Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4DF3799E9FC491DB3AFE70B5EC6AC722EF341769438D04AD580EFCD76A8D03F2/0/323830313a3161393a3a2f34342d3434203d3e20323732393039.roa
File:                     323830313a3161393a3a2f34342d3434203d3e20323732393039.roa (raw, json)
Hash identifier:          15OsTmAAYRZn6NEcbu49T+8NKhQoQEhJ/U6d/KsBHcs=
Subject key identifier:   74:C2:C7:D3:91:3D:C1:39:4E:B3:4F:38:52:22:92:96:CE:89:43:CF
Certificate issuer:       /CN=BDDC3BF7FCA3B086A7E32760A12D6D60036CC131
Certificate serial:       04FAF68B1E04BEDAC9F0F57772BCE2B67131717B
Authority key identifier: BD:DC:3B:F7:FC:A3:B0:86:A7:E3:27:60:A1:2D:6D:60:03:6C:C1:31
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BDDC3BF7FCA3B086A7E32760A12D6D60036CC131.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4DF3799E9FC491DB3AFE70B5EC6AC722EF341769438D04AD580EFCD76A8D03F2/0/323830313a3161393a3a2f34342d3434203d3e20323732393039.roa
Signing time:             Tue 05 Mar 2024 17:44:23 +0000
ROA not before:           Tue 05 Mar 2024 17:39:23 +0000
ROA not after:            Tue 04 Mar 2025 17:44:23 +0000
asID:                     272909
IP address blocks:        2801:1a9::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4DF3799E9FC491DB3AFE70B5EC6AC722EF341769438D04AD580EFCD76A8D03F2/0/BDDC3BF7FCA3B086A7E32760A12D6D60036CC131.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4DF3799E9FC491DB3AFE70B5EC6AC722EF341769438D04AD580EFCD76A8D03F2/0/BDDC3BF7FCA3B086A7E32760A12D6D60036CC131.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BDDC3BF7FCA3B086A7E32760A12D6D60036CC131.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:fa:f6:8b:1e:04:be:da:c9:f0:f5:77:72:bc:e2:b6:71:31:71:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BDDC3BF7FCA3B086A7E32760A12D6D60036CC131
        Validity
            Not Before: Mar  5 17:39:23 2024 GMT
            Not After : Mar  4 17:44:23 2025 GMT
        Subject: CN=74C2C7D3913DC1394EB34F3852229296CE8943CF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ee:26:05:2b:3c:a8:46:8b:0f:c5:09:c1:16:
                    3b:04:db:92:ca:d3:3e:fd:98:c3:1e:19:d7:78:bc:
                    81:0c:b5:1b:04:52:f0:6c:71:64:ed:1e:cd:f9:18:
                    2c:f3:7c:14:d6:85:16:e7:08:19:fd:7b:fe:05:3b:
                    f2:95:d5:2a:9f:51:ae:fc:78:0e:5a:3c:d2:63:56:
                    05:b7:bd:7f:d0:ff:7d:28:57:44:97:68:93:f9:61:
                    cb:2f:1b:0a:b1:6e:5f:8b:cb:1a:6b:b0:ef:eb:e1:
                    1b:a7:b1:b3:a5:d4:1e:7e:78:af:e2:11:4b:aa:46:
                    3d:3d:cf:d0:25:a8:53:30:bf:2e:20:a5:69:d1:d0:
                    8a:b4:4f:31:c2:3c:d4:11:4e:1d:bb:7e:e9:c1:b2:
                    dc:63:46:79:1f:3b:40:53:bc:a1:5d:48:9d:95:78:
                    fa:83:54:fd:a3:ca:2e:3b:e2:db:fb:fc:3c:a5:d1:
                    ba:3f:70:23:4c:c2:20:11:64:56:9d:09:73:f1:19:
                    97:f2:bb:28:0c:83:60:81:05:a3:51:f2:b0:5b:27:
                    1b:17:12:7d:1b:5b:29:75:84:6b:28:5e:4c:a3:5c:
                    6a:a6:04:17:91:e6:17:1e:4f:56:02:41:a5:a6:1c:
                    89:90:7f:4e:86:fc:af:8c:17:1b:8c:20:36:a1:34:
                    e6:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:C2:C7:D3:91:3D:C1:39:4E:B3:4F:38:52:22:92:96:CE:89:43:CF
            X509v3 Authority Key Identifier:
                keyid:BD:DC:3B:F7:FC:A3:B0:86:A7:E3:27:60:A1:2D:6D:60:03:6C:C1:31

