Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/323830303a3533303a3a2f33322d3336203d3e203532323333.roa
File:                     323830303a3533303a3a2f33322d3336203d3e203532323333.roa (raw, json)
Hash identifier:          84IzbMfNqv/tR8sfsriR1gQ7Wedr7k6q3013zoUO0Z0=
Subject key identifier:   01:3D:71:10:0B:54:88:E3:53:94:A8:7B:08:1A:9B:37:6E:66:90:10
Certificate issuer:       /CN=D1A55CA9F61A19739707656D810C4C2DDBDB13DF
Certificate serial:       6DF71402C8C1962306E32440B832D45B28463075
Authority key identifier: D1:A5:5C:A9:F6:1A:19:73:97:07:65:6D:81:0C:4C:2D:DB:DB:13:DF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/323830303a3533303a3a2f33322d3336203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:35:29 +0000
ROA not before:           Tue 04 Feb 2025 18:30:29 +0000
ROA not after:            Tue 03 Feb 2026 18:35:29 +0000
asID:                     52233
IP address blocks:        2800:530::/32 maxlen: 36
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:f7:14:02:c8:c1:96:23:06:e3:24:40:b8:32:d4:5b:28:46:30:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D1A55CA9F61A19739707656D810C4C2DDBDB13DF
        Validity
            Not Before: Feb  4 18:30:29 2025 GMT
            Not After : Feb  3 18:35:29 2026 GMT
        Subject: CN=013D71100B5488E35394A87B081A9B376E669010
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:f7:8c:48:51:72:b0:d5:41:a5:fd:5c:53:e7:
                    b2:2e:2c:dd:5b:2d:5a:1d:84:1b:8f:6f:c8:bd:08:
                    c3:63:2f:db:e5:f0:7a:c0:a6:a5:3d:31:0b:91:b2:
                    f6:2f:bc:21:28:5a:6c:86:0f:eb:34:8e:f2:e4:13:
                    4f:ac:49:a1:d8:b4:df:ba:6a:db:43:26:66:83:80:
                    79:60:d0:28:ff:82:b7:6f:b0:3b:74:e0:a6:f8:c7:
                    46:b3:ca:15:6c:04:8c:07:d0:4a:6d:30:00:0a:26:
                    db:6c:37:ee:53:59:ad:ea:52:15:10:2f:57:c8:62:
                    53:ba:50:54:4d:a2:19:a6:73:3a:44:e7:3f:37:6c:
                    14:dd:d4:85:23:ca:a2:88:14:e3:53:7a:83:63:cb:
                    2c:9f:f4:31:45:56:90:74:93:2b:f8:2c:d7:54:74:
                    19:ae:44:9d:47:77:1e:0d:81:28:8f:41:84:0a:33:
                    ff:0c:1b:e5:3c:a2:bb:b6:e4:de:c6:ac:78:32:74:
                    d5:95:bf:c1:0b:94:55:b2:61:21:76:53:dd:88:b2:
                    42:fc:94:68:0c:ff:ea:2e:2d:89:bd:a6:18:2b:5e:
                    fc:f4:76:ba:a6:7e:a6:c0:2c:21:4c:cc:03:42:68:
                    9e:7f:8f:20:77:22:74:a6:b6:f0:8c:94:bd:fa:85:
                    d2:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:3D:71:10:0B:54:88:E3:53:94:A8:7B:08:1A:9B:37:6E:66:90:10
            X509v3 Authority Key Identifier:
                keyid:D1:A5:5C:A9:F6:1A:19:73:97:07:65:6D:81:0C:4C:2D:DB:DB:13:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/323830303a3533303a3a2f33322d3336203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:530::/32

