Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/65BCAF86490DE69A6BD6C41D86A84F0C8B0DACD9C7587D9663DE98A60A368D10/0/323830313a3165383a3a2f34302d3536203d3e20323634363037.roa
File:                     323830313a3165383a3a2f34302d3536203d3e20323634363037.roa (raw, json)
Hash identifier:          g6mNboLjhOutQ8npNDcYzSYqOB5re28Jzm7oBTWwu4w=
Subject key identifier:   6F:B8:E5:D4:A6:98:F0:A3:FF:6A:E4:5B:D0:67:36:75:D1:F9:06:AB
Certificate issuer:       /CN=91A405EDF63A9F2958C6B36662A6B3CEF476A89D
Certificate serial:       5084714918A0CEFAD52BD5B828E680C293A43BC7
Authority key identifier: 91:A4:05:ED:F6:3A:9F:29:58:C6:B3:66:62:A6:B3:CE:F4:76:A8:9D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/91A405EDF63A9F2958C6B36662A6B3CEF476A89D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/65BCAF86490DE69A6BD6C41D86A84F0C8B0DACD9C7587D9663DE98A60A368D10/0/323830313a3165383a3a2f34302d3536203d3e20323634363037.roa
Signing time:             Tue 05 Mar 2024 17:47:43 +0000
ROA not before:           Tue 05 Mar 2024 17:42:43 +0000
ROA not after:            Tue 04 Mar 2025 17:47:43 +0000
asID:                     264607
IP address blocks:        2801:1e8::/40 maxlen: 56

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/65BCAF86490DE69A6BD6C41D86A84F0C8B0DACD9C7587D9663DE98A60A368D10/0/91A405EDF63A9F2958C6B36662A6B3CEF476A89D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/65BCAF86490DE69A6BD6C41D86A84F0C8B0DACD9C7587D9663DE98A60A368D10/0/91A405EDF63A9F2958C6B36662A6B3CEF476A89D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/91A405EDF63A9F2958C6B36662A6B3CEF476A89D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:84:71:49:18:a0:ce:fa:d5:2b:d5:b8:28:e6:80:c2:93:a4:3b:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91A405EDF63A9F2958C6B36662A6B3CEF476A89D
        Validity
            Not Before: Mar  5 17:42:43 2024 GMT
            Not After : Mar  4 17:47:43 2025 GMT
        Subject: CN=6FB8E5D4A698F0A3FF6AE45BD0673675D1F906AB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:73:d6:11:03:01:e5:cc:1d:15:05:b4:e3:35:
                    f8:e1:5d:e8:5e:54:8a:5c:e0:a5:a4:2d:99:a1:8c:
                    cf:19:16:3a:08:75:48:54:ed:19:7d:cc:7c:44:af:
                    f8:c0:17:d4:27:c3:3e:21:8e:82:33:c9:96:8d:5c:
                    fc:8a:3d:c6:41:8b:4c:28:8f:be:46:aa:71:fd:b3:
                    d5:05:42:65:d4:0c:35:6c:17:1a:0a:12:53:ae:83:
                    d2:67:1a:46:10:89:b6:0c:ed:08:5a:9c:f0:4b:b6:
                    fe:3f:15:3b:27:9e:c5:51:04:cd:4d:32:d4:08:85:
                    ce:96:2f:78:69:4b:9f:33:f5:03:d3:23:23:eb:d1:
                    3c:79:da:dc:54:04:94:3d:ba:b9:55:3e:0a:da:f3:
                    0f:0c:d9:d6:fb:6b:0c:da:90:fd:66:45:8a:5d:d1:
                    f0:90:d8:22:4e:5a:89:58:2d:ea:98:1f:c1:9e:89:
                    6e:33:4a:ce:99:6b:46:24:81:1a:23:80:16:d4:e4:
                    47:49:ba:6e:36:b9:c3:16:03:85:de:c6:ee:e5:b3:
                    7b:2a:7d:a3:92:e4:ae:e5:e4:d3:6d:8c:5c:f7:88:
                    b0:2e:4a:8c:08:88:a6:81:71:0a:91:d1:13:f9:55:
                    c2:a8:12:58:fe:78:a3:a3:98:55:09:2f:e7:60:2a:
                    53:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:B8:E5:D4:A6:98:F0:A3:FF:6A:E4:5B:D0:67:36:75:D1:F9:06:AB
            X509v3 Authority Key Identifier:
                keyid:91:A4:05:ED:F6:3A:9F:29:58:C6:B3:66:62:A6:B3:CE:F4:76:A8:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/65BCAF86490DE69A6BD6C41D86A84F0C8B0DACD9C7587D9663DE98A60A368D10/0/91A405EDF63A9F2958C6B36662A6B3CEF476A89D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/91A405EDF63A9F2958C6B36662A6B3CEF476A89D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/65BCAF86490DE69A6BD6C41D86A84F0C8B0DACD9C7587D9663DE98A60A368D10/0/323830313a3165383a3a2f34302d3536203d3e20323634363037.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1e8::/40

    Signature Algorithm: sha256WithRSAEncryption
         4d:78:de:b8:87:8f:9e:39:81:d7:fc:16:75:bc:8d:64:17:a5:
         37:01:69:19:5f:42:e7:52:c3:ce:f7:8f:69:55:32:41:dd:37:
         5b:95:36:cf:10:e3:f5:af:8d:55:50:ca:6e:0c:00:bd:61:89:
         e2:a2:7b:5b:30:cb:bd:65:4b:1d:57:fa:9d:3f:91:50:02:02:
         66:43:a0:0f:d3:64:65:0d:fc:3b:11:83:cc:45:ea:49:ca:4c:
         87:ea:ae:98:1c:46:20:fa:d1:bb:33:0b:e0:27:37:ee:59:08:
         a7:2d:65:38:43:ce:82:f9:68:7f:b3:d9:1b:57:2c:fb:7f:4c:
         e0:5d:5d:f8:29:e6:15:49:e7:6e:f4:a2:86:81:5a:26:55:f8:
         cc:36:a9:de:d4:ba:28:63:d0:40:47:a3:83:b3:51:1e:78:9a:
         4c:37:39:03:a3:a3:f8:b1:18:21:f6:81:0f:7c:46:3e:43:27:
         91:c0:f3:0c:85:24:7b:e9:c5:62:b9:0a:5c:0f:9e:e8:03:c5:
         fc:ca:75:d3:dd:ef:95:9a:29:92:57:57:90:07:f4:1a:d8:8a:
         e9:a9:cb:fb:39:d8:33:1e:9e:52:3d:60:c8:b4:e7:0a:cc:5c:
         e0:df:40:07:5f:63:1c:d1:f7:6f:22:49:77:65:61:b9:a1:31:
         3c:41:22:cd
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUUIRxSRigzvrVK9W4KOaAwpOkO8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTFBNDA1RURGNjNBOUYyOTU4QzZCMzY2NjJBNkIzQ0VG
NDc2QTg5RDAeFw0yNDAzMDUxNzQyNDNaFw0yNTAzMDQxNzQ3NDNaMDMxMTAvBgNV
BAMTKDZGQjhFNUQ0QTY5OEYwQTNGRjZBRTQ1QkQwNjczNjc1RDFGOTA2QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMc9YRAwHlzB0VBbTjNfjhXehe
VIpc4KWkLZmhjM8ZFjoIdUhU7Rl9zHxEr/jAF9Qnwz4hjoIzyZaNXPyKPcZBi0wo
j75GqnH9s9UFQmXUDDVsFxoKElOug9JnGkYQibYM7QhanPBLtv4/FTsnnsVRBM1N
MtQIhc6WL3hpS58z9QPTIyPr0Tx52txUBJQ9urlVPgra8w8M2db7awzakP1mRYpd
0fCQ2CJOWolYLeqYH8GeiW4zSs6Za0YkgRojgBbU5EdJum42ucMWA4Xexu7ls3sq
faOS5K7l5NNtjFz3iLAuSowIiKaBcQqR0RP5VcKoElj+eKOjmFUJL+dgKlPJAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUb7jl1KaY8KP/auRb0Gc2ddH5BqswHwYDVR0j
BBgwFoAUkaQF7fY6nylYxrNmYqazzvR2qJ0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82NUJDQUY4NjQ5MERFNjlBNkJENkM0MUQ4NkE4NEYwQzhC
MERBQ0Q5Qzc1ODdEOTY2M0RFOThBNjBBMzY4RDEwLzAvOTFBNDA1RURGNjNBOUYy
OTU4QzZCMzY2NjJBNkIzQ0VGNDc2QTg5RC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85MUE0MDVFREY2M0E5RjI5NThD
NkIzNjY2MkE2QjNDRUY0NzZBODlELmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjVCQ0FGODY0OTBERTY5QTZCRDZDNDFEODZBODRGMEM4QjBEQUNEOUM3
NTg3RDk2NjNERTk4QTYwQTM2OEQxMC8wLzMyMzgzMDMxM2EzMTY1MzgzYTNhMmYz
NDMwMmQzNTM2MjAzZDNlMjAzMjM2MzQzNjMwMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAoAQHoADAN
BgkqhkiG9w0BAQsFAAOCAQEATXjeuIePnjmB1/wWdbyNZBelNwFpGV9C51LDzveP
aVUyQd03W5U2zxDj9a+NVVDKbgwAvWGJ4qJ7WzDLvWVLHVf6nT+RUAICZkOgD9Nk
ZQ38OxGDzEXqScpMh+qumBxGIPrRuzML4Cc37lkIpy1lOEPOgvlof7PZG1cs+39M
4F1d+CnmFUnnbvSihoFaJlX4zDap3tS6KGPQQEejg7NRHniaTDc5A6Oj+LEYIfaB
D3xGPkMnkcDzDIUke+nFYrkKXA+e6APF/Mp1093vlZopkldXkAf0GtiK6anL+znY
Mx6eUj1gyLTnCsxc4N9AB19jHNH3byJJd2VhuaExPEEizQ==
-----END CERTIFICATE-----
Generated at Tue Nov 19 23:16:58 2024 by rpki-client on console-ams.rpki-client.org