Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DAF2CD54D9F02C644333775CEC5E33041C81E7A6C0863FA98B1CB6ABD85633F5/0/323830333a653261303a3a2f33322d3438203d3e203532333939.roa
File:                     323830333a653261303a3a2f33322d3438203d3e203532333939.roa (raw, json)
Hash identifier:          96/1cC59pFsT1OBV562pX5EWU+w2PBpSYynTCnBDLAw=
Subject key identifier:   18:28:6C:03:48:44:E9:49:63:A2:65:CB:D9:8B:8F:67:65:BA:2D:5A
Certificate issuer:       /CN=31F68B49343FE18C99A4C312FCEA2C54B701CE74
Certificate serial:       1E9DF83C8330BC64325F366D67C73889AC478DAF
Authority key identifier: 31:F6:8B:49:34:3F:E1:8C:99:A4:C3:12:FC:EA:2C:54:B7:01:CE:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/31F68B49343FE18C99A4C312FCEA2C54B701CE74.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DAF2CD54D9F02C644333775CEC5E33041C81E7A6C0863FA98B1CB6ABD85633F5/0/323830333a653261303a3a2f33322d3438203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:54:44 +0000
ROA not before:           Tue 04 Feb 2025 18:49:44 +0000
ROA not after:            Tue 03 Feb 2026 18:54:44 +0000
asID:                     52399
IP address blocks:        2803:e2a0::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DAF2CD54D9F02C644333775CEC5E33041C81E7A6C0863FA98B1CB6ABD85633F5/0/31F68B49343FE18C99A4C312FCEA2C54B701CE74.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DAF2CD54D9F02C644333775CEC5E33041C81E7A6C0863FA98B1CB6ABD85633F5/0/31F68B49343FE18C99A4C312FCEA2C54B701CE74.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/31F68B49343FE18C99A4C312FCEA2C54B701CE74.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 11 Feb 2025 21:48:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:9d:f8:3c:83:30:bc:64:32:5f:36:6d:67:c7:38:89:ac:47:8d:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31F68B49343FE18C99A4C312FCEA2C54B701CE74
        Validity
            Not Before: Feb  4 18:49:44 2025 GMT
            Not After : Feb  3 18:54:44 2026 GMT
        Subject: CN=18286C034844E94963A265CBD98B8F6765BA2D5A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:42:44:b4:85:68:bc:c5:e4:d6:f7:12:ff:72:
                    4d:60:62:bd:a9:b9:39:18:32:15:c4:e5:ce:a0:44:
                    e5:62:99:b1:39:2e:10:b7:03:85:e9:b6:a8:30:61:
                    e3:7d:83:3e:5f:92:63:b4:a3:b8:09:7d:14:97:63:
                    57:d4:89:62:35:88:62:19:b3:28:01:88:34:43:8e:
                    a9:8c:bc:7c:62:71:1c:90:24:ad:2f:49:05:34:33:
                    46:b9:69:b0:dd:bc:f8:6b:36:35:ef:b3:83:68:e4:
                    27:ad:b2:18:83:5d:d9:5b:19:37:09:ee:ed:bb:17:
                    9b:25:90:1f:63:84:31:f3:93:9f:41:74:3d:2e:4d:
                    b9:19:4b:e2:1b:7c:e9:58:cd:4a:e4:b4:a0:b0:cb:
                    3c:8d:f0:1f:10:33:df:b5:ff:15:30:6f:98:c9:30:
                    5b:0b:e6:57:3e:d3:14:08:90:0e:18:fb:f2:c5:47:
                    a4:ec:82:48:b2:56:6a:47:27:ec:d5:48:cf:ac:44:
                    32:b2:e6:38:22:41:4a:21:60:9a:ae:aa:df:be:70:
                    b3:df:1c:c5:91:db:b5:76:fe:c6:b8:e5:74:72:5c:
                    4e:bb:10:25:c2:76:1e:ad:3b:56:0e:86:eb:cb:b4:
                    00:dd:01:f6:48:35:e9:04:37:f3:1c:3e:b0:d1:88:
                    79:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:28:6C:03:48:44:E9:49:63:A2:65:CB:D9:8B:8F:67:65:BA:2D:5A
            X509v3 Authority Key Identifier:
                keyid:31:F6:8B:49:34:3F:E1:8C:99:A4:C3:12:FC:EA:2C:54:B7:01:CE:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DAF2CD54D9F02C644333775CEC5E33041C81E7A6C0863FA98B1CB6ABD85633F5/0/31F68B49343FE18C99A4C312FCEA2C54B701CE74.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/31F68B49343FE18C99A4C312FCEA2C54B701CE74.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DAF2CD54D9F02C644333775CEC5E33041C81E7A6C0863FA98B1CB6ABD85633F5/0/323830333a653261303a3a2f33322d3438203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:e2a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         be:19:d7:31:b3:06:9b:33:b3:0b:31:fa:c1:d0:d1:8b:09:70:
         3d:e7:e2:86:06:25:c2:c3:48:db:c3:b9:aa:cd:cb:b4:ce:7c:
         f0:c4:81:1b:19:25:0b:aa:09:1d:02:d4:27:a3:8e:22:f4:2f:
         82:f8:2e:ae:68:b5:70:b1:a7:50:ae:01:5e:01:05:1c:11:25:
         fe:ab:cd:c0:0e:8b:d6:cb:3e:12:c8:0e:e3:0a:da:c9:43:08:
         7d:a7:dd:9b:fd:f2:69:bf:3a:31:69:50:e3:01:e5:6c:17:7d:
         95:fd:31:42:6b:17:a2:16:04:38:63:dc:88:5c:a4:82:ab:df:
         c5:ed:5a:65:24:b8:9d:9c:73:a0:6f:93:f8:ff:2a:6e:af:81:
         bb:93:a5:7a:f3:17:31:1c:16:29:95:04:f0:d4:dc:b6:83:e0:
         5b:bb:1b:d2:5d:f1:95:99:71:e2:e0:02:cd:7c:81:f2:9b:e9:
         8c:50:f5:4a:8b:60:23:f9:54:56:42:1d:41:1b:10:fb:da:9a:
         28:53:0e:82:25:f1:4c:23:80:d7:bb:67:ca:cc:85:d1:ec:10:
         f6:84:3c:a1:cd:6e:ef:70:ba:78:ed:c6:f1:53:c3:d6:09:ea:
         77:e2:2e:77:37:7d:bc:f8:08:41:2e:74:4d:80:73:4a:26:7f:
         b0:59:9f:5a
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUHp34PIMwvGQyXzZtZ8c4iaxHja8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzFGNjhCNDkzNDNGRTE4Qzk5QTRDMzEyRkNFQTJDNTRC
NzAxQ0U3NDAeFw0yNTAyMDQxODQ5NDRaFw0yNjAyMDMxODU0NDRaMDMxMTAvBgNV
BAMTKDE4Mjg2QzAzNDg0NEU5NDk2M0EyNjVDQkQ5OEI4RjY3NjVCQTJENUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBQkS0hWi8xeTW9xL/ck1gYr2p
uTkYMhXE5c6gROVimbE5LhC3A4XptqgwYeN9gz5fkmO0o7gJfRSXY1fUiWI1iGIZ
sygBiDRDjqmMvHxicRyQJK0vSQU0M0a5abDdvPhrNjXvs4No5CetshiDXdlbGTcJ
7u27F5slkB9jhDHzk59BdD0uTbkZS+IbfOlYzUrktKCwyzyN8B8QM9+1/xUwb5jJ
MFsL5lc+0xQIkA4Y+/LFR6TsgkiyVmpHJ+zVSM+sRDKy5jgiQUohYJquqt++cLPf
HMWR27V2/sa45XRyXE67ECXCdh6tO1YOhuvLtADdAfZINekEN/McPrDRiHkpAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUGChsA0hE6UljomXL2YuPZ2W6LVowHwYDVR0j
BBgwFoAUMfaLSTQ/4YyZpMMS/OosVLcBznQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQUYyQ0Q1NEQ5RjAyQzY0NDMzMzc3NUNFQzVFMzMwNDFD
ODFFN0E2QzA4NjNGQTk4QjFDQjZBQkQ4NTYzM0Y1LzAvMzFGNjhCNDkzNDNGRTE4
Qzk5QTRDMzEyRkNFQTJDNTRCNzAxQ0U3NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zMUY2OEI0OTM0M0ZFMThDOTlB
NEMzMTJGQ0VBMkM1NEI3MDFDRTc0LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREFGMkNENTREOUYwMkM2NDQzMzM3NzVDRUM1RTMzMDQxQzgxRTdBNkMw
ODYzRkE5OEIxQ0I2QUJEODU2MzNGNS8wLzMyMzgzMDMzM2E2NTMyNjEzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA+KgMA0G
CSqGSIb3DQEBCwUAA4IBAQC+GdcxswabM7MLMfrB0NGLCXA95+KGBiXCw0jbw7mq
zcu0znzwxIEbGSULqgkdAtQno44i9C+C+C6uaLVwsadQrgFeAQUcESX+q83ADovW
yz4SyA7jCtrJQwh9p92b/fJpvzoxaVDjAeVsF32V/TFCaxeiFgQ4Y9yIXKSCq9/F
7VplJLidnHOgb5P4/ypur4G7k6V68xcxHBYplQTw1Ny2g+BbuxvSXfGVmXHi4ALN
fIHym+mMUPVKi2Aj+VRWQh1BGxD72pooUw6CJfFMI4DXu2fKzIXR7BD2hDyhzW7v
cLp47cbxU8PWCep34i53N328+AhBLnRNgHNKJn+wWZ9a
-----END CERTIFICATE-----
Generated at Sun Feb 9 15:00:52 2025 by rpki-client