Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7B4AA68B181AA124E2833D86B0ABC160C2CE76C81C69568AB0E784FBF644E486/0/323830313a3161353a653a3a2f34382d3438203d3e20323733303431.roa
File:                     323830313a3161353a653a3a2f34382d3438203d3e20323733303431.roa (raw, json)
Hash identifier:          noxpjPv1DQTjIH3+FKBDklIwHQjD0Tz0woj8j52q3B4=
Subject key identifier:   03:89:D0:7A:89:A0:E0:AC:30:0E:C6:B2:B4:E4:B7:F1:DF:D9:5E:17
Certificate issuer:       /CN=D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E
Certificate serial:       78438BCF2C85FA5FFAA8F5F67521049E08B97A22
Authority key identifier: D8:B2:2F:03:33:B8:F6:4A:EF:4F:95:D7:6A:23:E4:5D:9D:53:0D:1E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7B4AA68B181AA124E2833D86B0ABC160C2CE76C81C69568AB0E784FBF644E486/0/323830313a3161353a653a3a2f34382d3438203d3e20323733303431.roa
Signing time:             Tue 05 Mar 2024 17:54:07 +0000
ROA not before:           Tue 05 Mar 2024 17:49:07 +0000
ROA not after:            Tue 04 Mar 2025 17:54:07 +0000
asID:                     273041
IP address blocks:        2801:1a5:e::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7B4AA68B181AA124E2833D86B0ABC160C2CE76C81C69568AB0E784FBF644E486/0/D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7B4AA68B181AA124E2833D86B0ABC160C2CE76C81C69568AB0E784FBF644E486/0/D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:43:8b:cf:2c:85:fa:5f:fa:a8:f5:f6:75:21:04:9e:08:b9:7a:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E
        Validity
            Not Before: Mar  5 17:49:07 2024 GMT
            Not After : Mar  4 17:54:07 2025 GMT
        Subject: CN=0389D07A89A0E0AC300EC6B2B4E4B7F1DFD95E17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:a2:fa:ef:b4:ce:65:bc:66:39:32:f5:50:26:
                    92:c0:f2:3c:b3:1f:ef:43:5e:25:49:75:5c:90:f0:
                    7e:5d:27:e3:e4:2e:65:4e:63:8e:8f:0f:06:c4:b0:
                    9a:fa:3b:71:cd:86:5d:e6:3f:ff:ba:f7:c0:8f:92:
                    12:24:95:a4:e7:e2:5b:c7:47:f1:8c:b9:b6:9c:4c:
                    a2:da:72:0c:33:32:5b:7a:f3:d1:14:28:a0:41:e7:
                    3d:5a:9a:b3:f7:54:ab:d4:9c:d5:0d:87:54:5a:6b:
                    7e:8b:3f:f8:09:44:9e:f5:45:25:4f:2e:3e:fe:ff:
                    2a:68:24:17:b8:86:30:c7:4a:cf:d2:f3:00:f7:b6:
                    df:42:d4:b3:81:9a:94:98:bf:47:ac:22:b6:1e:2e:
                    16:8f:2d:ad:b8:36:36:44:6e:90:8a:d6:3a:9c:e6:
                    75:57:ce:90:08:54:65:fc:50:25:64:56:5d:eb:75:
                    f6:5d:75:a9:50:2d:5c:36:c7:9b:1d:e8:ed:a5:b6:
                    af:0d:0a:f0:7b:93:6d:66:7a:db:a7:f5:2d:8e:aa:
                    d4:7c:9a:44:9e:c2:ee:49:5e:af:d5:c0:68:bd:7c:
                    e3:8e:f0:eb:32:e8:be:bd:42:16:c4:8f:9a:77:a6:
                    d7:03:c1:06:e3:30:32:17:3e:3f:a7:a4:f8:8f:8b:
                    5c:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:89:D0:7A:89:A0:E0:AC:30:0E:C6:B2:B4:E4:B7:F1:DF:D9:5E:17
            X509v3 Authority Key Identifier:
