Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/685A8A8C5FF1C0108DD37782678E510CF98541D9627870C6D3FC413CB70BF3C9/0/323830333a313836303a6630303a3a2f34302d3430203d3e20323637383233.roa
File:                     323830333a313836303a6630303a3a2f34302d3430203d3e20323637383233.roa (raw, json)
Hash identifier:          GrI8qzY0jNdMUsVvloNdYBuPkJM02Fpvsj0/wK4zfnU=
Subject key identifier:   B0:E9:D7:10:21:08:BD:D8:7B:45:EB:1D:DC:94:E0:77:21:AC:A7:7B
Certificate issuer:       /CN=CC09DFFD6BD84B6171B7627FBCF1287DAC4DC9E9
Certificate serial:       0C2DF2F9DB04E63CCC3A6EBB9DCBE101675A4F73
Authority key identifier: CC:09:DF:FD:6B:D8:4B:61:71:B7:62:7F:BC:F1:28:7D:AC:4D:C9:E9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CC09DFFD6BD84B6171B7627FBCF1287DAC4DC9E9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/685A8A8C5FF1C0108DD37782678E510CF98541D9627870C6D3FC413CB70BF3C9/0/323830333a313836303a6630303a3a2f34302d3430203d3e20323637383233.roa
Signing time:             Tue 12 Aug 2025 06:30:01 +0000
ROA not before:           Tue 12 Aug 2025 06:25:01 +0000
ROA not after:            Tue 11 Aug 2026 06:30:01 +0000
asID:                     267823
IP address blocks:        2803:1860:f00::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/685A8A8C5FF1C0108DD37782678E510CF98541D9627870C6D3FC413CB70BF3C9/0/CC09DFFD6BD84B6171B7627FBCF1287DAC4DC9E9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/685A8A8C5FF1C0108DD37782678E510CF98541D9627870C6D3FC413CB70BF3C9/0/CC09DFFD6BD84B6171B7627FBCF1287DAC4DC9E9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CC09DFFD6BD84B6171B7627FBCF1287DAC4DC9E9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Aug 2025 07:04:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:2d:f2:f9:db:04:e6:3c:cc:3a:6e:bb:9d:cb:e1:01:67:5a:4f:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CC09DFFD6BD84B6171B7627FBCF1287DAC4DC9E9
        Validity
            Not Before: Aug 12 06:25:01 2025 GMT
            Not After : Aug 11 06:30:01 2026 GMT
        Subject: CN=B0E9D7102108BDD87B45EB1DDC94E07721ACA77B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e9:29:e4:63:c8:ec:d6:20:6c:cf:73:75:e6:
                    63:23:3e:4f:a5:a0:00:d8:61:7e:8c:47:68:dc:3f:
                    44:ad:34:27:17:8e:1a:ce:13:a1:8b:76:20:21:76:
                    00:d2:5f:26:7c:4d:c0:90:80:54:73:b0:c1:b2:d1:
                    4b:a2:14:32:6c:c0:47:9b:4e:3a:0c:df:ba:1e:aa:
                    22:3e:e9:e2:e2:8b:5e:42:b9:45:8c:97:b9:21:d9:
                    a8:77:d0:43:29:04:32:03:0d:c7:c1:68:e6:da:61:
                    50:19:04:4a:2f:96:60:4c:91:bb:a4:f3:9d:65:35:
                    2f:f2:7e:cc:4b:7a:85:06:68:62:a6:7b:c8:59:ff:
                    66:97:63:fc:e7:49:84:e1:17:36:09:18:26:80:88:
                    2b:43:18:59:7d:0e:02:6a:7a:a5:76:ee:0c:c6:b2:
                    54:4e:00:6c:12:07:86:e3:e2:35:13:a6:cb:4f:4a:
                    97:cf:be:5b:45:cc:1d:20:bf:ec:8a:d0:f8:01:9f:
                    15:1d:e3:57:f4:9f:82:cf:71:dd:65:cf:b2:17:2d:
                    03:54:d6:e4:58:c3:5e:e3:9f:ca:6d:26:81:20:17:
                    84:9c:76:11:64:7f:d1:a7:6f:a4:43:3c:b4:f0:07:
                    20:d8:53:94:42:65:a4:f3:c3:11:d1:36:f3:54:35:
                    10:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:E9:D7:10:21:08:BD:D8:7B:45:EB:1D:DC:94:E0:77:21:AC:A7:7B
            X509v3 Authority Key Identifier:
