Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/20C91421EB59CC1900F7BE84330CC85C275017D06EEF777E35FCF3871FD8AD7D/0/323830313a3166363a3a2f34382d3438203d3e203134303830.roa
File:                     323830313a3166363a3a2f34382d3438203d3e203134303830.roa (raw, json)
Hash identifier:          PQBdvLaVVQVsHC9WKRN+kJy20zz+hW4LIG5op9hyhfI=
Subject key identifier:   E0:E4:53:05:70:C6:D2:5E:EB:64:25:E7:3F:4B:FB:EA:B9:12:3E:56
Certificate issuer:       /CN=AC8A4C476174CCE15922EC3E0D5B614ABFAC19B0
Certificate serial:       72A814025B7B566F8BFC73122CF23ED32D72B4ED
Authority key identifier: AC:8A:4C:47:61:74:CC:E1:59:22:EC:3E:0D:5B:61:4A:BF:AC:19:B0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AC8A4C476174CCE15922EC3E0D5B614ABFAC19B0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/20C91421EB59CC1900F7BE84330CC85C275017D06EEF777E35FCF3871FD8AD7D/0/323830313a3166363a3a2f34382d3438203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 18:22:48 +0000
ROA not before:           Tue 05 Mar 2024 18:17:48 +0000
ROA not after:            Tue 04 Mar 2025 18:22:48 +0000
asID:                     14080
IP address blocks:        2801:1f6::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/20C91421EB59CC1900F7BE84330CC85C275017D06EEF777E35FCF3871FD8AD7D/0/AC8A4C476174CCE15922EC3E0D5B614ABFAC19B0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/20C91421EB59CC1900F7BE84330CC85C275017D06EEF777E35FCF3871FD8AD7D/0/AC8A4C476174CCE15922EC3E0D5B614ABFAC19B0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AC8A4C476174CCE15922EC3E0D5B614ABFAC19B0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 24 Jun 2024 23:54:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:a8:14:02:5b:7b:56:6f:8b:fc:73:12:2c:f2:3e:d3:2d:72:b4:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC8A4C476174CCE15922EC3E0D5B614ABFAC19B0
        Validity
            Not Before: Mar  5 18:17:48 2024 GMT
            Not After : Mar  4 18:22:48 2025 GMT
        Subject: CN=E0E4530570C6D25EEB6425E73F4BFBEAB9123E56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:0b:56:f6:46:b2:0e:c4:2d:0a:22:35:3d:03:
                    72:31:06:aa:18:a7:87:8b:d9:37:bc:14:cf:1c:78:
                    4b:2d:83:8c:fc:62:3e:70:83:30:eb:19:e5:15:96:
                    4e:b4:4f:15:7a:c9:6a:9c:cf:f8:28:2f:cc:d3:d6:
                    cf:82:1b:a0:37:32:b0:38:99:64:21:44:e5:16:d2:
                    cf:68:98:ee:ec:03:f4:dd:73:0d:10:19:83:81:f9:
                    e6:80:39:48:dd:dd:2b:36:9e:90:61:76:2f:5c:82:
                    8d:95:d6:74:ce:7f:55:11:ea:be:fa:13:ce:81:8b:
                    1e:d8:82:e2:03:bc:0b:a1:6d:80:21:66:eb:a6:b0:
                    ca:e4:a3:06:5d:ed:a8:30:4a:53:ce:ce:3a:cc:93:
                    1b:4e:c9:03:aa:03:9f:e2:f6:a1:7f:d3:76:02:ea:
                    1e:0a:bb:81:4d:d0:9a:a2:e3:e5:09:ea:9f:80:5f:
                    09:6a:16:39:b6:0c:68:78:75:97:7d:df:8e:72:1c:
                    87:bd:26:9c:66:01:74:66:24:d3:ef:f0:8c:e6:11:
                    66:fe:be:80:c9:48:fe:6a:48:51:ec:2d:d3:e6:48:
                    f9:b4:40:d7:bf:9c:82:a1:25:39:33:70:d0:c6:76:
                    58:7d:ad:80:74:17:77:64:1e:63:09:98:fe:8e:7e:
                    9a:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:E4:53:05:70:C6:D2:5E:EB:64:25:E7:3F:4B:FB:EA:B9:12:3E:56
            X509v3 Authority Key Identifier:
                keyid:AC:8A:4C:47:61:74:CC:E1:59:22:EC:3E:0D:5B:61:4A:BF:AC:19:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/20C91421EB59CC1900F7BE84330CC85C275017D06EEF777E35FCF3871FD8AD7D/0/AC8A4C476174CCE15922EC3E0D5B614ABFAC19B0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AC8A4C476174CCE15922EC3E0D5B614ABFAC19B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/20C91421EB59CC1900F7BE84330CC85C275017D06EEF777E35FCF3871FD8AD7D/0/323830313a3166363a3a2f34382d3438203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1f6::/48

    Signature Algorithm: sha256WithRSAEncryption
         4f:e2:a4:d3:0d:06:2a:3e:6b:7c:64:54:3a:9a:63:ff:10:69:
         5b:6e:55:1e:63:f6:24:4e:96:af:12:83:25:ea:fe:73:7c:53:
         a9:da:80:89:43:48:dc:a5:06:4f:70:5a:0c:21:a7:56:a7:dd:
         a8:ac:e5:52:09:e7:c6:92:59:03:3e:46:c4:f6:96:43:5c:95:
         49:46:0f:06:17:0c:93:39:f9:13:47:c5:a6:37:1b:2f:bb:f6:
         42:2b:57:92:9f:9c:ab:3b:32:20:53:46:a8:9b:6f:1e:0d:b9:
         0e:54:75:35:26:37:c3:16:f6:10:0d:62:5a:2e:f3:d2:f7:d7:
         34:50:53:ed:c1:c8:db:1e:d3:10:b3:5e:46:19:44:10:2c:80:
         34:be:f8:9e:93:7a:40:3d:d9:6a:bd:9c:99:82:08:4b:fb:05:
         98:cf:f7:f7:85:1d:fd:2a:f7:7e:13:fe:0c:28:c3:3b:5c:cd:
         81:63:2a:65:19:54:78:11:2a:eb:5b:5d:61:9d:8e:75:5a:66:
         13:6d:66:7c:c0:5c:19:7a:f4:df:d7:d0:48:d8:66:7e:b6:79:
         dd:a2:a3:3c:02:f0:53:b6:2e:47:49:c0:27:ea:6b:38:6c:81:
         08:91:d2:12:c0:be:16:5c:f6:b4:24:5e:e6:79:96:14:c5:eb:
         7e:46:d1:c6
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUcqgUAlt7Vm+L/HMSLPI+0y1ytO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM4QTRDNDc2MTc0Q0NFMTU5MjJFQzNFMEQ1QjYxNEFC
RkFDMTlCMDAeFw0yNDAzMDUxODE3NDhaFw0yNTAzMDQxODIyNDhaMDMxMTAvBgNV
BAMTKEUwRTQ1MzA1NzBDNkQyNUVFQjY0MjVFNzNGNEJGQkVBQjkxMjNFNTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJC1b2RrIOxC0KIjU9A3IxBqoY
p4eL2Te8FM8ceEstg4z8Yj5wgzDrGeUVlk60TxV6yWqcz/goL8zT1s+CG6A3MrA4
mWQhROUW0s9omO7sA/Tdcw0QGYOB+eaAOUjd3Ss2npBhdi9cgo2V1nTOf1UR6r76
E86Bix7YguIDvAuhbYAhZuumsMrkowZd7agwSlPOzjrMkxtOyQOqA5/i9qF/03YC
6h4Ku4FN0Jqi4+UJ6p+AXwlqFjm2DGh4dZd9345yHIe9JpxmAXRmJNPv8IzmEWb+
voDJSP5qSFHsLdPmSPm0QNe/nIKhJTkzcNDGdlh9rYB0F3dkHmMJmP6OfpoxAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQU4ORTBXDG0l7rZCXnP0v76rkSPlYwHwYDVR0j
BBgwFoAUrIpMR2F0zOFZIuw+DVthSr+sGbAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMEM5MTQyMUVCNTlDQzE5MDBGN0JFODQzMzBDQzg1QzI3
NTAxN0QwNkVFRjc3N0UzNUZDRjM4NzFGRDhBRDdELzAvQUM4QTRDNDc2MTc0Q0NF
MTU5MjJFQzNFMEQ1QjYxNEFCRkFDMTlCMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BQzhBNEM0NzYxNzRDQ0UxNTky
MkVDM0UwRDVCNjE0QUJGQUMxOUIwLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjBDOTE0MjFFQjU5Q0MxOTAwRjdCRTg0MzMwQ0M4NUMyNzUwMTdEMDZF
RUY3NzdFMzVGQ0YzODcxRkQ4QUQ3RC8wLzMyMzgzMDMxM2EzMTY2MzYzYTNhMmYz
NDM4MmQzNDM4MjAzZDNlMjAzMTM0MzAzODMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKAEB9gAAMA0G
CSqGSIb3DQEBCwUAA4IBAQBP4qTTDQYqPmt8ZFQ6mmP/EGlbblUeY/YkTpavEoMl
6v5zfFOp2oCJQ0jcpQZPcFoMIadWp92orOVSCefGklkDPkbE9pZDXJVJRg8GFwyT
OfkTR8WmNxsvu/ZCK1eSn5yrOzIgU0aom28eDbkOVHU1JjfDFvYQDWJaLvPS99c0
UFPtwcjbHtMQs15GGUQQLIA0vviek3pAPdlqvZyZgghL+wWYz/f3hR39Kvd+E/4M
KMM7XM2BYyplGVR4ESrrW11hnY51WmYTbWZ8wFwZevTf19BI2GZ+tnndoqM8AvBT
ti5HScAn6ms4bIEIkdISwL4WXPa0JF7meZYUxet+RtHG
-----END CERTIFICATE-----
Generated at Fri Jun 21 16:09:58 2024 by rpki-client on console-fra.rpki-client.org