Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0605569D230FA3823AA6BD3D450DAC2A253EFE0BD696D74BCC1EF72EF07C0F7B/0/3139302e3132322e3134342e302f32332d3234203d3e203532333534.roa
File:                     3139302e3132322e3134342e302f32332d3234203d3e203532333534.roa (raw, json)
Hash identifier:          n3YrIbf842u1KIMbM1YBDenHWhfwcGQDNKta6yonNw4=
Subject key identifier:   33:12:D2:C9:63:12:6A:10:4B:2E:75:24:23:68:57:AD:2F:65:82:0A
Certificate issuer:       /CN=35583A052563DF8180BE45295D67FAA5A3A18996
Certificate serial:       6CD1F0B23F7482FD486FD1D73646369A58C4766A
Authority key identifier: 35:58:3A:05:25:63:DF:81:80:BE:45:29:5D:67:FA:A5:A3:A1:89:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/35583A052563DF8180BE45295D67FAA5A3A18996.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0605569D230FA3823AA6BD3D450DAC2A253EFE0BD696D74BCC1EF72EF07C0F7B/0/3139302e3132322e3134342e302f32332d3234203d3e203532333534.roa
Signing time:             Tue 05 Mar 2024 18:10:00 +0000
ROA not before:           Tue 05 Mar 2024 18:05:00 +0000
ROA not after:            Tue 04 Mar 2025 18:10:00 +0000
asID:                     52354
IP address blocks:        190.122.144.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0605569D230FA3823AA6BD3D450DAC2A253EFE0BD696D74BCC1EF72EF07C0F7B/0/35583A052563DF8180BE45295D67FAA5A3A18996.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0605569D230FA3823AA6BD3D450DAC2A253EFE0BD696D74BCC1EF72EF07C0F7B/0/35583A052563DF8180BE45295D67FAA5A3A18996.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/35583A052563DF8180BE45295D67FAA5A3A18996.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:d1:f0:b2:3f:74:82:fd:48:6f:d1:d7:36:46:36:9a:58:c4:76:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35583A052563DF8180BE45295D67FAA5A3A18996
        Validity
            Not Before: Mar  5 18:05:00 2024 GMT
            Not After : Mar  4 18:10:00 2025 GMT
        Subject: CN=3312D2C963126A104B2E7524236857AD2F65820A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:30:af:dd:a3:9a:61:2e:8c:9e:84:12:ab:b6:
                    c5:ef:5e:19:61:5c:76:2b:c3:dd:34:f0:1d:f0:2b:
                    62:7a:15:b6:45:ff:44:6c:4c:aa:e7:c4:52:78:63:
                    98:bd:4f:41:ba:e8:11:6c:17:e7:6a:00:be:9b:95:
                    46:aa:af:3c:69:25:22:50:65:fc:4a:b9:83:d5:d1:
                    ba:c2:5a:b8:f9:69:6f:db:68:5a:b4:d1:bc:07:b3:
                    a8:2c:12:54:6c:bb:34:83:4d:ea:ee:e8:97:06:94:
                    17:0c:7e:6e:7a:0a:a5:0d:06:78:c7:c2:82:15:2d:
                    5f:ff:b2:1d:f8:4e:ac:a3:e3:9f:34:d1:7d:d0:71:
                    4c:dc:62:3d:58:f2:a7:23:8d:ad:80:bf:43:18:41:
                    39:ed:23:e1:86:6f:55:85:eb:18:dd:01:1b:75:91:
                    db:41:8b:58:a8:dc:30:ab:c8:7a:18:d1:c2:98:45:
                    99:f5:16:3a:03:dd:da:7c:c3:dd:c4:75:e9:0f:d2:
                    3e:79:ea:5f:15:7f:b7:10:14:13:f1:a5:a5:38:de:
                    a6:18:bb:42:65:95:d9:83:71:e0:42:ce:c3:99:8c:
                    e7:4d:63:15:93:75:c7:b5:33:d7:43:c7:9f:47:07:
                    ea:36:01:20:ec:d3:a6:64:83:43:ce:c9:73:2f:ac:
                    d1:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:12:D2:C9:63:12:6A:10:4B:2E:75:24:23:68:57:AD:2F:65:82:0A
            X509v3 Authority Key Identifier:
                keyid:35:58:3A:05:25:63:DF:81:80:BE:45:29:5D:67:FA:A5:A3:A1:89:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0605569D230FA3823AA6BD3D450DAC2A253EFE0BD696D74BCC1EF72EF07C0F7B/0/35583A052563DF8180BE45295D67FAA5A3A18996.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/35583A052563DF8180BE45295D67FAA5A3A18996.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0605569D230FA3823AA6BD3D450DAC2A253EFE0BD696D74BCC1EF72EF07C0F7B/0/3139302e3132322e3134342e302f32332d3234203d3e203532333534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.122.144.0/23

    Signature Algorithm: sha256WithRSAEncryption
         45:a5:6f:06:53:5a:8d:66:91:2e:6c:07:83:85:6e:8f:ec:39:
         96:2f:44:ec:64:58:06:4c:81:3b:dd:90:7f:f8:73:6b:fa:10:
         90:b5:d9:ad:77:cf:01:0b:1e:e2:3f:da:d2:10:8a:c0:22:f4:
         e9:ed:7f:6c:97:f1:95:56:26:8b:83:c7:e5:d7:e4:27:01:02:
         22:3b:c1:e1:ad:19:a2:91:99:ea:a5:91:f6:7b:ec:40:ef:4c:
         af:f2:d7:58:d0:b0:47:bc:27:89:c9:c7:71:98:26:fb:4e:2f:
         1a:c6:0a:b8:b3:93:54:08:e4:04:a4:57:d2:dc:53:30:81:95:
         10:6b:46:13:2e:fb:68:f9:8b:38:8a:fd:c3:c7:ec:a9:7b:a2:
         1f:12:94:dc:59:9d:50:37:4a:e7:92:2e:43:fa:f3:d0:ba:17:
         d4:77:dc:c8:97:a3:12:2c:71:89:a9:6a:c0:e8:01:56:7d:7f:
         fc:95:69:25:f3:33:ed:d8:26:d9:0d:3e:f9:36:74:94:69:cf:
         67:ff:1d:8c:bb:b9:36:bd:bd:b9:e4:e1:70:ce:34:42:cf:7d:
         40:02:bf:10:9e:ac:3e:e1:c8:59:23:ec:b6:56:d7:9c:18:77:
         40:2c:97:6d:94:0f:75:9c:13:db:9b:f2:58:d2:b8:fd:a4:55:
         ca:8a:85:48
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUbNHwsj90gv1Ib9HXNkY2mljEdmowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU1ODNBMDUyNTYzREY4MTgwQkU0NTI5NUQ2N0ZBQTVB
M0ExODk5NjAeFw0yNDAzMDUxODA1MDBaFw0yNTAzMDQxODEwMDBaMDMxMTAvBgNV
BAMTKDMzMTJEMkM5NjMxMjZBMTA0QjJFNzUyNDIzNjg1N0FEMkY2NTgyMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRMK/do5phLoyehBKrtsXvXhlh
XHYrw9008B3wK2J6FbZF/0RsTKrnxFJ4Y5i9T0G66BFsF+dqAL6blUaqrzxpJSJQ
ZfxKuYPV0brCWrj5aW/baFq00bwHs6gsElRsuzSDTeru6JcGlBcMfm56CqUNBnjH
woIVLV//sh34Tqyj45800X3QcUzcYj1Y8qcjja2Av0MYQTntI+GGb1WF6xjdARt1
kdtBi1io3DCryHoY0cKYRZn1FjoD3dp8w93EdekP0j556l8Vf7cQFBPxpaU43qYY
u0JlldmDceBCzsOZjOdNYxWTdce1M9dDx59HB+o2ASDs06Zkg0POyXMvrNE3AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUMxLSyWMSahBLLnUkI2hXrS9lggowHwYDVR0j
BBgwFoAUNVg6BSVj34GAvkUpXWf6paOhiZYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wNjA1NTY5RDIzMEZBMzgyM0FBNkJEM0Q0NTBEQUMyQTI1
M0VGRTBCRDY5NkQ3NEJDQzFFRjcyRUYwN0MwRjdCLzAvMzU1ODNBMDUyNTYzREY4
MTgwQkU0NTI5NUQ2N0ZBQTVBM0ExODk5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zNTU4M0EwNTI1NjNERjgxODBC
RTQ1Mjk1RDY3RkFBNUEzQTE4OTk2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDYwNTU2OUQyMzBGQTM4MjNBQTZCRDNENDUwREFDMkEyNTNFRkUwQkQ2
OTZENzRCQ0MxRUY3MkVGMDdDMEY3Qi8wLzMxMzkzMDJlMzEzMjMyMmUzMTM0MzQy
ZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNTMyMzMzNTM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvnqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBFpW8GU1qNZpEubAeDhW6P7DmWL0TsZFgGTIE7
3ZB/+HNr+hCQtdmtd88BCx7iP9rSEIrAIvTp7X9sl/GVViaLg8fl1+QnAQIiO8Hh
rRmikZnqpZH2e+xA70yv8tdY0LBHvCeJycdxmCb7Ti8axgq4s5NUCOQEpFfS3FMw
gZUQa0YTLvto+Ys4iv3Dx+ype6IfEpTcWZ1QN0rnki5D+vPQuhfUd9zIl6MSLHGJ
qWrA6AFWfX/8lWkl8zPt2CbZDT75NnSUac9n/x2Mu7k2vb255OFwzjRCz31AAr8Q
nqw+4chZI+y2VtecGHdALJdtlA91nBPbm/JY0rj9pFXKioVI
-----END CERTIFICATE-----
Generated at Wed Nov 20 11:08:54 2024 by rpki-client on console-ams.rpki-client.org