Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/EEBFDF801BA68D848913A1C771C5BFF1FBA40FD5F37C4D2C32F2EE76419253DC/0/323830313a3138613a3a2f34342d3434203d3e203139343239.roa
File:                     323830313a3138613a3a2f34342d3434203d3e203139343239.roa (raw, json)
Hash identifier:          1/km4r110VX10WcchC5hVKzzwgAp5QthxkrEW9R7Tjw=
Subject key identifier:   64:82:DE:C2:F2:1B:18:2F:5B:60:2C:F2:79:46:D8:C0:1C:95:14:C7
Certificate issuer:       /CN=C0FA3FC1460DC3AE2B0D6B1B743FCB84AFAE13A5
Certificate serial:       3F1808E69F04CD270B02AEF543F5CBF2C17432A4
Authority key identifier: C0:FA:3F:C1:46:0D:C3:AE:2B:0D:6B:1B:74:3F:CB:84:AF:AE:13:A5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C0FA3FC1460DC3AE2B0D6B1B743FCB84AFAE13A5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/EEBFDF801BA68D848913A1C771C5BFF1FBA40FD5F37C4D2C32F2EE76419253DC/0/323830313a3138613a3a2f34342d3434203d3e203139343239.roa
Signing time:             Tue 05 Mar 2024 18:21:20 +0000
ROA not before:           Tue 05 Mar 2024 18:16:20 +0000
ROA not after:            Tue 04 Mar 2025 18:21:20 +0000
asID:                     19429
IP address blocks:        2801:18a::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/EEBFDF801BA68D848913A1C771C5BFF1FBA40FD5F37C4D2C32F2EE76419253DC/0/C0FA3FC1460DC3AE2B0D6B1B743FCB84AFAE13A5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/EEBFDF801BA68D848913A1C771C5BFF1FBA40FD5F37C4D2C32F2EE76419253DC/0/C0FA3FC1460DC3AE2B0D6B1B743FCB84AFAE13A5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C0FA3FC1460DC3AE2B0D6B1B743FCB84AFAE13A5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:18:08:e6:9f:04:cd:27:0b:02:ae:f5:43:f5:cb:f2:c1:74:32:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C0FA3FC1460DC3AE2B0D6B1B743FCB84AFAE13A5
        Validity
            Not Before: Mar  5 18:16:20 2024 GMT
            Not After : Mar  4 18:21:20 2025 GMT
        Subject: CN=6482DEC2F21B182F5B602CF27946D8C01C9514C7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:fb:88:4b:ba:d6:82:c8:30:55:2f:4e:26:52:
                    45:25:ac:98:c5:e5:c5:b5:a2:09:af:0c:c2:a2:2b:
                    09:40:5c:dc:e6:07:cf:db:15:b5:90:28:14:3f:e1:
                    a3:a6:8a:27:d9:9a:2e:68:d9:95:40:d0:fd:ce:d2:
                    6e:aa:b5:33:a7:9d:a1:da:94:e6:c1:db:b7:e5:3e:
                    f4:f6:b8:6f:4a:e7:cd:c4:04:57:62:d1:0f:d9:9d:
                    81:d0:eb:dc:9d:61:28:92:90:52:3c:4e:d4:a0:3e:
                    f7:da:db:1a:12:b4:97:98:c4:c3:1f:63:8d:f7:d9:
                    60:2d:0c:13:ab:f4:7d:e7:40:c8:dc:d6:39:4a:90:
                    49:6a:e4:f0:cd:93:a0:8a:5d:49:04:cc:0e:6b:cb:
                    c5:fe:52:21:8f:fd:ce:5f:76:da:9e:57:b0:a4:b9:
                    a3:54:23:69:0f:d6:39:21:49:89:cb:39:e7:a5:61:
                    4d:50:bf:e0:72:cb:2b:48:40:bc:4c:d9:5a:38:65:
                    16:8a:18:ad:23:58:7c:7d:0e:18:21:ab:52:7c:2a:
                    6a:30:72:cd:77:09:cc:3d:50:b6:70:19:64:a8:d1:
                    91:38:31:fa:44:45:0b:2b:80:00:c6:0b:d9:c2:f9:
                    38:37:6c:75:a7:c7:f7:51:04:72:d9:3b:16:25:24:
                    b1:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:82:DE:C2:F2:1B:18:2F:5B:60:2C:F2:79:46:D8:C0:1C:95:14:C7
            X509v3 Authority Key Identifier:
                keyid:C0:FA:3F:C1:46:0D:C3:AE:2B:0D:6B:1B:74:3F:CB:84:AF:AE:13:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/EEBFDF801BA68D848913A1C771C5BFF1FBA40FD5F37C4D2C32F2EE76419253DC/0/C0FA3FC1460DC3AE2B0D6B1B743FCB84AFAE13A5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C0FA3FC1460DC3AE2B0D6B1B743FCB84AFAE13A5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/EEBFDF801BA68D848913A1C771C5BFF1FBA40FD5F37C4D2C32F2EE76419253DC/0/323830313a3138613a3a2f34342d3434203d3e203139343239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:18a::/44

    Signature Algorithm: sha256WithRSAEncryption
         36:a1:77:cb:df:21:5e:99:91:23:e7:42:fd:0c:ae:a5:34:df:
         bf:ee:06:99:20:7b:2b:1b:da:81:6a:07:05:76:f4:ca:c0:aa:
         9e:a1:17:c8:3c:50:9f:c2:95:8b:c8:a1:ce:68:09:28:f3:e5:
         23:09:68:ea:5a:82:78:25:a0:5e:db:d0:9b:0a:1d:25:61:b9:
         ae:dd:ac:9a:99:99:b0:57:c7:11:54:61:c7:88:90:f3:d7:94:
         b3:cc:8d:2c:bd:d3:fa:6a:a6:c7:9d:83:e8:19:ba:03:62:e3:
         b6:e1:04:ec:6e:f1:c3:77:e2:89:b9:52:21:79:9f:b0:44:f1:
         0c:c8:50:58:14:b8:48:c4:eb:b7:d5:5d:eb:99:1d:cc:d6:19:
         42:fd:25:c7:c9:13:08:3e:05:06:67:a7:d0:0b:52:aa:c1:df:
         db:d4:ca:bd:0f:06:b0:54:9a:aa:14:a2:52:87:c3:62:6a:b7:
         cc:67:ae:a1:b1:fa:b5:f2:74:91:78:68:38:66:67:59:c4:7e:
         02:d3:9f:65:34:48:4f:23:48:b7:d2:3a:41:80:e6:05:66:ac:
         ab:f4:5f:05:c1:0a:2a:91:7f:2d:cb:a2:e8:82:cd:bd:17:70:
         1d:cc:7c:01:bf:f1:c4:da:04:ad:36:f7:ca:8d:bf:f1:84:74:
         ad:12:6c:b2
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUPxgI5p8EzScLAq71Q/XL8sF0MqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzBGQTNGQzE0NjBEQzNBRTJCMEQ2QjFCNzQzRkNCODRB
RkFFMTNBNTAeFw0yNDAzMDUxODE2MjBaFw0yNTAzMDQxODIxMjBaMDMxMTAvBgNV
BAMTKDY0ODJERUMyRjIxQjE4MkY1QjYwMkNGMjc5NDZEOEMwMUM5NTE0QzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq+4hLutaCyDBVL04mUkUlrJjF
5cW1ogmvDMKiKwlAXNzmB8/bFbWQKBQ/4aOmiifZmi5o2ZVA0P3O0m6qtTOnnaHa
lObB27flPvT2uG9K583EBFdi0Q/ZnYHQ69ydYSiSkFI8TtSgPvfa2xoStJeYxMMf
Y4332WAtDBOr9H3nQMjc1jlKkElq5PDNk6CKXUkEzA5ry8X+UiGP/c5fdtqeV7Ck
uaNUI2kP1jkhSYnLOeelYU1Qv+ByyytIQLxM2Vo4ZRaKGK0jWHx9Dhghq1J8Kmow
cs13Ccw9ULZwGWSo0ZE4MfpERQsrgADGC9nC+Tg3bHWnx/dRBHLZOxYlJLHjAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUZILewvIbGC9bYCzyeUbYwByVFMcwHwYDVR0j
BBgwFoAUwPo/wUYNw64rDWsbdD/LhK+uE6UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FRUJGREY4MDFCQTY4RDg0ODkxM0ExQzc3MUM1QkZGMUZC
QTQwRkQ1RjM3QzREMkMzMkYyRUU3NjQxOTI1M0RDLzAvQzBGQTNGQzE0NjBEQzNB
RTJCMEQ2QjFCNzQzRkNCODRBRkFFMTNBNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMEZBM0ZDMTQ2MERDM0FFMkIw
RDZCMUI3NDNGQ0I4NEFGQUUxM0E1LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRUVCRkRGODAxQkE2OEQ4NDg5MTNBMUM3NzFDNUJGRjFGQkE0MEZENUYz
N0M0RDJDMzJGMkVFNzY0MTkyNTNEQy8wLzMyMzgzMDMxM2EzMTM4NjEzYTNhMmYz
NDM0MmQzNDM0MjAzZDNlMjAzMTM5MzQzMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKAEBigAAMA0G
CSqGSIb3DQEBCwUAA4IBAQA2oXfL3yFemZEj50L9DK6lNN+/7gaZIHsrG9qBagcF
dvTKwKqeoRfIPFCfwpWLyKHOaAko8+UjCWjqWoJ4JaBe29CbCh0lYbmu3ayamZmw
V8cRVGHHiJDz15SzzI0svdP6aqbHnYPoGboDYuO24QTsbvHDd+KJuVIheZ+wRPEM
yFBYFLhIxOu31V3rmR3M1hlC/SXHyRMIPgUGZ6fQC1Kqwd/b1Mq9DwawVJqqFKJS
h8NiarfMZ66hsfq18nSReGg4ZmdZxH4C059lNEhPI0i30jpBgOYFZqyr9F8FwQoq
kX8ty6Logs29F3AdzHwBv/HE2gStNvfKjb/xhHStEmyy
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:52:23 2024 by rpki-client on console-ams.rpki-client.org