Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/3138312e3137392e302e302f31372d3234203d3e203134373534.roa
File:                     3138312e3137392e302e302f31372d3234203d3e203134373534.roa (raw, json)
Hash identifier:          T4nAjVBM3JEnqtHfwWFp30Yct8ISArsAAW+IMZ938Ek=
Subject key identifier:   33:0B:BF:59:67:E4:BC:78:EA:90:6C:31:E8:A8:34:AE:90:89:88:08
Certificate issuer:       /CN=F07AC2C3313D74F22585389241B3BE2A7B89D7BF
Certificate serial:       6D1E4B72C085BB865999F5CF9D9869C59B75E65A
Authority key identifier: F0:7A:C2:C3:31:3D:74:F2:25:85:38:92:41:B3:BE:2A:7B:89:D7:BF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/3138312e3137392e302e302f31372d3234203d3e203134373534.roa
Signing time:             Tue 05 Mar 2024 18:18:12 +0000
ROA not before:           Tue 05 Mar 2024 18:13:12 +0000
ROA not after:            Tue 04 Mar 2025 18:18:12 +0000
asID:                     14754
IP address blocks:        181.179.0.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:1e:4b:72:c0:85:bb:86:59:99:f5:cf:9d:98:69:c5:9b:75:e6:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F07AC2C3313D74F22585389241B3BE2A7B89D7BF
        Validity
            Not Before: Mar  5 18:13:12 2024 GMT
            Not After : Mar  4 18:18:12 2025 GMT
        Subject: CN=330BBF5967E4BC78EA906C31E8A834AE90898808
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:bc:b3:cd:2c:dd:9c:b9:51:a8:2c:f5:10:ff:
                    97:28:0b:4e:4c:20:74:fc:32:75:7d:81:37:0a:39:
                    8a:cf:7f:12:ea:72:24:21:8c:7e:6f:b0:32:29:c2:
                    de:44:de:5d:56:ae:c6:dd:b0:67:83:8f:a2:d9:c1:
                    33:00:fd:38:43:bd:c1:f9:24:28:c4:f5:92:60:70:
                    a0:84:28:a8:44:c6:1e:c7:94:60:b3:24:05:01:75:
                    ec:54:12:88:4e:f7:98:f7:d0:34:03:b1:85:bb:fc:
                    03:82:9e:3e:32:db:53:f4:41:d5:de:53:32:d2:13:
                    59:90:7b:38:45:c8:57:50:b3:53:3f:ae:4d:75:6a:
                    ea:55:29:b0:a6:c7:c5:c5:fc:74:8f:ae:f4:c3:f7:
                    bf:69:6b:42:86:36:80:95:e9:90:92:f9:68:e8:d5:
                    f1:7e:54:59:01:82:0c:1d:51:fa:e2:3a:85:dd:c9:
                    f1:78:e2:22:a3:0b:76:69:3c:32:05:b2:bd:b1:cc:
                    58:5b:59:11:b4:af:d5:d0:ad:07:9c:10:12:9b:3a:
                    32:95:bf:10:fe:ca:45:0e:a4:84:14:b5:84:4f:90:
                    89:f7:ff:4f:3e:80:4d:c9:b8:8f:61:ff:93:f3:13:
                    e6:6c:12:aa:52:8a:98:bf:31:5d:cf:06:a8:d7:83:
                    c2:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:0B:BF:59:67:E4:BC:78:EA:90:6C:31:E8:A8:34:AE:90:89:88:08
            X509v3 Authority Key Identifier:
                keyid:F0:7A:C2:C3:31:3D:74:F2:25:85:38:92:41:B3:BE:2A:7B:89:D7:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/3138312e3137392e302e302f31372d3234203d3e203134373534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.179.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         7d:4a:f2:77:4b:4b:ce:f4:94:be:6a:35:e2:00:d7:79:b9:2f:
         14:24:04:b8:c5:b4:c8:b3:0f:cf:b8:b1:b4:93:05:ac:a2:a2:
         35:78:3f:3c:8d:4e:9f:02:6b:28:5f:2a:00:1b:a0:c7:2b:8a:
         1c:e8:29:b5:50:ca:8a:86:45:c2:2f:9f:39:c2:a6:60:df:ae:
         4c:72:36:50:5c:c7:00:d2:f4:06:2c:e6:85:1a:68:1f:6c:d7:
         76:7a:a4:55:f4:70:62:31:72:cb:87:f1:3e:5a:27:90:83:46:
         8b:53:b1:79:a6:9d:b4:de:67:7d:0d:02:55:29:3d:8a:3d:5a:
         3c:03:2e:25:31:35:7b:9d:a1:f0:e0:1c:d2:96:86:d6:5f:8a:
         9e:59:b2:07:73:f2:50:47:13:78:84:b2:06:2b:1f:36:11:c9:
         85:e1:1d:f9:4a:d5:1e:f2:4e:ed:08:6d:0a:14:7b:84:0f:43:
         91:78:05:cc:a7:a7:de:0f:90:65:94:2d:15:6c:f9:4c:42:a0:
         c3:67:5b:96:f6:4c:bf:1a:69:b6:6c:e3:90:4e:99:57:f9:52:
         d3:ad:87:8d:e7:b1:f4:99:64:4e:ed:d4:fc:e1:70:70:74:96:
         f7:1c:4f:e7:39:46:db:32:cc:a4:c5:42:12:73:17:a8:3c:cf:
         d5:94:ef:e5
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUbR5LcsCFu4ZZmfXPnZhpxZt15lowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjA3QUMyQzMzMTNENzRGMjI1ODUzODkyNDFCM0JFMkE3
Qjg5RDdCRjAeFw0yNDAzMDUxODEzMTJaFw0yNTAzMDQxODE4MTJaMDMxMTAvBgNV
BAMTKDMzMEJCRjU5NjdFNEJDNzhFQTkwNkMzMUU4QTgzNEFFOTA4OTg4MDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtvLPNLN2cuVGoLPUQ/5coC05M
IHT8MnV9gTcKOYrPfxLqciQhjH5vsDIpwt5E3l1WrsbdsGeDj6LZwTMA/ThDvcH5
JCjE9ZJgcKCEKKhExh7HlGCzJAUBdexUEohO95j30DQDsYW7/AOCnj4y21P0QdXe
UzLSE1mQezhFyFdQs1M/rk11aupVKbCmx8XF/HSPrvTD979pa0KGNoCV6ZCS+Wjo
1fF+VFkBggwdUfriOoXdyfF44iKjC3ZpPDIFsr2xzFhbWRG0r9XQrQecEBKbOjKV
vxD+ykUOpIQUtYRPkIn3/08+gE3JuI9h/5PzE+ZsEqpSipi/MV3PBqjXg8JpAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUMwu/WWfkvHjqkGwx6Kg0rpCJiAgwHwYDVR0j
BBgwFoAU8HrCwzE9dPIlhTiSQbO+KnuJ178wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wNEIyNTg1QjFERTVFRjRFRjdDRjA3MjBENzhENTIxNDYx
RjM2RDczMjg2MjE4NURFNzVCRDhCNTg5NkZEMjQyLzAvRjA3QUMyQzMzMTNENzRG
MjI1ODUzODkyNDFCM0JFMkE3Qjg5RDdCRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMDdBQzJDMzMxM0Q3NEYyMjU4
NTM4OTI0MUIzQkUyQTdCODlEN0JGLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDRCMjU4NUIxREU1RUY0RUY3Q0YwNzIwRDc4RDUyMTQ2MUYzNkQ3MzI4
NjIxODVERTc1QkQ4QjU4OTZGRDI0Mi8wLzMxMzgzMTJlMzEzNzM5MmUzMDJlMzAy
ZjMxMzcyZDMyMzQyMDNkM2UyMDMxMzQzNzM1MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAe1swAwDQYJ
KoZIhvcNAQELBQADggEBAH1K8ndLS870lL5qNeIA13m5LxQkBLjFtMizD8+4sbST
BayiojV4PzyNTp8CayhfKgAboMcrihzoKbVQyoqGRcIvnznCpmDfrkxyNlBcxwDS
9AYs5oUaaB9s13Z6pFX0cGIxcsuH8T5aJ5CDRotTsXmmnbTeZ30NAlUpPYo9WjwD
LiUxNXudofDgHNKWhtZfip5Zsgdz8lBHE3iEsgYrHzYRyYXhHflK1R7yTu0IbQoU
e4QPQ5F4Bcynp94PkGWULRVs+UxCoMNnW5b2TL8aabZs45BOmVf5UtOth43nsfSZ
ZE7t1PzhcHB0lvccT+c5RtsyzKTFQhJzF6g8z9WU7+U=
-----END CERTIFICATE-----
Generated at Wed Nov 20 05:43:16 2024 by rpki-client on console-fra.rpki-client.org