Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/EB815C78DDD40B4927D980FA94E8D07AD34C343AA1F23CD5DDE95FEF9FBCF1A4/0/323830313a3135313a66613a3a2f34382d3438203d3e20323731383931.roa
File:                     323830313a3135313a66613a3a2f34382d3438203d3e20323731383931.roa (raw, json)
Hash identifier:          INQElI0pGvq8B2SKVdGGSjQ7+PiKwx/AMQnD+Xi6ARM=
Subject key identifier:   91:0F:69:87:77:AB:2D:31:4F:49:2F:48:E3:4F:71:7F:01:D1:EB:9A
Certificate issuer:       /CN=4312ACB2226F8B88E5E89EF2F1442B8EEFB3B279
Certificate serial:       4BC7D7CD56EB20021D042407EBBF8A625855B0D0
Authority key identifier: 43:12:AC:B2:22:6F:8B:88:E5:E8:9E:F2:F1:44:2B:8E:EF:B3:B2:79
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4312ACB2226F8B88E5E89EF2F1442B8EEFB3B279.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/EB815C78DDD40B4927D980FA94E8D07AD34C343AA1F23CD5DDE95FEF9FBCF1A4/0/323830313a3135313a66613a3a2f34382d3438203d3e20323731383931.roa
Signing time:             Tue 05 Mar 2024 18:15:39 +0000
ROA not before:           Tue 05 Mar 2024 18:10:39 +0000
ROA not after:            Tue 04 Mar 2025 18:15:39 +0000
asID:                     271891
IP address blocks:        2801:151:fa::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/EB815C78DDD40B4927D980FA94E8D07AD34C343AA1F23CD5DDE95FEF9FBCF1A4/0/4312ACB2226F8B88E5E89EF2F1442B8EEFB3B279.crl
                          rsync://repository.lacnic.net/rpki/lacnic/EB815C78DDD40B4927D980FA94E8D07AD34C343AA1F23CD5DDE95FEF9FBCF1A4/0/4312ACB2226F8B88E5E89EF2F1442B8EEFB3B279.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4312ACB2226F8B88E5E89EF2F1442B8EEFB3B279.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:c7:d7:cd:56:eb:20:02:1d:04:24:07:eb:bf:8a:62:58:55:b0:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4312ACB2226F8B88E5E89EF2F1442B8EEFB3B279
        Validity
            Not Before: Mar  5 18:10:39 2024 GMT
            Not After : Mar  4 18:15:39 2025 GMT
        Subject: CN=910F698777AB2D314F492F48E34F717F01D1EB9A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:1b:51:a3:4a:9d:70:63:2c:8e:ea:35:29:d3:
                    71:2f:06:15:d7:57:75:8c:80:f7:c0:e6:9e:58:53:
                    3d:43:33:48:24:2e:ce:3f:e2:b9:d2:58:90:8a:1c:
                    d9:d4:b4:5f:e0:a6:2f:b8:92:c5:0f:9a:e0:87:c7:
                    9d:cb:14:f2:85:4c:a1:1d:e3:a3:c2:7a:58:d2:e2:
                    7c:02:d8:77:a5:bc:c7:24:67:8b:cb:66:50:72:68:
                    9f:27:63:d1:96:ae:9f:a7:6b:8c:92:4d:5d:b4:67:
                    0c:ad:82:25:7d:d8:23:9f:0e:98:e0:1d:c0:0d:f2:
                    1c:4d:66:1d:63:14:fb:a3:78:b5:59:b4:9d:27:9e:
                    df:57:32:2e:a9:4f:0c:ad:ec:bb:77:f2:33:0a:45:
                    6b:64:7f:24:e4:8f:40:6e:4c:25:7c:1a:37:0e:46:
                    b3:28:a4:a1:5a:d0:83:6a:e8:cb:a7:e3:e5:fd:4b:
                    64:a8:a0:46:19:51:fd:92:9a:eb:c6:39:56:af:01:
                    17:d8:58:ee:07:d2:1b:81:ae:a9:b1:53:3b:8b:8b:
                    59:d2:74:04:53:52:a2:35:9f:27:aa:00:e2:82:7c:
                    d4:a7:15:02:65:cc:65:ad:7b:fe:f2:a1:54:14:f7:
                    a4:dd:1f:9c:f6:e1:60:82:29:90:0a:68:6b:3f:1b:
                    55:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:0F:69:87:77:AB:2D:31:4F:49:2F:48:E3:4F:71:7F:01:D1:EB:9A
            X509v3 Authority Key Identifier:
                keyid:43:12:AC:B2:22:6F:8B:88:E5:E8:9E:F2:F1:44:2B:8E:EF:B3:B2:79

