Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/09084E95A1C1C23F5B54CD441EDE82152863C96B40C0CA45DBD8CD26661A618B/0/323830313a3165353a3a2f34302d3438203d3e20323733303833.roa
File:                     323830313a3165353a3a2f34302d3438203d3e20323733303833.roa (raw, json)
Hash identifier:          UfEPHdV7+MaB43BSqzBwUyhyqqUNVWj+hXLJgJ8W2ow=
Subject key identifier:   8B:A3:4C:8B:ED:C3:FC:05:98:F7:C8:A1:44:A9:2F:40:82:43:12:48
Certificate issuer:       /CN=5C966C7F29CB53C4698A1736F46CCE1AF51B1EA6
Certificate serial:       582E111E48B6045640B66EE08096141363B0242F
Authority key identifier: 5C:96:6C:7F:29:CB:53:C4:69:8A:17:36:F4:6C:CE:1A:F5:1B:1E:A6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5C966C7F29CB53C4698A1736F46CCE1AF51B1EA6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/09084E95A1C1C23F5B54CD441EDE82152863C96B40C0CA45DBD8CD26661A618B/0/323830313a3165353a3a2f34302d3438203d3e20323733303833.roa
Signing time:             Tue 05 Mar 2024 18:19:12 +0000
ROA not before:           Tue 05 Mar 2024 18:14:12 +0000
ROA not after:            Tue 04 Mar 2025 18:19:12 +0000
asID:                     273083
IP address blocks:        2801:1e5::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/09084E95A1C1C23F5B54CD441EDE82152863C96B40C0CA45DBD8CD26661A618B/0/5C966C7F29CB53C4698A1736F46CCE1AF51B1EA6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/09084E95A1C1C23F5B54CD441EDE82152863C96B40C0CA45DBD8CD26661A618B/0/5C966C7F29CB53C4698A1736F46CCE1AF51B1EA6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5C966C7F29CB53C4698A1736F46CCE1AF51B1EA6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:2e:11:1e:48:b6:04:56:40:b6:6e:e0:80:96:14:13:63:b0:24:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5C966C7F29CB53C4698A1736F46CCE1AF51B1EA6
        Validity
            Not Before: Mar  5 18:14:12 2024 GMT
            Not After : Mar  4 18:19:12 2025 GMT
        Subject: CN=8BA34C8BEDC3FC0598F7C8A144A92F4082431248
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:99:7a:66:1f:3b:1d:42:03:bd:82:d4:d8:80:
                    a8:e4:47:52:8d:53:87:92:da:79:9d:bd:8b:f6:59:
                    9b:dd:ce:53:a7:a3:ec:7f:84:6a:c3:e8:b9:a3:fc:
                    98:c8:cd:57:48:f5:1d:52:78:b2:00:e2:22:6b:62:
                    40:53:50:1d:b1:f0:ad:dd:70:48:70:b8:39:7d:c5:
                    c7:b8:dc:21:1d:76:d9:89:30:cd:34:82:f2:0a:d2:
                    95:9c:21:19:11:13:6e:bf:5d:6e:ca:2c:b3:da:82:
                    15:be:49:8b:c8:8b:52:a5:b4:2f:c4:51:74:fd:55:
                    89:38:64:03:b3:a3:c9:8b:5c:59:35:42:76:b4:10:
                    ac:2f:17:92:d5:c3:4e:45:9e:e5:a5:cf:20:cb:be:
                    95:5b:ec:cd:a3:c8:db:46:67:56:00:ca:eb:37:a1:
                    51:7b:bc:f4:35:51:f4:61:a5:45:0c:27:4c:07:bf:
                    d6:a3:b2:c0:d2:de:84:32:d8:42:2f:96:aa:b7:9c:
                    c1:76:19:75:47:15:81:af:97:a7:c8:e4:a0:ba:c6:
                    77:8e:cb:ae:74:6d:15:99:14:b0:30:d3:34:53:ac:
                    15:ee:0c:9f:5c:c3:bd:be:ef:45:e9:18:08:ec:4e:
                    c8:66:e0:9c:2f:8d:39:a4:7c:5d:ee:ca:63:cf:82:
                    b8:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:A3:4C:8B:ED:C3:FC:05:98:F7:C8:A1:44:A9:2F:40:82:43:12:48
            X509v3 Authority Key Identifier:
                keyid:5C:96:6C:7F:29:CB:53:C4:69:8A:17:36:F4:6C:CE:1A:F5:1B:1E:A6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/09084E95A1C1C23F5B54CD441EDE82152863C96B40C0CA45DBD8CD26661A618B/0/5C966C7F29CB53C4698A1736F46CCE1AF51B1EA6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5C966C7F29CB53C4698A1736F46CCE1AF51B1EA6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/09084E95A1C1C23F5B54CD441EDE82152863C96B40C0CA45DBD8CD26661A618B/0/323830313a3165353a3a2f34302d3438203d3e20323733303833.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1e5::/40

    Signature Algorithm: sha256WithRSAEncryption
         9c:2b:81:94:7f:cb:9d:59:7c:0b:b6:7f:1e:f1:22:d8:92:ad:
         24:d0:ca:de:02:4d:bd:dd:a1:55:b8:ec:21:7e:13:28:70:e9:
         75:8a:5f:04:51:d0:f9:41:14:2f:97:d1:6c:65:ba:c3:eb:a7:
         95:27:1c:59:f4:6c:d8:a5:4c:6e:1d:60:ed:7b:a3:56:3c:c6:
         9f:22:2c:d4:21:fd:e9:56:76:6b:17:1b:b0:27:7c:1c:da:95:
         95:a0:e9:55:3f:41:2a:8b:ab:79:ee:f8:fd:c0:7c:92:a7:e6:
         6d:1f:97:c2:cb:74:2e:c9:fb:09:e2:13:66:8f:50:7a:5c:f9:
         06:45:c6:51:db:52:a2:ac:bc:f0:be:34:89:9d:a1:c6:6f:ae:
         0d:88:b1:0f:14:ba:e7:b1:b7:78:7b:c7:6f:20:22:b4:a4:d3:
         6d:50:2e:f4:c0:f2:79:e5:2b:78:7f:1b:98:64:28:55:6c:a7:
         ec:27:2d:e5:91:92:22:43:14:1f:dd:21:71:26:e6:4b:99:1b:
         4d:66:8c:94:3b:f7:0f:2d:db:95:d7:94:ec:ed:bd:70:e0:c5:
         3f:af:3a:0f:35:b3:66:43:a8:f0:0c:c9:ec:34:71:9f:5f:8d:
         1c:5d:44:e0:03:a8:c5:01:ce:2d:f7:ae:04:25:bf:93:c3:55:
         91:bb:f6:6d
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUWC4RHki2BFZAtm7ggJYUE2OwJC8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUM5NjZDN0YyOUNCNTNDNDY5OEExNzM2RjQ2Q0NFMUFG
NTFCMUVBNjAeFw0yNDAzMDUxODE0MTJaFw0yNTAzMDQxODE5MTJaMDMxMTAvBgNV
BAMTKDhCQTM0QzhCRURDM0ZDMDU5OEY3QzhBMTQ0QTkyRjQwODI0MzEyNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwmXpmHzsdQgO9gtTYgKjkR1KN
U4eS2nmdvYv2WZvdzlOno+x/hGrD6Lmj/JjIzVdI9R1SeLIA4iJrYkBTUB2x8K3d
cEhwuDl9xce43CEddtmJMM00gvIK0pWcIRkRE26/XW7KLLPaghW+SYvIi1KltC/E
UXT9VYk4ZAOzo8mLXFk1Qna0EKwvF5LVw05FnuWlzyDLvpVb7M2jyNtGZ1YAyus3
oVF7vPQ1UfRhpUUMJ0wHv9ajssDS3oQy2EIvlqq3nMF2GXVHFYGvl6fI5KC6xneO
y650bRWZFLAw0zRTrBXuDJ9cw72+70XpGAjsTshm4JwvjTmkfF3uymPPgrjlAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUi6NMi+3D/AWY98ihRKkvQIJDEkgwHwYDVR0j
BBgwFoAUXJZsfynLU8Rpihc29GzOGvUbHqYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wOTA4NEU5NUExQzFDMjNGNUI1NENENDQxRURFODIxNTI4
NjNDOTZCNDBDMENBNDVEQkQ4Q0QyNjY2MUE2MThCLzAvNUM5NjZDN0YyOUNCNTND
NDY5OEExNzM2RjQ2Q0NFMUFGNTFCMUVBNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81Qzk2NkM3RjI5Q0I1M0M0Njk4
QTE3MzZGNDZDQ0UxQUY1MUIxRUE2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDkwODRFOTVBMUMxQzIzRjVCNTRDRDQ0MUVERTgyMTUyODYzQzk2QjQw
QzBDQTQ1REJEOENEMjY2NjFBNjE4Qi8wLzMyMzgzMDMxM2EzMTY1MzUzYTNhMmYz
NDMwMmQzNDM4MjAzZDNlMjAzMjM3MzMzMDM4MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAoAQHlADAN
BgkqhkiG9w0BAQsFAAOCAQEAnCuBlH/LnVl8C7Z/HvEi2JKtJNDK3gJNvd2hVbjs
IX4TKHDpdYpfBFHQ+UEUL5fRbGW6w+unlSccWfRs2KVMbh1g7XujVjzGnyIs1CH9
6VZ2axcbsCd8HNqVlaDpVT9BKouree74/cB8kqfmbR+Xwst0Lsn7CeITZo9Qelz5
BkXGUdtSoqy88L40iZ2hxm+uDYixDxS657G3eHvHbyAitKTTbVAu9MDyeeUreH8b
mGQoVWyn7Cct5ZGSIkMUH90hcSbmS5kbTWaMlDv3Dy3bldeU7O29cODFP686DzWz
ZkOo8AzJ7DRxn1+NHF1E4AOoxQHOLfeuBCW/k8NVkbv2bQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:37:58 2024 by rpki-client on console-ams.rpki-client.org