Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3937303a3a2f34382d3438203d3e203134303830.roa
File:                     323830303a3830303a3937303a3a2f34382d3438203d3e203134303830.roa (raw, json)
Hash identifier:          F67jYIx0trB//bJFiCaNqWUuW8gPjrf6D2WJii4HRDY=
Subject key identifier:   5F:76:C9:E5:AE:D1:9B:65:57:53:31:32:70:8B:30:25:E6:5E:C4:C5
Certificate issuer:       /CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
Certificate serial:       0640D2E0AF2038FABDD516B338B0B923035F40B6
Authority key identifier: 43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3937303a3a2f34382d3438203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 18:01:06 +0000
ROA not before:           Tue 05 Mar 2024 17:56:06 +0000
ROA not after:            Tue 04 Mar 2025 18:01:06 +0000
asID:                     14080
IP address blocks:        2800:800:970::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 10:27:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:40:d2:e0:af:20:38:fa:bd:d5:16:b3:38:b0:b9:23:03:5f:40:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
        Validity
            Not Before: Mar  5 17:56:06 2024 GMT
            Not After : Mar  4 18:01:06 2025 GMT
        Subject: CN=5F76C9E5AED19B6557533132708B3025E65EC4C5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:0a:bc:8a:83:03:ac:1b:c6:79:8a:6c:ea:a6:
                    7e:50:71:d6:e1:cd:61:39:05:9c:5d:d1:36:7d:b2:
                    a6:13:a6:68:5a:eb:f6:50:31:98:47:ab:c6:fc:df:
                    bb:7f:42:08:49:41:9f:32:e8:80:81:67:cd:3c:68:
                    53:78:7d:c2:69:f8:35:8d:a1:bc:25:2d:16:d9:47:
                    ec:cd:3a:fa:61:77:23:99:15:ee:13:6d:2a:37:7d:
                    62:5f:a9:96:7f:35:26:c2:e4:42:25:3a:00:3b:8d:
                    34:25:c1:2f:59:2b:33:28:4f:95:50:fc:03:3b:97:
                    e5:39:34:aa:a4:95:8e:fe:bb:4e:fc:b0:d4:fd:4f:
                    25:26:20:57:37:3f:fb:df:07:b8:60:6f:47:84:2c:
                    88:46:3a:00:f8:12:ca:f3:db:bf:9a:43:db:f2:b7:
                    7c:8b:8a:85:cc:d8:b7:36:29:f6:15:61:c6:af:7f:
                    6b:00:31:c3:5f:e3:13:d5:55:78:f9:c3:1e:83:97:
                    00:ee:70:a2:61:03:d9:18:29:dc:50:f6:5c:f8:09:
                    2d:2b:5c:24:4f:fa:3d:d3:4b:9c:88:d4:cd:92:65:
                    98:ef:eb:bd:88:9b:fe:ed:9b:d6:f3:f7:90:ff:d9:
                    50:ce:d7:06:31:f9:c8:a6:ad:1a:ac:88:95:c1:e3:
                    8d:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:76:C9:E5:AE:D1:9B:65:57:53:31:32:70:8B:30:25:E6:5E:C4:C5
            X509v3 Authority Key Identifier:
                keyid:43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3937303a3a2f34382d3438203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:800:970::/48

    Signature Algorithm: sha256WithRSAEncryption