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/EB815C78DDD40B4927D980FA94E8D07AD34C343AA1F23CD5DDE95FEF9FBCF1A4/0/4312ACB2226F8B88E5E89EF2F1442B8EEFB3B279.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4312ACB2226F8B88E5E89EF2F1442B8EEFB3B279.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/EB815C78DDD40B4927D980FA94E8D07AD34C343AA1F23CD5DDE95FEF9FBCF1A4/0/323830313a3135313a66613a3a2f34382d3438203d3e20323731383931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:151:fa::/48

    Signature Algorithm: sha256WithRSAEncryption
         25:f1:96:0f:47:79:52:17:a1:66:5c:e3:cc:b8:fd:d7:0b:1e:
         a1:08:41:29:0f:42:69:32:91:52:e6:c3:a5:80:3a:f1:8a:28:
         c5:b4:05:e9:76:d6:0f:b8:27:94:0f:65:20:d4:0c:69:2e:59:
         98:18:b0:24:77:d1:13:4c:11:3c:a8:d0:55:30:3d:d2:71:69:
         dd:e7:b9:df:0b:67:a8:6c:73:d3:3c:d9:ba:8c:d6:64:1d:7c:
         9c:31:94:82:5b:d1:2d:e0:52:5c:7f:0c:30:d3:82:5e:1b:4d:
         f9:5a:34:e4:30:5a:63:2b:c6:1e:2d:ae:05:02:8f:0f:e1:58:
         56:20:1e:b8:73:4f:99:70:92:45:b7:ed:4d:38:f2:96:9d:74:
         4e:d1:c5:51:d6:42:9b:cc:9b:e1:0c:17:9e:ee:3c:54:e8:46:
         a2:f5:77:71:f0:7e:57:b4:63:40:a1:2d:7c:21:ee:f4:6f:38:
         cb:d0:ef:0d:e3:a6:d1:a7:62:e5:16:ab:93:d7:b2:8d:51:f7:
         b1:e9:dc:69:8a:cf:9a:13:a0:11:ce:ab:67:4a:7a:d0:5c:0d:
         e0:5f:2c:51:b6:bd:18:29:ba:8c:ae:e4:e2:63:64:88:8a:11:
         56:92:93:6c:f9:83:94:74:1f:5a:3f:23:c4:34:68:07:da:63:
         a8:68:3c:6f
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUS8fXzVbrIAIdBCQH67+KYlhVsNAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDMxMkFDQjIyMjZGOEI4OEU1RTg5RUYyRjE0NDJCOEVF
RkIzQjI3OTAeFw0yNDAzMDUxODEwMzlaFw0yNTAzMDQxODE1MzlaMDMxMTAvBgNV
BAMTKDkxMEY2OTg3NzdBQjJEMzE0RjQ5MkY0OEUzNEY3MTdGMDFEMUVCOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClG1GjSp1wYyyO6jUp03EvBhXX
V3WMgPfA5p5YUz1DM0gkLs4/4rnSWJCKHNnUtF/gpi+4ksUPmuCHx53LFPKFTKEd
46PCeljS4nwC2HelvMckZ4vLZlByaJ8nY9GWrp+na4ySTV20ZwytgiV92COfDpjg
HcAN8hxNZh1jFPujeLVZtJ0nnt9XMi6pTwyt7Lt38jMKRWtkfyTkj0BuTCV8GjcO
RrMopKFa0INq6Mun4+X9S2SooEYZUf2SmuvGOVavARfYWO4H0huBrqmxUzuLi1nS
dARTUqI1nyeqAOKCfNSnFQJlzGWte/7yoVQU96TdH5z24WCCKZAKaGs/G1XRAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUkQ9ph3erLTFPSS9I409xfwHR65owHwYDVR0j
BBgwFoAUQxKssiJvi4jl6J7y8UQrju+zsnkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FQjgxNUM3OERERDQwQjQ5MjdEOTgwRkE5NEU4RDA3QUQz
NEMzNDNBQTFGMjNDRDVEREU5NUZFRjlGQkNGMUE0LzAvNDMxMkFDQjIyMjZGOEI4
OEU1RTg5RUYyRjE0NDJCOEVFRkIzQjI3OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80MzEyQUNCMjIyNkY4Qjg4RTVF
ODlFRjJGMTQ0MkI4RUVGQjNCMjc5LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRUI4MTVDNzhEREQ0MEI0OTI3RDk4MEZBOTRFOEQwN0FEMzRDMzQzQUEx
RjIzQ0Q1RERFOTVGRUY5RkJDRjFBNC8wLzMyMzgzMDMxM2EzMTM1MzEzYTY2NjEz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM3MzEzODM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AQFRAPowDQYJKoZIhvcNAQELBQADggEBACXxlg9HeVIXoWZc48y4/dcLHqEIQSkP
QmkykVLmw6WAOvGKKMW0Bel21g+4J5QPZSDUDGkuWZgYsCR30RNMETyo0FUwPdJx
ad3nud8LZ6hsc9M82bqM1mQdfJwxlIJb0S3gUlx/DDDTgl4bTflaNOQwWmMrxh4t
rgUCjw/hWFYgHrhzT5lwkkW37U048paddE7RxVHWQpvMm+EMF57uPFToRqL1d3Hw
fle0Y0ChLXwh7vRvOMvQ7w3jptGnYuUWq5PXso1R97Hp3GmKz5oToBHOq2dKetBc
DeBfLFG2vRgpuoyu5OJjZIiKEVaSk2z5g5R0H1o/I8Q0aAfaY6hoPG8=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:47:02 2024 by rpki-client on console-ams.rpki-client.org