                keyid:D8:B2:2F:03:33:B8:F6:4A:EF:4F:95:D7:6A:23:E4:5D:9D:53:0D:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7B4AA68B181AA124E2833D86B0ABC160C2CE76C81C69568AB0E784FBF644E486/0/D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D8B22F0333B8F64AEF4F95D76A23E45D9D530D1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7B4AA68B181AA124E2833D86B0ABC160C2CE76C81C69568AB0E784FBF644E486/0/323830313a3161353a653a3a2f34382d3438203d3e20323733303431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1a5:e::/48

    Signature Algorithm: sha256WithRSAEncryption
         67:71:66:29:da:40:9f:be:7c:7d:63:c5:b6:b9:b0:22:8b:fa:
         13:ca:02:b7:31:e9:24:da:f2:e5:06:fc:4b:36:07:1a:d0:d2:
         55:c5:c9:fe:c1:a7:87:0d:c6:59:e0:14:39:d6:cf:0e:3d:a4:
         08:15:38:d1:bf:e4:bc:58:b5:05:4d:e5:f3:ce:c5:f0:e0:16:
         3f:ba:96:bc:36:cb:b4:7c:09:f4:c6:f2:11:50:e7:7c:3a:1a:
         14:64:16:e3:0e:02:90:ba:91:64:15:fd:ac:52:b1:f1:92:fc:
         65:9b:0b:5c:8a:08:a6:fa:ee:b7:ff:c8:d0:80:c0:d9:f7:f3:
         d5:88:f4:6d:80:63:fe:9c:47:6d:0d:35:ed:bd:2e:1b:d4:dd:
         c1:36:9e:cc:ae:19:a8:22:94:c4:42:91:29:5a:d7:25:e4:7d:
         1b:23:39:95:b4:2a:f1:3a:08:d6:6c:b9:d0:3a:4d:2e:ce:18:
         17:cf:35:96:d1:49:47:56:61:ed:fb:3a:4d:94:61:2d:7c:f9:
         19:0e:5a:7f:22:e4:f5:3f:ce:e4:ca:5b:a1:0f:62:fa:9c:0b:
         49:a6:48:75:31:ec:91:bd:a8:a4:69:5c:e9:f1:8a:d9:3d:32:
         26:ac:ff:c0:e5:1f:7e:a5:4c:51:91:22:2d:f3:f5:36:3b:74:
         41:14:4f:dc
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgIUeEOLzyyF+l/6qPX2dSEEngi5eiIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDhCMjJGMDMzM0I4RjY0QUVGNEY5NUQ3NkEyM0U0NUQ5
RDUzMEQxRTAeFw0yNDAzMDUxNzQ5MDdaFw0yNTAzMDQxNzU0MDdaMDMxMTAvBgNV
BAMTKDAzODlEMDdBODlBMEUwQUMzMDBFQzZCMkI0RTRCN0YxREZEOTVFMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmovrvtM5lvGY5MvVQJpLA8jyz
H+9DXiVJdVyQ8H5dJ+PkLmVOY46PDwbEsJr6O3HNhl3mP/+698CPkhIklaTn4lvH
R/GMubacTKLacgwzMlt689EUKKBB5z1amrP3VKvUnNUNh1Raa36LP/gJRJ71RSVP
Lj7+/ypoJBe4hjDHSs/S8wD3tt9C1LOBmpSYv0esIrYeLhaPLa24NjZEbpCK1jqc
5nVXzpAIVGX8UCVkVl3rdfZddalQLVw2x5sd6O2ltq8NCvB7k21metun9S2OqtR8
mkSewu5JXq/VwGi9fOOO8Osy6L69QhbEj5p3ptcDwQbjMDIXPj+npPiPi1xbAgMB
AAGjggLNMIICyTAdBgNVHQ4EFgQUA4nQeomg4KwwDsaytOS38d/ZXhcwHwYDVR0j
BBgwFoAU2LIvAzO49krvT5XXaiPkXZ1TDR4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83QjRBQTY4QjE4MUFBMTI0RTI4MzNEODZCMEFCQzE2MEMy
Q0U3NkM4MUM2OTU2OEFCMEU3ODRGQkY2NDRFNDg2LzAvRDhCMjJGMDMzM0I4RjY0
QUVGNEY5NUQ3NkEyM0U0NUQ5RDUzMEQxRS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EOEIyMkYwMzMzQjhGNjRBRUY0
Rjk1RDc2QTIzRTQ1RDlENTMwRDFFLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvN0I0QUE2OEIxODFBQTEyNEUyODMzRDg2QjBBQkMxNjBDMkNFNzZDODFD
Njk1NjhBQjBFNzg0RkJGNjQ0RTQ4Ni8wLzMyMzgzMDMxM2EzMTYxMzUzYTY1M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzIzNzMzMzAzNDMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKAEB
pQAOMA0GCSqGSIb3DQEBCwUAA4IBAQBncWYp2kCfvnx9Y8W2ubAii/oTygK3Mekk
2vLlBvxLNgca0NJVxcn+waeHDcZZ4BQ51s8OPaQIFTjRv+S8WLUFTeXzzsXw4BY/
upa8Nsu0fAn0xvIRUOd8OhoUZBbjDgKQupFkFf2sUrHxkvxlmwtcigim+u63/8jQ
gMDZ9/PViPRtgGP+nEdtDTXtvS4b1N3BNp7MrhmoIpTEQpEpWtcl5H0bIzmVtCrx
OgjWbLnQOk0uzhgXzzWW0UlHVmHt+zpNlGEtfPkZDlp/IuT1P87kyluhD2L6nAtJ
pkh1MeyRvaikaVzp8YrZPTImrP/A5R9+pUxRkSIt8/U2O3RBFE/c
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:05:21 2024 by rpki-client on console-ams.rpki-client.org