Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3935303a3a2f34382d3438203d3e203134303830.roa
File:                     323830303a3830303a3935303a3a2f34382d3438203d3e203134303830.roa (raw, json)
Hash identifier:          N1ptLIMBQAFaGbE9m3l7FXI63I3ZubyUW9k4aWBuehE=
Subject key identifier:   32:B8:61:4C:B9:17:0C:F5:0F:15:8A:24:17:9F:EC:86:D4:DC:17:5D
Certificate issuer:       /CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
Certificate serial:       2C70E47135496BCD374378189EDC41346F4FB2F6
Authority key identifier: 43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3935303a3a2f34382d3438203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 18:01:08 +0000
ROA not before:           Tue 05 Mar 2024 17:56:08 +0000
ROA not after:            Tue 04 Mar 2025 18:01:08 +0000
asID:                     14080
IP address blocks:        2800:800:950::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 10:27:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:70:e4:71:35:49:6b:cd:37:43:78:18:9e:dc:41:34:6f:4f:b2:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
        Validity
            Not Before: Mar  5 17:56:08 2024 GMT
            Not After : Mar  4 18:01:08 2025 GMT
        Subject: CN=32B8614CB9170CF50F158A24179FEC86D4DC175D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f3:7f:5f:81:0f:d3:4f:89:88:e7:0c:05:96:
                    ce:37:e8:54:7f:7f:3b:53:f5:d3:67:0d:2d:35:b9:
                    d8:a4:fd:56:53:3c:13:ba:8d:21:cd:e3:90:3d:7a:
                    5f:da:28:22:1d:fb:6f:c6:64:01:44:25:48:da:85:
                    af:e9:33:ac:df:56:5f:45:99:1c:1a:de:0f:16:20:
                    ad:42:f2:29:c0:08:90:18:1f:45:61:40:c0:5f:56:
                    98:b6:f2:ad:db:70:fd:a3:d0:fc:09:40:b2:8f:3d:
                    b9:63:1b:37:cb:c3:50:4a:6e:d2:9a:a7:f9:f3:8c:
                    ce:1f:d3:15:cc:bb:c0:5d:32:28:d7:60:be:f5:69:
                    03:a0:ab:65:c8:80:cf:65:38:b8:d8:7d:c9:88:db:
                    e6:00:40:32:d0:9b:7a:ab:b8:d2:68:42:60:9a:b6:
                    02:93:ea:72:d5:2d:7c:f7:6c:8c:e3:d2:9e:0b:db:
                    54:59:0e:fc:75:0f:11:ce:d0:2b:88:83:b2:4b:34:
                    a4:62:ec:84:71:4a:57:e5:2b:0c:de:37:ee:35:60:
                    e2:f1:b9:11:7b:16:c9:db:b7:bd:bd:2d:9e:d4:4b:
                    4b:3e:b1:94:1d:5b:21:2d:32:18:88:4c:f2:fa:33:
                    19:48:77:80:bc:6b:48:c8:72:cc:cd:09:67:a3:5e:
                    75:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:B8:61:4C:B9:17:0C:F5:0F:15:8A:24:17:9F:EC:86:D4:DC:17:5D
            X509v3 Authority Key Identifier:
                keyid:43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3935303a3a2f34382d3438203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:800:950::/48

    Signature Algorithm: sha256WithRSAEncryption