         70:45:58:1b:c0:c0:ce:5e:59:0d:b6:b3:cd:42:30:dd:50:75:
         c7:11:3e:a0:62:9b:14:f0:2b:0d:3c:a8:27:17:58:69:06:ac:
         b8:57:51:21:e2:b6:4a:0b:60:c7:d5:f3:cb:64:2d:e6:01:1b:
         72:c2:e7:cf:b9:9d:0f:80:7a:0f:6f:09:1d:86:b9:1c:b2:b6:
         57:8c:f0:03:83:b1:ee:9b:2a:93:0f:38:a4:63:f0:84:a1:2b:
         65:df:4e:95:90:76:c8:06:6d:f3:dc:6d:34:68:d0:0a:44:f0:
         6a:b8:a3:d0:f5:06:eb:28:64:3a:af:55:8c:8b:ae:bf:82:bf:
         0d:4f:ea:94:f6:8e:2f:10:1b:1b:0a:76:5b:31:7d:5e:d8:75:
         0c:f6:78:78:b2:d8:78:84:bf:9f:66:13:59:1e:8a:5a:14:b0:
         38:c6:39:8b:e0:95:e7:be:c2:78:f5:92:44:e0:3c:00:76:ff:
         87:1a:8d:8d:49:2e:47:ad:a2:8d:76:16:cd:ee:dc:79:06:e0:
         8e:1f:dc:00:bf:0d:0c:5c:42:b2:33:b8:be:cc:2e:62:ea:1a:
         b3:8c:25:f2:eb:31:25:76:14:06:35:95:ee:23:b6:c6:5f:e4:
         db:f0:85:a1:d4:2d:56:db:b3:15:95:e0:94:94:b1:db:c2:1c:
         86:85:4c:fa
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUBkDS4K8gOPq91RazOLC5IwNfQLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGRjFDOEFFMEI0NzU3RTY4RUREMDhBRTFBRUIyQURB
RDg2NTNENTAeFw0yNDAzMDUxNzU2MDZaFw0yNTAzMDQxODAxMDZaMDMxMTAvBgNV
BAMTKDVGNzZDOUU1QUVEMTlCNjU1NzUzMzEzMjcwOEIzMDI1RTY1RUM0QzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUCryKgwOsG8Z5imzqpn5Qcdbh
zWE5BZxd0TZ9sqYTpmha6/ZQMZhHq8b837t/QghJQZ8y6ICBZ808aFN4fcJp+DWN
obwlLRbZR+zNOvphdyOZFe4TbSo3fWJfqZZ/NSbC5EIlOgA7jTQlwS9ZKzMoT5VQ
/AM7l+U5NKqklY7+u078sNT9TyUmIFc3P/vfB7hgb0eELIhGOgD4Esrz27+aQ9vy
t3yLioXM2Lc2KfYVYcavf2sAMcNf4xPVVXj5wx6DlwDucKJhA9kYKdxQ9lz4CS0r
XCRP+j3TS5yI1M2SZZjv672Im/7tm9bz95D/2VDO1wYx+cimrRqsiJXB442ZAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUX3bJ5a7Rm2VXUzEycIswJeZexMUwHwYDVR0j
BBgwFoAUQ/8ciuC0dX5o7dCK4a6yra2GU9UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MTI0MEU3OTYyQjkzODBBM0U2MjdDOTQ0NDFFQTZCQjJD
Q0EzREIxRDIyRTkzNEI2Q0M5REM1QjYzNUVGNDkxLzAvNDNGRjFDOEFFMEI0NzU3
RTY4RUREMDhBRTFBRUIyQURBRDg2NTNENS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80M0ZGMUM4QUUwQjQ3NTdFNjhF
REQwOEFFMUFFQjJBREFEODY1M0Q1LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTEyNDBFNzk2MkI5MzgwQTNFNjI3Qzk0NDQxRUE2QkIyQ0NBM0RCMUQy
MkU5MzRCNkNDOURDNUI2MzVFRjQ5MS8wLzMyMzgzMDMwM2EzODMwMzAzYTM5Mzcz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzMDM4MzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAgACXAwDQYJKoZIhvcNAQELBQADggEBAHBFWBvAwM5eWQ22s81CMN1QdccRPqBi
mxTwKw08qCcXWGkGrLhXUSHitkoLYMfV88tkLeYBG3LC58+5nQ+Aeg9vCR2GuRyy
tleM8AODse6bKpMPOKRj8IShK2XfTpWQdsgGbfPcbTRo0ApE8Gq4o9D1BusoZDqv
VYyLrr+Cvw1P6pT2ji8QGxsKdlsxfV7YdQz2eHiy2HiEv59mE1keiloUsDjGOYvg
lee+wnj1kkTgPAB2/4cajY1JLketoo12Fs3u3HkG4I4f3AC/DQxcQrIzuL7MLmLq
GrOMJfLrMSV2FAY1le4jtsZf5NvwhaHULVbbsxWV4JSUsdvCHIaFTPo=
-----END CERTIFICATE-----
Generated at Sat Jun 22 21:55:36 2024 by rpki-client on console-ams.rpki-client.org