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4DF3799E9FC491DB3AFE70B5EC6AC722EF341769438D04AD580EFCD76A8D03F2/0/BDDC3BF7FCA3B086A7E32760A12D6D60036CC131.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BDDC3BF7FCA3B086A7E32760A12D6D60036CC131.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4DF3799E9FC491DB3AFE70B5EC6AC722EF341769438D04AD580EFCD76A8D03F2/0/323830313a3161393a3a2f34342d3434203d3e20323732393039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1a9::/44

    Signature Algorithm: sha256WithRSAEncryption
         57:13:7b:85:e6:62:3a:14:49:bd:cf:9e:ca:f8:e4:e6:19:2a:
         d9:66:9d:45:fc:1e:c6:71:e9:2c:86:4d:6a:bd:2a:3a:7d:46:
         5b:c8:ab:f9:8e:52:7c:c6:99:fd:84:e0:b9:80:16:18:74:82:
         96:39:8c:c1:f6:72:f8:1d:b5:b8:4a:74:57:43:fa:e3:1e:61:
         7f:69:5c:ec:04:fe:82:11:fd:20:d8:84:29:01:66:72:d0:11:
         3e:7e:ce:91:05:74:b6:a4:59:7c:83:5b:ac:b4:85:f9:5d:4e:
         d9:54:04:1b:a3:b6:fe:a8:91:ce:c4:49:9b:9a:e4:8c:6a:0a:
         fd:c9:e6:15:f0:32:a5:cc:16:55:36:4c:22:92:9a:ff:06:42:
         73:b1:bc:91:63:a2:30:af:10:d9:2b:52:e1:eb:4e:c0:8f:a9:
         1c:a0:93:cd:92:55:0c:a1:1e:c3:b3:d6:8e:23:b5:b2:e5:5a:
         57:c2:6f:d9:41:7a:0d:91:2f:46:05:3b:42:42:9d:e4:2e:d3:
         2a:7e:e6:f6:ca:61:1f:0c:69:56:7f:43:01:b8:02:91:93:f0:
         b5:ea:e6:0a:83:ea:04:97:56:57:0a:49:57:8c:06:66:9f:52:
         2f:e0:1c:b5:f4:f3:f6:eb:17:f6:36:d2:84:56:ab:14:89:75:
         0f:6a:22:49
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUBPr2ix4EvtrJ8PV3crzitnExcXswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkREQzNCRjdGQ0EzQjA4NkE3RTMyNzYwQTEyRDZENjAw
MzZDQzEzMTAeFw0yNDAzMDUxNzM5MjNaFw0yNTAzMDQxNzQ0MjNaMDMxMTAvBgNV
BAMTKDc0QzJDN0QzOTEzREMxMzk0RUIzNEYzODUyMjI5Mjk2Q0U4OTQzQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA7iYFKzyoRosPxQnBFjsE25LK
0z79mMMeGdd4vIEMtRsEUvBscWTtHs35GCzzfBTWhRbnCBn9e/4FO/KV1SqfUa78
eA5aPNJjVgW3vX/Q/30oV0SXaJP5YcsvGwqxbl+LyxprsO/r4RunsbOl1B5+eK/i
EUuqRj09z9AlqFMwvy4gpWnR0Iq0TzHCPNQRTh27funBstxjRnkfO0BTvKFdSJ2V
ePqDVP2jyi474tv7/Dyl0bo/cCNMwiARZFadCXPxGZfyuygMg2CBBaNR8rBbJxsX
En0bWyl1hGsoXkyjXGqmBBeR5hceT1YCQaWmHImQf06G/K+MFxuMIDahNOYJAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUdMLH05E9wTlOs084UiKSls6JQ88wHwYDVR0j
BBgwFoAUvdw79/yjsIan4ydgoS1tYANswTEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80REYzNzk5RTlGQzQ5MURCM0FGRTcwQjVFQzZBQzcyMkVG
MzQxNzY5NDM4RDA0QUQ1ODBFRkNENzZBOEQwM0YyLzAvQkREQzNCRjdGQ0EzQjA4
NkE3RTMyNzYwQTEyRDZENjAwMzZDQzEzMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CRERDM0JGN0ZDQTNCMDg2QTdF
MzI3NjBBMTJENkQ2MDAzNkNDMTMxLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNERGMzc5OUU5RkM0OTFEQjNBRkU3MEI1RUM2QUM3MjJFRjM0MTc2OTQz
OEQwNEFENTgwRUZDRDc2QThEMDNGMi8wLzMyMzgzMDMxM2EzMTYxMzkzYTNhMmYz
NDM0MmQzNDM0MjAzZDNlMjAzMjM3MzIzOTMwMzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQoAQGpAAAw
DQYJKoZIhvcNAQELBQADggEBAFcTe4XmYjoUSb3Pnsr45OYZKtlmnUX8HsZx6SyG
TWq9Kjp9RlvIq/mOUnzGmf2E4LmAFhh0gpY5jMH2cvgdtbhKdFdD+uMeYX9pXOwE
/oIR/SDYhCkBZnLQET5+zpEFdLakWXyDW6y0hfldTtlUBBujtv6okc7ESZua5Ixq
Cv3J5hXwMqXMFlU2TCKSmv8GQnOxvJFjojCvENkrUuHrTsCPqRygk82SVQyhHsOz
1o4jtbLlWlfCb9lBeg2RL0YFO0JCneQu0yp+5vbKYR8MaVZ/QwG4ApGT8LXq5gqD
6gSXVlcKSVeMBmafUi/gHLX08/brF/Y20oRWqxSJdQ9qIkk=
-----END CERTIFICATE-----
Generated at Wed Nov 20 21:51:53 2024 by rpki-client on console-fra.rpki-client.org