Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F27AC91C474B388C0CCACF20057081094094BA4652C9759598575AD02D8AC576/0/323830313a31613a633030303a3a2f34382d3438203d3e203134303830.roa
File:                     323830313a31613a633030303a3a2f34382d3438203d3e203134303830.roa (raw, json)
Hash identifier:          25EhZbft0M5v/zdwIFwqL8J/gvWOEXYfEAtMI5xqFeM=
Subject key identifier:   DF:2B:59:62:73:94:55:26:4F:D5:FE:87:0D:39:98:05:1B:C0:EE:51
Certificate issuer:       /CN=2D7C9588134926F30E67EDE409C53B875B5CF047
Certificate serial:       3A225D6A6414BBC919BFBAC89799E225D5420EA6
Authority key identifier: 2D:7C:95:88:13:49:26:F3:0E:67:ED:E4:09:C5:3B:87:5B:5C:F0:47
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2D7C9588134926F30E67EDE409C53B875B5CF047.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F27AC91C474B388C0CCACF20057081094094BA4652C9759598575AD02D8AC576/0/323830313a31613a633030303a3a2f34382d3438203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 18:18:58 +0000
ROA not before:           Tue 05 Mar 2024 18:13:58 +0000
ROA not after:            Tue 04 Mar 2025 18:18:58 +0000
asID:                     14080
IP address blocks:        2801:1a:c000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/F27AC91C474B388C0CCACF20057081094094BA4652C9759598575AD02D8AC576/0/2D7C9588134926F30E67EDE409C53B875B5CF047.crl
                          rsync://repository.lacnic.net/rpki/lacnic/F27AC91C474B388C0CCACF20057081094094BA4652C9759598575AD02D8AC576/0/2D7C9588134926F30E67EDE409C53B875B5CF047.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2D7C9588134926F30E67EDE409C53B875B5CF047.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 10:27:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:22:5d:6a:64:14:bb:c9:19:bf:ba:c8:97:99:e2:25:d5:42:0e:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2D7C9588134926F30E67EDE409C53B875B5CF047
        Validity
            Not Before: Mar  5 18:13:58 2024 GMT
            Not After : Mar  4 18:18:58 2025 GMT
        Subject: CN=DF2B5962739455264FD5FE870D3998051BC0EE51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:5b:58:95:d4:02:44:aa:93:ac:f5:48:e3:89:
                    90:ed:1e:6a:23:e7:22:bb:8f:86:be:47:fc:bc:24:
                    14:11:36:1a:99:86:50:3b:89:61:e1:de:ba:7a:f3:
                    5b:07:98:75:bb:77:03:e6:d1:df:49:be:6a:bc:33:
                    df:0b:4f:79:63:aa:96:1d:85:64:59:7e:23:b3:dd:
                    f4:59:1e:59:48:72:75:43:b5:24:76:76:f3:ae:bc:
                    83:4b:85:c7:0c:d5:51:3b:f8:8a:81:26:1a:f0:66:
                    f7:5f:3c:ac:f4:32:38:02:71:3e:5a:e5:4e:52:c6:
                    f8:32:a6:99:28:6f:dc:71:db:61:dd:4d:2b:8e:c5:
                    4e:d6:3a:f8:56:66:21:72:f6:ea:79:f8:ce:38:74:
                    8c:96:1f:02:26:86:c9:25:87:73:ae:5f:3a:df:7a:
                    8a:39:2e:68:de:19:58:25:c3:46:45:7f:8c:d3:eb:
                    15:3b:64:a5:1b:17:f7:b4:2a:ec:d7:7e:a1:5f:41:
                    b8:bc:32:30:87:38:98:5e:87:ec:56:93:0a:12:fe:
                    bf:98:bb:d8:63:56:9b:21:f0:39:f8:2e:dd:5c:4c:
                    3c:52:d6:93:7d:a5:fb:d6:62:9a:49:e6:2e:01:0e:
                    04:0a:23:0b:fa:a9:e8:96:ec:4f:fd:a9:db:96:2c:
                    5c:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:2B:59:62:73:94:55:26:4F:D5:FE:87:0D:39:98:05:1B:C0:EE:51
            X509v3 Authority Key Identifier:
                keyid:2D:7C:95:88:13:49:26:F3:0E:67:ED:E4:09:C5:3B:87:5B:5C:F0:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F27AC91C474B388C0CCACF20057081094094BA4652C9759598575AD02D8AC576/0/2D7C9588134926F30E67EDE409C53B875B5CF047.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2D7C9588134926F30E67EDE409C53B875B5CF047.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F27AC91C474B388C0CCACF20057081094094BA4652C9759598575AD02D8AC576/0/323830313a31613a633030303a3a2f34382d3438203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1a:c000::/48

    Signature Algorithm: sha256WithRSAEncryption
         4f:07:04:66:5c:0e:f5:ea:2a:af:b4:af:db:27:15:f8:a8:ef:
         b9:89:60:97:2f:50:e9:73:37:13:60:4d:51:00:cd:e7:94:c1:
         5d:89:1c:99:fe:7c:05:fb:39:b4:50:64:63:42:f8:56:8f:2d:
         8d:0e:d3:77:cc:95:51:bc:f7:0b:42:24:c5:6c:cf:10:82:f0:
         ac:7a:64:28:0f:93:0c:fd:48:bc:59:d1:19:c9:0e:45:03:e8:
         db:fd:ef:dc:07:4c:f8:92:59:7c:2c:80:36:aa:45:29:87:77:
         a4:9b:79:0f:13:91:bc:2c:d7:74:35:ed:ed:67:24:81:0b:82:
         df:01:99:4c:46:62:b3:1d:43:5d:b7:c9:92:c6:90:7f:a3:f7:
         ad:50:21:96:db:9f:3a:39:ff:c9:6f:c0:ca:c7:c2:04:11:4a:
         33:6f:0b:bd:fd:69:80:27:6e:00:f9:44:38:36:f0:b5:54:bf:
         d8:fb:34:a9:b4:3e:06:bf:da:3b:91:52:1c:b4:0c:06:22:ac:
         b1:82:e1:19:94:21:98:4f:49:e2:7b:ee:9e:02:0d:2a:a7:94:
         a3:d9:79:0b:1d:1d:29:45:de:38:1d:31:ea:f4:a2:3f:73:5e:
         5b:08:7e:9f:59:26:4e:ba:fb:83:13:da:ac:af:c3:f0:82:f8:
         ce:fd:02:a2
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUOiJdamQUu8kZv7rIl5niJdVCDqYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkQ3Qzk1ODgxMzQ5MjZGMzBFNjdFREU0MDlDNTNCODc1
QjVDRjA0NzAeFw0yNDAzMDUxODEzNThaFw0yNTAzMDQxODE4NThaMDMxMTAvBgNV
BAMTKERGMkI1OTYyNzM5NDU1MjY0RkQ1RkU4NzBEMzk5ODA1MUJDMEVFNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSW1iV1AJEqpOs9UjjiZDtHmoj
5yK7j4a+R/y8JBQRNhqZhlA7iWHh3rp681sHmHW7dwPm0d9Jvmq8M98LT3ljqpYd
hWRZfiOz3fRZHllIcnVDtSR2dvOuvINLhccM1VE7+IqBJhrwZvdfPKz0MjgCcT5a
5U5Sxvgyppkob9xx22HdTSuOxU7WOvhWZiFy9up5+M44dIyWHwImhsklh3OuXzrf
eoo5LmjeGVglw0ZFf4zT6xU7ZKUbF/e0KuzXfqFfQbi8MjCHOJheh+xWkwoS/r+Y
u9hjVpsh8Dn4Lt1cTDxS1pN9pfvWYppJ5i4BDgQKIwv6qeiW7E/9qduWLFyFAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQU3ytZYnOUVSZP1f6HDTmYBRvA7lEwHwYDVR0j
BBgwFoAULXyViBNJJvMOZ+3kCcU7h1tc8EcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMjdBQzkxQzQ3NEIzODhDMENDQUNGMjAwNTcwODEwOTQw
OTRCQTQ2NTJDOTc1OTU5ODU3NUFEMDJEOEFDNTc2LzAvMkQ3Qzk1ODgxMzQ5MjZG
MzBFNjdFREU0MDlDNTNCODc1QjVDRjA0Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yRDdDOTU4ODEzNDkyNkYzMEU2
N0VERTQwOUM1M0I4NzVCNUNGMDQ3LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjI3QUM5MUM0NzRCMzg4QzBDQ0FDRjIwMDU3MDgxMDk0MDk0QkE0NjUy
Qzk3NTk1OTg1NzVBRDAyRDhBQzU3Ni8wLzMyMzgzMDMxM2EzMTYxM2E2MzMwMzAz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzMDM4MzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AQAawAAwDQYJKoZIhvcNAQELBQADggEBAE8HBGZcDvXqKq+0r9snFfio77mJYJcv
UOlzNxNgTVEAzeeUwV2JHJn+fAX7ObRQZGNC+FaPLY0O03fMlVG89wtCJMVszxCC
8Kx6ZCgPkwz9SLxZ0RnJDkUD6Nv979wHTPiSWXwsgDaqRSmHd6SbeQ8Tkbws13Q1
7e1nJIELgt8BmUxGYrMdQ123yZLGkH+j961QIZbbnzo5/8lvwMrHwgQRSjNvC739
aYAnbgD5RDg28LVUv9j7NKm0Pga/2juRUhy0DAYirLGC4RmUIZhPSeJ77p4CDSqn
lKPZeQsdHSlF3jgdMer0oj9zXlsIfp9ZJk66+4MT2qyvw/CC+M79AqI=
-----END CERTIFICATE-----
Generated at Sat Jun 22 18:39:17 2024 by rpki-client on console-fra.rpki-client.org