Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0261522A7D1B1599601F0A1AAB8391A7D6EA0A5BDF95B045ABA001E79DD4B632/0/3133312e3232312e3131322e302f32322d3232203d3e20323633373031.roa
File:                     3133312e3232312e3131322e302f32322d3232203d3e20323633373031.roa (raw, json)
Hash identifier:          SFGCSdBGlmlFzM5GhbnPDaeJcY0rJM+sxI1CZrhvJys=
Subject key identifier:   5B:D9:B7:6E:A7:DC:0F:1D:9A:D0:1C:E4:51:BC:0F:0A:9F:26:79:58
Certificate issuer:       /CN=2D8AB2848654D51664AC6F45A44E5407C6B35912
Certificate serial:       44DE338A585254211AED269F4ECD982EB2F71D6E
Authority key identifier: 2D:8A:B2:84:86:54:D5:16:64:AC:6F:45:A4:4E:54:07:C6:B3:59:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2D8AB2848654D51664AC6F45A44E5407C6B35912.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0261522A7D1B1599601F0A1AAB8391A7D6EA0A5BDF95B045ABA001E79DD4B632/0/3133312e3232312e3131322e302f32322d3232203d3e20323633373031.roa
Signing time:             Tue 05 Mar 2024 17:57:31 +0000
ROA not before:           Tue 05 Mar 2024 17:52:31 +0000
ROA not after:            Tue 04 Mar 2025 17:57:31 +0000
asID:                     263701
IP address blocks:        131.221.112.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0261522A7D1B1599601F0A1AAB8391A7D6EA0A5BDF95B045ABA001E79DD4B632/0/2D8AB2848654D51664AC6F45A44E5407C6B35912.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0261522A7D1B1599601F0A1AAB8391A7D6EA0A5BDF95B045ABA001E79DD4B632/0/2D8AB2848654D51664AC6F45A44E5407C6B35912.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2D8AB2848654D51664AC6F45A44E5407C6B35912.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:de:33:8a:58:52:54:21:1a:ed:26:9f:4e:cd:98:2e:b2:f7:1d:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2D8AB2848654D51664AC6F45A44E5407C6B35912
        Validity
            Not Before: Mar  5 17:52:31 2024 GMT
            Not After : Mar  4 17:57:31 2025 GMT
        Subject: CN=5BD9B76EA7DC0F1D9AD01CE451BC0F0A9F267958
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:55:9d:6d:c0:6c:61:1f:3b:52:e4:2b:b5:70:
                    62:f2:a5:5f:e6:7b:de:67:6b:7f:6c:53:3a:03:87:
                    83:38:d2:4d:37:6b:c0:01:13:37:14:dd:48:e0:30:
                    8c:ce:00:f2:40:76:3a:51:53:9d:c8:18:66:d2:09:
                    51:bc:b6:e9:57:a1:bb:78:00:69:35:48:43:91:23:
                    aa:92:45:c2:ca:36:c3:7c:17:e8:69:05:6f:66:23:
                    03:a6:a5:96:6c:9d:7a:68:36:c1:97:21:98:c0:c8:
                    ea:5a:18:d8:a8:cf:a5:94:30:25:f3:05:5f:44:29:
                    3b:8b:ae:18:cd:85:c7:1e:be:50:dd:1b:72:78:3c:
                    aa:49:81:46:96:59:33:ab:f6:e6:4c:b0:3a:1d:11:
                    2a:36:20:c7:bc:3b:11:1b:84:8f:5c:4b:ba:9f:1f:
                    75:28:fa:0a:1f:bd:8c:b9:8e:7b:68:59:a1:85:28:
                    f5:2b:ca:af:6f:f3:f0:c6:57:12:2e:f1:43:3c:9c:
                    22:f1:11:77:cc:e8:33:d1:24:10:af:51:a3:c7:fd:
                    60:cd:35:01:b4:79:7e:50:d9:41:c0:20:68:92:54:
                    1f:34:62:8c:7c:95:30:14:14:77:0b:0b:8f:a1:76:
                    7d:59:c4:3a:c2:bb:4d:3e:fa:32:13:20:c7:46:63:
                    dc:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:D9:B7:6E:A7:DC:0F:1D:9A:D0:1C:E4:51:BC:0F:0A:9F:26:79:58
            X509v3 Authority Key Identifier:
                keyid:2D:8A:B2:84:86:54:D5:16:64:AC:6F:45:A4:4E:54:07:C6:B3:59:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0261522A7D1B1599601F0A1AAB8391A7D6EA0A5BDF95B045ABA001E79DD4B632/0/2D8AB2848654D51664AC6F45A44E5407C6B35912.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2D8AB2848654D51664AC6F45A44E5407C6B35912.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0261522A7D1B1599601F0A1AAB8391A7D6EA0A5BDF95B045ABA001E79DD4B632/0/3133312e3232312e3131322e302f32322d3232203d3e20323633373031.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.221.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2e:e9:5d:bf:89:a8:ee:c3:4a:66:b0:f1:dd:ae:6b:c4:76:6f:
         a1:c3:15:2a:d8:26:dd:d6:13:4b:bc:f2:5e:52:50:9c:7c:98:
         5a:73:39:54:33:2e:4f:dd:82:6e:41:5d:b6:cb:e8:0c:e7:e1:
         0f:17:4f:e9:0b:15:0e:ab:a3:8f:69:5d:4f:9e:c8:f5:2d:9a:
         a9:17:aa:99:70:e7:f8:c6:ce:a5:5d:a8:7b:bc:db:4e:49:c3:
         d3:58:2f:cd:64:11:50:1f:6d:bd:c7:f5:f2:51:79:79:2f:0b:
         c5:e1:5a:6f:4b:4a:ce:28:fd:82:0e:26:b4:20:2a:87:c5:6a:
         75:18:82:7a:bb:5e:a1:20:27:7b:20:42:7b:62:c2:bc:1f:47:
         e5:a2:66:0d:4a:ef:38:9b:34:33:68:ea:9f:70:3d:0c:1b:34:
         17:6c:8c:b4:d2:c8:38:de:0a:ef:27:25:e7:e9:ac:ce:cb:35:
         1a:72:8f:b1:cc:bb:f8:26:b5:db:4d:86:0b:4d:1d:35:5f:6e:
         5d:60:7e:8d:0d:cf:c9:61:df:59:98:28:e0:33:7a:cd:14:57:
         1c:27:fd:21:13:a2:a3:1c:3d:27:65:8a:1e:e5:c1:3b:b5:84:
         fa:c1:81:f6:1f:11:71:c8:92:3e:fb:dc:aa:30:ba:20:3b:5f:
         96:93:8a:c2
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIURN4zilhSVCEa7SafTs2YLrL3HW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkQ4QUIyODQ4NjU0RDUxNjY0QUM2RjQ1QTQ0RTU0MDdD
NkIzNTkxMjAeFw0yNDAzMDUxNzUyMzFaFw0yNTAzMDQxNzU3MzFaMDMxMTAvBgNV
BAMTKDVCRDlCNzZFQTdEQzBGMUQ5QUQwMUNFNDUxQkMwRjBBOUYyNjc5NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPVZ1twGxhHztS5Cu1cGLypV/m
e95na39sUzoDh4M40k03a8ABEzcU3UjgMIzOAPJAdjpRU53IGGbSCVG8tulXobt4
AGk1SEORI6qSRcLKNsN8F+hpBW9mIwOmpZZsnXpoNsGXIZjAyOpaGNioz6WUMCXz
BV9EKTuLrhjNhccevlDdG3J4PKpJgUaWWTOr9uZMsDodESo2IMe8OxEbhI9cS7qf
H3Uo+gofvYy5jntoWaGFKPUryq9v8/DGVxIu8UM8nCLxEXfM6DPRJBCvUaPH/WDN
NQG0eX5Q2UHAIGiSVB80Yox8lTAUFHcLC4+hdn1ZxDrCu00++jITIMdGY9yDAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUW9m3bqfcDx2a0BzkUbwPCp8meVgwHwYDVR0j
BBgwFoAULYqyhIZU1RZkrG9FpE5UB8azWRIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMjYxNTIyQTdEMUIxNTk5NjAxRjBBMUFBQjgzOTFBN0Q2
RUEwQTVCREY5NUIwNDVBQkEwMDFFNzlERDRCNjMyLzAvMkQ4QUIyODQ4NjU0RDUx
NjY0QUM2RjQ1QTQ0RTU0MDdDNkIzNTkxMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yRDhBQjI4NDg2NTRENTE2NjRB
QzZGNDVBNDRFNTQwN0M2QjM1OTEyLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDI2MTUyMkE3RDFCMTU5OTYwMUYwQTFBQUI4MzkxQTdENkVBMEE1QkRG
OTVCMDQ1QUJBMDAxRTc5REQ0QjYzMi8wLzMxMzMzMTJlMzIzMjMxMmUzMTMxMzIy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM2MzMzNzMwMzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKD
3XAwDQYJKoZIhvcNAQELBQADggEBAC7pXb+JqO7DSmaw8d2ua8R2b6HDFSrYJt3W
E0u88l5SUJx8mFpzOVQzLk/dgm5BXbbL6Azn4Q8XT+kLFQ6ro49pXU+eyPUtmqkX
qplw5/jGzqVdqHu8205Jw9NYL81kEVAfbb3H9fJReXkvC8XhWm9LSs4o/YIOJrQg
KofFanUYgnq7XqEgJ3sgQntiwrwfR+WiZg1K7zibNDNo6p9wPQwbNBdsjLTSyDje
Cu8nJefprM7LNRpyj7HMu/gmtdtNhgtNHTVfbl1gfo0Nz8lh31mYKOAzes0UVxwn
/SEToqMcPSdlih7lwTu1hPrBgfYfEXHIkj773KowuiA7X5aTisI=
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:59:48 2024 by rpki-client on console-ams.rpki-client.org