Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/3230312e3133312e3134382e302f32322d3234203d3e203134373534.roa
File:                     3230312e3133312e3134382e302f32322d3234203d3e203134373534.roa (raw, json)
Hash identifier:          VyUGHFevYGRzM9HIu3izSl/9r7zwTo35xEZ4CsGSoms=
Subject key identifier:   CC:37:C8:59:4F:96:AD:33:89:A6:C2:8B:2F:46:EA:9F:87:63:D0:0C
Certificate issuer:       /CN=F07AC2C3313D74F22585389241B3BE2A7B89D7BF
Certificate serial:       6D4686354F319B3FD82FE1C1383427BB646CB643
Authority key identifier: F0:7A:C2:C3:31:3D:74:F2:25:85:38:92:41:B3:BE:2A:7B:89:D7:BF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/3230312e3133312e3134382e302f32322d3234203d3e203134373534.roa
Signing time:             Tue 05 Mar 2024 18:18:12 +0000
ROA not before:           Tue 05 Mar 2024 18:13:12 +0000
ROA not after:            Tue 04 Mar 2025 18:18:12 +0000
asID:                     14754
IP address blocks:        201.131.148.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 21 Jul 2024 04:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:46:86:35:4f:31:9b:3f:d8:2f:e1:c1:38:34:27:bb:64:6c:b6:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F07AC2C3313D74F22585389241B3BE2A7B89D7BF
        Validity
            Not Before: Mar  5 18:13:12 2024 GMT
            Not After : Mar  4 18:18:12 2025 GMT
        Subject: CN=CC37C8594F96AD3389A6C28B2F46EA9F8763D00C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:dd:4b:6f:f5:8d:18:6e:a0:38:23:91:8d:a5:
                    ed:d0:84:ad:c6:22:7a:02:50:fa:cd:7d:a2:d2:04:
                    d6:d5:b4:d2:da:c1:77:c5:a0:08:7e:ec:2c:94:96:
                    fa:68:f1:a7:09:10:b4:35:c8:80:3e:45:74:5f:bc:
                    83:7d:f6:06:ef:7e:81:f3:c7:69:72:d0:07:61:3a:
                    37:a3:70:3b:7b:08:d0:42:69:ec:83:98:64:f2:c8:
                    27:39:5a:ef:a8:2f:54:8a:1a:7a:b0:13:51:cf:89:
                    3a:98:c0:21:b8:d9:97:3d:cc:30:90:0e:9e:56:8c:
                    06:42:d1:25:4c:96:aa:49:e0:6d:e1:2e:fd:dc:4f:
                    83:7b:17:2a:9d:e8:94:50:d3:df:4b:38:f6:89:57:
                    25:16:2b:34:a5:ac:3c:6d:f1:de:ab:e8:ab:08:06:
                    2e:bc:12:b2:6a:4d:36:7d:b6:82:ab:ca:50:e7:e5:
                    eb:0a:4c:04:f8:29:b9:d2:0e:6d:ad:cb:96:dc:77:
                    7c:ed:39:98:da:7b:98:35:00:d4:ac:0a:76:c6:20:
                    0f:65:d4:fe:d2:48:3e:d8:19:60:e4:57:f1:2a:c8:
                    f2:9c:01:6f:ca:bd:1d:7b:da:9a:dc:97:9c:b6:f2:
                    fc:eb:fd:d8:7e:54:97:9e:47:5a:14:64:52:02:42:
                    73:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:37:C8:59:4F:96:AD:33:89:A6:C2:8B:2F:46:EA:9F:87:63:D0:0C
            X509v3 Authority Key Identifier:
                keyid:F0:7A:C2:C3:31:3D:74:F2:25:85:38:92:41:B3:BE:2A:7B:89:D7:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F07AC2C3313D74F22585389241B3BE2A7B89D7BF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/04B2585B1DE5EF4EF7CF0720D78D521461F36D732862185DE75BD8B5896FD242/0/3230312e3133312e3134382e302f32322d3234203d3e203134373534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.131.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         71:69:84:57:08:6d:5a:b7:b4:e1:1d:48:7d:c6:f9:9a:ce:fc:
         2e:f7:49:41:16:13:76:fd:81:1a:42:6c:93:8d:85:4d:0c:99:
         77:34:c1:83:61:75:60:99:f3:48:ea:3a:2f:4f:fb:04:74:d9:
         7f:64:48:98:e1:18:78:36:aa:05:ea:c7:3d:11:82:39:24:bd:
         94:47:9d:e3:af:16:2d:5d:49:51:25:26:37:c5:b3:dd:49:74:
         49:16:aa:f8:b6:3f:bd:dd:9b:85:0e:fd:90:43:8c:e0:9f:0d:
         0b:6c:08:71:4c:cf:64:2f:22:e7:b5:9d:dd:53:f9:9f:64:25:
         7c:27:25:39:b0:05:ea:73:b2:7a:9f:2c:f6:1b:a7:11:7b:d9:
         8f:b6:8d:83:80:26:24:bf:ab:1d:70:56:b8:92:ef:01:53:23:
         9a:1b:10:8c:e4:36:9f:7d:ae:58:d6:51:cc:2d:0b:4f:dd:84:
         0a:e0:d2:84:52:91:60:0f:a1:33:68:c9:bb:dd:fe:0e:ab:4f:
         31:dc:03:af:61:57:c6:df:d8:8e:f9:37:87:38:cf:22:56:5a:
         dc:23:c7:57:dc:eb:11:69:27:10:d4:d6:fa:88:80:f3:5b:db:
         98:93:2c:24:54:cd:dc:7c:5b:ac:ff:d5:48:7e:87:4e:16:5d:
         12:96:3e:71
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUbUaGNU8xmz/YL+HBODQnu2RstkMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjA3QUMyQzMzMTNENzRGMjI1ODUzODkyNDFCM0JFMkE3
Qjg5RDdCRjAeFw0yNDAzMDUxODEzMTJaFw0yNTAzMDQxODE4MTJaMDMxMTAvBgNV
BAMTKENDMzdDODU5NEY5NkFEMzM4OUE2QzI4QjJGNDZFQTlGODc2M0QwMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDj3Utv9Y0YbqA4I5GNpe3QhK3G
InoCUPrNfaLSBNbVtNLawXfFoAh+7CyUlvpo8acJELQ1yIA+RXRfvIN99gbvfoHz
x2ly0AdhOjejcDt7CNBCaeyDmGTyyCc5Wu+oL1SKGnqwE1HPiTqYwCG42Zc9zDCQ
Dp5WjAZC0SVMlqpJ4G3hLv3cT4N7Fyqd6JRQ099LOPaJVyUWKzSlrDxt8d6r6KsI
Bi68ErJqTTZ9toKrylDn5esKTAT4KbnSDm2ty5bcd3ztOZjae5g1ANSsCnbGIA9l
1P7SSD7YGWDkV/EqyPKcAW/KvR172prcl5y28vzr/dh+VJeeR1oUZFICQnMJAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUzDfIWU+WrTOJpsKLL0bqn4dj0AwwHwYDVR0j
BBgwFoAU8HrCwzE9dPIlhTiSQbO+KnuJ178wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wNEIyNTg1QjFERTVFRjRFRjdDRjA3MjBENzhENTIxNDYx
RjM2RDczMjg2MjE4NURFNzVCRDhCNTg5NkZEMjQyLzAvRjA3QUMyQzMzMTNENzRG
MjI1ODUzODkyNDFCM0JFMkE3Qjg5RDdCRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMDdBQzJDMzMxM0Q3NEYyMjU4
NTM4OTI0MUIzQkUyQTdCODlEN0JGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDRCMjU4NUIxREU1RUY0RUY3Q0YwNzIwRDc4RDUyMTQ2MUYzNkQ3MzI4
NjIxODVERTc1QkQ4QjU4OTZGRDI0Mi8wLzMyMzAzMTJlMzEzMzMxMmUzMTM0Mzgy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMTM0MzczNTM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCyYOU
MA0GCSqGSIb3DQEBCwUAA4IBAQBxaYRXCG1at7ThHUh9xvmazvwu90lBFhN2/YEa
QmyTjYVNDJl3NMGDYXVgmfNI6jovT/sEdNl/ZEiY4Rh4NqoF6sc9EYI5JL2UR53j
rxYtXUlRJSY3xbPdSXRJFqr4tj+93ZuFDv2QQ4zgnw0LbAhxTM9kLyLntZ3dU/mf
ZCV8JyU5sAXqc7J6nyz2G6cRe9mPto2DgCYkv6sdcFa4ku8BUyOaGxCM5Daffa5Y
1lHMLQtP3YQK4NKEUpFgD6EzaMm73f4Oq08x3AOvYVfG39iO+TeHOM8iVlrcI8dX
3OsRaScQ1Nb6iIDzW9uYkywkVM3cfFus/9VIfodOFl0Slj5x
-----END CERTIFICATE-----
Generated at Wed Jul 17 06:10:29 2024 by rpki-client on console-ams.rpki-client.org