Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/323830313a3131613a3a2f34302d3438203d3e203134303830.roa
File:                     323830313a3131613a3a2f34302d3438203d3e203134303830.roa (raw, json)
Hash identifier:          o3Xqf3aCSwUlylzLrp1YFG+PrrMyABv8YIer+Tp8Ac0=
Subject key identifier:   43:20:89:E6:F9:2D:C0:D3:11:9C:E2:CE:91:2D:2F:03:9C:2A:3B:1D
Certificate issuer:       /CN=A597442BE252949C19F9D69F7BF6A9CDDB54134B
Certificate serial:       17CCC20B51A1BA71E8C6D2BB106DD8082D2C3657
Authority key identifier: A5:97:44:2B:E2:52:94:9C:19:F9:D6:9F:7B:F6:A9:CD:DB:54:13:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/323830313a3131613a3a2f34302d3438203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 18:14:15 +0000
ROA not before:           Tue 05 Mar 2024 18:09:15 +0000
ROA not after:            Tue 04 Mar 2025 18:14:15 +0000
asID:                     14080
IP address blocks:        2801:11a::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 10:27:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:cc:c2:0b:51:a1:ba:71:e8:c6:d2:bb:10:6d:d8:08:2d:2c:36:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A597442BE252949C19F9D69F7BF6A9CDDB54134B
        Validity
            Not Before: Mar  5 18:09:15 2024 GMT
            Not After : Mar  4 18:14:15 2025 GMT
        Subject: CN=432089E6F92DC0D3119CE2CE912D2F039C2A3B1D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:15:76:b3:d9:ae:17:76:04:60:eb:4f:b7:26:
                    f6:d7:d4:73:80:5d:5e:62:1f:bf:0b:70:37:e7:93:
                    19:c1:d9:c9:f3:b5:55:d5:40:52:21:dc:5c:11:67:
                    6d:ae:01:5f:8b:e6:09:23:af:54:41:d1:ed:b7:35:
                    70:c9:80:ea:5d:71:bd:73:a9:81:29:b0:a3:ad:30:
                    53:99:c6:ea:2b:b1:38:b8:eb:1b:73:4e:7b:99:50:
                    62:00:80:e5:19:8b:73:0c:fa:30:2a:03:32:a6:2f:
                    4b:44:8b:c0:5a:ee:9b:27:9b:a4:f6:02:c5:4a:05:
                    8d:a1:88:f2:e4:dc:bd:3e:31:ff:17:bd:36:5b:d6:
                    a5:59:97:99:40:9d:88:48:3f:4b:37:27:e4:b9:26:
                    2f:08:1a:25:fb:66:3d:99:3c:21:f5:8b:c9:c4:d1:
                    a4:5d:1d:6a:47:af:2e:0c:36:26:e5:3b:2b:20:69:
                    8e:af:b3:0d:93:85:6a:30:d1:27:07:2a:72:14:e6:
                    da:ed:03:95:c7:9f:d8:5e:eb:3c:48:93:0d:50:66:
                    94:8d:7c:4d:f7:3f:5d:07:c0:51:0c:79:90:cf:f1:
                    b5:4b:22:3e:87:5f:71:bb:60:c3:a4:a8:0d:9b:af:
                    bb:9e:21:09:82:4a:4d:4b:da:0c:4c:32:1f:8b:53:
                    14:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:20:89:E6:F9:2D:C0:D3:11:9C:E2:CE:91:2D:2F:03:9C:2A:3B:1D
            X509v3 Authority Key Identifier:
                keyid:A5:97:44:2B:E2:52:94:9C:19:F9:D6:9F:7B:F6:A9:CD:DB:54:13:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/323830313a3131613a3a2f34302d3438203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:11a::/40

