Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F17C899D78BD0469B41E73320C2C85078127F078EFBD4E57E4054830905C8007/0/323830333a343531303a3a2f33322d3438203d3e20323732303138.roa
File:                     323830333a343531303a3a2f33322d3438203d3e20323732303138.roa (raw, json)
Hash identifier:          YHwvp09PVERXa9AX/OlO7wKBAyTU7mB1tHYGSbY8dWQ=
Subject key identifier:   37:EA:B5:D3:45:08:37:33:C2:53:BB:06:86:3B:55:EF:9A:59:7F:31
Certificate issuer:       /CN=7AF66B13138C1FA7AD312F411D39B0F82C3B053F
Certificate serial:       69324A33948C384DC570CE1089375ECA32B77303
Authority key identifier: 7A:F6:6B:13:13:8C:1F:A7:AD:31:2F:41:1D:39:B0:F8:2C:3B:05:3F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7AF66B13138C1FA7AD312F411D39B0F82C3B053F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F17C899D78BD0469B41E73320C2C85078127F078EFBD4E57E4054830905C8007/0/323830333a343531303a3a2f33322d3438203d3e20323732303138.roa
Signing time:             Tue 05 Mar 2024 18:01:22 +0000
ROA not before:           Tue 05 Mar 2024 17:56:22 +0000
ROA not after:            Tue 04 Mar 2025 18:01:22 +0000
asID:                     272018
IP address blocks:        2803:4510::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/F17C899D78BD0469B41E73320C2C85078127F078EFBD4E57E4054830905C8007/0/7AF66B13138C1FA7AD312F411D39B0F82C3B053F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/F17C899D78BD0469B41E73320C2C85078127F078EFBD4E57E4054830905C8007/0/7AF66B13138C1FA7AD312F411D39B0F82C3B053F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7AF66B13138C1FA7AD312F411D39B0F82C3B053F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 17 Jul 2024 00:52:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:32:4a:33:94:8c:38:4d:c5:70:ce:10:89:37:5e:ca:32:b7:73:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7AF66B13138C1FA7AD312F411D39B0F82C3B053F
        Validity
            Not Before: Mar  5 17:56:22 2024 GMT
            Not After : Mar  4 18:01:22 2025 GMT
        Subject: CN=37EAB5D345083733C253BB06863B55EF9A597F31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:99:ca:b9:7d:ba:f7:ee:fe:fc:7a:5a:3a:4f:
                    83:6e:48:b3:cd:93:cc:f4:f7:bd:35:54:61:97:a0:
                    3e:d5:7e:2f:07:27:92:71:83:3e:dc:dc:0e:51:d4:
                    dc:76:dc:5f:e6:01:a1:38:fe:84:74:50:c2:80:6c:
                    ee:f6:59:0b:1f:81:53:92:26:ed:d5:43:5d:4f:f4:
                    35:0a:74:f6:d5:34:cd:77:51:5a:68:33:f5:91:cc:
                    e0:5c:39:8f:e0:79:9c:06:57:fa:0e:67:f0:c8:08:
                    ce:f5:f0:21:01:37:c9:c0:5e:ea:3c:12:5a:4b:cd:
                    7c:ac:25:4c:90:7a:ea:46:b5:0b:bf:92:42:b9:59:
                    8f:ce:e7:ea:92:6c:56:89:3f:37:7f:a7:36:25:df:
                    f8:0c:e7:ea:b4:70:c9:47:96:f9:e5:85:1b:38:83:
                    de:71:eb:6d:2c:b5:28:50:52:8e:6c:7e:98:69:2a:
                    6f:97:8f:2d:15:2c:08:bb:e1:5f:e1:d8:62:39:a8:
                    cb:d3:dc:03:c9:d5:65:cc:dc:35:26:33:f3:1b:75:
                    55:d2:0b:b5:05:d8:0b:85:f8:4e:2e:b0:ea:c0:20:
                    21:8a:03:5f:b1:af:04:11:bd:85:16:ca:bb:70:69:
                    4f:09:a3:f8:26:fa:02:f5:a4:b3:5e:b4:b9:88:f9:
                    25:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:EA:B5:D3:45:08:37:33:C2:53:BB:06:86:3B:55:EF:9A:59:7F:31
            X509v3 Authority Key Identifier:
                keyid:7A:F6:6B:13:13:8C:1F:A7:AD:31:2F:41:1D:39:B0:F8:2C:3B:05:3F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F17C899D78BD0469B41E73320C2C85078127F078EFBD4E57E4054830905C8007/0/7AF66B13138C1FA7AD312F411D39B0F82C3B053F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7AF66B13138C1FA7AD312F411D39B0F82C3B053F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F17C899D78BD0469B41E73320C2C85078127F078EFBD4E57E4054830905C8007/0/323830333a343531303a3a2f33322d3438203d3e20323732303138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:4510::/32

    Signature Algorithm: sha256WithRSAEncryption
         01:a5:a0:17:00:4e:0e:6a:40:a1:dc:df:47:74:c5:13:86:98:
         3a:08:49:29:8e:19:39:a1:6f:b9:a9:37:a0:df:e2:b7:e0:43:
         68:23:f0:b7:e7:a4:1c:b2:fd:cd:c0:8e:f8:96:99:72:69:e1:
         71:ae:ff:cb:7f:3b:d6:9d:fc:e0:0b:e6:dd:05:d7:85:21:33:
         1e:e7:18:0e:3b:c8:b6:61:de:e6:44:74:fa:86:69:92:be:02:
         2c:ee:25:84:65:58:58:93:a9:36:93:de:6c:51:b7:20:54:a5:
         b0:67:01:43:0f:fd:b3:1a:38:05:d8:23:87:17:e6:ae:8d:18:
         a9:75:7e:f3:56:f6:a7:c0:4f:ea:e0:7a:c7:b9:21:0f:da:55:
         13:4a:e9:9b:1c:81:c5:99:fd:96:24:8c:32:59:18:d7:17:de:
         63:96:50:d9:93:9d:2d:08:21:46:33:7b:30:21:56:97:a3:b1:
         6f:47:42:65:e0:7b:f5:a2:cd:0c:f4:0a:01:5e:9f:56:54:03:
         b9:87:53:2f:2d:a9:bc:f0:e4:7c:e3:48:4f:93:9f:46:17:e3:
         e3:9d:b3:4b:4a:bb:15:5f:44:14:27:1d:d3:ff:35:66:82:00:
         4b:55:9d:56:7d:a7:2f:16:69:7c:94:38:72:c3:ed:65:43:22:
         5e:ee:b5:00
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUaTJKM5SMOE3FcM4QiTdeyjK3cwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0FGNjZCMTMxMzhDMUZBN0FEMzEyRjQxMUQzOUIwRjgy
QzNCMDUzRjAeFw0yNDAzMDUxNzU2MjJaFw0yNTAzMDQxODAxMjJaMDMxMTAvBgNV
BAMTKDM3RUFCNUQzNDUwODM3MzNDMjUzQkIwNjg2M0I1NUVGOUE1OTdGMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGmcq5fbr37v78elo6T4NuSLPN
k8z09701VGGXoD7Vfi8HJ5Jxgz7c3A5R1Nx23F/mAaE4/oR0UMKAbO72WQsfgVOS
Ju3VQ11P9DUKdPbVNM13UVpoM/WRzOBcOY/geZwGV/oOZ/DICM718CEBN8nAXuo8
ElpLzXysJUyQeupGtQu/kkK5WY/O5+qSbFaJPzd/pzYl3/gM5+q0cMlHlvnlhRs4
g95x620stShQUo5sfphpKm+Xjy0VLAi74V/h2GI5qMvT3APJ1WXM3DUmM/MbdVXS
C7UF2AuF+E4usOrAICGKA1+xrwQRvYUWyrtwaU8Jo/gm+gL1pLNetLmI+SXRAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUN+q100UINzPCU7sGhjtV75pZfzEwHwYDVR0j
BBgwFoAUevZrExOMH6etMS9BHTmw+Cw7BT8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMTdDODk5RDc4QkQwNDY5QjQxRTczMzIwQzJDODUwNzgx
MjdGMDc4RUZCRDRFNTdFNDA1NDgzMDkwNUM4MDA3LzAvN0FGNjZCMTMxMzhDMUZB
N0FEMzEyRjQxMUQzOUIwRjgyQzNCMDUzRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83QUY2NkIxMzEzOEMxRkE3QUQz
MTJGNDExRDM5QjBGODJDM0IwNTNGLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjE3Qzg5OUQ3OEJEMDQ2OUI0MUU3MzMyMEMyQzg1MDc4MTI3RjA3OEVG
QkQ0RTU3RTQwNTQ4MzA5MDVDODAwNy8wLzMyMzgzMDMzM2EzNDM1MzEzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzczMjMwMzEzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDRRAw
DQYJKoZIhvcNAQELBQADggEBAAGloBcATg5qQKHc30d0xROGmDoISSmOGTmhb7mp
N6Df4rfgQ2gj8LfnpByy/c3AjviWmXJp4XGu/8t/O9ad/OAL5t0F14UhMx7nGA47
yLZh3uZEdPqGaZK+AizuJYRlWFiTqTaT3mxRtyBUpbBnAUMP/bMaOAXYI4cX5q6N
GKl1fvNW9qfAT+rgese5IQ/aVRNK6ZscgcWZ/ZYkjDJZGNcX3mOWUNmTnS0IIUYz
ezAhVpejsW9HQmXge/WizQz0CgFen1ZUA7mHUy8tqbzw5HzjSE+Tn0YX4+Ods0tK
uxVfRBQnHdP/NWaCAEtVnVZ9py8WaXyUOHLD7WVDIl7utQA=
-----END CERTIFICATE-----
Generated at Thu Jul 11 17:42:07 2024 by rpki-client on console-ams.rpki-client.org