         9b:55:c5:08:41:a3:3d:27:0e:77:79:54:d8:f0:5e:66:c2:a5:
         b6:a9:44:cd:bf:83:c0:62:b9:8b:ba:5f:d2:25:b9:0a:63:21:
         dd:5a:ee:bd:36:02:29:0f:7f:52:cf:77:29:e8:12:2b:d3:9a:
         f4:e5:0a:69:9e:91:7d:79:47:ed:56:07:5c:69:10:b4:dd:00:
         c9:4b:fa:38:b9:a5:bd:39:fa:4a:a4:e6:93:d1:f9:91:a9:e2:
         eb:fd:0a:76:2b:64:29:9e:2e:cb:25:85:79:84:5f:f3:b5:42:
         61:bf:c1:b2:d4:74:72:81:53:26:a3:e8:9c:0b:3a:68:21:52:
         aa:1a:42:50:b1:e8:a4:4f:71:74:ad:af:ec:83:d8:6e:cf:02:
         f5:c5:a3:66:de:9e:de:ba:54:a7:d5:f4:8c:17:1b:cd:fc:b2:
         a4:52:3f:ef:70:c5:a0:46:18:b3:1c:27:f0:5a:a7:46:35:1d:
         26:52:1a:16:f7:55:25:98:15:8a:0c:ce:03:7f:2f:eb:54:94:
         d4:cd:4c:55:f7:90:40:d8:92:80:5e:c6:56:98:45:b6:03:77:
         c7:5f:2e:21:3a:67:bc:a5:aa:f9:f6:bd:4b:e4:54:91:c8:4e:
         44:2f:c7:d6:12:02:a4:db:94:75:9d:b9:e0:30:fb:0f:f0:bb:
         19:26:6d:b9
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIULHDkcTVJa803Q3gYntxBNG9PsvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGRjFDOEFFMEI0NzU3RTY4RUREMDhBRTFBRUIyQURB
RDg2NTNENTAeFw0yNDAzMDUxNzU2MDhaFw0yNTAzMDQxODAxMDhaMDMxMTAvBgNV
BAMTKDMyQjg2MTRDQjkxNzBDRjUwRjE1OEEyNDE3OUZFQzg2RDREQzE3NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA839fgQ/TT4mI5wwFls436FR/
fztT9dNnDS01udik/VZTPBO6jSHN45A9el/aKCId+2/GZAFEJUjaha/pM6zfVl9F
mRwa3g8WIK1C8inACJAYH0VhQMBfVpi28q3bcP2j0PwJQLKPPbljGzfLw1BKbtKa
p/nzjM4f0xXMu8BdMijXYL71aQOgq2XIgM9lOLjYfcmI2+YAQDLQm3qruNJoQmCa
tgKT6nLVLXz3bIzj0p4L21RZDvx1DxHO0CuIg7JLNKRi7IRxSlflKwzeN+41YOLx
uRF7Fsnbt729LZ7US0s+sZQdWyEtMhiITPL6MxlId4C8a0jIcszNCWejXnV1AgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUMrhhTLkXDPUPFYokF5/shtTcF10wHwYDVR0j
BBgwFoAUQ/8ciuC0dX5o7dCK4a6yra2GU9UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MTI0MEU3OTYyQjkzODBBM0U2MjdDOTQ0NDFFQTZCQjJD
Q0EzREIxRDIyRTkzNEI2Q0M5REM1QjYzNUVGNDkxLzAvNDNGRjFDOEFFMEI0NzU3
RTY4RUREMDhBRTFBRUIyQURBRDg2NTNENS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80M0ZGMUM4QUUwQjQ3NTdFNjhF
REQwOEFFMUFFQjJBREFEODY1M0Q1LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTEyNDBFNzk2MkI5MzgwQTNFNjI3Qzk0NDQxRUE2QkIyQ0NBM0RCMUQy
MkU5MzRCNkNDOURDNUI2MzVFRjQ5MS8wLzMyMzgzMDMwM2EzODMwMzAzYTM5MzUz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzMDM4MzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAgACVAwDQYJKoZIhvcNAQELBQADggEBAJtVxQhBoz0nDnd5VNjwXmbCpbapRM2/
g8BiuYu6X9IluQpjId1a7r02AikPf1LPdynoEivTmvTlCmmekX15R+1WB1xpELTd
AMlL+ji5pb05+kqk5pPR+ZGp4uv9CnYrZCmeLsslhXmEX/O1QmG/wbLUdHKBUyaj
6JwLOmghUqoaQlCx6KRPcXStr+yD2G7PAvXFo2bent66VKfV9IwXG838sqRSP+9w
xaBGGLMcJ/Bap0Y1HSZSGhb3VSWYFYoMzgN/L+tUlNTNTFX3kEDYkoBexlaYRbYD
d8dfLiE6Z7ylqvn2vUvkVJHITkQvx9YSAqTblHWdueAw+w/wuxkmbbk=
-----END CERTIFICATE-----
Generated at Sat Jun 22 21:00:08 2024 by rpki-client on console-fra.rpki-client.org