Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/323830313a3131613a3a2f34302d3438203d3e203134303830.roa
File:                     323830313a3131613a3a2f34302d3438203d3e203134303830.roa (raw, json)
Hash identifier:          Nwhj5XjdKxI5V+7INb2iQLEN1PNEcUpPkI1c9S4dqAI=
Subject key identifier:   63:DF:32:F9:04:32:23:69:04:00:62:27:C6:43:41:75:2E:26:C4:25
Certificate issuer:       /CN=A597442BE252949C19F9D69F7BF6A9CDDB54134B
Certificate serial:       4675FE3032421DAB7ABCE4B1457AF835FF07BB11
Authority key identifier: A5:97:44:2B:E2:52:94:9C:19:F9:D6:9F:7B:F6:A9:CD:DB:54:13:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/323830313a3131613a3a2f34302d3438203d3e203134303830.roa
Signing time:             Tue 04 Feb 2025 20:01:50 +0000
ROA not before:           Tue 04 Feb 2025 19:56:50 +0000
ROA not after:            Tue 03 Feb 2026 20:01:50 +0000
asID:                     14080
IP address blocks:        2801:11a::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:75:fe:30:32:42:1d:ab:7a:bc:e4:b1:45:7a:f8:35:ff:07:bb:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A597442BE252949C19F9D69F7BF6A9CDDB54134B
        Validity
            Not Before: Feb  4 19:56:50 2025 GMT
            Not After : Feb  3 20:01:50 2026 GMT
        Subject: CN=63DF32F90432236904006227C64341752E26C425
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:c2:d5:fb:ec:31:3f:39:1f:d3:c8:2e:4e:a3:
                    b5:da:38:6b:b0:c6:ea:d7:80:b0:73:01:54:d5:23:
                    27:34:5f:77:90:fb:c5:59:66:3b:6a:7d:9a:e7:2c:
                    31:00:7c:92:49:b9:cf:35:fd:5b:ef:85:42:1e:dc:
                    46:72:3d:00:f4:d2:1f:26:28:a3:f0:df:a1:9b:ad:
                    f7:ac:1e:91:9b:8b:40:3f:6d:63:3a:b1:b0:7c:2c:
                    e9:54:54:fa:6f:68:17:d2:78:6b:a2:10:0f:89:6c:
                    cf:6b:a2:b3:fb:d6:b4:60:df:d9:76:db:19:29:29:
                    57:d0:ec:53:c9:94:08:71:d8:15:5b:f5:88:fe:ee:
                    58:47:40:92:93:1c:98:64:e0:e7:df:06:b9:82:73:
                    1a:e4:06:7a:33:e1:7d:2a:c9:5a:48:3c:31:0c:23:
                    cb:ab:d7:bd:02:ef:1b:b9:42:5d:9d:60:c0:4e:ab:
                    73:c4:96:e2:9c:dc:1e:46:de:a8:dd:17:7d:4e:55:
                    50:6e:c1:96:1d:13:6c:07:67:f6:55:d2:2c:0a:44:
                    04:a7:29:46:54:7c:36:e7:08:a3:a9:c5:32:c6:ce:
                    64:1f:a5:97:7e:b8:2e:11:3b:4b:09:16:fd:a1:81:
                    5d:ae:7f:1a:a7:01:91:21:85:cc:5e:74:d0:89:54:
                    36:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:DF:32:F9:04:32:23:69:04:00:62:27:C6:43:41:75:2E:26:C4:25
            X509v3 Authority Key Identifier:
                keyid:A5:97:44:2B:E2:52:94:9C:19:F9:D6:9F:7B:F6:A9:CD:DB:54:13:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/323830313a3131613a3a2f34302d3438203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:11a::/40

