Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8B3195F98E06E5B6847A4338FA88DC07CB2E5599DB8B255DC2352FD64C148E7A/0/323830313a31343a623030303a3a2f34382d3438203d3e203532333138.roa
File:                     323830313a31343a623030303a3a2f34382d3438203d3e203532333138.roa (raw, json)
Hash identifier:          0MIJ1tffS2nOfqx9nHdI4baQnlPhIawpEx4bhpwi4qo=
Subject key identifier:   DB:EB:5F:44:CD:1A:77:55:64:72:E3:C7:11:2F:D7:AF:DA:7C:F3:80
Certificate issuer:       /CN=D4F1585FADC5386D18707CA8C82245CBAE06969F
Certificate serial:       49C28113A37F87D75E0C78E4FD8C5A22455DAAFC
Authority key identifier: D4:F1:58:5F:AD:C5:38:6D:18:70:7C:A8:C8:22:45:CB:AE:06:96:9F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D4F1585FADC5386D18707CA8C82245CBAE06969F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8B3195F98E06E5B6847A4338FA88DC07CB2E5599DB8B255DC2352FD64C148E7A/0/323830313a31343a623030303a3a2f34382d3438203d3e203532333138.roa
Signing time:             Tue 05 Mar 2024 18:13:27 +0000
ROA not before:           Tue 05 Mar 2024 18:08:27 +0000
ROA not after:            Tue 04 Mar 2025 18:13:27 +0000
asID:                     52318
IP address blocks:        2801:14:b000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8B3195F98E06E5B6847A4338FA88DC07CB2E5599DB8B255DC2352FD64C148E7A/0/D4F1585FADC5386D18707CA8C82245CBAE06969F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8B3195F98E06E5B6847A4338FA88DC07CB2E5599DB8B255DC2352FD64C148E7A/0/D4F1585FADC5386D18707CA8C82245CBAE06969F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D4F1585FADC5386D18707CA8C82245CBAE06969F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:c2:81:13:a3:7f:87:d7:5e:0c:78:e4:fd:8c:5a:22:45:5d:aa:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D4F1585FADC5386D18707CA8C82245CBAE06969F
        Validity
            Not Before: Mar  5 18:08:27 2024 GMT
            Not After : Mar  4 18:13:27 2025 GMT
        Subject: CN=DBEB5F44CD1A77556472E3C7112FD7AFDA7CF380
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:2c:2b:aa:1a:77:ed:d0:ba:af:96:fb:3a:07:
                    05:03:b2:ca:35:4f:cc:0a:9d:d6:51:cb:7f:16:eb:
                    3f:6f:cc:a3:e1:d6:57:1e:0a:ea:76:55:78:43:ad:
                    44:df:ad:02:a9:6e:60:01:93:a5:19:63:20:45:4f:
                    5b:54:76:01:34:7d:f0:56:41:88:a7:1a:81:b7:4f:
                    6d:9a:14:5d:8e:1c:28:8b:56:df:14:a6:7d:d9:c2:
                    d5:9e:8c:92:cb:99:ea:d2:c5:4e:e8:05:ec:47:95:
                    57:cf:45:61:bc:6d:e9:e8:a0:d6:86:a4:97:4d:fa:
                    8b:48:e3:e0:90:8f:d1:d1:fe:eb:ef:34:e3:54:16:
                    27:c2:39:33:4c:4b:1b:72:14:33:ab:31:e6:9f:e7:
                    f8:d6:4a:72:a6:f2:f7:eb:ff:53:48:84:2d:2d:c4:
                    a0:d1:2e:b0:99:dd:f5:6c:fc:52:bc:50:9a:eb:58:
                    62:a2:30:50:17:7d:72:1e:7c:77:81:01:be:fd:d2:
                    ab:0c:0e:fa:7c:56:8a:b1:65:43:0f:bb:5c:37:72:
                    68:f5:d4:ac:b5:e8:c0:be:c8:43:f4:db:6e:8f:8e:
                    38:c3:34:5d:aa:87:7c:f6:ca:b3:72:b6:c2:68:8b:
                    2a:9e:da:87:90:7a:e1:23:0d:2c:14:52:4c:54:08:
                    d3:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:EB:5F:44:CD:1A:77:55:64:72:E3:C7:11:2F:D7:AF:DA:7C:F3:80
            X509v3 Authority Key Identifier:
                keyid:D4:F1:58:5F:AD:C5:38:6D:18:70:7C:A8:C8:22:45:CB:AE:06:96:9F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8B3195F98E06E5B6847A4338FA88DC07CB2E5599DB8B255DC2352FD64C148E7A/0/D4F1585FADC5386D18707CA8C82245CBAE06969F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D4F1585FADC5386D18707CA8C82245CBAE06969F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8B3195F98E06E5B6847A4338FA88DC07CB2E5599DB8B255DC2352FD64C148E7A/0/323830313a31343a623030303a3a2f34382d3438203d3e203532333138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:14:b000::/48

    Signature Algorithm: sha256WithRSAEncryption
         bc:ad:c0:10:f3:59:c2:84:ec:01:a8:83:c3:86:94:4f:c0:3f:
         9a:9f:ed:27:1f:fb:fc:e8:4a:0b:2a:13:aa:47:02:07:45:91:
         96:48:0f:7b:7c:bd:97:83:0d:44:a6:fa:cb:68:f3:aa:e2:31:
         23:e9:f5:cc:f5:2d:9e:b0:97:42:7b:76:52:fb:df:24:47:4e:
         71:40:4d:88:2d:ec:03:b1:be:e2:df:1b:db:d6:a3:64:e7:70:
         9e:9b:07:7d:74:7e:95:86:dc:44:9e:2a:3f:3c:bc:7f:c8:bc:
         40:c4:9e:af:6b:bd:c4:b1:ca:c1:31:49:0b:09:c7:d4:ab:38:
         d7:5d:75:a9:2e:9a:d8:15:c2:ad:a9:e3:f1:bb:c6:52:1c:8a:
         4d:7b:94:1a:6b:7f:f8:82:a4:a2:35:96:5e:29:75:dd:05:41:
         c8:7f:e9:9b:ca:df:93:cb:2d:3f:3f:05:11:ac:1d:55:f6:d1:
         09:74:92:bd:e4:91:0f:93:86:5d:d5:0c:f2:11:a1:9d:1b:c4:
         25:db:e5:4c:ed:e0:96:34:fd:90:c0:3b:00:1f:4a:38:b6:d5:
         d7:09:02:f8:42:d1:dd:5e:e1:de:8e:3e:53:18:9f:84:50:36:
         d7:17:74:17:8e:41:28:a9:15:ee:64:6a:95:83:f8:af:9d:15:
         de:a0:54:99
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUScKBE6N/h9deDHjk/YxaIkVdqvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDRGMTU4NUZBREM1Mzg2RDE4NzA3Q0E4QzgyMjQ1Q0JB
RTA2OTY5RjAeFw0yNDAzMDUxODA4MjdaFw0yNTAzMDQxODEzMjdaMDMxMTAvBgNV
BAMTKERCRUI1RjQ0Q0QxQTc3NTU2NDcyRTNDNzExMkZEN0FGREE3Q0YzODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzLCuqGnft0Lqvlvs6BwUDsso1
T8wKndZRy38W6z9vzKPh1lceCup2VXhDrUTfrQKpbmABk6UZYyBFT1tUdgE0ffBW
QYinGoG3T22aFF2OHCiLVt8Upn3ZwtWejJLLmerSxU7oBexHlVfPRWG8benooNaG
pJdN+otI4+CQj9HR/uvvNONUFifCOTNMSxtyFDOrMeaf5/jWSnKm8vfr/1NIhC0t
xKDRLrCZ3fVs/FK8UJrrWGKiMFAXfXIefHeBAb790qsMDvp8VoqxZUMPu1w3cmj1
1Ky16MC+yEP0226PjjjDNF2qh3z2yrNytsJoiyqe2oeQeuEjDSwUUkxUCNNDAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQU2+tfRM0ad1VkcuPHES/Xr9p884AwHwYDVR0j
BBgwFoAU1PFYX63FOG0YcHyoyCJFy64Glp8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84QjMxOTVGOThFMDZFNUI2ODQ3QTQzMzhGQTg4REMwN0NC
MkU1NTk5REI4QjI1NURDMjM1MkZENjRDMTQ4RTdBLzAvRDRGMTU4NUZBREM1Mzg2
RDE4NzA3Q0E4QzgyMjQ1Q0JBRTA2OTY5Ri5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENEYxNTg1RkFEQzUzODZEMTg3
MDdDQThDODIyNDVDQkFFMDY5NjlGLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEIzMTk1Rjk4RTA2RTVCNjg0N0E0MzM4RkE4OERDMDdDQjJFNTU5OURC
OEIyNTVEQzIzNTJGRDY0QzE0OEU3QS8wLzMyMzgzMDMxM2EzMTM0M2E2MjMwMzAz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzIzMzMxMzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AQAUsAAwDQYJKoZIhvcNAQELBQADggEBALytwBDzWcKE7AGog8OGlE/AP5qf7Scf
+/zoSgsqE6pHAgdFkZZID3t8vZeDDUSm+sto86riMSPp9cz1LZ6wl0J7dlL73yRH
TnFATYgt7AOxvuLfG9vWo2TncJ6bB310fpWG3ESeKj88vH/IvEDEnq9rvcSxysEx
SQsJx9SrONdddakumtgVwq2p4/G7xlIcik17lBprf/iCpKI1ll4pdd0FQch/6ZvK
35PLLT8/BRGsHVX20Ql0kr3kkQ+Thl3VDPIRoZ0bxCXb5Uzt4JY0/ZDAOwAfSji2
1dcJAvhC0d1e4d6OPlMYn4RQNtcXdBeOQSipFe5kapWD+K+dFd6gVJk=
-----END CERTIFICATE-----
Generated at Sun Jun 16 15:56:35 2024 by rpki-client on console-ams.rpki-client.org