    Signature Algorithm: sha256WithRSAEncryption
         07:d5:cc:f1:83:49:e4:63:05:71:07:11:64:06:b1:e6:e0:37:
         e2:ad:ca:de:b3:13:a4:fc:e2:77:65:e2:ad:a4:c4:d4:c2:c7:
         ff:9e:31:e3:18:06:9a:6b:be:06:31:56:ba:98:7b:07:1b:5b:
         bb:45:e3:a3:c9:ba:99:49:63:3d:76:34:e9:f0:e7:9e:cb:5c:
         a3:d6:fc:45:f9:c1:09:39:69:73:bd:8b:6d:3b:21:b6:c3:e3:
         23:2b:16:61:85:87:e5:ba:49:4a:0f:22:8f:2d:dc:de:b9:e7:
         80:b0:b9:d8:5d:35:d3:61:74:23:16:90:37:c4:bd:fa:a1:06:
         5e:55:80:e0:1c:46:d9:18:79:84:3b:c9:3c:fb:dd:3e:ff:2c:
         70:93:07:56:b1:1a:e8:11:b7:bd:24:1b:e4:ec:5e:10:51:1c:
         cd:1e:2c:90:1d:f4:31:e3:ae:5d:db:55:85:38:db:f8:69:0f:
         24:1f:d5:6d:3e:30:01:2f:54:f8:91:4a:ec:13:cf:c9:ac:a5:
         3c:a4:08:6d:eb:45:f7:42:19:16:a2:98:80:fa:76:11:4e:bc:
         1e:87:e6:1b:2e:01:ef:75:7f:18:3d:0d:4d:e0:17:b3:96:4e:
         a1:41:41:c0:17:05:7b:b4:db:a5:cf:93:19:16:1a:5f:01:ce:
         3e:e1:b3:21
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUF8zCC1GhunHoxtK7EG3YCC0sNlcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTU5NzQ0MkJFMjUyOTQ5QzE5RjlENjlGN0JGNkE5Q0RE
QjU0MTM0QjAeFw0yNDAzMDUxODA5MTVaFw0yNTAzMDQxODE0MTVaMDMxMTAvBgNV
BAMTKDQzMjA4OUU2RjkyREMwRDMxMTlDRTJDRTkxMkQyRjAzOUMyQTNCMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0FXaz2a4XdgRg60+3JvbX1HOA
XV5iH78LcDfnkxnB2cnztVXVQFIh3FwRZ22uAV+L5gkjr1RB0e23NXDJgOpdcb1z
qYEpsKOtMFOZxuorsTi46xtzTnuZUGIAgOUZi3MM+jAqAzKmL0tEi8Ba7psnm6T2
AsVKBY2hiPLk3L0+Mf8XvTZb1qVZl5lAnYhIP0s3J+S5Ji8IGiX7Zj2ZPCH1i8nE
0aRdHWpHry4MNiblOysgaY6vsw2ThWow0ScHKnIU5trtA5XHn9he6zxIkw1QZpSN
fE33P10HwFEMeZDP8bVLIj6HX3G7YMOkqA2br7ueIQmCSk1L2gxMMh+LUxSLAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUQyCJ5vktwNMRnOLOkS0vA5wqOx0wHwYDVR0j
BBgwFoAUpZdEK+JSlJwZ+dafe/apzdtUE0swDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMjAzOTEwMzk3MDFDNzkzNDZCNzZGQjEwRUFCNkY0NzE3
RUE3MUVEMTI1Q0NGRTlCOTU3NDRDRjAzNDBDOTE5LzAvQTU5NzQ0MkJFMjUyOTQ5
QzE5RjlENjlGN0JGNkE5Q0REQjU0MTM0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNTk3NDQyQkUyNTI5NDlDMTlG
OUQ2OUY3QkY2QTlDRERCNTQxMzRCLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjIwMzkxMDM5NzAxQzc5MzQ2Qjc2RkIxMEVBQjZGNDcxN0VBNzFFRDEy
NUNDRkU5Qjk1NzQ0Q0YwMzQwQzkxOS8wLzMyMzgzMDMxM2EzMTMxNjEzYTNhMmYz
NDMwMmQzNDM4MjAzZDNlMjAzMTM0MzAzODMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKAEBGgAwDQYJ
KoZIhvcNAQELBQADggEBAAfVzPGDSeRjBXEHEWQGsebgN+Ktyt6zE6T84ndl4q2k
xNTCx/+eMeMYBpprvgYxVrqYewcbW7tF46PJuplJYz12NOnw557LXKPW/EX5wQk5
aXO9i207IbbD4yMrFmGFh+W6SUoPIo8t3N6554CwudhdNdNhdCMWkDfEvfqhBl5V
gOAcRtkYeYQ7yTz73T7/LHCTB1axGugRt70kG+TsXhBRHM0eLJAd9DHjrl3bVYU4
2/hpDyQf1W0+MAEvVPiRSuwTz8mspTykCG3rRfdCGRaimID6dhFOvB6H5hsuAe91
fxg9DU3gF7OWTqFBQcAXBXu026XPkxkWGl8Bzj7hsyE=
-----END CERTIFICATE-----
Generated at Sat Jun 22 03:12:12 2024 by rpki-client on console-ams.rpki-client.org