    Signature Algorithm: sha256WithRSAEncryption
         c0:ac:a0:0e:4d:09:e3:7f:75:29:65:b0:1f:7b:87:84:9d:23:
         7a:c8:44:32:0d:cd:8d:49:cd:40:81:3e:85:27:65:6d:94:51:
         59:a2:a8:2b:44:03:1e:87:9a:73:12:21:3c:9d:7a:70:24:58:
         13:55:a4:d4:b3:66:92:47:bd:49:2b:4f:28:86:fe:e1:12:7e:
         30:03:79:35:1e:aa:69:e5:4a:ce:ea:a7:5d:68:ce:08:0a:a5:
         5f:aa:6a:a4:37:7c:fa:19:fd:10:15:34:ef:41:55:96:61:fa:
         3a:3a:9d:97:6e:03:e0:cc:1a:a2:bf:2c:b4:36:96:de:bc:4d:
         64:da:82:c2:88:aa:70:36:e7:ca:07:e7:33:47:28:cd:ac:54:
         8b:71:9b:db:84:21:e0:4f:ea:e9:c9:32:33:08:26:91:39:fd:
         9e:3a:e1:b8:fd:cf:17:38:c2:31:d6:52:75:3d:bc:cb:fe:25:
         0d:ad:90:31:52:fb:49:e7:6f:be:aa:16:73:a6:3d:72:81:b5:
         18:e8:97:0e:55:20:1e:f4:3a:98:80:9c:2a:6c:7c:f6:b2:8d:
         aa:1e:77:15:9d:57:8a:4c:50:56:a8:88:a7:17:36:66:2c:76:
         f2:d1:05:89:e7:e3:9b:d9:59:6f:cf:dd:d2:0f:cb:f4:b4:1c:
         34:13:e0:28
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIURnX+MDJCHat6vOSxRXr4Nf8HuxEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTU5NzQ0MkJFMjUyOTQ5QzE5RjlENjlGN0JGNkE5Q0RE
QjU0MTM0QjAeFw0yNTAyMDQxOTU2NTBaFw0yNjAyMDMyMDAxNTBaMDMxMTAvBgNV
BAMTKDYzREYzMkY5MDQzMjIzNjkwNDAwNjIyN0M2NDM0MTc1MkUyNkM0MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAwtX77DE/OR/TyC5Oo7XaOGuw
xurXgLBzAVTVIyc0X3eQ+8VZZjtqfZrnLDEAfJJJuc81/VvvhUIe3EZyPQD00h8m
KKPw36GbrfesHpGbi0A/bWM6sbB8LOlUVPpvaBfSeGuiEA+JbM9rorP71rRg39l2
2xkpKVfQ7FPJlAhx2BVb9Yj+7lhHQJKTHJhk4OffBrmCcxrkBnoz4X0qyVpIPDEM
I8ur170C7xu5Ql2dYMBOq3PEluKc3B5G3qjdF31OVVBuwZYdE2wHZ/ZV0iwKRASn
KUZUfDbnCKOpxTLGzmQfpZd+uC4RO0sJFv2hgV2ufxqnAZEhhcxedNCJVDYtAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUY98y+QQyI2kEAGInxkNBdS4mxCUwHwYDVR0j
BBgwFoAUpZdEK+JSlJwZ+dafe/apzdtUE0swDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMjAzOTEwMzk3MDFDNzkzNDZCNzZGQjEwRUFCNkY0NzE3
RUE3MUVEMTI1Q0NGRTlCOTU3NDRDRjAzNDBDOTE5LzAvQTU5NzQ0MkJFMjUyOTQ5
QzE5RjlENjlGN0JGNkE5Q0REQjU0MTM0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNTk3NDQyQkUyNTI5NDlDMTlG
OUQ2OUY3QkY2QTlDRERCNTQxMzRCLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjIwMzkxMDM5NzAxQzc5MzQ2Qjc2RkIxMEVBQjZGNDcxN0VBNzFFRDEy
NUNDRkU5Qjk1NzQ0Q0YwMzQwQzkxOS8wLzMyMzgzMDMxM2EzMTMxNjEzYTNhMmYz
NDMwMmQzNDM4MjAzZDNlMjAzMTM0MzAzODMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKAEBGgAwDQYJ
KoZIhvcNAQELBQADggEBAMCsoA5NCeN/dSllsB97h4SdI3rIRDINzY1JzUCBPoUn
ZW2UUVmiqCtEAx6HmnMSITydenAkWBNVpNSzZpJHvUkrTyiG/uESfjADeTUeqmnl
Ss7qp11ozggKpV+qaqQ3fPoZ/RAVNO9BVZZh+jo6nZduA+DMGqK/LLQ2lt68TWTa
gsKIqnA258oH5zNHKM2sVItxm9uEIeBP6unJMjMIJpE5/Z464bj9zxc4wjHWUnU9
vMv+JQ2tkDFS+0nnb76qFnOmPXKBtRjolw5VIB70OpiAnCpsfPayjaoedxWdV4pM
UFaoiKcXNmYsdvLRBYnn45vZWW/P3dIPy/S0HDQT4Cg=
-----END CERTIFICATE-----
Generated at Sat Feb 15 00:29:25 2025 by rpki-client