Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7B4AA68B181AA124E2833D86B0ABC160C2CE76C81C69568AB0E784FBF644E486/0/323830313a3161353a623a3a2f34382d3438203d3e20323733303431.roa
File:                     323830313a3161353a623a3a2f34382d3438203d3e20323733303431.roa (raw, json)
Hash identifier:          uTyRQbdMHmssTFK4zGY6WTTsbPorvACcGe5qJQnt9Kw=
Subject key identifier:   F4:E1:A7:D1:24:CA:5D:F2:C8:F1:40:86:3D:2B:D7:1E:E1:3E:67:9A
Certificate issuer:       /CN=D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E
Certificate serial:       4720370F211BC925F2B91303FB1C639F68E56E7A
Authority key identifier: D8:B2:2F:03:33:B8:F6:4A:EF:4F:95:D7:6A:23:E4:5D:9D:53:0D:1E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7B4AA68B181AA124E2833D86B0ABC160C2CE76C81C69568AB0E784FBF644E486/0/323830313a3161353a623a3a2f34382d3438203d3e20323733303431.roa
Signing time:             Tue 05 Mar 2024 17:54:07 +0000
ROA not before:           Tue 05 Mar 2024 17:49:07 +0000
ROA not after:            Tue 04 Mar 2025 17:54:07 +0000
asID:                     273041
IP address blocks:        2801:1a5:b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7B4AA68B181AA124E2833D86B0ABC160C2CE76C81C69568AB0E784FBF644E486/0/D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7B4AA68B181AA124E2833D86B0ABC160C2CE76C81C69568AB0E784FBF644E486/0/D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:20:37:0f:21:1b:c9:25:f2:b9:13:03:fb:1c:63:9f:68:e5:6e:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E
        Validity
            Not Before: Mar  5 17:49:07 2024 GMT
            Not After : Mar  4 17:54:07 2025 GMT
        Subject: CN=F4E1A7D124CA5DF2C8F140863D2BD71EE13E679A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a4:29:e1:33:12:4b:3e:66:de:43:3d:53:90:
                    92:a7:f4:9b:f8:83:5d:e3:25:4e:61:08:e3:40:89:
                    7b:9d:08:86:95:bd:73:a0:6d:70:94:7f:f6:d6:ab:
                    dd:90:79:4b:a0:0e:25:d2:47:e5:d1:21:d5:1e:3e:
                    58:58:0e:ff:fd:7c:44:2d:2c:bf:cc:7c:bb:1a:be:
                    f2:66:6a:42:63:14:33:e5:4c:b5:4a:cd:71:15:b7:
                    78:66:5f:08:0a:c6:e2:e7:07:9b:3f:b6:ea:64:6f:
                    da:9d:a5:42:b0:c6:2a:fe:cc:3f:ea:ef:73:0f:33:
                    f0:04:47:99:8d:7b:35:3d:27:a1:0d:cc:55:23:33:
                    d8:c0:eb:60:e1:23:03:76:c6:a8:b0:76:77:9d:9c:
                    14:71:fc:d0:fa:48:9c:23:87:aa:e3:62:2e:e3:de:
                    f9:16:f6:a2:91:48:07:aa:cc:52:79:e1:9a:74:21:
                    ca:12:ea:87:41:ae:06:d7:e1:dd:03:4b:fc:60:1f:
                    7a:d9:4e:75:40:39:25:9d:ed:5d:59:bd:2f:e4:e3:
                    d6:af:3b:ee:44:d1:b0:7d:7e:ab:ed:e2:e9:cd:84:
                    38:6a:48:9b:50:26:60:19:40:10:b6:f9:84:a7:38:
                    92:3c:fe:d8:1f:b8:02:29:ba:78:f9:26:a9:48:f1:
                    47:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:E1:A7:D1:24:CA:5D:F2:C8:F1:40:86:3D:2B:D7:1E:E1:3E:67:9A
            X509v3 Authority Key Identifier:
                keyid:D8:B2:2F:03:33:B8:F6:4A:EF:4F:95:D7:6A:23:E4:5D:9D:53:0D:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7B4AA68B181AA124E2833D86B0ABC160C2CE76C81C69568AB0E784FBF644E486/0/D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7B4AA68B181AA124E2833D86B0ABC160C2CE76C81C69568AB0E784FBF644E486/0/323830313a3161353a623a3a2f34382d3438203d3e20323733303431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1a5:b::/48

    Signature Algorithm: sha256WithRSAEncryption
         69:ec:1a:b4:59:f1:67:c3:f4:e6:df:c0:ac:24:cc:d8:90:b5:
         dc:56:30:06:e9:b5:b4:e7:46:99:30:c8:e3:d1:ae:5a:7f:b0:
         1c:38:04:1a:69:39:d4:c1:7c:c6:7b:30:ab:e7:77:83:3c:91:
         e5:99:12:4c:9f:02:1b:75:8d:b9:e4:bf:d0:0a:06:01:e1:90:
         ae:fc:7e:54:5b:a9:80:77:a4:7a:15:05:e2:8e:ed:1d:e0:ae:
         e7:4a:77:ce:44:a9:bd:75:78:6b:74:cf:56:ea:d7:f0:8b:9d:
         ee:06:c8:62:dd:e0:54:e6:5c:3c:55:fd:48:0b:e0:c6:48:bf:
         6d:47:ed:0a:ae:9f:ce:cd:90:a5:ba:22:f9:36:b8:df:43:34:
         ce:1b:d6:24:d3:ea:2b:db:bf:4e:bf:68:5c:bf:cb:c5:14:4c:
         f1:a4:6c:e5:8e:d4:c4:a7:4e:8b:b8:ee:b0:d2:88:a7:80:1b:
         c2:df:8e:ca:56:ed:6d:fb:e1:de:d5:cc:c7:97:92:e6:55:a2:
         9c:14:86:4a:56:bc:ee:f0:d2:c1:92:d4:1c:12:d0:be:b2:44:
         67:ef:a8:66:90:49:e2:fc:1c:8d:cf:6e:fa:b1:19:8e:37:85:
         f3:e7:39:f0:89:84:39:ef:4c:5b:48:17:f3:ae:f5:7f:a6:4f:
         d9:e4:70:12
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgIURyA3DyEbySXyuRMD+xxjn2jlbnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDhCMjJGMDMzM0I4RjY0QUVGNEY5NUQ3NkEyM0U0NUQ5
RDUzMEQxRTAeFw0yNDAzMDUxNzQ5MDdaFw0yNTAzMDQxNzU0MDdaMDMxMTAvBgNV
BAMTKEY0RTFBN0QxMjRDQTVERjJDOEYxNDA4NjNEMkJENzFFRTEzRTY3OUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfpCnhMxJLPmbeQz1TkJKn9Jv4
g13jJU5hCONAiXudCIaVvXOgbXCUf/bWq92QeUugDiXSR+XRIdUePlhYDv/9fEQt
LL/MfLsavvJmakJjFDPlTLVKzXEVt3hmXwgKxuLnB5s/tupkb9qdpUKwxir+zD/q
73MPM/AER5mNezU9J6ENzFUjM9jA62DhIwN2xqiwdnednBRx/ND6SJwjh6rjYi7j
3vkW9qKRSAeqzFJ54Zp0IcoS6odBrgbX4d0DS/xgH3rZTnVAOSWd7V1ZvS/k49av
O+5E0bB9fqvt4unNhDhqSJtQJmAZQBC2+YSnOJI8/tgfuAIpunj5JqlI8UfTAgMB
AAGjggLNMIICyTAdBgNVHQ4EFgQU9OGn0STKXfLI8UCGPSvXHuE+Z5owHwYDVR0j
BBgwFoAU2LIvAzO49krvT5XXaiPkXZ1TDR4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83QjRBQTY4QjE4MUFBMTI0RTI4MzNEODZCMEFCQzE2MEMy
Q0U3NkM4MUM2OTU2OEFCMEU3ODRGQkY2NDRFNDg2LzAvRDhCMjJGMDMzM0I4RjY0
QUVGNEY5NUQ3NkEyM0U0NUQ5RDUzMEQxRS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EOEIyMkYwMzMzQjhGNjRBRUY0
Rjk1RDc2QTIzRTQ1RDlENTMwRDFFLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvN0I0QUE2OEIxODFBQTEyNEUyODMzRDg2QjBBQkMxNjBDMkNFNzZDODFD
Njk1NjhBQjBFNzg0RkJGNjQ0RTQ4Ni8wLzMyMzgzMDMxM2EzMTYxMzUzYTYyM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzIzNzMzMzAzNDMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKAEB
pQALMA0GCSqGSIb3DQEBCwUAA4IBAQBp7Bq0WfFnw/Tm38CsJMzYkLXcVjAG6bW0
50aZMMjj0a5af7AcOAQaaTnUwXzGezCr53eDPJHlmRJMnwIbdY255L/QCgYB4ZCu
/H5UW6mAd6R6FQXiju0d4K7nSnfORKm9dXhrdM9W6tfwi53uBshi3eBU5lw8Vf1I
C+DGSL9tR+0Krp/OzZCluiL5NrjfQzTOG9Yk0+or279Ov2hcv8vFFEzxpGzljtTE
p06LuO6w0oingBvC347KVu1t++He1czHl5LmVaKcFIZKVrzu8NLBktQcEtC+skRn
76hmkEni/ByNz276sRmON4Xz5znwiYQ570xbSBfzrvV/pk/Z5HAS
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:38:04 2024 by rpki-client on console-ams.rpki-client.org