Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9DA8C80805BCA4CF63DDA4FBAE73E61851D724B6E761919681A32FF8212233BE/0/323830313a31333a643830303a3a2f34382d3438203d3e203134303830.roa
File:                     323830313a31333a643830303a3a2f34382d3438203d3e203134303830.roa (raw, json)
Hash identifier:          UTmebgocW5sbtiAp43WIoZxtHvUSJ9U2oT1o/YHiX2M=
Subject key identifier:   3E:CD:EF:FE:F4:60:FD:BA:90:51:68:F4:88:E9:9C:45:42:AE:86:85
Certificate issuer:       /CN=2DD53BD69D3A3477F5372EF3689D3AC6BCC5D11B
Certificate serial:       5DC3EDF4104EA4D1214BEC8BF831B5E2CC13BEEA
Authority key identifier: 2D:D5:3B:D6:9D:3A:34:77:F5:37:2E:F3:68:9D:3A:C6:BC:C5:D1:1B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2DD53BD69D3A3477F5372EF3689D3AC6BCC5D11B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9DA8C80805BCA4CF63DDA4FBAE73E61851D724B6E761919681A32FF8212233BE/0/323830313a31333a643830303a3a2f34382d3438203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 17:40:00 +0000
ROA not before:           Tue 05 Mar 2024 17:35:00 +0000
ROA not after:            Tue 04 Mar 2025 17:40:00 +0000
asID:                     14080
IP address blocks:        2801:13:d800::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9DA8C80805BCA4CF63DDA4FBAE73E61851D724B6E761919681A32FF8212233BE/0/2DD53BD69D3A3477F5372EF3689D3AC6BCC5D11B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9DA8C80805BCA4CF63DDA4FBAE73E61851D724B6E761919681A32FF8212233BE/0/2DD53BD69D3A3477F5372EF3689D3AC6BCC5D11B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2DD53BD69D3A3477F5372EF3689D3AC6BCC5D11B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 10:27:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:c3:ed:f4:10:4e:a4:d1:21:4b:ec:8b:f8:31:b5:e2:cc:13:be:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2DD53BD69D3A3477F5372EF3689D3AC6BCC5D11B
        Validity
            Not Before: Mar  5 17:35:00 2024 GMT
            Not After : Mar  4 17:40:00 2025 GMT
        Subject: CN=3ECDEFFEF460FDBA905168F488E99C4542AE8685
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a0:4f:8a:11:a7:df:ca:cf:d4:a1:57:65:e6:
                    62:27:c4:79:e6:48:ef:bc:12:96:33:a3:83:ce:48:
                    8f:6a:c8:06:52:3d:08:04:a4:7b:61:8d:b2:3e:86:
                    dc:59:4c:6a:b8:af:6c:c0:d6:19:a1:a2:00:7d:30:
                    6d:38:32:5e:38:72:aa:e1:6d:02:29:4f:06:db:65:
                    f8:c9:b0:b8:bb:c1:60:c0:db:b3:6b:23:6d:34:18:
                    9b:6b:01:b8:50:02:3d:d4:fa:95:f9:eb:85:9e:9a:
                    56:5c:ab:85:d8:cc:4e:29:73:66:75:5f:08:0f:56:
                    02:2a:a4:a2:a6:61:1c:ee:02:8b:18:39:f9:2c:7b:
                    f2:18:0a:72:a5:75:43:3d:b5:14:21:bc:2c:ed:33:
                    9b:bc:f9:d1:7a:6b:f5:39:fd:e2:40:b7:e1:89:f9:
                    a2:f4:80:9b:33:be:14:bd:1c:10:0e:45:04:ae:7f:
                    5a:22:78:54:38:9c:97:ac:68:e6:65:8d:c3:5d:e0:
                    fe:38:29:a9:4f:f7:81:bf:09:b9:0b:d6:42:02:46:
                    8a:f1:05:61:fe:ce:68:d2:e7:fc:ea:95:6f:d4:d6:
                    f9:0c:1a:ec:b5:ad:2f:67:45:25:27:b1:3d:76:f4:
                    07:67:f9:a0:d4:e2:dd:78:65:4c:ef:d5:f2:b0:67:
                    7d:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:CD:EF:FE:F4:60:FD:BA:90:51:68:F4:88:E9:9C:45:42:AE:86:85
            X509v3 Authority Key Identifier:
                keyid:2D:D5:3B:D6:9D:3A:34:77:F5:37:2E:F3:68:9D:3A:C6:BC:C5:D1:1B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9DA8C80805BCA4CF63DDA4FBAE73E61851D724B6E761919681A32FF8212233BE/0/2DD53BD69D3A3477F5372EF3689D3AC6BCC5D11B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2DD53BD69D3A3477F5372EF3689D3AC6BCC5D11B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9DA8C80805BCA4CF63DDA4FBAE73E61851D724B6E761919681A32FF8212233BE/0/323830313a31333a643830303a3a2f34382d3438203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:13:d800::/48

    Signature Algorithm: sha256WithRSAEncryption
         a4:99:67:3c:ea:d1:e7:d7:77:d0:0f:8e:2e:1d:36:da:34:6b:
         49:0d:9d:96:02:c7:14:59:0a:8f:3a:13:b4:96:9f:5c:98:1d:
         bf:5a:7d:63:3c:c0:a1:77:4c:16:17:b9:49:69:2f:c8:66:15:
         98:8c:16:88:0c:8f:dc:21:de:a3:be:61:3e:f2:a5:47:ed:41:
         42:60:c6:fc:86:ed:3e:3b:5b:1c:ae:af:87:0c:28:13:87:99:
         1a:5d:b0:bc:77:a1:7a:53:28:15:e8:68:0f:0c:b6:47:86:ed:
         09:37:89:d6:f7:03:54:2b:53:70:39:55:b6:22:f0:19:2c:a9:
         a5:15:dc:5f:56:76:b0:56:ce:23:c0:5d:64:9d:30:4e:27:b3:
         8b:aa:74:3a:bb:dc:16:d8:18:2d:32:e4:f3:f4:e3:d2:e4:67:
         ed:8a:c3:68:f6:bd:0a:81:0e:14:7e:86:b0:79:da:6c:ad:2a:
         11:a2:03:02:15:2a:60:31:f3:5d:62:2d:e8:99:f6:7d:f3:dd:
         03:f2:bb:8f:b8:c2:fa:29:c6:47:be:69:b0:ca:c5:dc:7b:14:
         37:66:2c:20:2d:b8:cc:ff:4b:e5:0b:0d:8e:fc:14:97:67:9f:
         a1:4d:68:cc:65:7e:15:91:c0:7e:10:1b:48:16:02:09:c9:3a:
         ca:88:7b:a6
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUXcPt9BBOpNEhS+yL+DG14swTvuowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkRENTNCRDY5RDNBMzQ3N0Y1MzcyRUYzNjg5RDNBQzZC
Q0M1RDExQjAeFw0yNDAzMDUxNzM1MDBaFw0yNTAzMDQxNzQwMDBaMDMxMTAvBgNV
BAMTKDNFQ0RFRkZFRjQ2MEZEQkE5MDUxNjhGNDg4RTk5QzQ1NDJBRTg2ODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLoE+KEaffys/UoVdl5mInxHnm
SO+8EpYzo4POSI9qyAZSPQgEpHthjbI+htxZTGq4r2zA1hmhogB9MG04Ml44cqrh
bQIpTwbbZfjJsLi7wWDA27NrI200GJtrAbhQAj3U+pX564WemlZcq4XYzE4pc2Z1
XwgPVgIqpKKmYRzuAosYOfkse/IYCnKldUM9tRQhvCztM5u8+dF6a/U5/eJAt+GJ
+aL0gJszvhS9HBAORQSuf1oieFQ4nJesaOZljcNd4P44KalP94G/CbkL1kICRorx
BWH+zmjS5/zqlW/U1vkMGuy1rS9nRSUnsT129Adn+aDU4t14ZUzv1fKwZ31NAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUPs3v/vRg/bqQUWj0iOmcRUKuhoUwHwYDVR0j
BBgwFoAULdU71p06NHf1Ny7zaJ06xrzF0RswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85REE4QzgwODA1QkNBNENGNjNEREE0RkJBRTczRTYxODUx
RDcyNEI2RTc2MTkxOTY4MUEzMkZGODIxMjIzM0JFLzAvMkRENTNCRDY5RDNBMzQ3
N0Y1MzcyRUYzNjg5RDNBQzZCQ0M1RDExQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yREQ1M0JENjlEM0EzNDc3RjUz
NzJFRjM2ODlEM0FDNkJDQzVEMTFCLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOURBOEM4MDgwNUJDQTRDRjYzRERBNEZCQUU3M0U2MTg1MUQ3MjRCNkU3
NjE5MTk2ODFBMzJGRjgyMTIyMzNCRS8wLzMyMzgzMDMxM2EzMTMzM2E2NDM4MzAz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzMDM4MzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AQAT2AAwDQYJKoZIhvcNAQELBQADggEBAKSZZzzq0efXd9APji4dNto0a0kNnZYC
xxRZCo86E7SWn1yYHb9afWM8wKF3TBYXuUlpL8hmFZiMFogMj9wh3qO+YT7ypUft
QUJgxvyG7T47Wxyur4cMKBOHmRpdsLx3oXpTKBXoaA8MtkeG7Qk3idb3A1QrU3A5
VbYi8BksqaUV3F9WdrBWziPAXWSdME4ns4uqdDq73BbYGC0y5PP049LkZ+2Kw2j2
vQqBDhR+hrB52mytKhGiAwIVKmAx811iLeiZ9n3z3QPyu4+4wvopxke+abDKxdx7
FDdmLCAtuMz/S+ULDY78FJdnn6FNaMxlfhWRwH4QG0gWAgnJOsqIe6Y=
-----END CERTIFICATE-----
Generated at Sat Jun 22 23:15:07 2024 by rpki-client on console-fra.rpki-client.org