Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/460D27E9FC973E897B3D223FACFD951C198498BEE67D61D926787E35FB9B9B25/0/323830333a343432303a3a2f33322d3438203d3e203532333237.roa
File:                     323830333a343432303a3a2f33322d3438203d3e203532333237.roa (raw, json)
Hash identifier:          ES/CGB/GTXJtonRboI+cbhADhbcao6QmKDoe5q74MZ4=
Subject key identifier:   A5:98:F7:06:BA:7D:75:FD:13:DA:95:AA:19:44:DD:B8:C8:00:0E:53
Certificate issuer:       /CN=49D8CCEA8049862215045F45EF0D87C4CB0A6F15
Certificate serial:       77C13D04FF5EFC3462D8464F12DF7B92501E1550
Authority key identifier: 49:D8:CC:EA:80:49:86:22:15:04:5F:45:EF:0D:87:C4:CB:0A:6F:15
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/49D8CCEA8049862215045F45EF0D87C4CB0A6F15.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/460D27E9FC973E897B3D223FACFD951C198498BEE67D61D926787E35FB9B9B25/0/323830333a343432303a3a2f33322d3438203d3e203532333237.roa
Signing time:             Wed 06 Mar 2024 18:45:00 +0000
ROA not before:           Wed 06 Mar 2024 18:40:00 +0000
ROA not after:            Wed 05 Mar 2025 18:45:00 +0000
asID:                     52327
IP address blocks:        2803:4420::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/460D27E9FC973E897B3D223FACFD951C198498BEE67D61D926787E35FB9B9B25/0/49D8CCEA8049862215045F45EF0D87C4CB0A6F15.crl
                          rsync://repository.lacnic.net/rpki/lacnic/460D27E9FC973E897B3D223FACFD951C198498BEE67D61D926787E35FB9B9B25/0/49D8CCEA8049862215045F45EF0D87C4CB0A6F15.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/49D8CCEA8049862215045F45EF0D87C4CB0A6F15.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 21 Jul 2024 04:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:c1:3d:04:ff:5e:fc:34:62:d8:46:4f:12:df:7b:92:50:1e:15:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49D8CCEA8049862215045F45EF0D87C4CB0A6F15
        Validity
            Not Before: Mar  6 18:40:00 2024 GMT
            Not After : Mar  5 18:45:00 2025 GMT
        Subject: CN=A598F706BA7D75FD13DA95AA1944DDB8C8000E53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:50:90:09:95:7c:86:97:7d:f1:a3:34:88:80:
                    0f:4a:5c:ca:fa:42:4e:2e:9d:4d:e0:c4:3e:fc:48:
                    b6:bc:fd:9a:ba:3c:a0:db:d2:24:ff:80:6e:19:6e:
                    5b:f0:6f:2c:ae:26:27:ff:62:0c:34:b1:a6:a0:db:
                    d0:6a:a7:c7:dd:dd:1c:e4:41:cc:33:a6:a2:0d:a0:
                    ac:33:b3:8c:c7:50:af:25:0c:1a:b0:61:a0:86:8d:
                    ff:6c:7a:b4:ed:2d:fc:29:ac:b5:47:57:9e:dc:8a:
                    c4:b8:84:6f:0f:7c:53:fd:bd:70:76:bb:11:3f:1c:
                    7b:d6:2c:9c:c8:dc:35:4c:2e:ca:b9:0d:a5:3b:6a:
                    80:24:a2:25:e4:68:51:91:71:68:bc:b5:7a:6d:22:
                    f0:30:cf:5d:d3:f6:04:75:7b:00:52:2d:5d:2b:ab:
                    14:d3:ae:32:f0:2e:37:55:1d:cf:8c:cd:b2:a3:16:
                    3d:e5:d2:2d:c5:34:e9:67:7b:0d:68:76:00:6f:cf:
                    9d:dc:9e:34:af:2b:ab:35:b9:bf:2e:71:9f:37:19:
                    22:bd:c0:56:e4:80:40:54:c9:1e:70:53:47:b5:09:
                    3f:60:3f:f1:ca:36:71:6f:2c:21:a3:f7:33:89:68:
                    b6:db:44:c0:38:c2:f5:34:ca:a0:c5:68:37:db:b8:
                    de:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:98:F7:06:BA:7D:75:FD:13:DA:95:AA:19:44:DD:B8:C8:00:0E:53
            X509v3 Authority Key Identifier:
                keyid:49:D8:CC:EA:80:49:86:22:15:04:5F:45:EF:0D:87:C4:CB:0A:6F:15

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/460D27E9FC973E897B3D223FACFD951C198498BEE67D61D926787E35FB9B9B25/0/49D8CCEA8049862215045F45EF0D87C4CB0A6F15.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/49D8CCEA8049862215045F45EF0D87C4CB0A6F15.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/460D27E9FC973E897B3D223FACFD951C198498BEE67D61D926787E35FB9B9B25/0/323830333a343432303a3a2f33322d3438203d3e203532333237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:4420::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:a6:cc:81:31:80:6d:2e:1a:54:59:60:c3:b5:8f:5c:5f:ab:
         e1:d5:fb:2a:03:07:8b:73:78:5d:f9:30:8f:38:6a:d3:18:a0:
         d4:1f:ec:43:5c:56:e9:ea:bc:c3:c0:2d:b7:72:cc:9b:4c:53:
         b4:a4:a5:ad:0f:7d:82:52:49:d6:73:e8:c9:57:04:72:d4:ed:
         79:45:de:88:60:83:9c:6e:bf:17:6b:42:86:b7:af:f4:c8:78:
         e4:4f:e6:71:87:9f:10:fd:66:0e:0c:a0:6d:6b:50:89:c1:04:
         cc:15:fe:47:f2:31:e5:56:b8:88:8d:39:d6:c6:42:92:f0:b9:
         ab:28:48:c9:a0:81:59:8f:c2:a2:d3:c9:49:7d:9a:cd:df:ce:
         5f:60:56:e7:84:ce:a6:cb:4d:24:99:91:1f:62:c7:86:59:d1:
         ea:ff:7b:d0:d1:02:a8:67:ce:db:6e:7d:2f:14:0f:0a:d4:13:
         eb:1d:5d:a6:51:64:a1:55:2e:49:3c:60:54:64:4e:f5:19:51:
         ad:20:19:32:67:eb:9b:23:9f:0a:f5:e7:d4:9c:b1:39:56:2b:
         76:e6:fa:a5:e9:7f:72:6a:2f:3b:cf:8f:84:ba:8b:f0:d2:5f:
         e7:b1:6a:38:c0:8d:7b:24:54:25:e4:7c:4d:f0:2d:63:7f:ab:
         75:03:04:37
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUd8E9BP9e/DRi2EZPEt97klAeFVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDlEOENDRUE4MDQ5ODYyMjE1MDQ1RjQ1RUYwRDg3QzRD
QjBBNkYxNTAeFw0yNDAzMDYxODQwMDBaFw0yNTAzMDUxODQ1MDBaMDMxMTAvBgNV
BAMTKEE1OThGNzA2QkE3RDc1RkQxM0RBOTVBQTE5NDREREI4QzgwMDBFNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBUJAJlXyGl33xozSIgA9KXMr6
Qk4unU3gxD78SLa8/Zq6PKDb0iT/gG4ZblvwbyyuJif/Ygw0saag29Bqp8fd3Rzk
QcwzpqINoKwzs4zHUK8lDBqwYaCGjf9serTtLfwprLVHV57cisS4hG8PfFP9vXB2
uxE/HHvWLJzI3DVMLsq5DaU7aoAkoiXkaFGRcWi8tXptIvAwz13T9gR1ewBSLV0r
qxTTrjLwLjdVHc+MzbKjFj3l0i3FNOlnew1odgBvz53cnjSvK6s1ub8ucZ83GSK9
wFbkgEBUyR5wU0e1CT9gP/HKNnFvLCGj9zOJaLbbRMA4wvU0yqDFaDfbuN4PAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUpZj3Brp9df0T2pWqGUTduMgADlMwHwYDVR0j
BBgwFoAUSdjM6oBJhiIVBF9F7w2HxMsKbxUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NjBEMjdFOUZDOTczRTg5N0IzRDIyM0ZBQ0ZEOTUxQzE5
ODQ5OEJFRTY3RDYxRDkyNjc4N0UzNUZCOUI5QjI1LzAvNDlEOENDRUE4MDQ5ODYy
MjE1MDQ1RjQ1RUYwRDg3QzRDQjBBNkYxNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80OUQ4Q0NFQTgwNDk4NjIyMTUw
NDVGNDVFRjBEODdDNENCMEE2RjE1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDYwRDI3RTlGQzk3M0U4OTdCM0QyMjNGQUNGRDk1MUMxOTg0OThCRUU2
N0Q2MUQ5MjY3ODdFMzVGQjlCOUIyNS8wLzMyMzgzMDMzM2EzNDM0MzIzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzIzMzMyMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA0QgMA0G
CSqGSIb3DQEBCwUAA4IBAQCMpsyBMYBtLhpUWWDDtY9cX6vh1fsqAweLc3hd+TCP
OGrTGKDUH+xDXFbp6rzDwC23csybTFO0pKWtD32CUknWc+jJVwRy1O15Rd6IYIOc
br8Xa0KGt6/0yHjkT+Zxh58Q/WYODKBta1CJwQTMFf5H8jHlVriIjTnWxkKS8Lmr
KEjJoIFZj8Ki08lJfZrN385fYFbnhM6my00kmZEfYseGWdHq/3vQ0QKoZ87bbn0v
FA8K1BPrHV2mUWShVS5JPGBUZE71GVGtIBkyZ+ubI58K9efUnLE5Vit25vql6X9y
ai87z4+Euovw0l/nsWo4wI17JFQl5HxN8C1jf6t1AwQ3
-----END CERTIFICATE-----
Generated at Wed Jul 17 18:13:09 2024 by rpki-client on console-fra.rpki-client.org