Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4BA37A459F293C30036216BB44FE99FC147CD8BFFDE2FF3C5E67537287481E60/0/323830313a3162393a333a3a2f34382d3438203d3e20323732393532.roa
File:                     323830313a3162393a333a3a2f34382d3438203d3e20323732393532.roa (raw, json)
Hash identifier:          w3pN4RSyEXTEf3vYStaM1ntKvCLjwbsRX/KSUMsTBdU=
Subject key identifier:   1F:2B:E1:28:C7:2A:68:07:9E:D6:98:3A:3D:EC:B8:A0:F3:46:66:20
Certificate issuer:       /CN=721723EE6C96BAE63225C18652977F8E404DBD28
Certificate serial:       10A383E96692BD6D53EB43B4A44674B879964F4A
Authority key identifier: 72:17:23:EE:6C:96:BA:E6:32:25:C1:86:52:97:7F:8E:40:4D:BD:28
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/721723EE6C96BAE63225C18652977F8E404DBD28.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4BA37A459F293C30036216BB44FE99FC147CD8BFFDE2FF3C5E67537287481E60/0/323830313a3162393a333a3a2f34382d3438203d3e20323732393532.roa
Signing time:             Tue 05 Mar 2024 18:10:15 +0000
ROA not before:           Tue 05 Mar 2024 18:05:15 +0000
ROA not after:            Tue 04 Mar 2025 18:10:15 +0000
asID:                     272952
IP address blocks:        2801:1b9:3::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4BA37A459F293C30036216BB44FE99FC147CD8BFFDE2FF3C5E67537287481E60/0/721723EE6C96BAE63225C18652977F8E404DBD28.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4BA37A459F293C30036216BB44FE99FC147CD8BFFDE2FF3C5E67537287481E60/0/721723EE6C96BAE63225C18652977F8E404DBD28.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/721723EE6C96BAE63225C18652977F8E404DBD28.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:a3:83:e9:66:92:bd:6d:53:eb:43:b4:a4:46:74:b8:79:96:4f:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=721723EE6C96BAE63225C18652977F8E404DBD28
        Validity
            Not Before: Mar  5 18:05:15 2024 GMT
            Not After : Mar  4 18:10:15 2025 GMT
        Subject: CN=1F2BE128C72A68079ED6983A3DECB8A0F3466620
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:0b:fa:27:b1:5f:f6:91:83:67:56:93:74:c2:
                    37:b9:08:74:ce:90:8f:1e:ee:5c:cb:48:3f:2f:c7:
                    09:c7:67:de:17:d1:b6:6f:dc:6f:5e:34:e8:24:be:
                    4c:ff:8f:09:d6:ce:ed:d2:e9:06:ef:55:90:2f:52:
                    e9:c3:b0:fd:cb:0e:f6:9d:80:da:14:83:aa:62:fb:
                    23:79:9b:de:b8:67:23:04:98:3c:5f:2b:a5:76:07:
                    e5:95:f5:38:38:50:b1:7e:66:78:cd:7f:33:58:f0:
                    de:2b:f5:73:34:06:9a:74:33:ed:a3:c8:55:f3:0f:
                    10:36:dc:43:43:36:29:86:d8:4b:f4:28:2e:a4:13:
                    af:e7:cb:49:9b:54:e5:b2:3c:bc:5e:6e:0b:33:0b:
                    d2:eb:c7:2f:b3:97:2e:ab:64:1e:3d:d0:16:e8:58:
                    52:dc:86:9d:21:61:17:18:be:a5:37:37:99:51:5c:
                    d2:f4:86:d3:b6:af:10:03:de:5b:6c:a2:bf:42:a0:
                    c7:d4:12:0e:f8:7a:4f:31:d0:ee:49:9a:19:33:e6:
                    7c:d7:ed:18:ae:8c:ea:00:06:35:8a:67:d2:45:cf:
                    71:e4:b6:8e:ab:b7:7a:6a:67:e8:82:60:d0:55:25:
                    cd:70:b3:30:c6:9a:8f:54:75:6c:14:0f:3b:15:65:
                    35:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:2B:E1:28:C7:2A:68:07:9E:D6:98:3A:3D:EC:B8:A0:F3:46:66:20
            X509v3 Authority Key Identifier:
                keyid:72:17:23:EE:6C:96:BA:E6:32:25:C1:86:52:97:7F:8E:40:4D:BD:28