                keyid:CC:09:DF:FD:6B:D8:4B:61:71:B7:62:7F:BC:F1:28:7D:AC:4D:C9:E9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/685A8A8C5FF1C0108DD37782678E510CF98541D9627870C6D3FC413CB70BF3C9/0/CC09DFFD6BD84B6171B7627FBCF1287DAC4DC9E9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CC09DFFD6BD84B6171B7627FBCF1287DAC4DC9E9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/685A8A8C5FF1C0108DD37782678E510CF98541D9627870C6D3FC413CB70BF3C9/0/323830333a313836303a6630303a3a2f34302d3430203d3e20323637383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:1860:f00::/40

    Signature Algorithm: sha256WithRSAEncryption
         23:b8:3f:8d:fc:c3:fb:8d:61:fa:54:c8:69:ed:ec:93:03:04:
         c6:e4:aa:31:30:5d:ee:53:8b:43:f5:14:3f:c2:45:af:94:67:
         cf:bc:00:8d:6a:78:1c:d3:22:23:00:39:63:2f:af:e2:07:ab:
         15:45:98:0c:95:15:3f:9f:6b:da:a3:6a:00:b8:23:2f:4e:4b:
         6b:1b:22:b5:7c:1a:93:6f:61:a3:0c:fb:9f:cf:2f:18:b4:cc:
         c3:fa:95:68:eb:07:b7:7e:62:e5:22:b8:43:89:38:55:57:3e:
         5a:10:e9:e7:bb:ae:59:5f:60:42:fc:02:24:e7:70:b4:a3:82:
         f6:b1:38:56:4e:9f:28:4f:24:41:9e:70:3f:cf:e0:82:11:cc:
         f4:17:91:2d:e7:62:c1:1b:57:82:0e:18:c3:d3:b4:32:b2:ad:
         08:be:05:20:47:c9:33:4d:e0:0e:ef:36:c2:88:13:2b:48:56:
         56:c2:67:9b:1c:c2:b9:3e:44:6a:e2:b5:5f:ec:77:19:74:20:
         c0:4a:bc:92:9b:f0:fd:ab:de:48:12:6c:c2:f4:b1:29:b3:d0:
         75:a4:1c:a2:6e:53:6f:71:d8:9b:df:1e:13:92:52:12:26:09:
         e0:85:2b:a1:a6:8d:ba:3a:ea:e2:18:2e:25:6c:6a:40:ea:43:
         6a:09:da:d1
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIUDC3y+dsE5jzMOm67ncvhAWdaT3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0MwOURGRkQ2QkQ4NEI2MTcxQjc2MjdGQkNGMTI4N0RB
QzREQzlFOTAeFw0yNTA4MTIwNjI1MDFaFw0yNjA4MTEwNjMwMDFaMDMxMTAvBgNV
BAMTKEIwRTlENzEwMjEwOEJERDg3QjQ1RUIxRERDOTRFMDc3MjFBQ0E3N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC46SnkY8js1iBsz3N15mMjPk+l
oADYYX6MR2jcP0StNCcXjhrOE6GLdiAhdgDSXyZ8TcCQgFRzsMGy0UuiFDJswEeb
TjoM37oeqiI+6eLii15CuUWMl7kh2ah30EMpBDIDDcfBaObaYVAZBEovlmBMkbuk
851lNS/yfsxLeoUGaGKme8hZ/2aXY/znSYThFzYJGCaAiCtDGFl9DgJqeqV27gzG
slROAGwSB4bj4jUTpstPSpfPvltFzB0gv+yK0PgBnxUd41f0n4LPcd1lz7IXLQNU
1uRYw17jn8ptJoEgF4ScdhFkf9Gnb6RDPLTwByDYU5RCZaTzwxHRNvNUNRADAgMB
AAGjggLSMIICzjAdBgNVHQ4EFgQUsOnXECEIvdh7Resd3JTgdyGsp3swHwYDVR0j
BBgwFoAUzAnf/WvYS2Fxt2J/vPEofaxNyekwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82ODVBOEE4QzVGRjFDMDEwOEREMzc3ODI2NzhFNTEwQ0Y5
ODU0MUQ5NjI3ODcwQzZEM0ZDNDEzQ0I3MEJGM0M5LzAvQ0MwOURGRkQ2QkQ4NEI2
MTcxQjc2MjdGQkNGMTI4N0RBQzREQzlFOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQzA5REZGRDZCRDg0QjYxNzFC
NzYyN0ZCQ0YxMjg3REFDNERDOUU5LmNlcjCBzwYIKwYBBQUHAQsEgcIwgb8wgbwG
CCsGAQUFBzALhoGvcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjg1QThBOEM1RkYxQzAxMDhERDM3NzgyNjc4RTUxMENGOTg1NDFEOTYy
Nzg3MEM2RDNGQzQxM0NCNzBCRjNDOS8wLzMyMzgzMDMzM2EzMTM4MzYzMDNhNjYz
MDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIzNjM3MzgzMjMzLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAI
AwYAKAMYYA8wDQYJKoZIhvcNAQELBQADggEBACO4P438w/uNYfpUyGnt7JMDBMbk
qjEwXe5Ti0P1FD/CRa+UZ8+8AI1qeBzTIiMAOWMvr+IHqxVFmAyVFT+fa9qjagC4
Iy9OS2sbIrV8GpNvYaMM+5/PLxi0zMP6lWjrB7d+YuUiuEOJOFVXPloQ6ee7rllf
YEL8AiTncLSjgvaxOFZOnyhPJEGecD/P4IIRzPQXkS3nYsEbV4IOGMPTtDKyrQi+
BSBHyTNN4A7vNsKIEytIVlbCZ5scwrk+RGritV/sdxl0IMBKvJKb8P2r3kgSbML0
sSmz0HWkHKJuU29x2JvfHhOSUhImCeCFK6Gmjbo66uIYLiVsakDqQ2oJ2tE=
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:25:45 2025 by rpki-client