Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/933AB30FBE5CE44C1A024B5CDB5EE35ED49FE5128A3E8799E94DE435F359CCAB/0/323830333a666132303a3a2f33322d3438203d3e203532333237.roa
File:                     323830333a666132303a3a2f33322d3438203d3e203532333237.roa (raw, json)
Hash identifier:          MxdpmQKy1j8hve0Uu4py8FoypqK/46XIUXYWxBXeeFo=
Subject key identifier:   C2:82:B0:4E:20:21:3B:FE:F0:D1:92:DB:B5:A0:48:AA:35:F9:21:A3
Certificate issuer:       /CN=AF4EF7300DCD3572D25AD9FC9E1544193AD7F414
Certificate serial:       49CD8FB16285F241ACEA22120C808AEB13F9EC13
Authority key identifier: AF:4E:F7:30:0D:CD:35:72:D2:5A:D9:FC:9E:15:44:19:3A:D7:F4:14
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AF4EF7300DCD3572D25AD9FC9E1544193AD7F414.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/933AB30FBE5CE44C1A024B5CDB5EE35ED49FE5128A3E8799E94DE435F359CCAB/0/323830333a666132303a3a2f33322d3438203d3e203532333237.roa
Signing time:             Tue 05 Mar 2024 17:55:53 +0000
ROA not before:           Tue 05 Mar 2024 17:50:53 +0000
ROA not after:            Tue 04 Mar 2025 17:55:53 +0000
asID:                     52327
IP address blocks:        2803:fa20::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/933AB30FBE5CE44C1A024B5CDB5EE35ED49FE5128A3E8799E94DE435F359CCAB/0/AF4EF7300DCD3572D25AD9FC9E1544193AD7F414.crl
                          rsync://repository.lacnic.net/rpki/lacnic/933AB30FBE5CE44C1A024B5CDB5EE35ED49FE5128A3E8799E94DE435F359CCAB/0/AF4EF7300DCD3572D25AD9FC9E1544193AD7F414.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AF4EF7300DCD3572D25AD9FC9E1544193AD7F414.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 21 Jul 2024 04:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:cd:8f:b1:62:85:f2:41:ac:ea:22:12:0c:80:8a:eb:13:f9:ec:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AF4EF7300DCD3572D25AD9FC9E1544193AD7F414
        Validity
            Not Before: Mar  5 17:50:53 2024 GMT
            Not After : Mar  4 17:55:53 2025 GMT
        Subject: CN=C282B04E20213BFEF0D192DBB5A048AA35F921A3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:b0:f2:07:1a:27:09:fc:9a:df:de:17:35:79:
                    18:ed:37:0c:93:0f:79:4b:fc:df:74:d7:fe:22:9c:
                    12:73:31:c1:46:ce:2d:9b:09:b9:67:cb:a8:f6:e5:
                    a3:3c:4d:85:b0:10:61:26:82:4d:90:a0:1b:de:a8:
                    bf:0a:8e:6f:fe:e0:36:fe:f6:d4:27:8a:d5:05:c6:
                    5e:5f:dd:c7:b2:28:64:23:6f:ed:18:ad:ee:82:b6:
                    a4:17:61:12:f9:61:b7:f8:8c:dd:8c:d1:bf:d2:ef:
                    8c:84:be:8b:35:65:23:a3:f3:25:d1:77:79:0b:5b:
                    33:e8:80:00:d8:c3:76:97:b1:8d:9e:93:50:b8:26:
                    c9:e2:4d:17:27:7c:0a:7d:af:27:ec:92:0a:c7:a9:
                    7f:44:07:fd:b3:3c:b8:42:1b:79:60:25:b0:e0:aa:
                    79:3f:3a:e6:cc:2a:e5:18:8f:3b:2f:dd:20:fc:5b:
                    56:8b:fc:5c:4e:ad:bd:f9:d9:b5:9a:4e:e4:e8:ba:
                    e8:78:c2:3d:4d:3f:00:83:3c:95:15:52:6f:be:ad:
                    26:c8:7d:f3:a3:50:a6:26:e2:d2:e5:b5:81:34:68:
                    ad:54:c2:4c:fb:a5:72:ae:64:40:13:65:05:1c:48:
                    63:4d:c1:af:07:46:cb:45:90:ee:3b:07:a2:86:72:
                    b8:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:82:B0:4E:20:21:3B:FE:F0:D1:92:DB:B5:A0:48:AA:35:F9:21:A3
            X509v3 Authority Key Identifier:
                keyid:AF:4E:F7:30:0D:CD:35:72:D2:5A:D9:FC:9E:15:44:19:3A:D7:F4:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/933AB30FBE5CE44C1A024B5CDB5EE35ED49FE5128A3E8799E94DE435F359CCAB/0/AF4EF7300DCD3572D25AD9FC9E1544193AD7F414.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AF4EF7300DCD3572D25AD9FC9E1544193AD7F414.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/933AB30FBE5CE44C1A024B5CDB5EE35ED49FE5128A3E8799E94DE435F359CCAB/0/323830333a666132303a3a2f33322d3438203d3e203532333237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:fa20::/32

    Signature Algorithm: sha256WithRSAEncryption
         6a:7d:ec:28:0f:95:57:4c:dd:cd:6a:7e:43:fc:34:2f:01:a0:
         94:95:eb:84:f2:b3:2a:58:76:6b:c7:d4:28:d2:1c:d1:be:54:
         c5:e2:da:5c:65:9d:27:dc:35:ba:3c:e0:82:82:af:86:fc:42:
         ec:8d:d0:43:fd:66:0b:62:20:f4:a8:5c:5e:57:f9:48:d2:9e:
         2b:29:b3:aa:d4:a3:01:07:b7:e5:4b:87:95:10:74:b1:dc:84:
         b7:fe:12:02:d2:1f:2e:01:ae:19:0b:b7:07:67:6b:fe:48:73:
         6b:8c:e0:f2:ca:02:e1:bb:38:01:e2:6c:4d:05:92:2d:79:ee:
         66:78:4e:d7:d0:73:a2:d1:a0:27:47:04:67:0a:f8:19:fe:ad:
         26:ca:49:00:bb:84:5d:ff:8c:50:61:36:5f:bb:67:f3:13:1d:
         29:2b:7d:57:31:cb:25:82:de:87:58:f3:51:4d:ed:88:d8:db:
         75:a0:a0:4f:bb:4c:0c:77:02:72:fc:cf:56:5a:d0:cd:5b:01:
         4f:98:54:4e:c6:f7:12:10:d8:58:ef:14:64:81:9e:c9:ff:09:
         8c:9f:f4:04:06:03:93:66:cc:b5:48:a8:c2:58:bf:5c:16:ac:
         74:f2:cc:cb:5c:48:94:6f:fe:73:a7:79:35:a3:55:b4:43:bc:
         d8:94:0f:3c
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUSc2PsWKF8kGs6iISDICK6xP57BMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUY0RUY3MzAwRENEMzU3MkQyNUFEOUZDOUUxNTQ0MTkz
QUQ3RjQxNDAeFw0yNDAzMDUxNzUwNTNaFw0yNTAzMDQxNzU1NTNaMDMxMTAvBgNV
BAMTKEMyODJCMDRFMjAyMTNCRkVGMEQxOTJEQkI1QTA0OEFBMzVGOTIxQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTsPIHGicJ/Jrf3hc1eRjtNwyT
D3lL/N901/4inBJzMcFGzi2bCblny6j25aM8TYWwEGEmgk2QoBveqL8Kjm/+4Db+
9tQnitUFxl5f3ceyKGQjb+0Yre6CtqQXYRL5Ybf4jN2M0b/S74yEvos1ZSOj8yXR
d3kLWzPogADYw3aXsY2ek1C4JsniTRcnfAp9ryfskgrHqX9EB/2zPLhCG3lgJbDg
qnk/OubMKuUYjzsv3SD8W1aL/FxOrb352bWaTuTouuh4wj1NPwCDPJUVUm++rSbI
ffOjUKYm4tLltYE0aK1Uwkz7pXKuZEATZQUcSGNNwa8HRstFkO47B6KGcrg/AgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUwoKwTiAhO/7w0ZLbtaBIqjX5IaMwHwYDVR0j
BBgwFoAUr073MA3NNXLSWtn8nhVEGTrX9BQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85MzNBQjMwRkJFNUNFNDRDMUEwMjRCNUNEQjVFRTM1RUQ0
OUZFNTEyOEEzRTg3OTlFOTRERTQzNUYzNTlDQ0FCLzAvQUY0RUY3MzAwRENEMzU3
MkQyNUFEOUZDOUUxNTQ0MTkzQUQ3RjQxNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BRjRFRjczMDBEQ0QzNTcyRDI1
QUQ5RkM5RTE1NDQxOTNBRDdGNDE0LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTMzQUIzMEZCRTVDRTQ0QzFBMDI0QjVDREI1RUUzNUVENDlGRTUxMjhB
M0U4Nzk5RTk0REU0MzVGMzU5Q0NBQi8wLzMyMzgzMDMzM2E2NjYxMzIzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzIzMzMyMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA/ogMA0G
CSqGSIb3DQEBCwUAA4IBAQBqfewoD5VXTN3Nan5D/DQvAaCUleuE8rMqWHZrx9Qo
0hzRvlTF4tpcZZ0n3DW6POCCgq+G/ELsjdBD/WYLYiD0qFxeV/lI0p4rKbOq1KMB
B7flS4eVEHSx3IS3/hIC0h8uAa4ZC7cHZ2v+SHNrjODyygLhuzgB4mxNBZItee5m
eE7X0HOi0aAnRwRnCvgZ/q0mykkAu4Rd/4xQYTZfu2fzEx0pK31XMcslgt6HWPNR
Te2I2Nt1oKBPu0wMdwJy/M9WWtDNWwFPmFROxvcSENhY7xRkgZ7J/wmMn/QEBgOT
Zsy1SKjCWL9cFqx08szLXEiUb/5zp3k1o1W0Q7zYlA88
-----END CERTIFICATE-----
Generated at Wed Jul 17 05:56:59 2024 by rpki-client on console-fra.rpki-client.org