Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1B2A41F8E29B375E45E90E01AB27A74A6557BE70B81FFDB5F563A9ECC355E0B1/0/323830333a383935303a3334303a3a2f34322d3432203d3e20323733383332.roa
File:                     323830333a383935303a3334303a3a2f34322d3432203d3e20323733383332.roa (raw, json)
Hash identifier:          +Xt+r6ETuk93e2iuY+SYHcz64Q43nSqoClr5Q2E7BF4=
Subject key identifier:   85:8B:27:70:E7:CB:3D:87:E3:59:F0:6F:A9:88:71:BB:17:FE:DB:9A
Certificate issuer:       /CN=E9198017297E2662957B6F27616FF7A44A81298A
Certificate serial:       37C794ABAA92FFD11408397F2E08E41922608041
Authority key identifier: E9:19:80:17:29:7E:26:62:95:7B:6F:27:61:6F:F7:A4:4A:81:29:8A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9198017297E2662957B6F27616FF7A44A81298A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1B2A41F8E29B375E45E90E01AB27A74A6557BE70B81FFDB5F563A9ECC355E0B1/0/323830333a383935303a3334303a3a2f34322d3432203d3e20323733383332.roa
Signing time:             Fri 01 Aug 2025 01:10:06 +0000
ROA not before:           Fri 01 Aug 2025 01:05:06 +0000
ROA not after:            Fri 31 Jul 2026 01:10:06 +0000
asID:                     273832
IP address blocks:        2803:8950:340::/42 maxlen: 42
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1B2A41F8E29B375E45E90E01AB27A74A6557BE70B81FFDB5F563A9ECC355E0B1/0/E9198017297E2662957B6F27616FF7A44A81298A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1B2A41F8E29B375E45E90E01AB27A74A6557BE70B81FFDB5F563A9ECC355E0B1/0/E9198017297E2662957B6F27616FF7A44A81298A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9198017297E2662957B6F27616FF7A44A81298A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 14 Aug 2025 05:03:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:c7:94:ab:aa:92:ff:d1:14:08:39:7f:2e:08:e4:19:22:60:80:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E9198017297E2662957B6F27616FF7A44A81298A
        Validity
            Not Before: Aug  1 01:05:06 2025 GMT
            Not After : Jul 31 01:10:06 2026 GMT
        Subject: CN=858B2770E7CB3D87E359F06FA98871BB17FEDB9A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:4d:f5:10:93:5e:ba:be:c4:84:96:0a:f7:21:
                    71:96:97:b8:06:74:c3:57:0e:28:e6:d6:a4:f0:7e:
                    24:3c:49:9b:f6:f1:dd:21:dc:a1:6e:cc:54:f4:0c:
                    1b:ba:05:cf:89:d0:06:45:4d:29:3f:f4:4a:a7:2e:
                    e5:56:b4:76:83:e9:6d:a9:8d:bc:b5:85:0b:6f:a3:
                    05:46:d9:a6:17:30:7e:82:93:d0:d5:ad:71:0f:da:
                    40:e6:f2:b6:8f:07:12:71:da:91:3a:01:d5:45:86:
                    47:1d:37:f4:4c:1a:19:f2:a0:aa:1d:17:c1:0b:5b:
                    a9:4c:35:d7:55:39:20:b1:b4:cd:6b:7c:22:bd:ac:
                    16:7d:07:0c:30:95:af:15:18:0e:aa:d4:eb:e1:98:
                    9d:79:a7:60:d2:6b:c9:f8:a1:48:e4:d1:f1:c9:03:
                    bc:dc:17:4b:98:ab:9a:15:7c:d4:1d:8d:db:45:c7:
                    0a:17:58:88:2c:d7:11:a2:f5:9d:17:0a:ba:5f:8e:
                    f4:5d:16:04:f6:6e:e5:ab:2c:ac:6d:f8:f8:35:05:
                    73:49:67:4b:4b:52:c6:ea:17:35:ff:52:fd:c2:88:
                    fc:55:a4:ed:5f:84:20:48:23:90:1d:93:e6:27:79:
                    c3:17:29:b3:2c:49:9b:66:1f:11:4a:e8:57:3a:3d:
                    0d:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:8B:27:70:E7:CB:3D:87:E3:59:F0:6F:A9:88:71:BB:17:FE:DB:9A
            X509v3 Authority Key Identifier:
                keyid:E9:19:80:17:29:7E:26:62:95:7B:6F:27:61:6F:F7:A4:4A:81:29:8A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1B2A41F8E29B375E45E90E01AB27A74A6557BE70B81FFDB5F563A9ECC355E0B1/0/E9198017297E2662957B6F27616FF7A44A81298A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9198017297E2662957B6F27616FF7A44A81298A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1B2A41F8E29B375E45E90E01AB27A74A6557BE70B81FFDB5F563A9ECC355E0B1/0/323830333a383935303a3334303a3a2f34322d3432203d3e20323733383332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:8950:340::/42

    Signature Algorithm: sha256WithRSAEncryption
         7d:2b:27:ff:d1:32:21:14:b5:9a:21:d3:a5:70:c2:30:03:d7:
         b0:d5:79:11:fd:a2:0d:98:24:34:d3:e3:e2:f1:2a:78:58:c0:
         54:ea:d7:1f:43:6a:c2:a8:64:42:14:89:a8:06:38:87:e8:8c:
         8a:f1:ca:9b:f8:87:72:66:72:c9:39:7f:c5:ee:43:22:72:15:
         d5:cf:cc:bb:3f:b9:96:7d:32:a1:8e:b9:66:8f:ff:af:87:5c:
         3e:1c:59:ff:be:6e:09:32:d5:59:9d:bd:36:ba:b1:bc:43:fd:
         0d:54:e3:f2:d3:0f:50:30:37:a6:d7:52:b7:37:4d:02:b4:6d:
         79:e2:02:88:0a:a5:f3:13:e3:95:73:94:b6:fe:11:f4:b9:a8:
         e8:b0:d7:cd:f9:25:38:b1:e7:f3:c4:d0:43:a3:c4:b2:a0:38:
         77:5b:ff:35:59:70:3a:da:bb:be:13:a8:06:81:10:e3:f1:66:
         f5:5d:0b:ac:67:38:ca:e1:1f:e2:b2:20:ae:87:80:8d:53:c3:
         6b:22:4c:93:1d:07:7b:3a:4d:1f:66:70:8b:f6:6a:40:63:74:
         54:5e:e9:6e:66:1f:f6:37:34:e1:35:23:89:8c:34:27:96:d6:
         3e:34:03:e6:85:0e:b5:fb:6a:5d:57:97:59:30:16:5c:57:fd:
         87:89:ea:a7
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIUN8eUq6qS/9EUCDl/LgjkGSJggEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTkxOTgwMTcyOTdFMjY2Mjk1N0I2RjI3NjE2RkY3QTQ0
QTgxMjk4QTAeFw0yNTA4MDEwMTA1MDZaFw0yNjA3MzEwMTEwMDZaMDMxMTAvBgNV
BAMTKDg1OEIyNzcwRTdDQjNEODdFMzU5RjA2RkE5ODg3MUJCMTdGRURCOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHTfUQk166vsSElgr3IXGWl7gG
dMNXDijm1qTwfiQ8SZv28d0h3KFuzFT0DBu6Bc+J0AZFTSk/9EqnLuVWtHaD6W2p
jby1hQtvowVG2aYXMH6Ck9DVrXEP2kDm8raPBxJx2pE6AdVFhkcdN/RMGhnyoKod
F8ELW6lMNddVOSCxtM1rfCK9rBZ9Bwwwla8VGA6q1OvhmJ15p2DSa8n4oUjk0fHJ
A7zcF0uYq5oVfNQdjdtFxwoXWIgs1xGi9Z0XCrpfjvRdFgT2buWrLKxt+Pg1BXNJ
Z0tLUsbqFzX/Uv3CiPxVpO1fhCBII5Adk+YnecMXKbMsSZtmHxFK6Fc6PQ0DAgMB
AAGjggLTMIICzzAdBgNVHQ4EFgQUhYsncOfLPYfjWfBvqYhxuxf+25owHwYDVR0j
BBgwFoAU6RmAFyl+JmKVe28nYW/3pEqBKYowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQjJBNDFGOEUyOUIzNzVFNDVFOTBFMDFBQjI3QTc0QTY1
NTdCRTcwQjgxRkZEQjVGNTYzQTlFQ0MzNTVFMEIxLzAvRTkxOTgwMTcyOTdFMjY2
Mjk1N0I2RjI3NjE2RkY3QTQ0QTgxMjk4QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FOTE5ODAxNzI5N0UyNjYyOTU3
QjZGMjc2MTZGRjdBNDRBODEyOThBLmNlcjCBzwYIKwYBBQUHAQsEgcIwgb8wgbwG
CCsGAQUFBzALhoGvcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUIyQTQxRjhFMjlCMzc1RTQ1RTkwRTAxQUIyN0E3NEE2NTU3QkU3MEI4
MUZGREI1RjU2M0E5RUNDMzU1RTBCMS8wLzMyMzgzMDMzM2EzODM5MzUzMDNhMzMz
NDMwM2EzYTJmMzQzMjJkMzQzMjIwM2QzZTIwMzIzNzMzMzgzMzMyLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcGKAOJUANAMA0GCSqGSIb3DQEBCwUAA4IBAQB9Kyf/0TIhFLWaIdOlcMIwA9ew
1XkR/aINmCQ00+Pi8Sp4WMBU6tcfQ2rCqGRCFImoBjiH6IyK8cqb+IdyZnLJOX/F
7kMichXVz8y7P7mWfTKhjrlmj/+vh1w+HFn/vm4JMtVZnb02urG8Q/0NVOPy0w9Q
MDem11K3N00CtG154gKICqXzE+OVc5S2/hH0uajosNfN+SU4sefzxNBDo8SyoDh3
W/81WXA62ru+E6gGgRDj8Wb1XQusZzjK4R/isiCuh4CNU8NrIkyTHQd7Ok0fZnCL
9mpAY3RUXuluZh/2NzThNSOJjDQnltY+NAPmhQ61+2pdV5dZMBZcV/2Hieqn
-----END CERTIFICATE-----
Generated at Mon Aug 11 02:20:06 2025 by rpki-client