    Signature Algorithm: sha256WithRSAEncryption
         2c:b9:62:ad:84:88:fa:f1:37:7c:80:5d:f6:37:c3:a2:5f:ab:
         b0:3e:14:de:bd:89:34:6a:7e:ba:d0:ef:cc:f2:90:01:2e:4b:
         79:eb:2b:50:e8:a2:0b:88:90:bc:bb:1a:e4:13:a7:17:a9:70:
         6e:6e:54:18:98:fa:19:b8:4e:05:71:93:98:0d:c1:da:ec:42:
         10:6b:eb:e5:c3:69:52:fd:b7:af:1f:0c:fe:2d:12:01:44:55:
         8a:73:46:b1:f6:3a:c1:4d:74:ba:75:a8:c1:93:ea:c6:fc:79:
         18:2e:04:b2:03:ed:ea:47:61:79:d4:d7:2f:25:cf:b1:a9:c2:
         bf:df:a2:1c:a2:d8:cd:62:93:ce:3a:f5:ad:89:39:7a:13:f5:
         e1:c3:42:15:dc:95:19:d7:fa:7f:55:6d:a1:3a:f1:ba:bc:3b:
         ed:ff:3c:79:ba:6e:d4:0c:23:78:0b:0a:0c:28:66:26:5a:56:
         44:8c:aa:35:46:6d:c3:57:42:e7:55:fb:98:e0:b3:b2:41:b0:
         88:77:57:e4:70:6b:0d:4a:ce:84:16:1a:63:9a:fc:fc:9b:4a:
         e2:2e:b5:05:aa:9a:c4:d1:87:86:5a:ac:c5:0a:1f:f4:47:48:
         a3:a7:93:31:9d:db:6f:3d:34:65:ca:ac:cc:2a:1f:3f:bd:21:
         9d:6a:af:cf
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUbfcUAsjBliMG4yRAuDLUWyhGMHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDFBNTVDQTlGNjFBMTk3Mzk3MDc2NTZEODEwQzRDMkRE
QkRCMTNERjAeFw0yNTAyMDQxODMwMjlaFw0yNjAyMDMxODM1MjlaMDMxMTAvBgNV
BAMTKDAxM0Q3MTEwMEI1NDg4RTM1Mzk0QTg3QjA4MUE5QjM3NkU2NjkwMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCN94xIUXKw1UGl/VxT57IuLN1b
LVodhBuPb8i9CMNjL9vl8HrApqU9MQuRsvYvvCEoWmyGD+s0jvLkE0+sSaHYtN+6
attDJmaDgHlg0Cj/grdvsDt04Kb4x0azyhVsBIwH0EptMAAKJttsN+5TWa3qUhUQ
L1fIYlO6UFRNohmmczpE5z83bBTd1IUjyqKIFONTeoNjyyyf9DFFVpB0kyv4LNdU
dBmuRJ1Hdx4NgSiPQYQKM/8MG+U8oru25N7GrHgydNWVv8ELlFWyYSF2U92IskL8
lGgM/+ouLYm9phgrXvz0drqmfqbALCFMzANCaJ5/jyB3InSmtvCMlL36hdJTAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUAT1xEAtUiONTlKh7CBqbN25mkBAwHwYDVR0j
BBgwFoAU0aVcqfYaGXOXB2VtgQxMLdvbE98wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMDc3NTlFMThFOTZEMDc0REZCQTUwN0M2MjcyQTFCRUM0
N0E3RDhEQkYwQzFBOTcxQkQyMThBNjhFRjFDMTU0LzAvRDFBNTVDQTlGNjFBMTk3
Mzk3MDc2NTZEODEwQzRDMkREQkRCMTNERi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMUE1NUNBOUY2MUExOTczOTcw
NzY1NkQ4MTBDNEMyRERCREIxM0RGLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTA3NzU5RTE4RTk2RDA3NERGQkE1MDdDNjI3MkExQkVDNDdBN0Q4REJG
MEMxQTk3MUJEMjE4QTY4RUYxQzE1NC8wLzMyMzgzMDMwM2EzNTMzMzAzYTNhMmYz
MzMyMmQzMzM2MjAzZDNlMjAzNTMyMzIzMzMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKAAFMDANBgkq
hkiG9w0BAQsFAAOCAQEALLlirYSI+vE3fIBd9jfDol+rsD4U3r2JNGp+utDvzPKQ
AS5LeesrUOiiC4iQvLsa5BOnF6lwbm5UGJj6GbhOBXGTmA3B2uxCEGvr5cNpUv23
rx8M/i0SAURVinNGsfY6wU10unWowZPqxvx5GC4EsgPt6kdhedTXLyXPsanCv9+i
HKLYzWKTzjr1rYk5ehP14cNCFdyVGdf6f1VtoTrxurw77f88ebpu1AwjeAsKDChm
JlpWRIyqNUZtw1dC51X7mOCzskGwiHdX5HBrDUrOhBYaY5r8/JtK4i61BaqaxNGH
hlqsxQof9EdIo6eTMZ3bbz00ZcqszCofP70hnWqvzw==
-----END CERTIFICATE-----
Generated at Fri Feb 14 15:39:26 2025 by rpki-client