Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/323830313a31663a373030303a3a2f34382d3438203d3e203532333138.roa
File:                     323830313a31663a373030303a3a2f34382d3438203d3e203532333138.roa (raw, json)
Hash identifier:          CwbctjhmdibSjJo1NkqkQE9bfobJnPgJ5suMTYYSypU=
Subject key identifier:   29:89:ED:35:09:E9:3D:3C:AE:85:36:80:81:EB:0B:EE:E7:1C:31:70
Certificate issuer:       /CN=3802AD95B7CACA97DDF17AEBD1AAA914EE988E98
Certificate serial:       6D4F2565783E638C6ACA6E178D7A356264CBF66E
Authority key identifier: 38:02:AD:95:B7:CA:CA:97:DD:F1:7A:EB:D1:AA:A9:14:EE:98:8E:98
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/323830313a31663a373030303a3a2f34382d3438203d3e203532333138.roa
Signing time:             Tue 05 Mar 2024 17:52:40 +0000
ROA not before:           Tue 05 Mar 2024 17:47:40 +0000
ROA not after:            Tue 04 Mar 2025 17:52:40 +0000
asID:                     52318
IP address blocks:        2801:1f:7000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:4f:25:65:78:3e:63:8c:6a:ca:6e:17:8d:7a:35:62:64:cb:f6:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3802AD95B7CACA97DDF17AEBD1AAA914EE988E98
        Validity
            Not Before: Mar  5 17:47:40 2024 GMT
            Not After : Mar  4 17:52:40 2025 GMT
        Subject: CN=2989ED3509E93D3CAE85368081EB0BEEE71C3170
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:59:ca:10:79:8e:ef:d7:d2:4c:62:89:2e:b1:
                    2a:b5:ab:13:5f:c7:e3:04:53:15:1f:2c:4e:ed:fb:
                    7e:6a:aa:18:05:88:3b:08:2e:0d:5d:bc:6d:2d:c3:
                    e2:39:fd:32:e9:f4:65:92:18:48:4e:fe:24:83:27:
                    b2:f1:2a:91:36:4f:4d:6a:97:3f:c0:7e:87:da:f1:
                    58:06:35:0e:43:2a:36:25:c8:19:71:94:8c:ac:3a:
                    37:d5:ef:6c:67:ff:7b:d7:1d:39:76:b9:e9:43:24:
                    ac:1d:27:df:0e:31:7f:06:c3:52:33:c2:4d:36:59:
                    c0:9b:f0:18:1a:22:c4:2b:43:b6:73:80:9b:a4:75:
                    f6:91:1e:91:a8:0a:0e:e3:a1:18:d5:e9:ad:1b:ec:
                    c0:7f:4d:9a:f9:8d:e6:51:bf:0d:10:35:04:04:b7:
                    1f:50:ea:50:33:b2:77:6e:20:a0:b5:4d:93:66:1e:
                    83:ea:60:95:47:fe:fc:ca:fb:f0:48:5d:57:f4:77:
                    4b:26:2c:4f:dc:1a:9f:51:69:b5:cd:7e:49:d7:de:
                    0f:56:c0:48:3a:97:9d:8b:9d:d6:c4:e8:9d:f3:08:
                    2c:3f:68:1e:5e:4d:8f:9e:df:0e:72:45:3f:18:61:
                    d4:27:59:bf:95:d8:77:7a:73:ba:ea:58:e8:1d:ff:
                    57:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:89:ED:35:09:E9:3D:3C:AE:85:36:80:81:EB:0B:EE:E7:1C:31:70
            X509v3 Authority Key Identifier:
                keyid:38:02:AD:95:B7:CA:CA:97:DD:F1:7A:EB:D1:AA:A9:14:EE:98:8E:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/323830313a31663a373030303a3a2f34382d3438203d3e203532333138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1f:7000::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:70:fe:a0:93:a2:80:39:27:e2:98:06:02:5f:3e:6e:9d:4d:
