Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/3133312e3139362e3131322e302f32342d3234203d3e20323639373536.roa
File:                     3133312e3139362e3131322e302f32342d3234203d3e20323639373536.roa (raw, json)
Hash identifier:          TvGc4SuiXAOWHP5A278F+9DkFwRJbCUpN3r1P0ZFF2Y=
Subject key identifier:   31:43:12:4D:0D:FA:57:0C:10:34:A7:74:45:02:32:0C:0F:A6:83:FA
Certificate issuer:       /CN=575E8C6CA1804CEB8830FE8544A39CB633AA341C
Certificate serial:       4FBFB76B7641A82EB4F86CB5CB4B496AB6BB1EA9
Authority key identifier: 57:5E:8C:6C:A1:80:4C:EB:88:30:FE:85:44:A3:9C:B6:33:AA:34:1C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/3133312e3139362e3131322e302f32342d3234203d3e20323639373536.roa
Signing time:             Tue 05 Mar 2024 17:56:45 +0000
ROA not before:           Tue 05 Mar 2024 17:51:45 +0000
ROA not after:            Tue 04 Mar 2025 17:56:45 +0000
asID:                     269756
IP address blocks:        131.196.112.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 20 Jun 2024 02:08:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:bf:b7:6b:76:41:a8:2e:b4:f8:6c:b5:cb:4b:49:6a:b6:bb:1e:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=575E8C6CA1804CEB8830FE8544A39CB633AA341C
        Validity
            Not Before: Mar  5 17:51:45 2024 GMT
            Not After : Mar  4 17:56:45 2025 GMT
        Subject: CN=3143124D0DFA570C1034A7744502320C0FA683FA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:89:9f:98:64:20:d4:6f:81:08:b8:9e:06:5e:
                    22:7c:41:bf:d6:d8:7d:7e:9f:c0:eb:66:96:03:c7:
                    1f:93:a3:ed:a4:d7:1b:70:29:b0:82:b2:bf:f6:aa:
                    cb:db:90:af:8e:49:10:f3:86:5a:72:fd:f9:71:52:
                    7f:67:f6:5c:52:4c:7b:3e:61:f1:bb:f2:f7:b4:aa:
                    0e:17:34:57:fb:b8:18:54:1f:7a:13:f7:61:a1:d1:
                    97:4b:27:18:1b:3c:f6:75:41:8b:79:f8:ca:7d:94:
                    e8:de:d0:8a:6a:19:da:29:25:e0:09:18:f3:ca:ed:
                    02:f4:5b:51:e3:5e:b3:06:b0:c3:a8:6a:f0:4a:8e:
                    d2:d7:b8:2c:4f:d5:c6:25:ca:fa:ed:7d:a7:92:53:
                    2d:6e:15:df:12:28:43:4f:33:2f:8e:a9:f2:df:18:
                    60:f0:5e:c0:14:87:04:5c:23:a6:bc:ab:17:27:69:
                    c8:78:ae:23:01:1f:6c:00:3b:f3:5f:72:99:75:31:
                    6a:f4:52:e2:7a:52:5b:d9:71:7f:70:32:b7:7c:85:
                    47:42:f0:5a:07:78:2c:88:ea:fb:1f:b2:31:e2:a4:
                    06:1f:f6:8c:91:1d:d5:3e:d9:b3:6c:b0:f3:fd:f4:
                    19:ad:8a:e9:3f:42:85:6f:49:bd:46:d1:36:82:79:
                    8b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:43:12:4D:0D:FA:57:0C:10:34:A7:74:45:02:32:0C:0F:A6:83:FA
            X509v3 Authority Key Identifier:
                keyid:57:5E:8C:6C:A1:80:4C:EB:88:30:FE:85:44:A3:9C:B6:33:AA:34:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/3133312e3139362e3131322e302f32342d3234203d3e20323639373536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.196.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:97:bc:fb:65:23:69:41:97:97:43:19:e0:2b:ad:e9:7b:05:
         fe:76:c5:ea:0b:0d:ae:85:d8:80:ec:d3:78:ea:5d:75:33:d9:
         21:e2:b7:5b:8a:24:f0:82:14:a6:10:a6:c3:0d:8d:cd:c5:f6:
         87:2d:3b:e1:05:b1:4c:2f:13:42:8e:a3:14:16:7c:29:ba:fd:
         49:f6:1b:0c:cb:29:ad:42:22:d0:c4:45:27:23:1c:fb:11:a4:
         85:f0:16:15:57:4f:88:99:f8:00:7e:c5:1d:e0:30:3b:79:7f:
         93:11:2e:8f:ff:30:74:7d:be:a4:29:7b:76:86:09:28:a2:c7:
         76:1d:bd:6a:6f:df:b1:18:35:5c:91:f4:cc:15:e6:60:ec:ba:
         61:eb:d8:a1:cb:e9:08:c0:be:06:32:09:4f:cd:f2:68:4a:09:
         e0:dc:19:f6:c0:c0:9d:16:19:c6:9c:78:54:bd:7c:61:d2:7a:
         d8:8d:df:9c:8b:2c:ad:9e:86:b1:c4:ce:5c:f8:34:0c:5a:e4:
         ee:d5:8f:5f:31:b2:78:3e:47:1f:74:8a:82:56:24:12:a7:8f:
         c7:4e:bb:3c:ca:28:79:ff:9f:76:ac:b5:aa:50:cf:13:06:43:
         98:f1:cb:59:32:67:24:aa:7d:df:bf:c9:2c:46:e0:ec:57:a3:
         78:d2:f2:91
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUT7+3a3ZBqC60+Gy1y0tJara7HqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTc1RThDNkNBMTgwNENFQjg4MzBGRTg1NDRBMzlDQjYz
M0FBMzQxQzAeFw0yNDAzMDUxNzUxNDVaFw0yNTAzMDQxNzU2NDVaMDMxMTAvBgNV
BAMTKDMxNDMxMjREMERGQTU3MEMxMDM0QTc3NDQ1MDIzMjBDMEZBNjgzRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwiZ+YZCDUb4EIuJ4GXiJ8Qb/W
2H1+n8DrZpYDxx+To+2k1xtwKbCCsr/2qsvbkK+OSRDzhlpy/flxUn9n9lxSTHs+
YfG78ve0qg4XNFf7uBhUH3oT92Gh0ZdLJxgbPPZ1QYt5+Mp9lOje0IpqGdopJeAJ
GPPK7QL0W1HjXrMGsMOoavBKjtLXuCxP1cYlyvrtfaeSUy1uFd8SKENPMy+OqfLf
GGDwXsAUhwRcI6a8qxcnach4riMBH2wAO/Nfcpl1MWr0UuJ6UlvZcX9wMrd8hUdC
8FoHeCyI6vsfsjHipAYf9oyRHdU+2bNssPP99Bmtiuk/QoVvSb1G0TaCeYvFAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUMUMSTQ36VwwQNKd0RQIyDA+mg/owHwYDVR0j
BBgwFoAUV16MbKGATOuIMP6FRKOctjOqNBwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMjZDRjAyQzRFRDI5QkU1MUE1Q0Y3MzQ5RkVGN0Y1QUVF
ODRDMDFBRDQ5NjBCMkMzQkUxMEY5RDM3QjE3QkUwLzAvNTc1RThDNkNBMTgwNENF
Qjg4MzBGRTg1NDRBMzlDQjYzM0FBMzQxQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81NzVFOEM2Q0ExODA0Q0VCODgz
MEZFODU0NEEzOUNCNjMzQUEzNDFDLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDI2Q0YwMkM0RUQyOUJFNTFBNUNGNzM0OUZFRjdGNUFFRTg0QzAxQUQ0
OTYwQjJDM0JFMTBGOUQzN0IxN0JFMC8wLzMxMzMzMTJlMzEzOTM2MmUzMTMxMzIy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzkzNzM1MzYucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACD
xHAwDQYJKoZIhvcNAQELBQADggEBAC2XvPtlI2lBl5dDGeArrel7Bf52xeoLDa6F
2IDs03jqXXUz2SHit1uKJPCCFKYQpsMNjc3F9octO+EFsUwvE0KOoxQWfCm6/Un2
GwzLKa1CItDERScjHPsRpIXwFhVXT4iZ+AB+xR3gMDt5f5MRLo//MHR9vqQpe3aG
CSiix3YdvWpv37EYNVyR9MwV5mDsumHr2KHL6QjAvgYyCU/N8mhKCeDcGfbAwJ0W
GcaceFS9fGHSetiN35yLLK2ehrHEzlz4NAxa5O7Vj18xsng+Rx90ioJWJBKnj8dO
uzzKKHn/n3astapQzxMGQ5jxy1kyZySqfd+/ySxG4OxXo3jS8pE=
-----END CERTIFICATE-----
Generated at Sun Jun 16 20:28:13 2024 by rpki-client on console-ams.rpki-client.org