Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0B5614A01C73285DB4905FA4A8D90C8371ABB1B890100D2002FFA7EC5550D338/0/323830333a626532303a3a2f33322d3438203d3e203532343434.roa
File:                     323830333a626532303a3a2f33322d3438203d3e203532343434.roa (raw, json)
Hash identifier:          3f7wTxD3YR0//GRHKkey1iw2GORqZvjC3b+V8mkNskk=
Subject key identifier:   2E:09:79:88:D7:58:EC:1E:69:18:15:C5:7C:2C:72:25:6C:9F:8F:ED
Certificate issuer:       /CN=E4A23A363B591D0CF864B139D921FDB4D1A26A3A
Certificate serial:       377BA9D736DEFF757C9777845730F406F8AAF8DC
Authority key identifier: E4:A2:3A:36:3B:59:1D:0C:F8:64:B1:39:D9:21:FD:B4:D1:A2:6A:3A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E4A23A363B591D0CF864B139D921FDB4D1A26A3A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0B5614A01C73285DB4905FA4A8D90C8371ABB1B890100D2002FFA7EC5550D338/0/323830333a626532303a3a2f33322d3438203d3e203532343434.roa
Signing time:             Tue 04 Feb 2025 18:10:02 +0000
ROA not before:           Tue 04 Feb 2025 18:05:02 +0000
ROA not after:            Tue 03 Feb 2026 18:10:02 +0000
asID:                     52444
IP address blocks:        2803:be20::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0B5614A01C73285DB4905FA4A8D90C8371ABB1B890100D2002FFA7EC5550D338/0/E4A23A363B591D0CF864B139D921FDB4D1A26A3A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0B5614A01C73285DB4905FA4A8D90C8371ABB1B890100D2002FFA7EC5550D338/0/E4A23A363B591D0CF864B139D921FDB4D1A26A3A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E4A23A363B591D0CF864B139D921FDB4D1A26A3A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 11 Feb 2025 19:12:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:7b:a9:d7:36:de:ff:75:7c:97:77:84:57:30:f4:06:f8:aa:f8:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E4A23A363B591D0CF864B139D921FDB4D1A26A3A
        Validity
            Not Before: Feb  4 18:05:02 2025 GMT
            Not After : Feb  3 18:10:02 2026 GMT
        Subject: CN=2E097988D758EC1E691815C57C2C72256C9F8FED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:bc:ab:96:e7:91:0c:1f:f4:b7:f8:78:da:6e:
                    55:be:12:83:f7:b6:a9:39:56:03:21:ce:9c:fa:fb:
                    a3:91:e2:b8:27:fb:26:57:9c:22:3c:dc:f4:f8:a0:
                    dc:d9:22:76:22:4c:47:54:0d:42:1a:52:a5:5c:d1:
                    63:a4:4e:8a:4a:d2:cd:c9:a7:0f:75:38:85:9a:6a:
                    fc:95:e2:aa:01:fb:a1:01:ef:42:66:13:ab:10:d8:
                    55:c4:6f:0e:43:c6:20:3c:c9:11:cd:50:05:4e:12:
                    09:f2:68:88:38:89:fe:80:40:42:41:7a:81:b9:a2:
                    a2:bd:a3:91:87:bd:52:d4:71:43:45:53:a3:8b:9c:
                    78:94:ff:2e:45:3c:b1:1e:0e:ba:a7:b0:93:23:73:
                    a1:8a:33:12:0a:74:41:8c:bf:ae:3d:20:20:20:66:
                    70:6b:9e:1c:c3:5d:96:e5:9c:74:d8:c9:1f:ab:3c:
                    41:e7:63:8b:8b:0a:ea:d3:0e:fc:4d:f8:fb:e2:a5:
                    4c:dc:d4:2b:d0:8f:20:09:ca:18:10:0f:5a:8f:60:
                    4c:76:5f:77:26:01:61:db:b1:9e:d4:13:92:a6:f0:
                    42:e9:9c:84:6a:6c:d8:fc:05:db:29:a3:15:c7:df:
                    43:ce:16:b7:f2:68:e5:91:ff:f4:46:a3:78:72:4f:
                    77:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:09:79:88:D7:58:EC:1E:69:18:15:C5:7C:2C:72:25:6C:9F:8F:ED
            X509v3 Authority Key Identifier:
                keyid:E4:A2:3A:36:3B:59:1D:0C:F8:64:B1:39:D9:21:FD:B4:D1:A2:6A:3A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0B5614A01C73285DB4905FA4A8D90C8371ABB1B890100D2002FFA7EC5550D338/0/E4A23A363B591D0CF864B139D921FDB4D1A26A3A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E4A23A363B591D0CF864B139D921FDB4D1A26A3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0B5614A01C73285DB4905FA4A8D90C8371ABB1B890100D2002FFA7EC5550D338/0/323830333a626532303a3a2f33322d3438203d3e203532343434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:be20::/32

    Signature Algorithm: sha256WithRSAEncryption
         38:b1:75:ed:13:d1:af:50:ee:51:17:cd:5a:39:57:f7:e3:54:
         a0:c7:29:dc:88:d4:b2:aa:e9:b9:e8:83:ba:1f:3a:ea:53:0a:
         6f:8b:71:68:b9:1a:0d:1a:13:97:dc:20:9d:31:9c:40:7a:a0:
         2d:0a:81:1d:39:3d:a3:a9:7c:e1:0d:d7:4a:a9:75:53:df:ca:
         47:49:89:eb:e3:8d:cb:9e:c1:1a:79:a5:8b:8b:26:68:98:19:
         67:c7:87:9c:a3:f8:b1:76:04:cd:e5:94:78:53:21:2c:96:29:
         8a:61:e6:9e:a3:8b:73:81:b4:0e:34:1e:dc:7e:ac:90:d1:f5:
         ca:a2:fa:4f:c7:f5:fe:7e:99:d5:c5:be:d6:85:ad:b1:de:9f:
         06:3f:cd:2c:d9:2b:4d:b2:16:1c:fe:97:a1:43:00:fd:50:c0:
         a7:51:ac:59:b9:02:4c:c8:89:62:e0:02:cf:76:8b:b3:34:52:
         c3:53:31:8d:2c:23:a6:a8:b1:0b:50:89:a7:cb:eb:33:05:77:
         4b:c1:e8:e2:14:3d:16:43:6d:e3:82:dd:56:d7:60:ea:f1:5f:
         67:19:20:82:33:c8:89:85:36:71:87:b4:dd:c6:a2:18:40:23:
         b7:6d:63:5c:fa:fd:5b:bb:5a:d4:29:a7:64:8f:f8:93:71:a2:
         50:e3:2b:13
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUN3up1zbe/3V8l3eEVzD0Bviq+NwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTRBMjNBMzYzQjU5MUQwQ0Y4NjRCMTM5RDkyMUZEQjRE
MUEyNkEzQTAeFw0yNTAyMDQxODA1MDJaFw0yNjAyMDMxODEwMDJaMDMxMTAvBgNV
BAMTKDJFMDk3OTg4RDc1OEVDMUU2OTE4MTVDNTdDMkM3MjI1NkM5RjhGRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsvKuW55EMH/S3+HjablW+EoP3
tqk5VgMhzpz6+6OR4rgn+yZXnCI83PT4oNzZInYiTEdUDUIaUqVc0WOkTopK0s3J
pw91OIWaavyV4qoB+6EB70JmE6sQ2FXEbw5DxiA8yRHNUAVOEgnyaIg4if6AQEJB
eoG5oqK9o5GHvVLUcUNFU6OLnHiU/y5FPLEeDrqnsJMjc6GKMxIKdEGMv649ICAg
ZnBrnhzDXZblnHTYyR+rPEHnY4uLCurTDvxN+PvipUzc1CvQjyAJyhgQD1qPYEx2
X3cmAWHbsZ7UE5Km8ELpnIRqbNj8BdspoxXH30POFrfyaOWR//RGo3hyT3eRAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQULgl5iNdY7B5pGBXFfCxyJWyfj+0wHwYDVR0j
BBgwFoAU5KI6NjtZHQz4ZLE52SH9tNGiajowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wQjU2MTRBMDFDNzMyODVEQjQ5MDVGQTRBOEQ5MEM4Mzcx
QUJCMUI4OTAxMDBEMjAwMkZGQTdFQzU1NTBEMzM4LzAvRTRBMjNBMzYzQjU5MUQw
Q0Y4NjRCMTM5RDkyMUZEQjREMUEyNkEzQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FNEEyM0EzNjNCNTkxRDBDRjg2
NEIxMzlEOTIxRkRCNEQxQTI2QTNBLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEI1NjE0QTAxQzczMjg1REI0OTA1RkE0QThEOTBDODM3MUFCQjFCODkw
MTAwRDIwMDJGRkE3RUM1NTUwRDMzOC8wLzMyMzgzMDMzM2E2MjY1MzIzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzIzNDM0MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA74gMA0G
CSqGSIb3DQEBCwUAA4IBAQA4sXXtE9GvUO5RF81aOVf341SgxynciNSyqum56IO6
HzrqUwpvi3FouRoNGhOX3CCdMZxAeqAtCoEdOT2jqXzhDddKqXVT38pHSYnr443L
nsEaeaWLiyZomBlnx4eco/ixdgTN5ZR4UyEslimKYeaeo4tzgbQONB7cfqyQ0fXK
ovpPx/X+fpnVxb7Wha2x3p8GP80s2StNshYc/pehQwD9UMCnUaxZuQJMyIli4ALP
douzNFLDUzGNLCOmqLELUImny+szBXdLwejiFD0WQ23jgt1W12Dq8V9nGSCCM8iJ
hTZxh7TdxqIYQCO3bWNc+v1bu1rUKadkj/iTcaJQ4ysT
-----END CERTIFICATE-----
Generated at Sun Feb 9 14:06:14 2025 by rpki-client