Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C32A8D50921BD87E43FA761FF973EE18169DD40683D0E47F21FE7576E4C359E0/0/323830313a3164613a3a2f34342d3434203d3e203134303830.roa
File:                     323830313a3164613a3a2f34342d3434203d3e203134303830.roa (raw, json)
Hash identifier:          i7wNxMHi7+qiAAnodd+Qi2XX4YY+qlsPQzqgvmBlah8=
Subject key identifier:   69:B4:04:D1:26:85:BA:09:FE:54:3F:6B:6E:E0:4B:A1:2B:C6:15:8C
Certificate issuer:       /CN=72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C
Certificate serial:       052EC0FD6D520D06FD488B4B5481EF7880610970
Authority key identifier: 72:B6:7F:DA:04:24:6C:53:AE:1C:1A:7E:BE:6E:F5:7B:4E:9C:84:2C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C32A8D50921BD87E43FA761FF973EE18169DD40683D0E47F21FE7576E4C359E0/0/323830313a3164613a3a2f34342d3434203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 17:41:54 +0000
ROA not before:           Tue 05 Mar 2024 17:36:54 +0000
ROA not after:            Tue 04 Mar 2025 17:41:54 +0000
asID:                     14080
IP address blocks:        2801:1da::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C32A8D50921BD87E43FA761FF973EE18169DD40683D0E47F21FE7576E4C359E0/0/72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C32A8D50921BD87E43FA761FF973EE18169DD40683D0E47F21FE7576E4C359E0/0/72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 10:27:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:2e:c0:fd:6d:52:0d:06:fd:48:8b:4b:54:81:ef:78:80:61:09:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C
        Validity
            Not Before: Mar  5 17:36:54 2024 GMT
            Not After : Mar  4 17:41:54 2025 GMT
        Subject: CN=69B404D12685BA09FE543F6B6EE04BA12BC6158C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:6a:5a:54:73:15:5e:11:eb:73:d7:d9:31:14:
                    e9:f3:1d:9b:b9:85:cf:e0:cc:61:71:50:69:1b:a1:
                    7b:b6:dc:e5:9c:52:7a:73:52:ec:2c:c4:3f:f8:e7:
                    52:2a:55:7c:6c:a1:11:82:84:2f:5b:7a:80:3f:fa:
                    57:14:3f:79:85:64:8b:b5:04:e4:cf:9c:57:0f:4b:
                    cd:b6:97:79:b2:fe:33:3d:1e:bf:13:d2:53:07:73:
                    d9:b3:77:3c:1e:1e:26:3b:67:8a:c8:d7:49:47:68:
                    79:7d:e3:d7:45:a7:ce:4c:0b:f7:b8:2e:24:0e:59:
                    51:34:6f:76:4f:eb:ca:4c:9f:23:2b:66:18:3c:f7:
                    c4:a3:00:03:d0:37:18:1d:e2:91:98:da:7c:dc:ed:
                    e0:23:78:bd:56:4e:8e:ce:5e:03:f4:d5:fd:d4:e6:
                    67:09:10:ee:da:a6:6b:80:f0:c8:82:9a:f0:71:6f:
                    bc:11:37:84:62:55:d9:b7:55:cd:2e:12:07:1d:af:
                    21:3c:42:85:30:be:2f:bd:de:61:16:97:7c:7e:15:
                    6c:f1:c4:fc:19:a9:32:ed:97:d9:5b:d1:c3:ed:dd:
                    d3:12:21:6d:80:5a:67:9f:3a:cd:5a:6c:78:22:ba:
                    65:72:9c:a8:db:94:20:b0:d0:82:26:22:78:ea:3f:
                    e2:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:B4:04:D1:26:85:BA:09:FE:54:3F:6B:6E:E0:4B:A1:2B:C6:15:8C
            X509v3 Authority Key Identifier:
                keyid:72:B6:7F:DA:04:24:6C:53:AE:1C:1A:7E:BE:6E:F5:7B:4E:9C:84:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C32A8D50921BD87E43FA761FF973EE18169DD40683D0E47F21FE7576E4C359E0/0/72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C32A8D50921BD87E43FA761FF973EE18169DD40683D0E47F21FE7576E4C359E0/0/323830313a3164613a3a2f34342d3434203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1da::/44

    Signature Algorithm: sha256WithRSAEncryption
         2b:b0:f1:81:2d:48:82:95:5e:26:9b:cc:e1:80:f5:49:9c:cd:
         33:b4:eb:9e:77:43:86:8c:42:9c:14:ac:f2:d1:d9:6b:96:ae:
         6f:a4:1c:49:de:31:5f:91:90:c9:2a:6e:86:2b:7d:af:4b:d9:
         9b:8c:77:78:ce:79:8c:f6:53:94:45:1f:57:fe:50:27:6f:2f:
         4e:b2:f5:0a:e0:0a:ae:79:9e:d5:60:67:fd:8d:67:4d:1c:85:
         14:04:f1:60:f7:20:c8:ac:42:b6:1c:6f:41:db:60:8c:cd:33:
         7a:7c:2d:88:d3:f2:07:de:8b:57:15:d1:b9:e6:90:0e:b4:26:
         56:66:10:de:e8:e1:68:f5:90:87:02:bc:80:65:67:9b:b4:b5:
         06:41:08:a7:ae:05:25:3c:92:2b:b8:72:e4:58:28:6c:bf:7d:
         b0:cf:c4:d5:d1:50:f6:74:fa:c6:56:50:37:41:64:15:41:2d:
         b0:e6:de:d2:5c:19:63:fb:83:90:d2:83:d4:e5:0b:d8:bf:e4:
         03:ea:d3:91:52:91:7d:17:24:fc:57:29:fe:a7:15:f1:39:3b:
         11:49:cb:cd:f2:2d:61:01:89:2d:e1:24:bd:fc:f2:85:9d:d9:
         b9:27:5f:ad:b4:a5:b1:fc:96:8a:d1:39:cd:24:e9:a7:70:9b:
         16:bd:ab:07
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUBS7A/W1SDQb9SItLVIHveIBhCXAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzJCNjdGREEwNDI0NkM1M0FFMUMxQTdFQkU2RUY1N0I0
RTlDODQyQzAeFw0yNDAzMDUxNzM2NTRaFw0yNTAzMDQxNzQxNTRaMDMxMTAvBgNV
BAMTKDY5QjQwNEQxMjY4NUJBMDlGRTU0M0Y2QjZFRTA0QkExMkJDNjE1OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCralpUcxVeEetz19kxFOnzHZu5
hc/gzGFxUGkboXu23OWcUnpzUuwsxD/451IqVXxsoRGChC9beoA/+lcUP3mFZIu1
BOTPnFcPS822l3my/jM9Hr8T0lMHc9mzdzweHiY7Z4rI10lHaHl949dFp85MC/e4
LiQOWVE0b3ZP68pMnyMrZhg898SjAAPQNxgd4pGY2nzc7eAjeL1WTo7OXgP01f3U
5mcJEO7apmuA8MiCmvBxb7wRN4RiVdm3Vc0uEgcdryE8QoUwvi+93mEWl3x+FWzx
xPwZqTLtl9lb0cPt3dMSIW2AWmefOs1abHgiumVynKjblCCw0IImInjqP+IbAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUabQE0SaFugn+VD9rbuBLoSvGFYwwHwYDVR0j
BBgwFoAUcrZ/2gQkbFOuHBp+vm71e06chCwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DMzJBOEQ1MDkyMUJEODdFNDNGQTc2MUZGOTczRUUxODE2
OURENDA2ODNEMEU0N0YyMUZFNzU3NkU0QzM1OUUwLzAvNzJCNjdGREEwNDI0NkM1
M0FFMUMxQTdFQkU2RUY1N0I0RTlDODQyQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83MkI2N0ZEQTA0MjQ2QzUzQUUx
QzFBN0VCRTZFRjU3QjRFOUM4NDJDLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzMyQThENTA5MjFCRDg3RTQzRkE3NjFGRjk3M0VFMTgxNjlERDQwNjgz
RDBFNDdGMjFGRTc1NzZFNEMzNTlFMC8wLzMyMzgzMDMxM2EzMTY0NjEzYTNhMmYz
NDM0MmQzNDM0MjAzZDNlMjAzMTM0MzAzODMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKAEB2gAAMA0G
CSqGSIb3DQEBCwUAA4IBAQArsPGBLUiClV4mm8zhgPVJnM0ztOued0OGjEKcFKzy
0dlrlq5vpBxJ3jFfkZDJKm6GK32vS9mbjHd4znmM9lOURR9X/lAnby9OsvUK4Aqu
eZ7VYGf9jWdNHIUUBPFg9yDIrEK2HG9B22CMzTN6fC2I0/IH3otXFdG55pAOtCZW
ZhDe6OFo9ZCHAryAZWebtLUGQQinrgUlPJIruHLkWChsv32wz8TV0VD2dPrGVlA3
QWQVQS2w5t7SXBlj+4OQ0oPU5QvYv+QD6tORUpF9FyT8Vyn+pxXxOTsRScvN8i1h
AYkt4SS9/PKFndm5J1+ttKWx/JaK0TnNJOmncJsWvasH
-----END CERTIFICATE-----
Generated at Sat Jun 22 04:28:07 2024 by rpki-client on console-fra.rpki-client.org