Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5AC33D4AC844439D945F2FA9F7BB78F06468E22C8BF5834A568CC00049AC3A7B/0/323830313a3162383a31303a3a2f34342d3438203d3e20333934333533.roa
File:                     323830313a3162383a31303a3a2f34342d3438203d3e20333934333533.roa (raw, json)
Hash identifier:          ATljImpf360FYHvVtyD8eS08cjmytZ9Luop/jV1ZJ0E=
Subject key identifier:   48:88:84:F3:49:E0:08:70:25:62:2B:32:E8:8F:1A:DB:D0:30:3F:07
Certificate issuer:       /CN=1F56B9011AE8C9ADDD96803DECE1D1F9306D81DE
Certificate serial:       4B8F02BF2C14472259247EAE24F13DA8BCBD926A
Authority key identifier: 1F:56:B9:01:1A:E8:C9:AD:DD:96:80:3D:EC:E1:D1:F9:30:6D:81:DE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F56B9011AE8C9ADDD96803DECE1D1F9306D81DE.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5AC33D4AC844439D945F2FA9F7BB78F06468E22C8BF5834A568CC00049AC3A7B/0/323830313a3162383a31303a3a2f34342d3438203d3e20333934333533.roa
Signing time:             Tue 05 Mar 2024 17:39:57 +0000
ROA not before:           Tue 05 Mar 2024 17:34:57 +0000
ROA not after:            Tue 04 Mar 2025 17:39:57 +0000
asID:                     394353
IP address blocks:        2801:1b8:10::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5AC33D4AC844439D945F2FA9F7BB78F06468E22C8BF5834A568CC00049AC3A7B/0/1F56B9011AE8C9ADDD96803DECE1D1F9306D81DE.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5AC33D4AC844439D945F2FA9F7BB78F06468E22C8BF5834A568CC00049AC3A7B/0/1F56B9011AE8C9ADDD96803DECE1D1F9306D81DE.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F56B9011AE8C9ADDD96803DECE1D1F9306D81DE.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:8f:02:bf:2c:14:47:22:59:24:7e:ae:24:f1:3d:a8:bc:bd:92:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1F56B9011AE8C9ADDD96803DECE1D1F9306D81DE
        Validity
            Not Before: Mar  5 17:34:57 2024 GMT
            Not After : Mar  4 17:39:57 2025 GMT
        Subject: CN=488884F349E0087025622B32E88F1ADBD0303F07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ac:05:56:ad:8d:f4:b0:3c:e9:08:04:86:54:
                    22:f6:54:01:38:13:65:18:fc:06:5e:e2:20:23:0c:
                    3e:59:00:60:f6:40:5f:1a:4a:32:83:2b:64:2a:22:
                    82:ff:cd:29:17:12:c0:08:fa:dc:92:7a:77:dd:29:
                    ff:c1:5a:6b:09:52:ff:35:8f:fc:c2:6c:5e:09:62:
                    8b:68:ec:f0:5a:9b:a5:60:ec:d6:10:ea:f4:fa:e4:
                    29:af:c4:92:0e:eb:b6:f2:f4:5b:c7:cb:87:7b:24:
                    b1:a7:a1:8f:17:05:e4:74:8f:eb:7b:c7:82:d0:20:
                    86:d8:dc:bf:95:7d:a4:6d:17:ff:ad:7f:97:eb:b0:
                    67:f2:0a:d5:eb:3d:ee:d7:b6:43:f6:fa:bb:90:6a:
                    8c:5a:7a:ef:bf:e6:53:d8:1e:02:bf:57:a0:df:eb:
                    5f:1d:fd:15:3f:c0:33:bb:93:d9:f9:95:36:da:c6:
                    2a:fb:41:6d:fa:3d:ea:1f:59:6c:a1:b3:3a:28:52:
                    6a:87:27:47:e8:9b:b2:29:97:d9:1e:c1:e3:91:86:
                    e0:19:bc:73:50:c2:99:7b:19:44:d1:4f:df:5f:87:
                    62:a2:82:79:81:77:62:4f:7c:06:d5:3e:e9:b3:e3:
                    8b:49:d1:02:94:b2:71:30:bc:30:bf:f4:ed:00:69:
                    f1:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:88:84:F3:49:E0:08:70:25:62:2B:32:E8:8F:1A:DB:D0:30:3F:07
            X509v3 Authority Key Identifier:
                keyid:1F:56:B9:01:1A:E8:C9:AD:DD:96:80:3D:EC:E1:D1:F9:30:6D:81:DE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5AC33D4AC844439D945F2FA9F7BB78F06468E22C8BF5834A568CC00049AC3A7B/0/1F56B9011AE8C9ADDD96803DECE1D1F9306D81DE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F56B9011AE8C9ADDD96803DECE1D1F9306D81DE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5AC33D4AC844439D945F2FA9F7BB78F06468E22C8BF5834A568CC00049AC3A7B/0/323830313a3162383a31303a3a2f34342d3438203d3e20333934333533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1b8:10::/44

    Signature Algorithm: sha256WithRSAEncryption
         c1:01:ea:49:c8:0d:94:7a:53:b9:c5:97:37:3b:07:94:24:fb:
         09:82:77:04:2e:f1:49:c9:a9:ee:72:29:b1:32:92:82:db:fd:
         ea:4d:d5:3e:0f:d3:b6:55:51:8e:1f:75:7a:f1:1a:e9:59:a6:
         54:04:c2:a9:20:96:6d:67:d9:f2:31:20:91:f6:0a:e9:0b:89:
         a4:b7:b6:ae:85:07:12:51:9a:36:3b:e3:c6:65:50:77:44:0e:
         d7:dc:f7:8a:6e:eb:ef:8e:59:05:f5:74:8a:09:c0:ab:96:ef:
         6f:90:c5:0f:84:c5:a2:23:da:37:01:5f:64:04:54:9b:ae:60:
         83:ae:c0:c7:77:cd:06:ab:b3:32:59:c0:3d:e1:b5:3a:70:c1:
         14:19:22:25:22:1d:ea:23:1e:8b:2e:33:a7:bc:6a:9f:6e:28:
         bc:8a:70:fc:40:b9:8f:97:c3:4c:83:67:dc:09:b5:71:0b:55:
         79:c5:d7:38:c8:34:e3:79:4a:a6:df:6d:e1:3b:15:50:8f:89:
         e7:79:ee:0c:6f:7b:01:d5:d6:ea:ef:45:3b:e4:b9:66:29:7e:
         01:a7:23:35:56:6b:db:dc:9d:05:22:09:f6:ad:d8:f8:78:65:
         fe:4c:b1:dd:a8:61:23:c5:45:81:46:69:bf:c3:e7:d8:c1:64:
         d0:7f:f2:a0
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUS48CvywURyJZJH6uJPE9qLy9kmowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUY1NkI5MDExQUU4QzlBREREOTY4MDNERUNFMUQxRjkz
MDZEODFERTAeFw0yNDAzMDUxNzM0NTdaFw0yNTAzMDQxNzM5NTdaMDMxMTAvBgNV
BAMTKDQ4ODg4NEYzNDlFMDA4NzAyNTYyMkIzMkU4OEYxQURCRDAzMDNGMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNrAVWrY30sDzpCASGVCL2VAE4
E2UY/AZe4iAjDD5ZAGD2QF8aSjKDK2QqIoL/zSkXEsAI+tySenfdKf/BWmsJUv81
j/zCbF4JYoto7PBam6Vg7NYQ6vT65CmvxJIO67by9FvHy4d7JLGnoY8XBeR0j+t7
x4LQIIbY3L+VfaRtF/+tf5frsGfyCtXrPe7XtkP2+ruQaoxaeu+/5lPYHgK/V6Df
618d/RU/wDO7k9n5lTbaxir7QW36PeofWWyhszooUmqHJ0fom7Ipl9keweORhuAZ
vHNQwpl7GUTRT99fh2KignmBd2JPfAbVPumz44tJ0QKUsnEwvDC/9O0AafElAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUSIiE80ngCHAlYisy6I8a29AwPwcwHwYDVR0j
BBgwFoAUH1a5ARroya3dloA97OHR+TBtgd4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81QUMzM0Q0QUM4NDQ0MzlEOTQ1RjJGQTlGN0JCNzhGMDY0
NjhFMjJDOEJGNTgzNEE1NjhDQzAwMDQ5QUMzQTdCLzAvMUY1NkI5MDExQUU4QzlB
REREOTY4MDNERUNFMUQxRjkzMDZEODFERS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRjU2QjkwMTFBRThDOUFEREQ5
NjgwM0RFQ0UxRDFGOTMwNkQ4MURFLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUFDMzNENEFDODQ0NDM5RDk0NUYyRkE5RjdCQjc4RjA2NDY4RTIyQzhC
RjU4MzRBNTY4Q0MwMDA0OUFDM0E3Qi8wLzMyMzgzMDMxM2EzMTYyMzgzYTMxMzAz
YTNhMmYzNDM0MmQzNDM4MjAzZDNlMjAzMzM5MzQzMzM1MzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQo
AQG4ABAwDQYJKoZIhvcNAQELBQADggEBAMEB6knIDZR6U7nFlzc7B5Qk+wmCdwQu
8UnJqe5yKbEykoLb/epN1T4P07ZVUY4fdXrxGulZplQEwqkglm1n2fIxIJH2CukL
iaS3tq6FBxJRmjY748ZlUHdEDtfc94pu6++OWQX1dIoJwKuW72+QxQ+ExaIj2jcB
X2QEVJuuYIOuwMd3zQarszJZwD3htTpwwRQZIiUiHeojHosuM6e8ap9uKLyKcPxA
uY+Xw0yDZ9wJtXELVXnF1zjINON5SqbfbeE7FVCPied57gxvewHV1urvRTvkuWYp
fgGnIzVWa9vcnQUiCfat2Ph4Zf5Msd2oYSPFRYFGab/D59jBZNB/8qA=
-----END CERTIFICATE-----
Generated at Tue Nov 19 20:38:22 2024 by rpki-client on console-fra.rpki-client.org