Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C77502A6749838CABE48553066A904DB3DACC6B74834090834593058AE5EE43B/0/323830313a31373a653030303a3a2f34382d3438203d3e20323633383130.roa
File:                     323830313a31373a653030303a3a2f34382d3438203d3e20323633383130.roa (raw, json)
Hash identifier:          KGnNO1pWq3GFEvZLbcHf54j8y4QqDA7O4jA4cn6EbKg=
Subject key identifier:   33:6A:6B:F6:43:6B:DD:B5:AA:96:48:FF:71:44:F7:02:AE:C2:40:FF
Certificate issuer:       /CN=A7B8DED03E12C864EE6F1C50B966C80D93223151
Certificate serial:       73457E35EFE58DB24D208BB5603A46258436BA95
Authority key identifier: A7:B8:DE:D0:3E:12:C8:64:EE:6F:1C:50:B9:66:C8:0D:93:22:31:51
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A7B8DED03E12C864EE6F1C50B966C80D93223151.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C77502A6749838CABE48553066A904DB3DACC6B74834090834593058AE5EE43B/0/323830313a31373a653030303a3a2f34382d3438203d3e20323633383130.roa
Signing time:             Tue 05 Mar 2024 17:43:38 +0000
ROA not before:           Tue 05 Mar 2024 17:38:38 +0000
ROA not after:            Tue 04 Mar 2025 17:43:38 +0000
asID:                     263810
IP address blocks:        2801:17:e000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C77502A6749838CABE48553066A904DB3DACC6B74834090834593058AE5EE43B/0/A7B8DED03E12C864EE6F1C50B966C80D93223151.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C77502A6749838CABE48553066A904DB3DACC6B74834090834593058AE5EE43B/0/A7B8DED03E12C864EE6F1C50B966C80D93223151.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A7B8DED03E12C864EE6F1C50B966C80D93223151.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:45:7e:35:ef:e5:8d:b2:4d:20:8b:b5:60:3a:46:25:84:36:ba:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A7B8DED03E12C864EE6F1C50B966C80D93223151
        Validity
            Not Before: Mar  5 17:38:38 2024 GMT
            Not After : Mar  4 17:43:38 2025 GMT
        Subject: CN=336A6BF6436BDDB5AA9648FF7144F702AEC240FF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:10:e7:42:65:cb:1e:24:be:ea:16:31:f3:fb:
                    8f:2f:96:3a:58:f1:14:bd:41:98:f4:98:6a:35:6e:
                    1d:23:5f:f1:d4:74:90:71:27:03:c9:41:42:46:93:
                    86:3a:76:2a:72:9b:48:20:db:59:28:93:a6:76:57:
                    0e:a6:36:50:da:ef:24:3b:34:9e:38:05:8a:a6:0f:
                    4a:3c:d1:9b:2e:b1:3f:d0:fe:12:c1:36:06:aa:67:
                    57:d9:be:86:01:59:52:87:73:41:a3:d4:3b:fa:1a:
                    1f:e4:19:41:e2:31:2b:20:b0:8a:75:e8:c5:9e:2f:
                    0d:53:c1:59:33:75:1e:fc:10:95:dd:5b:a6:d2:32:
                    1e:2c:50:74:2d:2f:08:54:8a:8d:62:20:b8:ae:3b:
                    32:e7:1b:06:ae:b7:94:3a:1e:bc:dc:db:f0:eb:4b:
                    67:c0:1f:a9:4d:93:fc:a5:33:69:40:27:d0:9a:6d:
                    7f:8b:2f:5c:db:1f:08:e8:ce:7f:ad:bb:90:ee:10:
                    c8:9a:8e:fc:8b:ac:5c:06:d6:32:fe:5b:84:a4:07:
                    dd:b3:1a:c6:17:f8:69:35:5c:f1:4d:a5:d4:5a:0b:
                    e5:da:d8:ad:58:c5:ea:56:f7:17:8c:6b:5f:6a:45:
                    e6:46:d7:a8:4e:92:fd:40:3a:d7:9a:92:ca:a7:49:
                    05:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:6A:6B:F6:43:6B:DD:B5:AA:96:48:FF:71:44:F7:02:AE:C2:40:FF
            X509v3 Authority Key Identifier:
                keyid:A7:B8:DE:D0:3E:12:C8:64:EE:6F:1C:50:B9:66:C8:0D:93:22:31:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C77502A6749838CABE48553066A904DB3DACC6B74834090834593058AE5EE43B/0/A7B8DED03E12C864EE6F1C50B966C80D93223151.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A7B8DED03E12C864EE6F1C50B966C80D93223151.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C77502A6749838CABE48553066A904DB3DACC6B74834090834593058AE5EE43B/0/323830313a31373a653030303a3a2f34382d3438203d3e20323633383130.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:17:e000::/48

    Signature Algorithm: sha256WithRSAEncryption
         95:92:c3:54:9d:bd:50:2b:b6:0c:68:c9:71:f5:cc:69:78:7c:
         2d:ae:e1:d4:47:bd:da:2b:74:d1:99:aa:3f:83:ad:8f:3d:51:
         1e:c0:bd:69:f4:14:67:cb:35:3f:f1:df:18:73:8e:6c:b2:cf:
         60:f0:4c:bc:c1:11:f7:35:63:7c:2d:f0:30:8b:82:49:9c:85:
         b5:f8:c9:0e:58:8f:fb:83:d5:4f:1f:52:85:48:9a:d6:97:a2:
         08:a2:ec:6a:64:fb:2e:1b:13:5a:ad:a8:f5:f3:6e:90:04:65:
         da:4f:99:5c:4e:28:07:13:21:92:90:9d:bb:2d:4e:33:fd:38:
         f8:b2:7d:03:8b:d6:fb:42:45:37:24:e1:90:9f:fb:a0:33:75:
         6a:d3:a7:8f:2b:89:1c:9f:95:5b:05:57:6c:93:32:82:14:3f:
         d6:76:f5:87:15:7e:de:42:e1:9f:3e:68:13:be:98:39:74:92:
         4b:c3:cb:e2:3f:6a:eb:90:78:71:25:0e:fa:61:12:c2:e4:40:
         8c:02:6b:2f:33:e5:2e:8a:ca:98:65:42:b0:11:6f:4a:55:b5:
         2f:fd:93:8c:93:9a:5b:7c:83:60:37:8e:fa:5b:3e:4a:31:16:
         50:59:2c:db:5a:08:52:1b:5a:a1:e5:d7:de:a8:e4:46:ca:b6:
         f2:e0:34:6b
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIUc0V+Ne/ljbJNIIu1YDpGJYQ2upUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTdCOERFRDAzRTEyQzg2NEVFNkYxQzUwQjk2NkM4MEQ5
MzIyMzE1MTAeFw0yNDAzMDUxNzM4MzhaFw0yNTAzMDQxNzQzMzhaMDMxMTAvBgNV
BAMTKDMzNkE2QkY2NDM2QkREQjVBQTk2NDhGRjcxNDRGNzAyQUVDMjQwRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChEOdCZcseJL7qFjHz+48vljpY
8RS9QZj0mGo1bh0jX/HUdJBxJwPJQUJGk4Y6dipym0gg21kok6Z2Vw6mNlDa7yQ7
NJ44BYqmD0o80ZsusT/Q/hLBNgaqZ1fZvoYBWVKHc0Gj1Dv6Gh/kGUHiMSsgsIp1
6MWeLw1TwVkzdR78EJXdW6bSMh4sUHQtLwhUio1iILiuOzLnGwaut5Q6Hrzc2/Dr
S2fAH6lNk/ylM2lAJ9CabX+LL1zbHwjozn+tu5DuEMiajvyLrFwG1jL+W4SkB92z
GsYX+Gk1XPFNpdRaC+Xa2K1YxepW9xeMa19qReZG16hOkv1AOteaksqnSQVfAgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQUM2pr9kNr3bWqlkj/cUT3Aq7CQP8wHwYDVR0j
BBgwFoAUp7je0D4SyGTubxxQuWbIDZMiMVEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DNzc1MDJBNjc0OTgzOENBQkU0ODU1MzA2NkE5MDREQjNE
QUNDNkI3NDgzNDA5MDgzNDU5MzA1OEFFNUVFNDNCLzAvQTdCOERFRDAzRTEyQzg2
NEVFNkYxQzUwQjk2NkM4MEQ5MzIyMzE1MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BN0I4REVEMDNFMTJDODY0RUU2
RjFDNTBCOTY2QzgwRDkzMjIzMTUxLmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzc3NTAyQTY3NDk4MzhDQUJFNDg1NTMwNjZBOTA0REIzREFDQzZCNzQ4
MzQwOTA4MzQ1OTMwNThBRTVFRTQzQi8wLzMyMzgzMDMxM2EzMTM3M2E2NTMwMzAz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzYzMzM4MzEzMC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMH
ACgBABfgADANBgkqhkiG9w0BAQsFAAOCAQEAlZLDVJ29UCu2DGjJcfXMaXh8La7h
1Ee92it00ZmqP4Otjz1RHsC9afQUZ8s1P/HfGHOObLLPYPBMvMER9zVjfC3wMIuC
SZyFtfjJDliP+4PVTx9ShUia1peiCKLsamT7LhsTWq2o9fNukARl2k+ZXE4oBxMh
kpCduy1OM/04+LJ9A4vW+0JFNyThkJ/7oDN1atOnjyuJHJ+VWwVXbJMyghQ/1nb1
hxV+3kLhnz5oE76YOXSSS8PL4j9q65B4cSUO+mESwuRAjAJrLzPlLorKmGVCsBFv
SlW1L/2TjJOaW3yDYDeO+ls+SjEWUFks21oIUhtaoeXX3qjkRsq28uA0aw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:38:06 2024 by rpki-client on console-ams.rpki-client.org