Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3139302e3231372e33332e302f32342d3234203d3e203332353930.roa
File:                     3139302e3231372e33332e302f32342d3234203d3e203332353930.roa (raw, json)
Hash identifier:          rfpDOQnoxwFZ//nOIkS1d5u26ES/jE9X3oVZ7nl6snw=
Subject key identifier:   FE:C3:A8:F6:D3:96:76:5E:46:30:7E:90:B5:BC:F4:2F:CB:61:BF:9A
Certificate issuer:       /CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
Certificate serial:       08CF1264D4BD19C1092483D3D65735BD135B90F2
Authority key identifier: C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3139302e3231372e33332e302f32342d3234203d3e203332353930.roa
Signing time:             Tue 05 Mar 2024 18:00:39 +0000
ROA not before:           Tue 05 Mar 2024 17:55:39 +0000
ROA not after:            Tue 04 Mar 2025 18:00:39 +0000
asID:                     32590
IP address blocks:        190.217.33.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl
                          rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 20 Jun 2024 02:08:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:cf:12:64:d4:bd:19:c1:09:24:83:d3:d6:57:35:bd:13:5b:90:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
        Validity
            Not Before: Mar  5 17:55:39 2024 GMT
            Not After : Mar  4 18:00:39 2025 GMT
        Subject: CN=FEC3A8F6D396765E46307E90B5BCF42FCB61BF9A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ac:d2:b4:47:21:3c:56:39:91:bd:77:c7:fa:
                    0a:80:ef:55:f0:6b:d1:a5:ff:11:5c:18:83:38:93:
                    bc:f2:60:44:8d:0b:44:0c:f8:aa:a4:50:29:68:7c:
                    c2:3e:87:6a:12:33:61:83:fa:f2:52:1b:41:52:28:
                    ef:23:be:e1:db:64:24:ee:18:0d:b2:f1:64:65:4e:
                    8f:f5:22:e1:62:0b:49:3f:4c:86:63:04:01:97:e5:
                    de:81:a3:e7:85:83:40:50:72:0d:62:30:96:1a:93:
                    4c:18:5f:c8:56:98:da:79:94:36:56:68:8f:f8:f0:
                    cf:27:fe:5a:f3:5c:a9:6a:e8:7e:33:77:5e:fc:e1:
                    1e:b0:52:48:5f:1a:fd:b7:a7:11:54:ff:a8:16:c1:
                    e6:80:ef:4e:e5:24:22:58:1b:28:ee:41:d2:32:85:
                    77:33:83:81:97:8b:a4:3d:63:cd:76:fe:eb:88:3f:
                    3e:5c:b8:ee:fe:b2:15:f3:79:6f:53:6f:da:da:14:
                    1c:18:a6:90:90:80:3c:da:82:9b:31:fb:29:c3:43:
                    18:09:76:9d:19:aa:81:e5:97:e0:52:95:b4:c2:50:
                    fb:5f:9f:ec:71:5c:86:9a:4a:9b:f1:d0:0d:8e:69:
                    25:13:40:6b:5a:04:84:eb:0c:1c:b4:08:d5:46:82:
                    ed:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:C3:A8:F6:D3:96:76:5E:46:30:7E:90:B5:BC:F4:2F:CB:61:BF:9A
            X509v3 Authority Key Identifier:
                keyid:C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3139302e3231372e33332e302f32342d3234203d3e203332353930.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.217.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:71:29:27:8a:bf:c0:67:0e:40:d8:3e:49:60:ee:22:18:b5:
         4d:21:f9:e1:5b:d9:f0:71:d8:bc:27:52:0c:4d:2c:60:29:6b:
         a3:b0:44:a4:26:9f:a2:88:91:a7:d9:77:e7:ce:40:71:7d:ae:
         ee:29:9d:67:3b:d8:0b:c7:9d:62:30:5b:6c:70:9b:3e:e3:89:
         9b:54:9d:bc:5e:d4:d7:7c:21:9b:35:c1:0e:34:fc:a0:a3:77:
         9e:a2:04:f9:dc:96:e0:c0:8b:aa:78:be:3d:be:1d:b9:3a:43:
         8b:05:b5:66:13:39:0a:5a:0f:de:8f:92:09:77:b1:e7:2d:8f:
         84:f1:92:e7:a1:30:cc:ac:87:7e:da:81:2f:ca:bb:81:d4:da:
         0a:e0:59:3c:b8:b9:97:c1:ef:94:13:37:2d:9c:2c:3a:34:43:
         6c:a7:a0:a5:1e:b4:96:a9:20:fb:d4:56:61:d9:82:80:78:21:
         41:08:45:89:3e:4c:d6:08:e1:71:f2:ec:ae:50:f5:f7:be:54:
         05:36:68:90:e7:bd:50:2b:4a:39:1e:1b:12:eb:dc:b2:19:53:
         9f:a5:63:89:2f:ce:d5:8f:c7:36:54:26:2c:77:a5:c6:8b:8f:
         b7:84:cd:4a:3f:22:5a:de:89:5d:52:19:a5:38:18:33:65:73:
         ea:1d:6f:5a
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUCM8SZNS9GcEJJIPT1lc1vRNbkPIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg3QzU1QTQ0ODFGMTlDOUI2MTg0OTQ0QjE4N0IzODEz
QjdDRUM1NjAeFw0yNDAzMDUxNzU1MzlaFw0yNTAzMDQxODAwMzlaMDMxMTAvBgNV
BAMTKEZFQzNBOEY2RDM5Njc2NUU0NjMwN0U5MEI1QkNGNDJGQ0I2MUJGOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwrNK0RyE8VjmRvXfH+gqA71Xw
a9Gl/xFcGIM4k7zyYESNC0QM+KqkUClofMI+h2oSM2GD+vJSG0FSKO8jvuHbZCTu
GA2y8WRlTo/1IuFiC0k/TIZjBAGX5d6Bo+eFg0BQcg1iMJYak0wYX8hWmNp5lDZW
aI/48M8n/lrzXKlq6H4zd1784R6wUkhfGv23pxFU/6gWweaA707lJCJYGyjuQdIy
hXczg4GXi6Q9Y812/uuIPz5cuO7+shXzeW9Tb9raFBwYppCQgDzagpsx+ynDQxgJ
dp0ZqoHll+BSlbTCUPtfn+xxXIaaSpvx0A2OaSUTQGtaBITrDBy0CNVGgu0VAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU/sOo9tOWdl5GMH6Qtbz0L8thv5owHwYDVR0j
BBgwFoAUyHxVpEgfGcm2GElEsYezgTt87FYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMEE2NkE2QTJBNkNGRTkzQzBGNkUzREZDMjBERDMzMUI1
ODBGQjIwMzgzQjYyRkU0QjI2QzAyOTRCNDY4N0M3LzAvQzg3QzU1QTQ0ODFGMTlD
OUI2MTg0OTQ0QjE4N0IzODEzQjdDRUM1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DODdDNTVBNDQ4MUYxOUM5QjYx
ODQ5NDRCMTg3QjM4MTNCN0NFQzU2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDBBNjZBNkEyQTZDRkU5M0MwRjZFM0RGQzIwREQzMzFCNTgwRkIyMDM4
M0I2MkZFNEIyNkMwMjk0QjQ2ODdDNy8wLzMxMzkzMDJlMzIzMTM3MmUzMzMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzMjM1MzkzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAL7ZITAN
BgkqhkiG9w0BAQsFAAOCAQEArnEpJ4q/wGcOQNg+SWDuIhi1TSH54VvZ8HHYvCdS
DE0sYClro7BEpCafooiRp9l3585AcX2u7imdZzvYC8edYjBbbHCbPuOJm1SdvF7U
13whmzXBDjT8oKN3nqIE+dyW4MCLqni+Pb4duTpDiwW1ZhM5CloP3o+SCXex5y2P
hPGS56EwzKyHftqBL8q7gdTaCuBZPLi5l8HvlBM3LZwsOjRDbKegpR60lqkg+9RW
YdmCgHghQQhFiT5M1gjhcfLsrlD1975UBTZokOe9UCtKOR4bEuvcshlTn6VjiS/O
1Y/HNlQmLHelxouPt4TNSj8iWt6JXVIZpTgYM2Vz6h1vWg==
-----END CERTIFICATE-----
Generated at Mon Jun 17 02:10:02 2024 by rpki-client on console-ams.rpki-client.org