Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E4E99759ACF013EA166F0DA90DBE63F30FAB64CCF1310D5F0FA69271B35D85AC/0/323830333a356365303a3830303a3a2f34302d3430203d3e203139313134.roa
File:                     323830333a356365303a3830303a3a2f34302d3430203d3e203139313134.roa (raw, json)
Hash identifier:          94opx7e6Spoc+bVGDTppRgETJUNZJI+1nGZNEXM+9rU=
Subject key identifier:   FE:68:72:E9:BC:6B:32:84:01:EA:E2:12:81:A2:56:EA:8E:89:A8:BB
Certificate issuer:       /CN=52C33A1BA9015DB4E50D07D3A35E931827FFAC41
Certificate serial:       14DE0B9E206D055636E6175F0CD47BEB66451F52
Authority key identifier: 52:C3:3A:1B:A9:01:5D:B4:E5:0D:07:D3:A3:5E:93:18:27:FF:AC:41
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/52C33A1BA9015DB4E50D07D3A35E931827FFAC41.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E4E99759ACF013EA166F0DA90DBE63F30FAB64CCF1310D5F0FA69271B35D85AC/0/323830333a356365303a3830303a3a2f34302d3430203d3e203139313134.roa
Signing time:             Tue 05 Mar 2024 18:07:00 +0000
ROA not before:           Tue 05 Mar 2024 18:02:00 +0000
ROA not after:            Tue 04 Mar 2025 18:07:00 +0000
asID:                     19114
IP address blocks:        2803:5ce0:800::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/E4E99759ACF013EA166F0DA90DBE63F30FAB64CCF1310D5F0FA69271B35D85AC/0/52C33A1BA9015DB4E50D07D3A35E931827FFAC41.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E4E99759ACF013EA166F0DA90DBE63F30FAB64CCF1310D5F0FA69271B35D85AC/0/52C33A1BA9015DB4E50D07D3A35E931827FFAC41.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/52C33A1BA9015DB4E50D07D3A35E931827FFAC41.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 22 May 2024 10:19:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:de:0b:9e:20:6d:05:56:36:e6:17:5f:0c:d4:7b:eb:66:45:1f:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52C33A1BA9015DB4E50D07D3A35E931827FFAC41
        Validity
            Not Before: Mar  5 18:02:00 2024 GMT
            Not After : Mar  4 18:07:00 2025 GMT
        Subject: CN=FE6872E9BC6B328401EAE21281A256EA8E89A8BB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:3c:78:02:36:06:53:0a:aa:93:84:fc:b6:85:
                    f8:bf:fc:e3:c1:6e:65:5c:ba:9d:ef:78:3a:f3:39:
                    52:de:36:3e:3b:fc:d8:62:de:f1:5f:11:52:1c:1d:
                    04:48:3e:5f:03:0d:3c:7f:93:1b:2b:86:6b:6e:21:
                    54:7c:52:2d:16:e2:e1:eb:3a:45:4a:d6:36:35:5d:
                    f5:e4:df:04:c3:c6:ea:11:02:26:ac:81:30:d8:78:
                    8e:92:9d:fe:fa:4e:e1:62:a8:26:c7:88:cb:5a:2e:
                    05:e3:c8:b2:66:0b:31:47:64:35:2d:59:43:39:3d:
                    92:40:0f:71:b7:50:68:ef:49:7f:5c:da:81:c7:99:
                    76:6a:71:29:a9:2f:66:95:d9:78:0d:6d:a5:c3:e2:
                    17:22:37:78:49:be:54:10:91:96:98:d2:47:61:d1:
                    4a:31:99:c5:3f:bf:3d:b3:ba:9d:f5:50:dc:47:ca:
                    ea:c0:b6:2d:71:65:b3:04:9a:16:dd:29:e3:4a:4c:
                    c7:80:1d:39:67:4c:c3:5d:f5:41:66:ea:59:0e:e0:
                    b2:24:0b:b4:58:dc:73:d1:86:56:9f:c8:b4:89:f5:
                    81:4b:77:04:de:3d:eb:22:75:4f:78:6e:5b:09:73:
                    19:61:e0:c1:5d:ae:38:0f:18:32:1c:fe:2b:4f:55:
                    db:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:68:72:E9:BC:6B:32:84:01:EA:E2:12:81:A2:56:EA:8E:89:A8:BB
            X509v3 Authority Key Identifier:
                keyid:52:C3:3A:1B:A9:01:5D:B4:E5:0D:07:D3:A3:5E:93:18:27:FF:AC:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E4E99759ACF013EA166F0DA90DBE63F30FAB64CCF1310D5F0FA69271B35D85AC/0/52C33A1BA9015DB4E50D07D3A35E931827FFAC41.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/52C33A1BA9015DB4E50D07D3A35E931827FFAC41.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E4E99759ACF013EA166F0DA90DBE63F30FAB64CCF1310D5F0FA69271B35D85AC/0/323830333a356365303a3830303a3a2f34302d3430203d3e203139313134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:5ce0:800::/40

    Signature Algorithm: sha256WithRSAEncryption
         14:bc:5b:c8:f5:c2:2a:2a:4a:27:66:b3:a7:e7:31:38:29:1c:
         db:d0:0f:e2:0a:2e:af:b0:06:ae:0d:e8:59:e5:4d:a3:7a:dc:
         ed:bf:2f:aa:db:ba:23:1b:2c:3a:84:aa:7a:b9:85:1f:9c:ab:
         97:93:5f:68:5d:ec:ab:b1:39:ad:cf:32:8b:70:d1:ef:6f:b5:
         d1:ed:70:3f:c1:09:d6:7c:76:90:fe:94:e3:a5:a5:1c:57:e6:
         1a:cf:7e:bc:8f:49:79:17:32:08:b4:a8:da:55:d4:35:bf:6e:
         0d:c6:f4:fd:55:6a:04:ff:ea:65:c4:35:99:ac:c9:02:5e:0b:
         33:4e:0b:85:03:37:77:29:61:33:74:26:18:a5:0a:f8:d4:d0:
         d7:63:9f:92:61:23:b3:b4:28:e6:66:b9:7c:6d:f9:2d:27:11:
         7c:72:12:98:50:42:68:07:e0:f7:74:02:b7:9a:05:d0:0c:01:
         f6:04:bf:74:08:1c:e3:6e:ff:e7:a3:f6:7c:66:51:96:e2:43:
         2e:92:b9:2a:01:f2:1a:e1:f2:b6:d8:13:f7:87:ed:98:60:09:
         ff:14:4d:bd:a3:90:9a:6f:be:c3:6b:56:e8:9f:6e:f5:29:a7:
         c1:38:36:1f:c8:2e:65:69:bd:b7:a2:0f:91:2e:66:1f:a9:e3:
         a4:b8:73:fc
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIUFN4LniBtBVY25hdfDNR762ZFH1IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTJDMzNBMUJBOTAxNURCNEU1MEQwN0QzQTM1RTkzMTgy
N0ZGQUM0MTAeFw0yNDAzMDUxODAyMDBaFw0yNTAzMDQxODA3MDBaMDMxMTAvBgNV
BAMTKEZFNjg3MkU5QkM2QjMyODQwMUVBRTIxMjgxQTI1NkVBOEU4OUE4QkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUPHgCNgZTCqqThPy2hfi//OPB
bmVcup3veDrzOVLeNj47/Nhi3vFfEVIcHQRIPl8DDTx/kxsrhmtuIVR8Ui0W4uHr
OkVK1jY1XfXk3wTDxuoRAiasgTDYeI6Snf76TuFiqCbHiMtaLgXjyLJmCzFHZDUt
WUM5PZJAD3G3UGjvSX9c2oHHmXZqcSmpL2aV2XgNbaXD4hciN3hJvlQQkZaY0kdh
0UoxmcU/vz2zup31UNxHyurAti1xZbMEmhbdKeNKTMeAHTlnTMNd9UFm6lkO4LIk
C7RY3HPRhlafyLSJ9YFLdwTePesidU94blsJcxlh4MFdrjgPGDIc/itPVdshAgMB
AAGjggLQMIICzDAdBgNVHQ4EFgQU/mhy6bxrMoQB6uISgaJW6o6JqLswHwYDVR0j
BBgwFoAUUsM6G6kBXbTlDQfTo16TGCf/rEEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FNEU5OTc1OUFDRjAxM0VBMTY2RjBEQTkwREJFNjNGMzBG
QUI2NENDRjEzMTBENUYwRkE2OTI3MUIzNUQ4NUFDLzAvNTJDMzNBMUJBOTAxNURC
NEU1MEQwN0QzQTM1RTkzMTgyN0ZGQUM0MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81MkMzM0ExQkE5MDE1REI0RTUw
RDA3RDNBMzVFOTMxODI3RkZBQzQxLmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTRFOTk3NTlBQ0YwMTNFQTE2NkYwREE5MERCRTYzRjMwRkFCNjRDQ0Yx
MzEwRDVGMEZBNjkyNzFCMzVEODVBQy8wLzMyMzgzMDMzM2EzNTYzNjUzMDNhMzgz
MDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzEzOTMxMzEzNC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMG
ACgDXOAIMA0GCSqGSIb3DQEBCwUAA4IBAQAUvFvI9cIqKkonZrOn5zE4KRzb0A/i
Ci6vsAauDehZ5U2jetztvy+q27ojGyw6hKp6uYUfnKuXk19oXeyrsTmtzzKLcNHv
b7XR7XA/wQnWfHaQ/pTjpaUcV+Yaz368j0l5FzIItKjaVdQ1v24NxvT9VWoE/+pl
xDWZrMkCXgszTguFAzd3KWEzdCYYpQr41NDXY5+SYSOztCjmZrl8bfktJxF8chKY
UEJoB+D3dAK3mgXQDAH2BL90CBzjbv/no/Z8ZlGW4kMukrkqAfIa4fK22BP3h+2Y
YAn/FE29o5Cab77Da1bon271KafBODYfyC5lab23og+RLmYfqeOkuHP8
-----END CERTIFICATE-----
Generated at Sun May 19 10:27:51 2024 by rpki-client on console-ams.rpki-client.org