Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00006E0DD4A4BCABFB42915D286D16FA3FE7192F62E58D1B2AF6D2B04751E8D3/0/3136342e3136332e38382e302f32322d3234203d3e203631343636.roa
File:                     3136342e3136332e38382e302f32322d3234203d3e203631343636.roa (raw, json)
Hash identifier:          QvLp+ld12vbH+HV5d7Sca/gi872PqEsE38+f/W9++EU=
Subject key identifier:   44:60:FE:C8:27:44:9D:F0:CA:71:A5:88:0B:4E:AE:AB:E6:CA:F4:B1
Certificate issuer:       /CN=3BFDA956D2EBAAD5BE52A01761CB47696CBDD731
Certificate serial:       135197438D5F5C6722836911B3B82D2114CFBD51
Authority key identifier: 3B:FD:A9:56:D2:EB:AA:D5:BE:52:A0:17:61:CB:47:69:6C:BD:D7:31
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3BFDA956D2EBAAD5BE52A01761CB47696CBDD731.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00006E0DD4A4BCABFB42915D286D16FA3FE7192F62E58D1B2AF6D2B04751E8D3/0/3136342e3136332e38382e302f32322d3234203d3e203631343636.roa
Signing time:             Tue 04 Feb 2025 18:44:04 +0000
ROA not before:           Tue 04 Feb 2025 18:39:04 +0000
ROA not after:            Tue 03 Feb 2026 18:44:04 +0000
asID:                     61466
IP address blocks:        164.163.88.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/00006E0DD4A4BCABFB42915D286D16FA3FE7192F62E58D1B2AF6D2B04751E8D3/0/3BFDA956D2EBAAD5BE52A01761CB47696CBDD731.crl
                          rsync://repository.lacnic.net/rpki/lacnic/00006E0DD4A4BCABFB42915D286D16FA3FE7192F62E58D1B2AF6D2B04751E8D3/0/3BFDA956D2EBAAD5BE52A01761CB47696CBDD731.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3BFDA956D2EBAAD5BE52A01761CB47696CBDD731.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Feb 2025 05:22:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:51:97:43:8d:5f:5c:67:22:83:69:11:b3:b8:2d:21:14:cf:bd:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3BFDA956D2EBAAD5BE52A01761CB47696CBDD731
        Validity
            Not Before: Feb  4 18:39:04 2025 GMT
            Not After : Feb  3 18:44:04 2026 GMT
        Subject: CN=4460FEC827449DF0CA71A5880B4EAEABE6CAF4B1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ae:45:a9:12:b7:9d:b5:6e:27:a1:81:c9:1c:
                    5d:d3:c7:cd:c7:42:49:a5:7f:d4:02:a9:ad:02:66:
                    cc:44:4a:af:e9:cb:d6:71:a2:a1:aa:03:e7:9f:6a:
                    32:32:f4:c8:59:29:e9:f9:36:87:d4:5f:f1:84:a6:
                    cb:c1:ba:2c:2a:b8:75:6a:2e:22:8e:6a:bd:71:10:
                    03:b9:b2:16:db:73:1e:0f:3e:64:44:12:6f:13:02:
                    34:e5:d2:cf:17:d4:41:32:29:a2:8b:78:82:75:72:
                    d7:5f:81:c2:ee:43:f3:c6:21:a6:6f:23:a5:35:ec:
                    d9:d0:29:a8:11:0f:ae:87:5c:9b:a7:c0:63:59:5b:
                    34:6f:29:3e:8d:44:70:f0:3a:cc:a4:d6:ee:a9:39:
                    51:77:0b:c3:c0:d8:81:2f:c1:98:a0:9f:70:d5:fa:
                    7d:1b:60:e4:c7:d9:1f:24:e4:2c:16:bb:79:c5:e1:
                    69:bc:e6:bd:32:1b:99:09:b1:6e:8d:f8:91:7f:a2:
                    cf:41:43:78:e8:b9:69:00:42:2e:77:ca:34:1e:25:
                    de:7d:fc:a7:ef:39:26:d8:bb:05:d5:85:b1:09:e0:
                    7a:ae:dd:2e:af:82:58:b4:0f:1b:3f:fc:2b:8c:e5:
                    52:b8:58:57:7f:cd:dc:c0:70:33:65:af:fc:9a:ad:
                    fd:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:60:FE:C8:27:44:9D:F0:CA:71:A5:88:0B:4E:AE:AB:E6:CA:F4:B1
            X509v3 Authority Key Identifier:
                keyid:3B:FD:A9:56:D2:EB:AA:D5:BE:52:A0:17:61:CB:47:69:6C:BD:D7:31

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00006E0DD4A4BCABFB42915D286D16FA3FE7192F62E58D1B2AF6D2B04751E8D3/0/3BFDA956D2EBAAD5BE52A01761CB47696CBDD731.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3BFDA956D2EBAAD5BE52A01761CB47696CBDD731.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00006E0DD4A4BCABFB42915D286D16FA3FE7192F62E58D1B2AF6D2B04751E8D3/0/3136342e3136332e38382e302f32322d3234203d3e203631343636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.163.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8b:78:e6:2c:45:a9:57:2a:79:33:5a:4b:0f:ec:68:09:12:9f:
         38:41:b3:e1:08:19:5e:ae:e0:99:47:27:a8:06:c9:6f:e4:0c:
         7a:04:14:fd:d1:73:5c:9b:16:38:3e:57:b4:f2:cd:a4:83:89:
         5f:9b:c3:59:31:ab:b7:3e:c8:c5:10:18:4c:e8:83:e8:0e:af:
         dd:ef:57:76:40:cc:dd:8e:9a:c6:db:06:d9:0f:46:8c:3b:e0:
         7a:f9:28:ea:ea:cd:89:d4:39:2a:2c:3a:e8:4f:f3:a3:6b:5b:
         60:8a:b9:6e:13:6b:eb:e8:e8:63:02:c5:4f:28:ed:1e:cd:97:
         1a:f9:34:98:2e:22:3e:83:02:3a:d4:f6:fb:2e:19:bc:e2:1b:
         ab:2a:18:27:1b:63:f0:e4:07:fb:5f:c2:43:53:ff:b4:67:62:
         07:5c:68:7a:1b:86:d6:80:c4:10:81:3e:08:8b:45:4b:51:04:
         6a:9e:be:7c:aa:13:a5:53:62:b4:ce:67:d4:cd:5c:28:25:71:
         be:cc:bb:f1:46:cc:9b:67:c1:db:71:17:cf:d7:90:5a:66:28:
         d4:b5:b0:74:e1:aa:92:9d:9d:a7:8e:1e:66:fa:50:11:f0:aa:
         a3:63:ae:34:7d:48:5d:12:a3:75:a5:46:89:b1:6f:38:e8:2a:
         d5:6b:c2:20
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUE1GXQ41fXGcig2kRs7gtIRTPvVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0JGREE5NTZEMkVCQUFENUJFNTJBMDE3NjFDQjQ3Njk2
Q0JERDczMTAeFw0yNTAyMDQxODM5MDRaFw0yNjAyMDMxODQ0MDRaMDMxMTAvBgNV
BAMTKDQ0NjBGRUM4Mjc0NDlERjBDQTcxQTU4ODBCNEVBRUFCRTZDQUY0QjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLrkWpEredtW4noYHJHF3Tx83H
Qkmlf9QCqa0CZsxESq/py9ZxoqGqA+efajIy9MhZKen5NofUX/GEpsvBuiwquHVq
LiKOar1xEAO5shbbcx4PPmREEm8TAjTl0s8X1EEyKaKLeIJ1ctdfgcLuQ/PGIaZv
I6U17NnQKagRD66HXJunwGNZWzRvKT6NRHDwOsyk1u6pOVF3C8PA2IEvwZign3DV
+n0bYOTH2R8k5CwWu3nF4Wm85r0yG5kJsW6N+JF/os9BQ3jouWkAQi53yjQeJd59
/KfvOSbYuwXVhbEJ4Hqu3S6vgli0Dxs//CuM5VK4WFd/zdzAcDNlr/yarf3rAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQURGD+yCdEnfDKcaWIC06uq+bK9LEwHwYDVR0j
BBgwFoAUO/2pVtLrqtW+UqAXYctHaWy91zEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMDAwNkUwREQ0QTRCQ0FCRkI0MjkxNUQyODZEMTZGQTNG
RTcxOTJGNjJFNThEMUIyQUY2RDJCMDQ3NTFFOEQzLzAvM0JGREE5NTZEMkVCQUFE
NUJFNTJBMDE3NjFDQjQ3Njk2Q0JERDczMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zQkZEQTk1NkQyRUJBQUQ1QkU1
MkEwMTc2MUNCNDc2OTZDQkRENzMxLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDAwMDZFMERENEE0QkNBQkZCNDI5MTVEMjg2RDE2RkEzRkU3MTkyRjYy
RTU4RDFCMkFGNkQyQjA0NzUxRThEMy8wLzMxMzYzNDJlMzEzNjMzMmUzODM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzYzMTM0MzYzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqSjWDAN
BgkqhkiG9w0BAQsFAAOCAQEAi3jmLEWpVyp5M1pLD+xoCRKfOEGz4QgZXq7gmUcn
qAbJb+QMegQU/dFzXJsWOD5XtPLNpIOJX5vDWTGrtz7IxRAYTOiD6A6v3e9XdkDM
3Y6axtsG2Q9GjDvgevko6urNidQ5Kiw66E/zo2tbYIq5bhNr6+joYwLFTyjtHs2X
Gvk0mC4iPoMCOtT2+y4ZvOIbqyoYJxtj8OQH+1/CQ1P/tGdiB1xoehuG1oDEEIE+
CItFS1EEap6+fKoTpVNitM5n1M1cKCVxvsy78UbMm2fB23EXz9eQWmYo1LWwdOGq
kp2dp44eZvpQEfCqo2OuNH1IXRKjdaVGibFvOOgq1WvCIA==
-----END CERTIFICATE-----
Generated at Thu Feb 13 19:30:00 2025 by rpki-client