Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/3133312e3139362e3131322e302f32322d3234203d3e20323634363638.roa
File:                     3133312e3139362e3131322e302f32322d3234203d3e20323634363638.roa (raw, json)
Hash identifier:          kq5AavbiWqTJbM+VweQuktXo0t8XRP++qa6mX58am1U=
Subject key identifier:   0F:80:56:B5:E5:B8:5F:92:0C:00:01:B0:6F:04:9F:A7:77:52:2F:14
Certificate issuer:       /CN=575E8C6CA1804CEB8830FE8544A39CB633AA341C
Certificate serial:       0944B0AB04EF2289A40E9D08D80F7E3E2673C5AE
Authority key identifier: 57:5E:8C:6C:A1:80:4C:EB:88:30:FE:85:44:A3:9C:B6:33:AA:34:1C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/3133312e3139362e3131322e302f32322d3234203d3e20323634363638.roa
Signing time:             Tue 05 Mar 2024 17:56:44 +0000
ROA not before:           Tue 05 Mar 2024 17:51:44 +0000
ROA not after:            Tue 04 Mar 2025 17:56:44 +0000
asID:                     264668
IP address blocks:        131.196.112.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 20 Jun 2024 02:08:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:44:b0:ab:04:ef:22:89:a4:0e:9d:08:d8:0f:7e:3e:26:73:c5:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=575E8C6CA1804CEB8830FE8544A39CB633AA341C
        Validity
            Not Before: Mar  5 17:51:44 2024 GMT
            Not After : Mar  4 17:56:44 2025 GMT
        Subject: CN=0F8056B5E5B85F920C0001B06F049FA777522F14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:5d:95:1b:6f:93:23:7b:73:b8:08:05:60:e9:
                    3c:6f:13:35:86:0b:65:79:fe:37:bb:f2:f0:4b:db:
                    30:e8:c2:c2:6e:4e:ce:eb:e1:ea:7c:d1:b2:26:e6:
                    8b:0a:9e:38:60:05:a7:b5:d7:4c:fb:d4:22:8f:c4:
                    4e:3f:8e:96:52:73:d5:d2:d5:da:4f:97:33:ed:a2:
                    12:77:f8:0e:48:df:c5:64:a4:a1:5b:b7:c2:2e:db:
                    85:99:c8:17:29:7a:9d:fd:89:10:7e:5b:3e:05:7a:
                    53:31:8c:4d:26:74:20:1e:f2:8e:00:f0:2a:0a:c4:
                    5f:be:c2:e6:c5:87:55:f9:a8:84:30:9c:81:48:44:
                    ff:e6:05:45:cf:ba:7e:4e:9e:59:35:36:64:56:5b:
                    fb:87:1d:46:3f:5c:e5:28:de:63:75:ea:34:65:d9:
                    cb:29:f5:0f:67:56:ea:da:55:9b:07:45:fc:bb:29:
                    18:4f:17:5a:f0:57:4f:0f:ca:4c:39:7e:a6:27:d3:
                    e5:dc:73:3a:89:c9:01:47:14:6d:4d:cf:be:25:3b:
                    d4:f4:95:6f:77:d7:51:f0:e1:e7:77:c9:0f:ee:f0:
                    3c:d3:4c:b3:00:65:94:c4:bf:59:5c:d5:0a:3d:e9:
                    c8:ab:36:c6:86:c2:02:77:7a:d2:f8:6b:f7:e1:6f:
                    92:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:80:56:B5:E5:B8:5F:92:0C:00:01:B0:6F:04:9F:A7:77:52:2F:14
            X509v3 Authority Key Identifier:
                keyid:57:5E:8C:6C:A1:80:4C:EB:88:30:FE:85:44:A3:9C:B6:33:AA:34:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/3133312e3139362e3131322e302f32322d3234203d3e20323634363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.196.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:03:86:40:c8:82:59:ea:3f:e4:e8:b7:17:1e:bb:8c:da:b2:
         fc:ce:5c:03:8e:57:07:f0:a8:06:63:af:ce:8e:ea:9d:e7:0e:
         48:80:8e:54:51:71:7e:ec:c5:a9:56:e6:d1:90:08:0f:f3:a6:
         36:e2:8e:0a:a4:9f:3a:5a:7f:bb:48:8c:15:45:71:1e:9c:b2:
         bf:ff:11:10:20:90:65:4e:c4:f4:84:ec:92:9b:de:62:93:52:
         11:d7:fa:2c:00:86:27:41:44:96:6e:78:fd:ca:c8:57:c9:a3:
         c7:df:9d:d0:b0:01:7d:95:17:3a:1c:3b:ba:12:ba:65:2e:e0:
         2b:f7:65:03:f4:0d:38:71:50:28:b3:00:3a:7d:21:11:96:6d:
         fc:ec:16:1b:1f:6e:ce:77:86:b0:ed:98:9e:17:a1:e5:16:76:
         3d:32:83:73:12:fe:e7:50:f0:86:7f:26:da:dd:bd:8d:2a:40:
         d6:ea:37:c0:1b:ce:65:cc:8b:03:66:54:a0:ec:2f:94:c7:84:
         5f:49:e2:3c:a8:f0:fd:1c:37:1d:70:a9:c0:de:9b:f2:de:7f:
         3a:a6:30:12:2c:68:e0:b1:f6:14:f4:ac:d3:02:48:59:ec:53:
         2c:80:ec:4a:ee:87:7a:a4:13:35:f4:d7:76:1c:ca:3b:a0:3b:
         e9:48:54:71
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUCUSwqwTvIomkDp0I2A9+PiZzxa4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTc1RThDNkNBMTgwNENFQjg4MzBGRTg1NDRBMzlDQjYz
M0FBMzQxQzAeFw0yNDAzMDUxNzUxNDRaFw0yNTAzMDQxNzU2NDRaMDMxMTAvBgNV
BAMTKDBGODA1NkI1RTVCODVGOTIwQzAwMDFCMDZGMDQ5RkE3Nzc1MjJGMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XZUbb5Mje3O4CAVg6TxvEzWG
C2V5/je78vBL2zDowsJuTs7r4ep80bIm5osKnjhgBae110z71CKPxE4/jpZSc9XS
1dpPlzPtohJ3+A5I38VkpKFbt8Iu24WZyBcpep39iRB+Wz4FelMxjE0mdCAe8o4A
8CoKxF++wubFh1X5qIQwnIFIRP/mBUXPun5Onlk1NmRWW/uHHUY/XOUo3mN16jRl
2csp9Q9nVuraVZsHRfy7KRhPF1rwV08Pykw5fqYn0+XcczqJyQFHFG1Nz74lO9T0
lW9311Hw4ed3yQ/u8DzTTLMAZZTEv1lc1Qo96cirNsaGwgJ3etL4a/fhb5L5AgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUD4BWteW4X5IMAAGwbwSfp3dSLxQwHwYDVR0j
BBgwFoAUV16MbKGATOuIMP6FRKOctjOqNBwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMjZDRjAyQzRFRDI5QkU1MUE1Q0Y3MzQ5RkVGN0Y1QUVF
ODRDMDFBRDQ5NjBCMkMzQkUxMEY5RDM3QjE3QkUwLzAvNTc1RThDNkNBMTgwNENF
Qjg4MzBGRTg1NDRBMzlDQjYzM0FBMzQxQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81NzVFOEM2Q0ExODA0Q0VCODgz
MEZFODU0NEEzOUNCNjMzQUEzNDFDLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDI2Q0YwMkM0RUQyOUJFNTFBNUNGNzM0OUZFRjdGNUFFRTg0QzAxQUQ0
OTYwQjJDM0JFMTBGOUQzN0IxN0JFMC8wLzMxMzMzMTJlMzEzOTM2MmUzMTMxMzIy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzQzNjM2Mzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKD
xHAwDQYJKoZIhvcNAQELBQADggEBAGoDhkDIglnqP+Totxceu4zasvzOXAOOVwfw
qAZjr86O6p3nDkiAjlRRcX7sxalW5tGQCA/zpjbijgqknzpaf7tIjBVFcR6csr//
ERAgkGVOxPSE7JKb3mKTUhHX+iwAhidBRJZueP3KyFfJo8ffndCwAX2VFzocO7oS
umUu4Cv3ZQP0DThxUCizADp9IRGWbfzsFhsfbs53hrDtmJ4XoeUWdj0yg3MS/udQ
8IZ/JtrdvY0qQNbqN8AbzmXMiwNmVKDsL5THhF9J4jyo8P0cNx1wqcDem/Lefzqm
MBIsaOCx9hT0rNMCSFnsUyyA7Eruh3qkEzX013YcyjugO+lIVHE=
-----END CERTIFICATE-----
Generated at Sun Jun 16 20:28:13 2024 by rpki-client on console-ams.rpki-client.org