Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E143D2D1D9609492EB73E2854A0F2550E556766BC3AA8D84231165FC6E369009/0/323830313a3132353a3a2f34342d3438203d3e203134303830.roa
File:                     323830313a3132353a3a2f34342d3438203d3e203134303830.roa (raw, json)
Hash identifier:          hf28OGYyd4qIsIBnhfTnVJsmT+wBxelecZ3gMyMs6tY=
Subject key identifier:   A1:74:7D:F3:55:F8:50:5E:B4:90:F9:37:9F:BE:27:27:C0:C7:AC:AC
Certificate issuer:       /CN=0FF983F63D7FEA99222A5FCC88895912ACBD5B94
Certificate serial:       3E0ADD144396BC128994BFF20E096612FD8CD2A1
Authority key identifier: 0F:F9:83:F6:3D:7F:EA:99:22:2A:5F:CC:88:89:59:12:AC:BD:5B:94
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0FF983F63D7FEA99222A5FCC88895912ACBD5B94.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E143D2D1D9609492EB73E2854A0F2550E556766BC3AA8D84231165FC6E369009/0/323830313a3132353a3a2f34342d3438203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 17:53:18 +0000
ROA not before:           Tue 05 Mar 2024 17:48:18 +0000
ROA not after:            Tue 04 Mar 2025 17:53:18 +0000
asID:                     14080
IP address blocks:        2801:125::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/E143D2D1D9609492EB73E2854A0F2550E556766BC3AA8D84231165FC6E369009/0/0FF983F63D7FEA99222A5FCC88895912ACBD5B94.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E143D2D1D9609492EB73E2854A0F2550E556766BC3AA8D84231165FC6E369009/0/0FF983F63D7FEA99222A5FCC88895912ACBD5B94.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0FF983F63D7FEA99222A5FCC88895912ACBD5B94.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 19:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:0a:dd:14:43:96:bc:12:89:94:bf:f2:0e:09:66:12:fd:8c:d2:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0FF983F63D7FEA99222A5FCC88895912ACBD5B94
        Validity
            Not Before: Mar  5 17:48:18 2024 GMT
            Not After : Mar  4 17:53:18 2025 GMT
        Subject: CN=A1747DF355F8505EB490F9379FBE2727C0C7ACAC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:91:7c:f2:6a:dc:9e:e7:17:7b:ec:22:c4:b5:
                    47:b3:db:f4:44:fe:19:93:70:15:14:cb:26:2b:26:
                    40:07:c5:c1:41:e1:e7:23:8a:36:07:fb:d9:1e:4a:
                    a6:d5:16:1c:c7:3a:d6:f6:9b:c4:f6:d6:49:80:7b:
                    b5:38:4d:79:96:f1:35:b4:c5:7d:a9:95:13:ee:8b:
                    b4:26:e7:4e:95:db:a0:57:fd:a8:7e:5e:c2:6f:17:
                    da:76:de:2f:49:32:98:b0:a8:2f:35:0f:45:3d:5e:
                    0b:bc:9c:ea:63:3f:44:ab:fc:d0:f0:48:57:53:eb:
                    7d:18:92:3f:1d:dc:8e:f9:37:26:52:75:e0:e2:d9:
                    a9:57:60:c2:dd:7f:a0:d8:2b:9a:c9:87:4f:03:08:
                    0c:68:29:e8:96:d0:af:c1:08:91:7c:b1:22:13:6b:
                    00:38:3b:db:46:4a:42:ad:c8:2a:72:4a:07:8c:39:
                    93:ac:00:47:46:22:6b:52:f0:ac:8c:c6:d3:22:a6:
                    24:fe:b6:31:4b:f8:09:4d:c8:29:43:71:a0:a4:5a:
                    29:01:ea:ee:f8:89:fb:53:7f:9e:a9:bc:03:2e:78:
                    b5:27:0f:71:6c:44:8c:d9:d6:cd:19:a3:51:83:1f:
                    09:0e:c8:79:eb:61:4e:7d:67:a9:32:99:7c:63:f1:
                    62:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:74:7D:F3:55:F8:50:5E:B4:90:F9:37:9F:BE:27:27:C0:C7:AC:AC
            X509v3 Authority Key Identifier:
                keyid:0F:F9:83:F6:3D:7F:EA:99:22:2A:5F:CC:88:89:59:12:AC:BD:5B:94

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E143D2D1D9609492EB73E2854A0F2550E556766BC3AA8D84231165FC6E369009/0/0FF983F63D7FEA99222A5FCC88895912ACBD5B94.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0FF983F63D7FEA99222A5FCC88895912ACBD5B94.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E143D2D1D9609492EB73E2854A0F2550E556766BC3AA8D84231165FC6E369009/0/323830313a3132353a3a2f34342d3438203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:125::/44

    Signature Algorithm: sha256WithRSAEncryption
         73:83:7c:c5:a9:87:28:fc:e5:da:4a:9e:75:6e:13:2c:22:f7:
         db:f7:b1:12:04:ec:2c:bc:d0:a1:14:f3:b1:1b:84:6d:47:2e:
         a5:fc:37:6c:07:3e:ef:67:e6:01:b3:95:7c:91:43:e5:ef:f3:
         e7:47:64:af:af:94:96:5e:71:bc:94:5f:0e:88:f5:19:0b:ae:
         52:a8:72:65:6a:d4:d3:11:16:2f:de:83:cb:72:04:69:df:e6:
         60:77:8f:41:97:73:83:71:d1:1f:03:72:e4:8d:79:e2:87:e4:
         d4:3b:4c:ff:96:4c:ec:92:5b:a7:8e:40:45:35:4e:7c:19:fb:
         42:e9:e1:64:ac:2e:a3:99:62:34:93:6f:d6:75:c8:36:67:8c:
         cf:47:51:7a:db:d2:04:2f:fa:4f:d6:9d:8e:ff:43:18:69:d0:
         66:75:8a:b8:8a:0f:8a:25:7e:59:25:58:b8:5b:f5:6b:65:ba:
         db:ff:e2:37:ee:09:63:ed:25:42:24:f4:d1:2c:8b:fb:7b:8d:
         d6:1f:8e:c5:0b:1c:0b:e8:e7:5e:df:54:16:cd:4e:34:97:48:
         86:a1:4d:26:30:1b:54:db:8b:53:6c:1e:45:38:f1:ac:01:42:
         e8:ea:e1:f8:0f:15:5f:b1:99:3d:f7:b7:ab:b3:ec:a9:5a:87:
         04:8a:e1:ba
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUPgrdFEOWvBKJlL/yDglmEv2M0qEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEZGOTgzRjYzRDdGRUE5OTIyMkE1RkNDODg4OTU5MTJB
Q0JENUI5NDAeFw0yNDAzMDUxNzQ4MThaFw0yNTAzMDQxNzUzMThaMDMxMTAvBgNV
BAMTKEExNzQ3REYzNTVGODUwNUVCNDkwRjkzNzlGQkUyNzI3QzBDN0FDQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgkXzyatye5xd77CLEtUez2/RE
/hmTcBUUyyYrJkAHxcFB4ecjijYH+9keSqbVFhzHOtb2m8T21kmAe7U4TXmW8TW0
xX2plRPui7Qm506V26BX/ah+XsJvF9p23i9JMpiwqC81D0U9Xgu8nOpjP0Sr/NDw
SFdT630Ykj8d3I75NyZSdeDi2alXYMLdf6DYK5rJh08DCAxoKeiW0K/BCJF8sSIT
awA4O9tGSkKtyCpySgeMOZOsAEdGImtS8KyMxtMipiT+tjFL+AlNyClDcaCkWikB
6u74iftTf56pvAMueLUnD3FsRIzZ1s0Zo1GDHwkOyHnrYU59Z6kymXxj8WLFAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUoXR981X4UF60kPk3n74nJ8DHrKwwHwYDVR0j
BBgwFoAUD/mD9j1/6pkiKl/MiIlZEqy9W5QwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FMTQzRDJEMUQ5NjA5NDkyRUI3M0UyODU0QTBGMjU1MEU1
NTY3NjZCQzNBQThEODQyMzExNjVGQzZFMzY5MDA5LzAvMEZGOTgzRjYzRDdGRUE5
OTIyMkE1RkNDODg4OTU5MTJBQ0JENUI5NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wRkY5ODNGNjNEN0ZFQTk5MjIy
QTVGQ0M4ODg5NTkxMkFDQkQ1Qjk0LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTE0M0QyRDFEOTYwOTQ5MkVCNzNFMjg1NEEwRjI1NTBFNTU2NzY2QkMz
QUE4RDg0MjMxMTY1RkM2RTM2OTAwOS8wLzMyMzgzMDMxM2EzMTMyMzUzYTNhMmYz
NDM0MmQzNDM4MjAzZDNlMjAzMTM0MzAzODMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKAEBJQAAMA0G
CSqGSIb3DQEBCwUAA4IBAQBzg3zFqYco/OXaSp51bhMsIvfb97ESBOwsvNChFPOx
G4RtRy6l/DdsBz7vZ+YBs5V8kUPl7/PnR2Svr5SWXnG8lF8OiPUZC65SqHJlatTT
ERYv3oPLcgRp3+Zgd49Bl3ODcdEfA3LkjXnih+TUO0z/lkzsklunjkBFNU58GftC
6eFkrC6jmWI0k2/Wdcg2Z4zPR1F629IEL/pP1p2O/0MYadBmdYq4ig+KJX5ZJVi4
W/VrZbrb/+I37glj7SVCJPTRLIv7e43WH47FCxwL6Ode31QWzU40l0iGoU0mMBtU
24tTbB5FOPGsAULo6uH4DxVfsZk997ers+ypWocEiuG6
-----END CERTIFICATE-----
Generated at Tue Dec 10 15:49:02 2024 by rpki-client on console-ams.rpki-client.org