:fd:a9:
         b3:c3:28:b3:52:da:f1:48:d9:cf:f1:20:eb:70:49:94:31:ee:
         9d:50:68:02:b3:19:b1:aa:24:6c:4b:97:cc:c9:0f:e3:c5:d8:
         56:8c:d4:d4:bb:25:94:60:f7:81:5e:83:ad:12:4c:2d:6b:be:
         ab:e4:2e:ba:d0:1e:a1:23:25:cb:ca:12:11:13:82:30:da:fd:
         1d:fd:86:4b:df:07:60:8f:15:ed:7f:fd:3a:6b:4f:ea:fd:43:
         41:29:0b:8a:97:39:8f:b3:2d:dc:9c:f7:67:98:35:18:55:90:
         f2:1d:ab:62:1a:15:da:cb:d4:e6:81:47:59:14:24:39:e5:58:
         60:e0:a2:2e:a3:35:9a:28:02:df:34:b6:a7:b8:6a:fc:b7:40:
         6a:16:00:28:85:82:4d:4a:2a:95:a4:10:e5:eb:0b:d4:ac:84:
         47:ca:f0:fb:fa:28:e2:64:ba:16:9e:cc:ee:7d:a7:cd:50:f0:
         8e:7a:74:1f:11:f2:a2:f9:ff:2c:ba:e9:67:24:07:2d:14:96:
         57:75:04:50:3c:e5:49:8e:e9:64:07:b8:85:95:d8:e3:93:4a:
         0e:8c:9f:21:05:22:e5:28:4c:f1:8e:31:33:60:43:8c:ea:66:
         77:29:21:07
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgIUALkv3BeXmxxWO+Q0kcP0ADOuI8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTQ1MjE1QzFBQkYwMDk5QkVGRjVENTgwN0E0MTU4NDk3
NTlCOTQ2NzAeFw0yNDAzMDUxNzM3MjhaFw0yNTAzMDQxNzQyMjhaMDMxMTAvBgNV
BAMTKEUyNDc4Q0MyQzgzQjYxNTlCRUFCRkU2Qzc5OUJBQkJGNTIwQzREMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf/sb8iaflIMmTBPqgmislki5E
kZ/PH8XL5CKxXBTmml01HdMIzXMAq/VgRYnCOZ2+yzH8g4pHsKxSN2O21YCUtwwG
ZkLmmpun4xS7ZnOE0Tfth0I1P4UQ5AkK5iBJMyRQ4YY48Xo73a87o9oJoeG1Z3F4
AjQSn+HJ/+0CEArfJpi3o2nE9WuU3G3iUrky7rxkxfrlnDoCqNR0j10qSNc/fDbm
PDUc3qbB7iUaYMN7O+bDY82okfYYkVP2Kq400oAuTMQsRLfIzNyi62on1L4HjAoL
P2k0JWWkM9psILnW/d2gAzu2T9eM+/17TwZIrMlf8uS1Pwk5VQGwbydceqJVAgMB
AAGjggLUMIIC0DAdBgNVHQ4EFgQU4keMwsg7YVm+q/5seZurv1IMTTcwHwYDVR0j
BBgwFoAU5FIVwavwCZvv9dWAekFYSXWblGcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMEJBQjRGREM0OUI3REZFMUQ4OUFDQjQ5RjhDOEE5MjI1
RkI2NDVBRkJGNkEwMEQ4MzJEQzlEQzNGMzlCMjUzLzAvRTQ1MjE1QzFBQkYwMDk5
QkVGRjVENTgwN0E0MTU4NDk3NTlCOTQ2Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FNDUyMTVDMUFCRjAwOTlCRUZG
NUQ1ODA3QTQxNTg0OTc1OUI5NDY3LmNlcjCB0QYIKwYBBQUHAQsEgcQwgcEwgb4G
CCsGAQUFBzALhoGxcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjBCQUI0RkRDNDlCN0RGRTFEODlBQ0I0OUY4QzhBOTIyNUZCNjQ1QUZC
RjZBMDBEODMyREM5REMzRjM5QjI1My8wLzMyMzgzMDMzM2EzNDYxMzEzMDNhNjEz
MDMwMzAzYTNhMmYzMzM2MmQzMzM2MjAzZDNlMjAzMjM3MzEzOTMxMzYucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQoA0oQoDANBgkqhkiG9w0BAQsFAAOCAQEAa+0+Cy8Rh/IqL7sWEnwWZv2p
s8Mos1La8UjZz/Eg63BJlDHunVBoArMZsaokbEuXzMkP48XYVozU1LsllGD3gV6D
rRJMLWu+q+QuutAeoSMly8oSEROCMNr9Hf2GS98HYI8V7X/9OmtP6v1DQSkLipc5
j7Mt3Jz3Z5g1GFWQ8h2rYhoV2svU5oFHWRQkOeVYYOCiLqM1migC3zS2p7hq/LdA
ahYAKIWCTUoqlaQQ5esL1KyER8rw+/oo4mS6Fp7M7n2nzVDwjnp0HxHyovn/LLrp
ZyQHLRSWV3UEUDzlSY7pZAe4hZXY45NKDoyfIQUi5ShM8Y4xM2BDjOpmdykhBw==
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:52:23 2024 by rpki-client on console-ams.rpki-client.org