Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3934303a3a2f34382d3438203d3e203134303830.roa
File:                     323830303a3830303a3934303a3a2f34382d3438203d3e203134303830.roa (raw, json)
Hash identifier:          icA8CumnWc09e4BhkYtltNVjrkxiZlu09SsG9vy+0TE=
Subject key identifier:   D8:E8:65:85:B5:56:4F:57:1A:D6:E8:A2:0E:F9:5F:2B:FB:6B:00:7E
Certificate issuer:       /CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
Certificate serial:       411EA7681E841F3376CEF12D223CBBAF808C8210
Authority key identifier: 43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3934303a3a2f34382d3438203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 18:00:58 +0000
ROA not before:           Tue 05 Mar 2024 17:55:58 +0000
ROA not after:            Tue 04 Mar 2025 18:00:58 +0000
asID:                     14080
IP address blocks:        2800:800:940::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 10:27:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:1e:a7:68:1e:84:1f:33:76:ce:f1:2d:22:3c:bb:af:80:8c:82:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
        Validity
            Not Before: Mar  5 17:55:58 2024 GMT
            Not After : Mar  4 18:00:58 2025 GMT
        Subject: CN=D8E86585B5564F571AD6E8A20EF95F2BFB6B007E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:a1:ec:df:d8:95:16:e8:0c:8a:71:19:ec:66:
                    20:8d:74:29:83:8b:1d:b9:3f:5b:ee:43:ca:af:96:
                    db:56:21:74:6b:18:f3:16:40:f1:db:49:4d:1f:33:
                    16:86:d2:b6:7d:59:c1:8a:c3:60:cb:b9:2b:64:23:
                    a4:7f:a1:dd:a2:24:38:fd:d8:95:ef:94:57:b5:2b:
                    de:c0:47:d3:00:59:64:e3:ab:03:16:69:b3:27:9a:
                    c2:58:d5:64:55:d8:3b:9f:e9:75:25:a2:12:13:ab:
                    a5:44:8e:67:d7:40:a7:82:a6:ba:95:7e:4b:e6:4b:
                    6a:51:35:de:11:f5:4d:29:45:9f:f1:96:1f:27:81:
                    54:3d:cb:89:e2:66:2e:a4:ba:1a:4a:19:d9:ba:77:
                    91:79:0e:df:bb:49:86:d4:74:a3:55:bc:86:75:9a:
                    b4:28:d1:b1:fb:02:ba:39:7d:34:69:c5:7e:4d:a6:
                    02:9b:b8:a2:60:b2:80:08:89:a6:95:57:da:86:90:
                    b3:74:16:4b:ff:c9:bd:83:72:7e:e3:5d:e8:00:ea:
                    b3:90:87:e8:ac:7f:41:e5:e5:a1:90:96:5a:18:69:
                    b3:dd:95:55:85:29:9e:81:13:e2:f6:0f:8c:fe:7b:
                    4d:4b:6b:65:fc:56:6c:b2:33:42:24:a7:ab:eb:49:
                    d4:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:E8:65:85:B5:56:4F:57:1A:D6:E8:A2:0E:F9:5F:2B:FB:6B:00:7E
            X509v3 Authority Key Identifier:
                keyid:43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3934303a3a2f34382d3438203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:800:940::/48

    Signature Algorithm: sha256WithRSAEncryption
