Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/09C1392ED71B4B0EE5B815711A45B93183667856210B1737E10C98A3DC950994/0/323830363a3336613a3a2f33322d3332203d3e20323635363133.roa
File:                     323830363a3336613a3a2f33322d3332203d3e20323635363133.roa (raw, json)
Hash identifier:          eIbqDlHq7RVxnaj2hICiG2t02MmsxGg2YNwsUx+act8=
Subject key identifier:   72:5A:01:00:41:E2:24:42:3E:CB:1D:20:B5:5B:C0:2A:4D:FF:1A:16
Certificate issuer:       /CN=322414D1DB98FF3F8C0C00272C00B290132C5CC4
Certificate serial:       0BC54D029485B97FD226102551D98A27ABC9FF2F
Authority key identifier: 32:24:14:D1:DB:98:FF:3F:8C:0C:00:27:2C:00:B2:90:13:2C:5C:C4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/322414D1DB98FF3F8C0C00272C00B290132C5CC4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/09C1392ED71B4B0EE5B815711A45B93183667856210B1737E10C98A3DC950994/0/323830363a3336613a3a2f33322d3332203d3e20323635363133.roa
Signing time:             Tue 05 Mar 2024 18:05:44 +0000
ROA not before:           Tue 05 Mar 2024 18:00:44 +0000
ROA not after:            Tue 04 Mar 2025 18:05:44 +0000
asID:                     265613
IP address blocks:        2806:36a::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/09C1392ED71B4B0EE5B815711A45B93183667856210B1737E10C98A3DC950994/0/322414D1DB98FF3F8C0C00272C00B290132C5CC4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/09C1392ED71B4B0EE5B815711A45B93183667856210B1737E10C98A3DC950994/0/322414D1DB98FF3F8C0C00272C00B290132C5CC4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/322414D1DB98FF3F8C0C00272C00B290132C5CC4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:c5:4d:02:94:85:b9:7f:d2:26:10:25:51:d9:8a:27:ab:c9:ff:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=322414D1DB98FF3F8C0C00272C00B290132C5CC4
        Validity
            Not Before: Mar  5 18:00:44 2024 GMT
            Not After : Mar  4 18:05:44 2025 GMT
        Subject: CN=725A010041E224423ECB1D20B55BC02A4DFF1A16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:d2:ad:e9:68:31:86:0b:62:ac:74:44:a0:74:
                    9b:25:52:a3:cc:eb:4e:d1:a1:17:a9:5b:8d:95:58:
                    ad:02:d3:20:dc:8f:91:3d:70:4f:c2:47:d6:31:9f:
                    54:82:be:75:5d:0c:47:18:7a:67:85:4f:09:a3:4c:
                    7b:67:6f:47:bc:c3:11:83:f1:79:04:d6:a7:be:a3:
                    3d:21:e2:77:2b:1a:a4:fb:0a:2c:9d:c3:b8:d9:f8:
                    ac:c2:d5:e3:e0:61:95:b2:3c:6c:7e:1c:a6:93:b0:
                    5b:e2:b4:3d:b8:19:95:d0:ac:ac:10:aa:8b:01:dd:
                    1d:3b:5a:cb:3f:10:66:00:00:a8:ef:e0:a1:11:ce:
                    86:e1:27:28:ba:d0:4e:67:7f:f4:8b:a2:43:76:da:
                    8b:50:af:2b:35:4b:e2:64:f6:dc:53:ac:30:01:0d:
                    22:fd:cf:f6:c9:44:1b:45:9f:f2:f9:95:84:2e:be:
                    65:c0:53:7b:46:c1:9a:5a:58:b9:d9:d2:8d:ae:b1:
                    ad:0b:c5:44:74:41:bd:6c:3d:d7:10:94:70:94:bc:
                    f8:5d:58:76:52:33:92:8c:8f:0d:ee:ef:04:af:35:
                    45:40:6d:0d:0e:1d:35:a1:31:28:c7:5c:ac:fc:76:
                    d3:81:6f:98:39:4d:c2:f1:4a:db:4f:71:30:1a:81:
                    1f:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:5A:01:00:41:E2:24:42:3E:CB:1D:20:B5:5B:C0:2A:4D:FF:1A:16
            X509v3 Authority Key Identifier:
                keyid:32:24:14:D1:DB:98:FF:3F:8C:0C:00:27:2C:00:B2:90:13:2C:5C:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/09C1392ED71B4B0EE5B815711A45B93183667856210B1737E10C98A3DC950994/0/322414D1DB98FF3F8C0C00272C00B290132C5CC4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/322414D1DB98FF3F8C0C00272C00B290132C5CC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/09C1392ED71B4B0EE5B815711A45B93183667856210B1737E10C98A3DC950994/0/323830363a3336613a3a2f33322d3332203d3e20323635363133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2806:36a::/32

    Signature Algorithm: sha256WithRSAEncryption
         86:e7:53:3c:78:9d:67:52:e1:7c:3e:b9:97:f1:43:98:fd:7d:
         f1:5e:be:36:bf:ce:3b:10:e2:90:3b:0d:84:e4:1c:4c:00:68:
         e9:30:1c:9b:02:01:2f:b2:0a:fa:b1:f8:fd:1a:b5:d4:27:ac:
         aa:aa:e6:e1:66:e6:9c:8d:ed:b4:0e:1d:0d:4c:2b:54:da:4d:
         67:44:96:9f:2f:b1:81:cf:05:9c:7c:33:10:b5:a9:17:6c:66:
         bc:2f:9b:9c:58:de:4d:4d:87:3a:4c:4a:9d:96:2a:47:cd:85:
         36:2a:78:7e:fb:9a:07:92:2a:b3:71:ed:d5:1f:da:c0:e3:3a:
         6e:77:ee:4a:c8:9f:8f:04:24:04:51:11:81:03:42:04:72:e8:
         2b:fb:dd:f4:08:25:b4:56:04:9f:c9:6a:13:56:cf:53:cf:88:
         ea:40:83:14:4a:68:b1:8e:94:4a:81:ef:37:8a:c7:67:b2:9a:
         ee:14:41:1f:c3:ff:8a:9a:61:e3:3e:c1:57:20:c8:34:24:e0:
         14:22:37:c9:55:a7:75:f6:ca:27:79:e8:61:f1:07:d5:cb:5c:
         cc:13:09:a7:29:44:84:8e:07:3f:3c:e9:99:c0:0f:67:54:d4:
         f1:8a:44:1f:c0:25:52:48:db:01:10:66:2a:fa:64:c3:40:62:
         17:3e:b4:73
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUC8VNApSFuX/SJhAlUdmKJ6vJ/y8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzIyNDE0RDFEQjk4RkYzRjhDMEMwMDI3MkMwMEIyOTAx
MzJDNUNDNDAeFw0yNDAzMDUxODAwNDRaFw0yNTAzMDQxODA1NDRaMDMxMTAvBgNV
BAMTKDcyNUEwMTAwNDFFMjI0NDIzRUNCMUQyMEI1NUJDMDJBNERGRjFBMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC20q3paDGGC2KsdESgdJslUqPM
607RoRepW42VWK0C0yDcj5E9cE/CR9Yxn1SCvnVdDEcYemeFTwmjTHtnb0e8wxGD
8XkE1qe+oz0h4ncrGqT7Ciydw7jZ+KzC1ePgYZWyPGx+HKaTsFvitD24GZXQrKwQ
qosB3R07Wss/EGYAAKjv4KERzobhJyi60E5nf/SLokN22otQrys1S+Jk9txTrDAB
DSL9z/bJRBtFn/L5lYQuvmXAU3tGwZpaWLnZ0o2usa0LxUR0Qb1sPdcQlHCUvPhd
WHZSM5KMjw3u7wSvNUVAbQ0OHTWhMSjHXKz8dtOBb5g5TcLxSttPcTAagR9jAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUcloBAEHiJEI+yx0gtVvAKk3/GhYwHwYDVR0j
BBgwFoAUMiQU0duY/z+MDAAnLACykBMsXMQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wOUMxMzkyRUQ3MUI0QjBFRTVCODE1NzExQTQ1QjkzMTgz
NjY3ODU2MjEwQjE3MzdFMTBDOThBM0RDOTUwOTk0LzAvMzIyNDE0RDFEQjk4RkYz
RjhDMEMwMDI3MkMwMEIyOTAxMzJDNUNDNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zMjI0MTREMURCOThGRjNGOEMw
QzAwMjcyQzAwQjI5MDEzMkM1Q0M0LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDlDMTM5MkVENzFCNEIwRUU1QjgxNTcxMUE0NUI5MzE4MzY2Nzg1NjIx
MEIxNzM3RTEwQzk4QTNEQzk1MDk5NC8wLzMyMzgzMDM2M2EzMzM2NjEzYTNhMmYz
MzMyMmQzMzMyMjAzZDNlMjAzMjM2MzUzNjMxMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoBgNqMA0G
CSqGSIb3DQEBCwUAA4IBAQCG51M8eJ1nUuF8PrmX8UOY/X3xXr42v847EOKQOw2E
5BxMAGjpMBybAgEvsgr6sfj9GrXUJ6yqqubhZuacje20Dh0NTCtU2k1nRJafL7GB
zwWcfDMQtakXbGa8L5ucWN5NTYc6TEqdlipHzYU2Knh++5oHkiqzce3VH9rA4zpu
d+5KyJ+PBCQEURGBA0IEcugr+930CCW0VgSfyWoTVs9Tz4jqQIMUSmixjpRKge83
isdnspruFEEfw/+KmmHjPsFXIMg0JOAUIjfJVad19soneehh8QfVy1zMEwmnKUSE
jgc/POmZwA9nVNTxikQfwCVSSNsBEGYq+mTDQGIXPrRz
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:09:41 2024 by rpki-client on console-fra.rpki-client.org