Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/712CE0FF8C33D2ACD0453B429414594ADCB4F79743EA72EC74406261A800D0FA/0/323830313a31383a353830303a3a2f34382d3438203d3e20323732313430.roa
File:                     323830313a31383a353830303a3a2f34382d3438203d3e20323732313430.roa (raw, json)
Hash identifier:          aDws0YY2Cqk3/uTlZ49HFDKiqffLPEtUeoXkjNqXNGY=
Subject key identifier:   57:9E:23:2B:54:D7:BC:EB:C0:1E:5E:BA:FE:33:4D:92:D1:19:93:E9
Certificate issuer:       /CN=3249F9F2D0369FF06E9B2651663EFA2423E42AFC
Certificate serial:       0AA767DCF9B1FFD6F8CC5080ECEA37A35832EDFB
Authority key identifier: 32:49:F9:F2:D0:36:9F:F0:6E:9B:26:51:66:3E:FA:24:23:E4:2A:FC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3249F9F2D0369FF06E9B2651663EFA2423E42AFC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/712CE0FF8C33D2ACD0453B429414594ADCB4F79743EA72EC74406261A800D0FA/0/323830313a31383a353830303a3a2f34382d3438203d3e20323732313430.roa
Signing time:             Tue 05 Mar 2024 18:07:19 +0000
ROA not before:           Tue 05 Mar 2024 18:02:19 +0000
ROA not after:            Tue 04 Mar 2025 18:07:19 +0000
asID:                     272140
IP address blocks:        2801:18:5800::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/712CE0FF8C33D2ACD0453B429414594ADCB4F79743EA72EC74406261A800D0FA/0/3249F9F2D0369FF06E9B2651663EFA2423E42AFC.crl
                          rsync://repository.lacnic.net/rpki/lacnic/712CE0FF8C33D2ACD0453B429414594ADCB4F79743EA72EC74406261A800D0FA/0/3249F9F2D0369FF06E9B2651663EFA2423E42AFC.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3249F9F2D0369FF06E9B2651663EFA2423E42AFC.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Jun 2024 10:43:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:a7:67:dc:f9:b1:ff:d6:f8:cc:50:80:ec:ea:37:a3:58:32:ed:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3249F9F2D0369FF06E9B2651663EFA2423E42AFC
        Validity
            Not Before: Mar  5 18:02:19 2024 GMT
            Not After : Mar  4 18:07:19 2025 GMT
        Subject: CN=579E232B54D7BCEBC01E5EBAFE334D92D11993E9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ae:6d:17:01:3d:bb:2f:1a:b3:81:9a:e0:bf:
                    a9:91:28:d7:3c:fd:e4:a4:c2:d2:06:48:23:3e:a9:
                    aa:dd:b8:d4:c4:87:cd:5f:fc:04:4b:3f:a7:5b:1a:
                    f6:d6:0a:62:6d:3e:f8:2d:7d:d3:a3:e5:de:c6:18:
                    cc:74:61:53:34:52:5d:f0:34:ea:b6:e3:65:3e:c3:
                    7f:dd:12:2a:fa:be:c5:61:89:63:6f:20:a3:69:ab:
                    8d:77:04:f9:6a:0d:a5:6d:eb:bd:ca:0d:29:ee:c3:
                    0f:47:f1:e9:d4:97:16:49:74:62:57:be:a3:d8:91:
                    4b:d8:e4:c7:52:f0:01:38:6d:87:80:d0:58:53:c2:
                    12:32:d9:3d:19:f8:43:c5:fe:b2:98:42:11:68:05:
                    d1:f4:77:51:1c:9c:b3:dd:c1:d8:f7:b3:6a:49:86:
                    ec:28:a3:94:89:d8:d8:25:41:f4:a7:fc:41:75:52:
                    a2:6d:ff:10:ac:f8:c4:34:6b:82:2e:f8:68:67:a3:
                    d4:f7:51:ab:8d:35:d5:d9:30:f1:5c:d5:22:5c:df:
                    23:e0:ea:aa:64:60:77:e0:71:f7:a0:5a:83:2b:a0:
                    ea:e2:d7:e7:e5:5d:73:5a:f2:4a:69:16:db:2a:b7:
                    b4:b3:37:67:37:ae:15:43:07:8e:a8:53:12:d9:cc:
                    b6:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:9E:23:2B:54:D7:BC:EB:C0:1E:5E:BA:FE:33:4D:92:D1:19:93:E9
            X509v3 Authority Key Identifier:
