Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/43A6E8BA5926CE69D1B62F80AD59505D01F32717EF6DB7D2E4E3DAED7DEF5DEF/0/323830313a31623a643830303a3a2f34382d3438203d3e203134303830.roa
File:                     323830313a31623a643830303a3a2f34382d3438203d3e203134303830.roa (raw, json)
Hash identifier:          RYRSqyAv7zC7D4d+AIfydFxA9ShIOWjX6ekUxheArWQ=
Subject key identifier:   1B:86:96:48:42:78:83:DE:80:E1:79:7B:33:CE:30:91:DF:B1:41:28
Certificate issuer:       /CN=1F925B85E5DB9CB6F70B6BC57285941FF9E95F2F
Certificate serial:       0331907D64C8E59B2F1217DC6F8EF25B840E30D0
Authority key identifier: 1F:92:5B:85:E5:DB:9C:B6:F7:0B:6B:C5:72:85:94:1F:F9:E9:5F:2F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F925B85E5DB9CB6F70B6BC57285941FF9E95F2F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/43A6E8BA5926CE69D1B62F80AD59505D01F32717EF6DB7D2E4E3DAED7DEF5DEF/0/323830313a31623a643830303a3a2f34382d3438203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 17:57:17 +0000
ROA not before:           Tue 05 Mar 2024 17:52:17 +0000
ROA not after:            Tue 04 Mar 2025 17:57:17 +0000
asID:                     14080
IP address blocks:        2801:1b:d800::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/43A6E8BA5926CE69D1B62F80AD59505D01F32717EF6DB7D2E4E3DAED7DEF5DEF/0/1F925B85E5DB9CB6F70B6BC57285941FF9E95F2F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/43A6E8BA5926CE69D1B62F80AD59505D01F32717EF6DB7D2E4E3DAED7DEF5DEF/0/1F925B85E5DB9CB6F70B6BC57285941FF9E95F2F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F925B85E5DB9CB6F70B6BC57285941FF9E95F2F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 24 Jun 2024 23:54:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:31:90:7d:64:c8:e5:9b:2f:12:17:dc:6f:8e:f2:5b:84:0e:30:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1F925B85E5DB9CB6F70B6BC57285941FF9E95F2F
        Validity
            Not Before: Mar  5 17:52:17 2024 GMT
            Not After : Mar  4 17:57:17 2025 GMT
        Subject: CN=1B869648427883DE80E1797B33CE3091DFB14128
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e3:8b:70:bc:89:c2:b2:1c:b5:5f:96:53:10:
                    73:8a:8d:d9:81:ab:67:1d:cd:a1:c1:59:04:80:42:
                    bc:88:80:a3:2d:5f:14:78:59:4e:a3:14:db:0a:6c:
                    32:b2:c7:79:61:70:c2:8f:71:3e:cb:71:96:a7:2f:
                    03:8d:da:d0:f3:80:3b:a6:ef:cc:dc:3e:de:fc:f2:
                    18:cc:09:7b:6c:81:94:b7:88:a1:64:3e:90:3c:a9:
                    31:22:75:95:36:66:6a:0d:f1:c1:ee:1e:cc:76:bb:
                    57:f9:79:82:9f:ea:c1:27:a1:af:46:77:74:88:33:
                    fe:4c:44:87:b6:7b:a3:0c:7a:6b:6f:f4:68:8f:63:
                    6d:0d:b4:41:b0:36:9d:74:4f:15:39:96:c0:58:1d:
                    14:b4:34:52:6d:f7:12:fc:a8:23:df:9b:fb:fc:f9:
                    f0:aa:20:79:d3:9c:81:f9:c1:aa:69:2a:79:7c:01:
                    ef:63:ea:b1:24:6d:49:e5:57:7f:5e:98:bd:3a:3e:
                    1e:35:d8:58:c2:ae:7c:a8:a0:08:b6:b7:7c:8b:bb:
                    8c:4c:94:22:c3:d3:90:41:7e:15:c1:21:c8:1a:64:
                    42:49:18:86:31:85:85:34:e9:1c:ce:5e:5c:82:97:
                    8c:16:c2:92:bf:a5:b7:98:e5:4c:71:76:6f:09:df:
                    df:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:86:96:48:42:78:83:DE:80:E1:79:7B:33:CE:30:91:DF:B1:41:28
            X509v3 Authority Key Identifier:
                keyid:1F:92:5B:85:E5:DB:9C:B6:F7:0B:6B:C5:72:85:94:1F:F9:E9:5F:2F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/43A6E8BA5926CE69D1B62F80AD59505D01F32717EF6DB7D2E4E3DAED7DEF5DEF/0/1F925B85E5DB9CB6F70B6BC57285941FF9E95F2F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F925B85E5DB9CB6F70B6BC57285941FF9E95F2F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/43A6E8BA5926CE69D1B62F80AD59505D01F32717EF6DB7D2E4E3DAED7DEF5DEF/0/323830313a31623a643830303a3a2f34382d3438203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1b:d800::/48

    Signature Algorithm: sha256WithRSAEncryption
         19:96:d3:18:56:7a:09:53:74:23:40:72:60:6d:39:18:33:bb:
         df:82:24:bd:07:6c:40:0d:96:af:d7:76:18:21:69:a7:33:18:
         54:3d:90:c2:05:5d:a6:0f:82:2d:22:6d:65:93:9b:3e:2e:4e:
         ab:fe:ec:d2:ff:ec:f8:bd:1c:ed:fd:28:5d:1a:4f:40:b2:d7:
         90:4b:c9:85:74:19:6b:49:7a:ed:d2:35:89:65:cc:2f:9e:c8:
         fa:76:26:08:19:e0:fa:5a:76:f4:d5:82:0f:69:e5:86:1d:fa:
         e3:38:63:48:f9:95:8d:6b:f3:ca:b8:87:84:42:3b:50:d8:a2:
         d8:6c:2a:d5:ae:7a:95:cf:1a:5f:f3:bc:af:3e:e0:40:48:4e:
         6b:a3:fc:cb:0f:b4:ab:2c:30:08:77:c4:8e:26:8d:2d:00:9d:
         51:eb:74:7c:3a:e9:d1:52:c2:11:09:06:0a:5d:8a:6b:ce:53:
         ac:9d:a1:bd:a7:e3:de:dd:ed:f2:1a:e5:48:f9:fc:97:a6:b8:
         0e:8c:25:ea:21:a6:c7:8c:8c:b5:98:c1:b5:63:1c:4e:46:ac:
         ec:8a:35:17:81:5a:da:27:cd:73:7b:77:8d:87:0d:7d:ce:f7:
         a8:52:57:ba:45:67:c6:53:d1:2b:d7:a3:3f:c5:3b:31:90:0a:
         f7:70:14:a8
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUAzGQfWTI5ZsvEhfcb47yW4QOMNAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUY5MjVCODVFNURCOUNCNkY3MEI2QkM1NzI4NTk0MUZG
OUU5NUYyRjAeFw0yNDAzMDUxNzUyMTdaFw0yNTAzMDQxNzU3MTdaMDMxMTAvBgNV
BAMTKDFCODY5NjQ4NDI3ODgzREU4MEUxNzk3QjMzQ0UzMDkxREZCMTQxMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc44twvInCshy1X5ZTEHOKjdmB
q2cdzaHBWQSAQryIgKMtXxR4WU6jFNsKbDKyx3lhcMKPcT7LcZanLwON2tDzgDum
78zcPt788hjMCXtsgZS3iKFkPpA8qTEidZU2ZmoN8cHuHsx2u1f5eYKf6sEnoa9G
d3SIM/5MRIe2e6MMemtv9GiPY20NtEGwNp10TxU5lsBYHRS0NFJt9xL8qCPfm/v8
+fCqIHnTnIH5wappKnl8Ae9j6rEkbUnlV39emL06Ph412FjCrnyooAi2t3yLu4xM
lCLD05BBfhXBIcgaZEJJGIYxhYU06RzOXlyCl4wWwpK/pbeY5Uxxdm8J399LAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUG4aWSEJ4g96A4Xl7M84wkd+xQSgwHwYDVR0j
BBgwFoAUH5JbheXbnLb3C2vFcoWUH/npXy8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80M0E2RThCQTU5MjZDRTY5RDFCNjJGODBBRDU5NTA1RDAx
RjMyNzE3RUY2REI3RDJFNEUzREFFRDdERUY1REVGLzAvMUY5MjVCODVFNURCOUNC
NkY3MEI2QkM1NzI4NTk0MUZGOUU5NUYyRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRjkyNUI4NUU1REI5Q0I2Rjcw
QjZCQzU3Mjg1OTQxRkY5RTk1RjJGLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDNBNkU4QkE1OTI2Q0U2OUQxQjYyRjgwQUQ1OTUwNUQwMUYzMjcxN0VG
NkRCN0QyRTRFM0RBRUQ3REVGNURFRi8wLzMyMzgzMDMxM2EzMTYyM2E2NDM4MzAz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzMDM4MzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AQAb2AAwDQYJKoZIhvcNAQELBQADggEBABmW0xhWeglTdCNAcmBtORgzu9+CJL0H
bEANlq/XdhghaaczGFQ9kMIFXaYPgi0ibWWTmz4uTqv+7NL/7Pi9HO39KF0aT0Cy
15BLyYV0GWtJeu3SNYllzC+eyPp2JggZ4PpadvTVgg9p5YYd+uM4Y0j5lY1r88q4
h4RCO1DYothsKtWuepXPGl/zvK8+4EBITmuj/MsPtKssMAh3xI4mjS0AnVHrdHw6
6dFSwhEJBgpdimvOU6ydob2n497d7fIa5Uj5/JemuA6MJeohpseMjLWYwbVjHE5G
rOyKNReBWtonzXN7d42HDX3O96hSV7pFZ8ZT0SvXoz/FOzGQCvdwFKg=
-----END CERTIFICATE-----
Generated at Fri Jun 21 06:04:56 2024 by rpki-client on console-ams.rpki-client.org