Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3139302e3231372e3131362e302f32342d3234203d3e20323635383535.roa
File:                     3139302e3231372e3131362e302f32342d3234203d3e20323635383535.roa (raw, json)
Hash identifier:          KkpBHkgQQ2C9TdXBREDbSy4DZNfK7jxFu91eptJVLKM=
Subject key identifier:   AA:89:9F:75:D7:C5:E9:90:96:70:9C:7C:16:5C:9A:89:6D:8F:94:6B
Certificate issuer:       /CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
Certificate serial:       5A4273967F91D46CA6AB0037D9926C869EB4C590
Authority key identifier: C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3139302e3231372e3131362e302f32342d3234203d3e20323635383535.roa
Signing time:             Tue 05 Mar 2024 18:00:45 +0000
ROA not before:           Tue 05 Mar 2024 17:55:45 +0000
ROA not after:            Tue 04 Mar 2025 18:00:45 +0000
asID:                     265855
IP address blocks:        190.217.116.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl
                          rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:42:73:96:7f:91:d4:6c:a6:ab:00:37:d9:92:6c:86:9e:b4:c5:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
        Validity
            Not Before: Mar  5 17:55:45 2024 GMT
            Not After : Mar  4 18:00:45 2025 GMT
        Subject: CN=AA899F75D7C5E99096709C7C165C9A896D8F946B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:56:1d:36:13:ed:64:72:5a:15:3f:30:f6:c9:
                    ce:6b:c5:ce:a4:d9:f1:89:cf:ff:75:44:95:b0:79:
                    42:1e:16:4c:5c:96:8e:fd:23:3b:8a:f1:59:10:c7:
                    fb:cf:82:fe:bd:a9:ed:d4:49:b7:3a:e2:2b:2a:3d:
                    8c:c2:9b:e0:0d:a5:1d:a7:29:21:ba:a3:c4:04:9b:
                    36:ec:1c:d0:df:e8:8c:bd:13:1d:41:c4:1e:1f:20:
                    9e:de:b2:2a:f3:d3:95:31:b5:3e:df:4f:43:94:73:
                    10:97:8a:73:d0:1b:b4:c4:1d:4d:ed:24:08:80:ac:
                    64:a0:c6:41:93:43:be:a3:22:eb:c8:81:ba:df:b3:
                    37:c5:52:fd:ff:ff:90:63:01:93:1e:bd:f7:da:16:
                    5c:14:04:ee:4c:b6:79:73:b9:ab:57:58:72:2c:06:
                    2b:27:fa:48:66:78:21:ed:18:30:6a:9c:de:b3:da:
                    70:b6:80:3f:df:75:b4:8c:d9:61:a6:a1:78:ca:c1:
                    7d:ab:45:9f:79:ca:ba:b3:47:33:50:11:d5:ae:a4:
                    3d:71:50:b2:0d:be:40:d2:6d:2a:02:99:a8:52:53:
                    9f:41:5b:55:86:9b:82:77:43:5f:68:ce:5c:dd:4d:
                    79:39:c6:1c:92:f4:34:29:6d:9a:76:aa:a7:2e:f0:
                    be:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:89:9F:75:D7:C5:E9:90:96:70:9C:7C:16:5C:9A:89:6D:8F:94:6B
            X509v3 Authority Key Identifier:
                keyid:C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3139302e3231372e3131362e302f32342d3234203d3e20323635383535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.217.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:fc:07:c7:e6:7e:3c:10:3a:ab:a8:6f:de:a2:57:9a:ba:85:
         99:58:72:6a:2b:93:cb:a4:0b:8d:41:d4:1d:fe:b3:22:72:43:
         fb:b1:c6:a8:cf:60:ba:47:17:0a:4a:9e:b9:dd:46:8e:bc:f8:
         59:34:f4:3f:14:8e:ef:60:29:f8:f0:b4:0a:cd:2d:6a:62:e8:
         69:37:9c:b4:90:db:14:5a:a0:f6:12:91:e6:91:dc:bc:90:e4:
         27:d3:7b:de:8e:32:53:55:66:0a:a3:5f:95:75:7b:77:bc:39:
         c2:4e:19:39:1c:2c:f5:cf:c9:37:2f:63:f1:33:91:64:78:f8:
         d1:dd:9a:c8:82:e4:ed:3e:3f:69:cc:00:d1:11:f6:a5:a1:49:
         64:2e:62:ca:bc:62:8a:c4:d7:10:33:78:32:e2:be:c2:4b:6f:
         e1:e2:42:92:a7:36:48:93:55:f3:ae:bf:e4:56:db:d2:c8:f9:
         d9:50:b1:11:12:f6:e2:1e:5b:35:22:b7:f9:22:26:4d:7b:02:
         8f:90:fc:46:70:51:9c:ff:d4:6b:1d:f5:bb:20:11:51:4d:a3:
         5d:1d:a7:e0:74:9e:6e:31:f8:1b:a7:39:1b:34:ea:04:ac:21:
         7d:20:da:0c:e0:7b:8d:bb:43:5a:5b:bd:11:da:9d:45:c3:a2:
         b9:01:c3:46
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUWkJzln+R1GymqwA32ZJshp60xZAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg3QzU1QTQ0ODFGMTlDOUI2MTg0OTQ0QjE4N0IzODEz
QjdDRUM1NjAeFw0yNDAzMDUxNzU1NDVaFw0yNTAzMDQxODAwNDVaMDMxMTAvBgNV
BAMTKEFBODk5Rjc1RDdDNUU5OTA5NjcwOUM3QzE2NUM5QTg5NkQ4Rjk0NkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Vh02E+1kcloVPzD2yc5rxc6k
2fGJz/91RJWweUIeFkxclo79IzuK8VkQx/vPgv69qe3USbc64isqPYzCm+ANpR2n
KSG6o8QEmzbsHNDf6Iy9Ex1BxB4fIJ7esirz05UxtT7fT0OUcxCXinPQG7TEHU3t
JAiArGSgxkGTQ76jIuvIgbrfszfFUv3//5BjAZMevffaFlwUBO5MtnlzuatXWHIs
Bisn+khmeCHtGDBqnN6z2nC2gD/fdbSM2WGmoXjKwX2rRZ95yrqzRzNQEdWupD1x
ULINvkDSbSoCmahSU59BW1WGm4J3Q19ozlzdTXk5xhyS9DQpbZp2qqcu8L4NAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUqomfddfF6ZCWcJx8FlyaiW2PlGswHwYDVR0j
BBgwFoAUyHxVpEgfGcm2GElEsYezgTt87FYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMEE2NkE2QTJBNkNGRTkzQzBGNkUzREZDMjBERDMzMUI1
ODBGQjIwMzgzQjYyRkU0QjI2QzAyOTRCNDY4N0M3LzAvQzg3QzU1QTQ0ODFGMTlD
OUI2MTg0OTQ0QjE4N0IzODEzQjdDRUM1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DODdDNTVBNDQ4MUYxOUM5QjYx
ODQ5NDRCMTg3QjM4MTNCN0NFQzU2LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDBBNjZBNkEyQTZDRkU5M0MwRjZFM0RGQzIwREQzMzFCNTgwRkIyMDM4
M0I2MkZFNEIyNkMwMjk0QjQ2ODdDNy8wLzMxMzkzMDJlMzIzMTM3MmUzMTMxMzYy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzUzODM1MzUucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC+
2XQwDQYJKoZIhvcNAQELBQADggEBABH8B8fmfjwQOquob96iV5q6hZlYcmork8uk
C41B1B3+syJyQ/uxxqjPYLpHFwpKnrndRo68+Fk09D8Uju9gKfjwtArNLWpi6Gk3
nLSQ2xRaoPYSkeaR3LyQ5CfTe96OMlNVZgqjX5V1e3e8OcJOGTkcLPXPyTcvY/Ez
kWR4+NHdmsiC5O0+P2nMANER9qWhSWQuYsq8YorE1xAzeDLivsJLb+HiQpKnNkiT
VfOuv+RW29LI+dlQsRES9uIeWzUit/kiJk17Ao+Q/EZwUZz/1Gsd9bsgEVFNo10d
p+B0nm4x+BunORs06gSsIX0g2gzge427Q1pbvRHanUXDorkBw0Y=
-----END CERTIFICATE-----
Generated at Wed Nov 20 03:18:10 2024 by rpki-client on console-ams.rpki-client.org