Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5388144CC1445D19AB568D3704F57C4106F4A596E0BD94D573BB0465BC96EA87/0/323830313a31633a363030303a3a2f34382d3438203d3e203237393839.roa
File:                     323830313a31633a363030303a3a2f34382d3438203d3e203237393839.roa (raw, json)
Hash identifier:          9/235M5Xl5L2Tp536gxM1zZi+HoC1NV+M+oifDZ8eDQ=
Subject key identifier:   1C:F6:7C:FA:A4:DB:AD:BB:C3:60:FE:79:A6:48:05:A4:45:F3:08:42
Certificate issuer:       /CN=D2FB795817082A32A8F3E5DAE437DE6D0CA85E1D
Certificate serial:       5E7EEB2A6FF0950E5FED935A6DF8D26C39FD0C28
Authority key identifier: D2:FB:79:58:17:08:2A:32:A8:F3:E5:DA:E4:37:DE:6D:0C:A8:5E:1D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2FB795817082A32A8F3E5DAE437DE6D0CA85E1D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5388144CC1445D19AB568D3704F57C4106F4A596E0BD94D573BB0465BC96EA87/0/323830313a31633a363030303a3a2f34382d3438203d3e203237393839.roa
Signing time:             Tue 05 Mar 2024 17:53:00 +0000
ROA not before:           Tue 05 Mar 2024 17:48:00 +0000
ROA not after:            Tue 04 Mar 2025 17:53:00 +0000
asID:                     27989
IP address blocks:        2801:1c:6000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5388144CC1445D19AB568D3704F57C4106F4A596E0BD94D573BB0465BC96EA87/0/D2FB795817082A32A8F3E5DAE437DE6D0CA85E1D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5388144CC1445D19AB568D3704F57C4106F4A596E0BD94D573BB0465BC96EA87/0/D2FB795817082A32A8F3E5DAE437DE6D0CA85E1D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2FB795817082A32A8F3E5DAE437DE6D0CA85E1D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 16 Dec 2024 02:52:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:7e:eb:2a:6f:f0:95:0e:5f:ed:93:5a:6d:f8:d2:6c:39:fd:0c:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2FB795817082A32A8F3E5DAE437DE6D0CA85E1D
        Validity
            Not Before: Mar  5 17:48:00 2024 GMT
            Not After : Mar  4 17:53:00 2025 GMT
        Subject: CN=1CF67CFAA4DBADBBC360FE79A64805A445F30842
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:2e:36:7d:ff:99:1a:be:56:a6:3c:6e:45:44:
                    30:b6:6f:61:2e:4f:cd:e5:8a:c2:f0:3b:36:ac:18:
                    37:63:5d:9e:e3:3b:52:40:92:0c:15:36:b0:67:e1:
                    8c:cf:49:91:f4:2c:03:5a:05:30:f2:4b:ce:5e:75:
                    e7:f1:da:74:1d:a3:a0:c7:4b:b5:65:6c:77:a6:e9:
                    9e:64:77:ae:18:e4:d8:9f:7d:b9:1f:b1:1b:70:1d:
                    94:7b:0e:3f:1c:11:44:35:15:02:65:1c:b5:41:f0:
                    a9:88:95:8a:74:ce:36:2c:d1:37:82:7d:bb:47:53:
                    90:68:e0:ff:a6:7c:75:ea:50:a3:87:f1:23:89:12:
                    e9:ac:93:7f:42:e1:4d:a2:28:d7:88:f6:22:b1:77:
                    0e:88:a5:6e:00:b6:ce:ec:6b:7a:68:e7:33:a6:7d:
                    26:1b:2b:bb:25:82:2c:5f:c7:ef:30:c4:83:f3:0e:
                    f1:a8:0f:aa:58:bf:6a:c3:bf:27:f5:3d:3a:ad:a7:
                    d4:fe:1b:c1:9f:eb:ba:35:91:26:67:b4:63:39:80:
                    4c:d3:50:34:b0:e6:01:39:51:93:46:1e:67:45:04:
                    38:d4:71:49:d0:7d:0e:76:4f:8e:04:7a:3b:8a:b8:
                    98:34:55:d6:ca:f8:c7:eb:b8:50:6e:ec:ec:3a:4d:
                    8d:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:F6:7C:FA:A4:DB:AD:BB:C3:60:FE:79:A6:48:05:A4:45:F3:08:42
            X509v3 Authority Key Identifier:
                keyid:D2:FB:79:58:17:08:2A:32:A8:F3:E5:DA:E4:37:DE:6D:0C:A8:5E:1D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5388144CC1445D19AB568D3704F57C4106F4A596E0BD94D573BB0465BC96EA87/0/D2FB795817082A32A8F3E5DAE437DE6D0CA85E1D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2FB795817082A32A8F3E5DAE437DE6D0CA85E1D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5388144CC1445D19AB568D3704F57C4106F4A596E0BD94D573BB0465BC96EA87/0/323830313a31633a363030303a3a2f34382d3438203d3e203237393839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1c:6000::/48

    Signature Algorithm: sha256WithRSAEncryption
         70:85:2a:d8:e0:50:c7:16:e3:da:72:0f:14:6b:64:b5:06:20:
         77:b6:40:c4:f9:01:21:88:c9:aa:62:8f:87:e5:93:d7:b6:12:
         21:f2:ef:54:82:52:e1:66:ee:cf:41:a0:89:9b:5e:96:32:18:
         df:c0:5c:3b:d4:ba:86:02:70:47:93:ef:f9:e3:b2:e6:bf:10:
         88:db:46:7a:14:ae:16:42:63:c0:23:43:ef:21:6c:d7:52:13:
         09:f8:01:ff:08:a4:6a:9d:da:01:b8:f7:17:96:0d:2a:18:0b:
         e8:59:1b:a5:21:ad:e9:f0:2c:3c:73:86:75:eb:ac:78:f9:80:
         5a:c8:d2:14:bc:9d:a3:ea:c4:33:4d:bc:c1:f1:78:2f:9d:c9:
         dc:02:6f:b1:be:a7:5b:08:c7:92:0e:4b:ad:c9:f8:1e:cd:1f:
         62:26:57:ea:5e:ee:e8:c5:74:f7:87:e2:75:8d:bc:88:c5:66:
         e2:ee:27:f1:4a:5b:e6:82:1d:f9:d5:a9:3a:3b:a2:de:40:66:
         ba:2b:f0:68:09:87:32:03:89:58:51:b4:92:0d:47:fa:ea:1e:
         1a:5a:32:46:83:5f:3d:36:7c:de:fa:7e:2e:94:2d:0b:16:0d:
         6c:75:d4:89:3d:48:f4:34:a4:75:de:c1:c7:18:30:43:19:4d:
         c8:ff:bd:31
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUXn7rKm/wlQ5f7ZNabfjSbDn9DCgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDJGQjc5NTgxNzA4MkEzMkE4RjNFNURBRTQzN0RFNkQw
Q0E4NUUxRDAeFw0yNDAzMDUxNzQ4MDBaFw0yNTAzMDQxNzUzMDBaMDMxMTAvBgNV
BAMTKDFDRjY3Q0ZBQTREQkFEQkJDMzYwRkU3OUE2NDgwNUE0NDVGMzA4NDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6LjZ9/5kavlamPG5FRDC2b2Eu
T83lisLwOzasGDdjXZ7jO1JAkgwVNrBn4YzPSZH0LANaBTDyS85edefx2nQdo6DH
S7VlbHem6Z5kd64Y5NiffbkfsRtwHZR7Dj8cEUQ1FQJlHLVB8KmIlYp0zjYs0TeC
fbtHU5Bo4P+mfHXqUKOH8SOJEumsk39C4U2iKNeI9iKxdw6IpW4Ats7sa3po5zOm
fSYbK7slgixfx+8wxIPzDvGoD6pYv2rDvyf1PTqtp9T+G8Gf67o1kSZntGM5gEzT
UDSw5gE5UZNGHmdFBDjUcUnQfQ52T44EejuKuJg0VdbK+MfruFBu7Ow6TY0RAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUHPZ8+qTbrbvDYP55pkgFpEXzCEIwHwYDVR0j
BBgwFoAU0vt5WBcIKjKo8+Xa5DfebQyoXh0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81Mzg4MTQ0Q0MxNDQ1RDE5QUI1NjhEMzcwNEY1N0M0MTA2
RjRBNTk2RTBCRDk0RDU3M0JCMDQ2NUJDOTZFQTg3LzAvRDJGQjc5NTgxNzA4MkEz
MkE4RjNFNURBRTQzN0RFNkQwQ0E4NUUxRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMkZCNzk1ODE3MDgyQTMyQThG
M0U1REFFNDM3REU2RDBDQTg1RTFELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTM4ODE0NENDMTQ0NUQxOUFCNTY4RDM3MDRGNTdDNDEwNkY0QTU5NkUw
QkQ5NEQ1NzNCQjA0NjVCQzk2RUE4Ny8wLzMyMzgzMDMxM2EzMTYzM2EzNjMwMzAz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzczOTM4Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AQAcYAAwDQYJKoZIhvcNAQELBQADggEBAHCFKtjgUMcW49pyDxRrZLUGIHe2QMT5
ASGIyapij4flk9e2EiHy71SCUuFm7s9BoImbXpYyGN/AXDvUuoYCcEeT7/njsua/
EIjbRnoUrhZCY8AjQ+8hbNdSEwn4Af8IpGqd2gG49xeWDSoYC+hZG6UhrenwLDxz
hnXrrHj5gFrI0hS8naPqxDNNvMHxeC+dydwCb7G+p1sIx5IOS63J+B7NH2ImV+pe
7ujFdPeH4nWNvIjFZuLuJ/FKW+aCHfnVqTo7ot5AZror8GgJhzIDiVhRtJINR/rq
HhpaMkaDXz02fN76fi6ULQsWDWx11Ik9SPQ0pHXewccYMEMZTcj/vTE=
-----END CERTIFICATE-----
Generated at Tue Dec 10 20:57:56 2024 by rpki-client on console-fra.rpki-client.org