         09:ef:b3:83:86:a5:c3:6a:38:92:a6:c5:84:15:e3:d1:a1:0b:
         4a:fe:94:c0:d4:c4:78:d7:c9:40:3d:15:5b:75:c9:43:b8:2a:
         19:79:96:2f:fc:d1:73:e1:b8:ed:ae:5c:da:a6:c0:83:73:6e:
         82:40:33:1d:7c:27:78:ad:7c:fd:5f:6a:00:ba:bd:29:9c:b2:
         a5:e6:f4:13:38:22:66:4b:72:50:0b:aa:68:2a:39:39:37:d1:
         ee:17:54:39:12:3d:33:0e:e5:1c:27:0d:10:4f:9f:5d:15:c2:
         e4:c9:94:33:7c:5f:20:83:fc:15:2f:0b:d8:1b:95:90:46:4b:
         dd:c7:d1:ce:b3:72:fa:df:79:43:2a:ff:a9:8e:59:ac:97:34:
         10:1c:6d:bb:d7:5d:ae:9f:4d:ed:5c:38:2d:b6:fc:76:22:96:
         24:aa:02:dc:ce:49:24:6a:7b:43:8a:e3:fa:d6:06:0b:04:0d:
         52:9d:ee:54:70:67:92:de:bb:3a:3f:e5:a5:70:17:e1:79:e9:
         e8:82:61:08:9a:0f:f0:04:41:73:14:9e:76:fb:1b:b1:25:ef:
         8e:ee:73:50:1d:e4:11:b4:1d:9e:e1:6b:31:1b:78:63:11:85:
         ce:a4:ed:85:16:db:df:66:bd:06:8e:62:dc:91:06:29:f6:0d:
         97:9e:0e:8b
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUQR6naB6EHzN2zvEtIjy7r4CMghAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGRjFDOEFFMEI0NzU3RTY4RUREMDhBRTFBRUIyQURB
RDg2NTNENTAeFw0yNDAzMDUxNzU1NThaFw0yNTAzMDQxODAwNThaMDMxMTAvBgNV
BAMTKEQ4RTg2NTg1QjU1NjRGNTcxQUQ2RThBMjBFRjk1RjJCRkI2QjAwN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaoezf2JUW6AyKcRnsZiCNdCmD
ix25P1vuQ8qvlttWIXRrGPMWQPHbSU0fMxaG0rZ9WcGKw2DLuStkI6R/od2iJDj9
2JXvlFe1K97AR9MAWWTjqwMWabMnmsJY1WRV2Duf6XUlohITq6VEjmfXQKeCprqV
fkvmS2pRNd4R9U0pRZ/xlh8ngVQ9y4niZi6kuhpKGdm6d5F5Dt+7SYbUdKNVvIZ1
mrQo0bH7Aro5fTRpxX5NpgKbuKJgsoAIiaaVV9qGkLN0Fkv/yb2Dcn7jXegA6rOQ
h+isf0Hl5aGQlloYabPdlVWFKZ6BE+L2D4z+e01La2X8VmyyM0Ikp6vrSdR5AgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQU2OhlhbVWT1ca1uiiDvlfK/trAH4wHwYDVR0j
BBgwFoAUQ/8ciuC0dX5o7dCK4a6yra2GU9UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MTI0MEU3OTYyQjkzODBBM0U2MjdDOTQ0NDFFQTZCQjJD
Q0EzREIxRDIyRTkzNEI2Q0M5REM1QjYzNUVGNDkxLzAvNDNGRjFDOEFFMEI0NzU3
RTY4RUREMDhBRTFBRUIyQURBRDg2NTNENS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80M0ZGMUM4QUUwQjQ3NTdFNjhF
REQwOEFFMUFFQjJBREFEODY1M0Q1LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTEyNDBFNzk2MkI5MzgwQTNFNjI3Qzk0NDQxRUE2QkIyQ0NBM0RCMUQy
MkU5MzRCNkNDOURDNUI2MzVFRjQ5MS8wLzMyMzgzMDMwM2EzODMwMzAzYTM5MzQz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzMDM4MzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAgACUAwDQYJKoZIhvcNAQELBQADggEBAAnvs4OGpcNqOJKmxYQV49GhC0r+lMDU
xHjXyUA9FVt1yUO4Khl5li/80XPhuO2uXNqmwINzboJAMx18J3itfP1fagC6vSmc
sqXm9BM4ImZLclALqmgqOTk30e4XVDkSPTMO5RwnDRBPn10VwuTJlDN8XyCD/BUv
C9gblZBGS93H0c6zcvrfeUMq/6mOWayXNBAcbbvXXa6fTe1cOC22/HYiliSqAtzO
SSRqe0OK4/rWBgsEDVKd7lRwZ5Leuzo/5aVwF+F56eiCYQiaD/AEQXMUnnb7G7El
747uc1Ad5BG0HZ7hazEbeGMRhc6k7YUW299mvQaOYtyRBin2DZeeDos=
-----END CERTIFICATE-----
Generated at Sat Jun 22 21:00:08 2024 by rpki-client on console-fra.rpki-client.org