Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2656BDCB2AB10168D929C9F36580D006AAA49F4B8225370FF0EBA7308DC548C8/0/323830303a3962303a3a2f33322d3438203d3e203532333432.roa
File:                     323830303a3962303a3a2f33322d3438203d3e203532333432.roa (raw, json)
Hash identifier:          rjz072QKzf1cPD1HRuLFniMqNiwNVY3O4w4o+xQ8xj8=
Subject key identifier:   58:FF:38:7E:D0:E8:E4:CE:D1:A9:6C:39:5F:75:F4:03:94:99:80:E1
Certificate issuer:       /CN=0D34B4304BB923E80757FDED7508C224FEF6ED84
Certificate serial:       2CD368D27BD68B762424A3318CD6926B18C951BB
Authority key identifier: 0D:34:B4:30:4B:B9:23:E8:07:57:FD:ED:75:08:C2:24:FE:F6:ED:84
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D34B4304BB923E80757FDED7508C224FEF6ED84.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2656BDCB2AB10168D929C9F36580D006AAA49F4B8225370FF0EBA7308DC548C8/0/323830303a3962303a3a2f33322d3438203d3e203532333432.roa
Signing time:             Tue 05 Mar 2024 17:47:32 +0000
ROA not before:           Tue 05 Mar 2024 17:42:32 +0000
ROA not after:            Tue 04 Mar 2025 17:47:32 +0000
asID:                     52342
IP address blocks:        2800:9b0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2656BDCB2AB10168D929C9F36580D006AAA49F4B8225370FF0EBA7308DC548C8/0/0D34B4304BB923E80757FDED7508C224FEF6ED84.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2656BDCB2AB10168D929C9F36580D006AAA49F4B8225370FF0EBA7308DC548C8/0/0D34B4304BB923E80757FDED7508C224FEF6ED84.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D34B4304BB923E80757FDED7508C224FEF6ED84.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:d3:68:d2:7b:d6:8b:76:24:24:a3:31:8c:d6:92:6b:18:c9:51:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0D34B4304BB923E80757FDED7508C224FEF6ED84
        Validity
            Not Before: Mar  5 17:42:32 2024 GMT
            Not After : Mar  4 17:47:32 2025 GMT
        Subject: CN=58FF387ED0E8E4CED1A96C395F75F403949980E1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:4e:58:55:3e:1e:47:95:38:91:f3:3e:9d:6c:
                    64:60:9f:d1:0e:6c:27:09:4e:08:21:38:c2:b7:ec:
                    6a:d7:cf:3c:4d:6d:4a:d6:f7:46:e6:3a:46:83:38:
                    cb:03:fa:25:df:b7:e4:3c:6a:a0:40:9f:cc:2e:81:
                    bb:fd:26:20:49:05:49:84:ec:f5:c8:81:2f:7f:b6:
                    ee:d8:b5:ac:f4:a9:bc:4f:25:52:bb:c4:15:de:ee:
                    d0:94:8d:8c:03:6b:5a:18:5a:5f:62:0e:67:f6:f8:
                    fd:f1:38:c1:a1:fe:38:4a:b8:13:5b:03:e6:8a:8b:
                    3f:36:a8:d4:ab:74:4e:5e:81:7b:e9:18:15:76:7e:
                    59:1f:68:76:a3:4c:86:2d:6a:b8:dd:e3:97:d4:9b:
                    24:b9:5e:78:db:25:97:62:1b:8a:93:d3:b4:1e:24:
                    c4:24:15:86:e5:c0:7e:10:0c:a7:06:b7:f0:40:9e:
                    1f:02:82:71:39:f1:cc:32:90:b5:d6:79:01:8f:b6:
                    63:d9:5f:e4:79:a8:bc:5b:dc:22:63:d4:18:61:49:
                    5b:9d:ff:96:89:7f:b8:c5:37:5a:3f:3c:23:57:24:
                    17:df:be:34:44:10:06:bb:d7:d9:bf:fa:d9:5a:9e:
                    7f:3a:78:83:d0:09:bb:fd:eb:15:7c:9a:fc:c9:5f:
                    7b:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:FF:38:7E:D0:E8:E4:CE:D1:A9:6C:39:5F:75:F4:03:94:99:80:E1
            X509v3 Authority Key Identifier:
                keyid:0D:34:B4:30:4B:B9:23:E8:07:57:FD:ED:75:08:C2:24:FE:F6:ED:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2656BDCB2AB10168D929C9F36580D006AAA49F4B8225370FF0EBA7308DC548C8/0/0D34B4304BB923E80757FDED7508C224FEF6ED84.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D34B4304BB923E80757FDED7508C224FEF6ED84.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2656BDCB2AB10168D929C9F36580D006AAA49F4B8225370FF0EBA7308DC548C8/0/323830303a3962303a3a2f33322d3438203d3e203532333432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:9b0::/32

    Signature Algorithm: sha256WithRSAEncryption
         1f:18:f9:d4:35:b1:00:2d:a1:35:67:aa:8c:03:66:46:eb:82:
         7e:cf:b3:48:51:be:a8:28:33:68:5d:85:ab:e4:6b:e7:fa:76:
         83:f7:29:2b:15:9c:f6:20:07:4b:b1:6f:77:c4:60:37:09:21:
         3c:1b:4b:25:0f:37:01:75:aa:1d:4b:34:c1:1e:8c:19:05:33:
         70:a8:0f:ff:db:93:e2:00:21:8d:48:6f:dd:f2:71:c6:a5:80:
         f1:7b:9e:a1:fc:98:bc:a4:5a:70:dc:0a:a5:4f:5c:57:87:28:
         24:86:82:2d:1c:34:4f:79:25:21:fc:b3:87:6c:ec:2d:7c:6a:
         cc:41:22:f6:e0:1c:de:71:2e:e9:99:19:6c:e4:67:b2:59:1b:
         bc:d0:69:f5:eb:a9:75:73:7b:06:82:4d:13:8c:43:bf:90:1c:
         51:da:1c:85:c9:5f:4e:a9:c4:bf:ba:77:10:25:ec:de:65:06:
         4c:9b:78:dc:da:d6:36:e4:b0:1b:91:3f:01:db:7a:15:50:7a:
         dc:59:2f:3d:57:2f:2e:b5:05:be:f8:9d:48:de:b9:88:df:35:
         f3:6e:11:df:68:b9:93:c8:e6:d4:1b:8f:7b:09:79:ef:d2:06:
         08:1f:57:52:90:13:cc:d2:7e:41:f3:21:c6:3c:ad:f0:a7:d1:
         91:74:5b:36
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIULNNo0nvWi3YkJKMxjNaSaxjJUbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEQzNEI0MzA0QkI5MjNFODA3NTdGREVENzUwOEMyMjRG
RUY2RUQ4NDAeFw0yNDAzMDUxNzQyMzJaFw0yNTAzMDQxNzQ3MzJaMDMxMTAvBgNV
BAMTKDU4RkYzODdFRDBFOEU0Q0VEMUE5NkMzOTVGNzVGNDAzOTQ5OTgwRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzTlhVPh5HlTiR8z6dbGRgn9EO
bCcJTgghOMK37GrXzzxNbUrW90bmOkaDOMsD+iXft+Q8aqBAn8wugbv9JiBJBUmE
7PXIgS9/tu7Ytaz0qbxPJVK7xBXe7tCUjYwDa1oYWl9iDmf2+P3xOMGh/jhKuBNb
A+aKiz82qNSrdE5egXvpGBV2flkfaHajTIYtarjd45fUmyS5XnjbJZdiG4qT07Qe
JMQkFYblwH4QDKcGt/BAnh8CgnE58cwykLXWeQGPtmPZX+R5qLxb3CJj1BhhSVud
/5aJf7jFN1o/PCNXJBffvjREEAa719m/+tlann86eIPQCbv96xV8mvzJX3uVAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUWP84ftDo5M7RqWw5X3X0A5SZgOEwHwYDVR0j
BBgwFoAUDTS0MEu5I+gHV/3tdQjCJP727YQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yNjU2QkRDQjJBQjEwMTY4RDkyOUM5RjM2NTgwRDAwNkFB
QTQ5RjRCODIyNTM3MEZGMEVCQTczMDhEQzU0OEM4LzAvMEQzNEI0MzA0QkI5MjNF
ODA3NTdGREVENzUwOEMyMjRGRUY2RUQ4NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wRDM0QjQzMDRCQjkyM0U4MDc1
N0ZERUQ3NTA4QzIyNEZFRjZFRDg0LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjY1NkJEQ0IyQUIxMDE2OEQ5MjlDOUYzNjU4MEQwMDZBQUE0OUY0Qjgy
MjUzNzBGRjBFQkE3MzA4REM1NDhDOC8wLzMyMzgzMDMwM2EzOTYyMzAzYTNhMmYz
MzMyMmQzNDM4MjAzZDNlMjAzNTMyMzMzNDMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKAAJsDANBgkq
hkiG9w0BAQsFAAOCAQEAHxj51DWxAC2hNWeqjANmRuuCfs+zSFG+qCgzaF2Fq+Rr
5/p2g/cpKxWc9iAHS7Fvd8RgNwkhPBtLJQ83AXWqHUs0wR6MGQUzcKgP/9uT4gAh
jUhv3fJxxqWA8XueofyYvKRacNwKpU9cV4coJIaCLRw0T3klIfyzh2zsLXxqzEEi
9uAc3nEu6ZkZbORnslkbvNBp9eupdXN7BoJNE4xDv5AcUdochclfTqnEv7p3ECXs
3mUGTJt43NrWNuSwG5E/Adt6FVB63FkvPVcvLrUFvvidSN65iN81824R32i5k8jm
1BuPewl579IGCB9XUpATzNJ+QfMhxjyt8KfRkXRbNg==
-----END CERTIFICATE-----
Generated at Wed Nov 20 21:51:53 2024 by rpki-client on console-fra.rpki-client.org