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4BA37A459F293C30036216BB44FE99FC147CD8BFFDE2FF3C5E67537287481E60/0/721723EE6C96BAE63225C18652977F8E404DBD28.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/721723EE6C96BAE63225C18652977F8E404DBD28.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4BA37A459F293C30036216BB44FE99FC147CD8BFFDE2FF3C5E67537287481E60/0/323830313a3162393a333a3a2f34382d3438203d3e20323732393532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1b9:3::/48

    Signature Algorithm: sha256WithRSAEncryption
         61:40:93:04:d6:6b:c8:ac:4c:e4:28:cb:21:3e:72:9e:ae:eb:
         35:9c:fe:65:c6:0e:07:15:f4:af:6b:05:4f:1f:00:d1:08:c8:
         86:55:4c:bc:d7:89:4d:51:13:3a:cc:12:ac:07:a6:bd:36:e7:
         4a:34:0d:2a:5a:ea:ce:27:b3:51:76:a7:cc:8f:c8:d5:da:70:
         c4:69:33:fa:5b:3e:4c:1f:38:f7:e6:05:02:f0:48:f3:6b:6c:
         49:ab:55:85:ee:7f:a2:15:b5:7f:a0:07:c6:bc:53:a0:bf:94:
         99:c9:89:d1:d6:5d:39:0a:ce:cf:e1:ec:24:8f:ff:88:c4:5d:
         a7:ea:2b:93:4e:01:3f:19:ef:a4:f0:c7:ff:82:78:7a:6c:f1:
         f8:74:01:28:f0:c0:1c:1f:86:c5:c2:d5:fa:63:da:1f:54:b0:
         30:e5:a1:c6:78:1f:9d:7e:56:ab:bd:a0:3a:5d:2f:1b:ee:4e:
         f8:a8:f0:a5:35:5c:2f:3f:c6:17:2a:9c:1f:f0:ed:d2:e0:27:
         97:64:13:12:18:b1:61:79:5e:1c:bd:73:eb:66:39:3e:e3:c3:
         47:8d:e5:cf:db:c9:cd:fe:2f:d3:8c:8a:c6:00:7c:15:6c:4f:
         02:62:1f:73:e0:d6:6d:0f:52:f1:1a:96:9a:29:24:1c:29:cc:
         a4:c3:1e:e5
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgIUEKOD6WaSvW1T60O0pEZ0uHmWT0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzIxNzIzRUU2Qzk2QkFFNjMyMjVDMTg2NTI5NzdGOEU0
MDREQkQyODAeFw0yNDAzMDUxODA1MTVaFw0yNTAzMDQxODEwMTVaMDMxMTAvBgNV
BAMTKDFGMkJFMTI4QzcyQTY4MDc5RUQ2OTgzQTNERUNCOEEwRjM0NjY2MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuC/onsV/2kYNnVpN0wje5CHTO
kI8e7lzLSD8vxwnHZ94X0bZv3G9eNOgkvkz/jwnWzu3S6QbvVZAvUunDsP3LDvad
gNoUg6pi+yN5m964ZyMEmDxfK6V2B+WV9Tg4ULF+ZnjNfzNY8N4r9XM0Bpp0M+2j
yFXzDxA23ENDNimG2Ev0KC6kE6/ny0mbVOWyPLxebgszC9Lrxy+zly6rZB490Bbo
WFLchp0hYRcYvqU3N5lRXNL0htO2rxAD3ltsor9CoMfUEg74ek8x0O5Jmhkz5nzX
7RiujOoABjWKZ9JFz3Hkto6rt3pqZ+iCYNBVJc1wszDGmo9UdWwUDzsVZTUvAgMB
AAGjggLNMIICyTAdBgNVHQ4EFgQUHyvhKMcqaAee1pg6Pey4oPNGZiAwHwYDVR0j
BBgwFoAUchcj7myWuuYyJcGGUpd/jkBNvSgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80QkEzN0E0NTlGMjkzQzMwMDM2MjE2QkI0NEZFOTlGQzE0
N0NEOEJGRkRFMkZGM0M1RTY3NTM3Mjg3NDgxRTYwLzAvNzIxNzIzRUU2Qzk2QkFF
NjMyMjVDMTg2NTI5NzdGOEU0MDREQkQyOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83MjE3MjNFRTZDOTZCQUU2MzIy
NUMxODY1Mjk3N0Y4RTQwNERCRDI4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNEJBMzdBNDU5RjI5M0MzMDAzNjIxNkJCNDRGRTk5RkMxNDdDRDhCRkZE
RTJGRjNDNUU2NzUzNzI4NzQ4MUU2MC8wLzMyMzgzMDMxM2EzMTYyMzkzYTMzM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzIzNzMyMzkzNTMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKAEB
uQADMA0GCSqGSIb3DQEBCwUAA4IBAQBhQJME1mvIrEzkKMshPnKerus1nP5lxg4H
FfSvawVPHwDRCMiGVUy814lNURM6zBKsB6a9NudKNA0qWurOJ7NRdqfMj8jV2nDE
aTP6Wz5MHzj35gUC8Ejza2xJq1WF7n+iFbV/oAfGvFOgv5SZyYnR1l05Cs7P4ewk
j/+IxF2n6iuTTgE/Ge+k8Mf/gnh6bPH4dAEo8MAcH4bFwtX6Y9ofVLAw5aHGeB+d
flarvaA6XS8b7k74qPClNVwvP8YXKpwf8O3S4CeXZBMSGLFheV4cvXPrZjk+48NH
jeXP28nN/i/TjIrGAHwVbE8CYh9z4NZtD1LxGpaaKSQcKcykwx7l
-----END CERTIFICATE-----
Generated at Wed Nov 20 13:43:35 2024 by rpki-client on console-ams.rpki-client.org