Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B141EB61AA977898F5638128056510257A1EB4F18042E353CE2EF886E8D20983/0/323830313a3164383a3a2f33362d3336203d3e203134303830.roa
File:                     323830313a3164383a3a2f33362d3336203d3e203134303830.roa (raw, json)
Hash identifier:          7VMb0hX32NPkuWsuD1TRo8AclnnG+LRHOUeNIMezMzc=
Subject key identifier:   62:FB:B1:06:8A:BF:5F:80:A3:13:C7:65:C6:BE:26:9F:E8:16:D5:D2
Certificate issuer:       /CN=CFEC95C042F718CFDEFD38BC85C4AFBA3E7A9AF8
Certificate serial:       16F2E22B1912A10646F2E7844A5985EE7C713179
Authority key identifier: CF:EC:95:C0:42:F7:18:CF:DE:FD:38:BC:85:C4:AF:BA:3E:7A:9A:F8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CFEC95C042F718CFDEFD38BC85C4AFBA3E7A9AF8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B141EB61AA977898F5638128056510257A1EB4F18042E353CE2EF886E8D20983/0/323830313a3164383a3a2f33362d3336203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 18:21:09 +0000
ROA not before:           Tue 05 Mar 2024 18:16:09 +0000
ROA not after:            Tue 04 Mar 2025 18:21:09 +0000
asID:                     14080
IP address blocks:        2801:1d8::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/B141EB61AA977898F5638128056510257A1EB4F18042E353CE2EF886E8D20983/0/CFEC95C042F718CFDEFD38BC85C4AFBA3E7A9AF8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/B141EB61AA977898F5638128056510257A1EB4F18042E353CE2EF886E8D20983/0/CFEC95C042F718CFDEFD38BC85C4AFBA3E7A9AF8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CFEC95C042F718CFDEFD38BC85C4AFBA3E7A9AF8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 24 Jun 2024 23:54:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:f2:e2:2b:19:12:a1:06:46:f2:e7:84:4a:59:85:ee:7c:71:31:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CFEC95C042F718CFDEFD38BC85C4AFBA3E7A9AF8
        Validity
            Not Before: Mar  5 18:16:09 2024 GMT
            Not After : Mar  4 18:21:09 2025 GMT
        Subject: CN=62FBB1068ABF5F80A313C765C6BE269FE816D5D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:a7:fb:a5:ee:6c:99:e8:b0:bf:1f:b1:01:10:
                    cd:2a:7f:fa:4f:49:f9:d8:b7:79:a9:bb:d0:64:d5:
                    5b:2b:87:ca:e2:89:e8:10:50:71:00:9c:35:e7:0a:
                    15:6e:49:32:9c:ad:f7:fc:5a:cd:da:5e:a1:dd:7e:
                    81:d8:73:1b:20:ff:61:26:5a:d6:29:1d:f7:69:91:
                    c1:8c:87:c9:d0:91:02:0f:9b:68:88:3a:ae:50:66:
                    97:99:b5:da:6c:70:25:a3:47:b0:0a:a4:fa:09:b1:
                    78:0c:a4:26:9a:5e:2b:ea:3d:ee:28:76:a5:ee:53:
                    0b:64:bf:12:70:ae:0f:ef:60:3c:1f:6f:c7:c7:2c:
                    f3:11:bf:e0:cc:82:9a:81:fb:dc:6c:dc:b4:af:46:
                    59:07:59:c3:d0:cd:ef:a8:65:47:2d:ec:91:90:c3:
                    11:94:ab:eb:96:5e:e9:25:44:7c:17:75:85:c1:69:
                    73:52:52:d9:e9:99:3d:05:1d:e0:b3:96:5e:cf:e8:
                    a9:ca:a2:9e:56:a0:00:c0:6c:97:1e:d5:cf:3c:22:
                    ac:3c:71:e7:2c:ae:f7:4e:92:b9:3f:a1:46:1f:06:
                    96:c2:43:50:0d:d7:8d:5e:72:9e:57:c1:6a:2f:76:
                    c7:ec:7f:a7:c6:01:fb:25:04:d6:f1:04:11:ed:ef:
                    1e:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:FB:B1:06:8A:BF:5F:80:A3:13:C7:65:C6:BE:26:9F:E8:16:D5:D2
            X509v3 Authority Key Identifier:
                keyid:CF:EC:95:C0:42:F7:18:CF:DE:FD:38:BC:85:C4:AF:BA:3E:7A:9A:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B141EB61AA977898F5638128056510257A1EB4F18042E353CE2EF886E8D20983/0/CFEC95C042F718CFDEFD38BC85C4AFBA3E7A9AF8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CFEC95C042F718CFDEFD38BC85C4AFBA3E7A9AF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B141EB61AA977898F5638128056510257A1EB4F18042E353CE2EF886E8D20983/0/323830313a3164383a3a2f33362d3336203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1d8::/36

    Signature Algorithm: sha256WithRSAEncryption
         72:9b:42:f8:77:b5:cd:d6:0f:3c:0f:82:83:8d:9f:ae:10:08:
         8b:c5:b3:ae:45:5c:db:4b:d0:fb:e1:73:fa:6e:93:c6:84:ae:
         5e:5e:42:37:88:98:89:e7:13:21:5e:b4:e8:5d:a7:37:5f:6f:
         9f:3d:0b:8c:38:0e:3e:f2:93:c2:30:b9:08:39:7f:9a:0c:cd:
         fa:47:c9:85:63:0a:c1:cb:45:5f:10:44:94:7c:9a:0e:9f:59:
         2f:ed:e7:00:75:6f:24:c0:9f:70:f6:dc:35:93:5e:6d:be:70:
         f1:45:5c:45:08:74:34:d8:a4:89:93:bd:62:27:ba:df:42:9e:
         b4:bc:a7:db:14:fd:81:33:c6:f7:9b:c4:cd:ef:c9:48:ea:66:
         8b:07:9c:d4:6b:e4:c0:0f:05:2a:5f:ad:7f:4f:34:b7:05:a7:
         60:10:72:42:17:0c:d2:33:e9:f3:25:a6:68:d5:d3:af:cb:22:
         8a:db:1e:28:fe:a3:66:a2:02:7a:cb:e5:4c:5e:30:17:12:f2:
         3a:e0:12:6c:64:9f:96:c3:5b:17:36:26:96:08:b1:3a:1b:dc:
         4f:ef:7b:09:65:cd:88:c0:3d:d7:c0:46:69:0f:47:55:72:2e:
         ce:26:41:de:2a:ad:cd:bc:fc:5d:a1:7e:30:6b:d6:72:10:93:
         e2:91:63:e0
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUFvLiKxkSoQZG8ueESlmF7nxxMXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0ZFQzk1QzA0MkY3MThDRkRFRkQzOEJDODVDNEFGQkEz
RTdBOUFGODAeFw0yNDAzMDUxODE2MDlaFw0yNTAzMDQxODIxMDlaMDMxMTAvBgNV
BAMTKDYyRkJCMTA2OEFCRjVGODBBMzEzQzc2NUM2QkUyNjlGRTgxNkQ1RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNp/ul7myZ6LC/H7EBEM0qf/pP
SfnYt3mpu9Bk1Vsrh8riiegQUHEAnDXnChVuSTKcrff8Ws3aXqHdfoHYcxsg/2Em
WtYpHfdpkcGMh8nQkQIPm2iIOq5QZpeZtdpscCWjR7AKpPoJsXgMpCaaXivqPe4o
dqXuUwtkvxJwrg/vYDwfb8fHLPMRv+DMgpqB+9xs3LSvRlkHWcPQze+oZUct7JGQ
wxGUq+uWXuklRHwXdYXBaXNSUtnpmT0FHeCzll7P6KnKop5WoADAbJce1c88Iqw8
cecsrvdOkrk/oUYfBpbCQ1AN141ecp5XwWovdsfsf6fGAfslBNbxBBHt7x4hAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUYvuxBoq/X4CjE8dlxr4mn+gW1dIwHwYDVR0j
BBgwFoAUz+yVwEL3GM/e/Ti8hcSvuj56mvgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMTQxRUI2MUFBOTc3ODk4RjU2MzgxMjgwNTY1MTAyNTdB
MUVCNEYxODA0MkUzNTNDRTJFRjg4NkU4RDIwOTgzLzAvQ0ZFQzk1QzA0MkY3MThD
RkRFRkQzOEJDODVDNEFGQkEzRTdBOUFGOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DRkVDOTVDMDQyRjcxOENGREVG
RDM4QkM4NUM0QUZCQTNFN0E5QUY4LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjE0MUVCNjFBQTk3Nzg5OEY1NjM4MTI4MDU2NTEwMjU3QTFFQjRGMTgw
NDJFMzUzQ0UyRUY4ODZFOEQyMDk4My8wLzMyMzgzMDMxM2EzMTY0MzgzYTNhMmYz
MzM2MmQzMzM2MjAzZDNlMjAzMTM0MzAzODMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKAEB2AAwDQYJ
KoZIhvcNAQELBQADggEBAHKbQvh3tc3WDzwPgoONn64QCIvFs65FXNtL0Pvhc/pu
k8aErl5eQjeImInnEyFetOhdpzdfb589C4w4Dj7yk8IwuQg5f5oMzfpHyYVjCsHL
RV8QRJR8mg6fWS/t5wB1byTAn3D23DWTXm2+cPFFXEUIdDTYpImTvWInut9CnrS8
p9sU/YEzxvebxM3vyUjqZosHnNRr5MAPBSpfrX9PNLcFp2AQckIXDNIz6fMlpmjV
06/LIorbHij+o2aiAnrL5UxeMBcS8jrgEmxkn5bDWxc2JpYIsTob3E/vewllzYjA
PdfARmkPR1VyLs4mQd4qrc28/F2hfjBr1nIQk+KRY+A=
-----END CERTIFICATE-----
Generated at Fri Jun 21 16:09:59 2024 by rpki-client on console-fra.rpki-client.org