                keyid:32:49:F9:F2:D0:36:9F:F0:6E:9B:26:51:66:3E:FA:24:23:E4:2A:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/712CE0FF8C33D2ACD0453B429414594ADCB4F79743EA72EC74406261A800D0FA/0/3249F9F2D0369FF06E9B2651663EFA2423E42AFC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3249F9F2D0369FF06E9B2651663EFA2423E42AFC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/712CE0FF8C33D2ACD0453B429414594ADCB4F79743EA72EC74406261A800D0FA/0/323830313a31383a353830303a3a2f34382d3438203d3e20323732313430.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:18:5800::/48

    Signature Algorithm: sha256WithRSAEncryption
         b1:f2:97:a6:e8:8e:9b:d8:01:8b:3f:64:d7:43:f0:28:5b:b1:
         98:66:0a:a3:8a:f8:03:d0:8d:6f:08:9b:66:6a:dc:50:15:c2:
         04:a5:1e:7e:d7:ef:41:c1:21:33:fe:65:88:0b:6b:82:8a:50:
         7e:2a:a7:7f:19:8e:ed:3c:03:ec:73:f1:00:73:38:bf:8b:7f:
         a7:c5:1f:3d:02:54:fd:b9:bc:5e:99:d1:da:e8:ab:f8:01:12:
         13:87:20:e6:f4:92:2b:27:e2:0a:62:66:d0:93:13:51:aa:60:
         2b:c9:f1:ab:f1:17:43:a1:08:22:32:43:62:bf:c6:31:80:17:
         72:2f:48:86:05:10:d7:76:6d:3b:10:39:ad:f5:8a:28:fa:d3:
         2f:8a:60:e5:de:e1:a1:c5:f3:1b:fa:3d:fb:6d:68:a6:72:53:
         75:83:8e:46:6b:c7:72:2e:5d:19:75:1c:17:2c:4a:ee:4d:8c:
         8d:67:a4:c3:a2:80:c5:0d:eb:c8:82:3c:53:4b:7b:f3:35:20:
         d7:99:2b:cf:c0:6f:87:c3:f0:95:73:e8:d7:45:29:e6:2d:b7:
         b3:f1:e8:30:51:db:26:af:36:77:34:2c:c8:78:99:2d:24:7d:
         a4:b2:03:bd:6c:00:66:49:18:4e:a1:44:48:e1:38:11:a1:33:
         a8:1e:d3:a8
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIUCqdn3Pmx/9b4zFCA7Oo3o1gy7fswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzI0OUY5RjJEMDM2OUZGMDZFOUIyNjUxNjYzRUZBMjQy
M0U0MkFGQzAeFw0yNDAzMDUxODAyMTlaFw0yNTAzMDQxODA3MTlaMDMxMTAvBgNV
BAMTKDU3OUUyMzJCNTREN0JDRUJDMDFFNUVCQUZFMzM0RDkyRDExOTkzRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLrm0XAT27LxqzgZrgv6mRKNc8
/eSkwtIGSCM+qarduNTEh81f/ARLP6dbGvbWCmJtPvgtfdOj5d7GGMx0YVM0Ul3w
NOq242U+w3/dEir6vsVhiWNvIKNpq413BPlqDaVt673KDSnuww9H8enUlxZJdGJX
vqPYkUvY5MdS8AE4bYeA0FhTwhIy2T0Z+EPF/rKYQhFoBdH0d1EcnLPdwdj3s2pJ
huwoo5SJ2NglQfSn/EF1UqJt/xCs+MQ0a4Iu+Ghno9T3UauNNdXZMPFc1SJc3yPg
6qpkYHfgcfegWoMroOri1+flXXNa8kppFtsqt7SzN2c3rhVDB46oUxLZzLaXAgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQUV54jK1TXvOvAHl66/jNNktEZk+kwHwYDVR0j
BBgwFoAUMkn58tA2n/BumyZRZj76JCPkKvwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83MTJDRTBGRjhDMzNEMkFDRDA0NTNCNDI5NDE0NTk0QURD
QjRGNzk3NDNFQTcyRUM3NDQwNjI2MUE4MDBEMEZBLzAvMzI0OUY5RjJEMDM2OUZG
MDZFOUIyNjUxNjYzRUZBMjQyM0U0MkFGQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zMjQ5RjlGMkQwMzY5RkYwNkU5
QjI2NTE2NjNFRkEyNDIzRTQyQUZDLmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzEyQ0UwRkY4QzMzRDJBQ0QwNDUzQjQyOTQxNDU5NEFEQ0I0Rjc5NzQz
RUE3MkVDNzQ0MDYyNjFBODAwRDBGQS8wLzMyMzgzMDMxM2EzMTM4M2EzNTM4MzAz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzczMjMxMzQzMC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMH
ACgBABhYADANBgkqhkiG9w0BAQsFAAOCAQEAsfKXpuiOm9gBiz9k10PwKFuxmGYK
o4r4A9CNbwibZmrcUBXCBKUeftfvQcEhM/5liAtrgopQfiqnfxmO7TwD7HPxAHM4
v4t/p8UfPQJU/bm8XpnR2uir+AESE4cg5vSSKyfiCmJm0JMTUapgK8nxq/EXQ6EI
IjJDYr/GMYAXci9IhgUQ13ZtOxA5rfWKKPrTL4pg5d7hocXzG/o9+21opnJTdYOO
RmvHci5dGXUcFyxK7k2MjWekw6KAxQ3ryII8U0t78zUg15krz8Bvh8PwlXPo10Up
5i23s/HoMFHbJq82dzQsyHiZLSR9pLIDvWwAZkkYTqFESOE4EaEzqB7TqA==
-----END CERTIFICATE-----
Generated at Fri Jun 14 08:38:59 2024 by rpki-client on console-ams.rpki-client.org