         82:2b:89:f5:ef:a4:7d:ea:e2:22:50:88:dd:81:2c:68:a9:87:
         e8:f4:9f:92:e1:b1:70:10:1b:b0:84:64:41:3d:50:fd:74:72:
         60:67:f3:f6:68:5c:32:91:90:fb:3e:0c:49:f6:8c:6f:b9:51:
         43:71:6f:1c:5f:25:d6:71:e3:f1:59:a2:cc:bb:60:54:f7:fa:
         65:d0:91:22:b4:84:11:df:51:b0:6b:2a:4c:aa:40:ae:77:e2:
         0f:15:de:74:41:4b:c1:4a:ba:3c:b7:f8:26:2f:27:75:e3:8a:
         f2:88:f8:98:32:19:cc:40:9d:82:e6:50:69:b3:14:73:b1:f2:
         47:53:b5:b1:0e:31:15:a6:7e:6a:0a:e9:60:4f:7f:d4:88:a4:
         33:e9:bd:1a:44:06:d5:c0:f6:8d:e9:98:01:e9:c5:cd:ab:63:
         90:8a:74:e2:b4:b8:fc:03:17:ab:96:62:99:0a:7c:91:3d:ab:
         92:ff:d3:fe:00:d6:c1:fa:4e:41:73:85:34:e4:6e:7d:c4:ab:
         82:85:12:7e:a8:83:9d:d3:c4:e3:53:b1:d0:49:f7:0f:e4:09:
         40:d3:46:88:9d:2f:6a:5a:16:22:76:2a:8a:fa:4f:9b:f6:c6:
         a3:2e:7c:98
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUbU8lZXg+Y4xqym4XjXo1YmTL9m4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzgwMkFEOTVCN0NBQ0E5N0RERjE3QUVCRDFBQUE5MTRF
RTk4OEU5ODAeFw0yNDAzMDUxNzQ3NDBaFw0yNTAzMDQxNzUyNDBaMDMxMTAvBgNV
BAMTKDI5ODlFRDM1MDlFOTNEM0NBRTg1MzY4MDgxRUIwQkVFRTcxQzMxNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4WcoQeY7v19JMYokusSq1qxNf
x+MEUxUfLE7t+35qqhgFiDsILg1dvG0tw+I5/TLp9GWSGEhO/iSDJ7LxKpE2T01q
lz/Afofa8VgGNQ5DKjYlyBlxlIysOjfV72xn/3vXHTl2uelDJKwdJ98OMX8Gw1Iz
wk02WcCb8BgaIsQrQ7ZzgJukdfaRHpGoCg7joRjV6a0b7MB/TZr5jeZRvw0QNQQE
tx9Q6lAzsnduIKC1TZNmHoPqYJVH/vzK+/BIXVf0d0smLE/cGp9RabXNfknX3g9W
wEg6l52LndbE6J3zCCw/aB5eTY+e3w5yRT8YYdQnWb+V2Hd6c7rqWOgd/1fhAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUKYntNQnpPTyuhTaAgesL7uccMXAwHwYDVR0j
BBgwFoAUOAKtlbfKypfd8Xrr0aqpFO6YjpgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81RDVCREM0MDA2QjJEN0VBOUU1OUQ1NEI0NTIwMDVDNTFB
MjYwREQ0N0NDNkNBQkE3RDU3N0QxQ0UyRDEzODAxLzAvMzgwMkFEOTVCN0NBQ0E5
N0RERjE3QUVCRDFBQUE5MTRFRTk4OEU5OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zODAyQUQ5NUI3Q0FDQTk3RERG
MTdBRUJEMUFBQTkxNEVFOTg4RTk4LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUQ1QkRDNDAwNkIyRDdFQTlFNTlENTRCNDUyMDA1QzUxQTI2MERENDdD
QzZDQUJBN0Q1NzdEMUNFMkQxMzgwMS8wLzMyMzgzMDMxM2EzMTY2M2EzNzMwMzAz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzIzMzMxMzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AQAfcAAwDQYJKoZIhvcNAQELBQADggEBAHlw/qCTooA5J+KYBgJfPm6dTYIrifXv
pH3q4iJQiN2BLGiph+j0n5LhsXAQG7CEZEE9UP10cmBn8/ZoXDKRkPs+DEn2jG+5
UUNxbxxfJdZx4/FZosy7YFT3+mXQkSK0hBHfUbBrKkyqQK534g8V3nRBS8FKujy3
+CYvJ3XjivKI+JgyGcxAnYLmUGmzFHOx8kdTtbEOMRWmfmoK6WBPf9SIpDPpvRpE
BtXA9o3pmAHpxc2rY5CKdOK0uPwDF6uWYpkKfJE9q5L/0/4A1sH6TkFzhTTkbn3E
q4KFEn6og53TxONTsdBJ9w/kCUDTRoidL2paFiJ2Kor6T5v2xqMufJg=
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:30:33 2024 by rpki-client on console-ams.rpki-client.org