Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0608EC5A2F6EF061D863DFF54C1FC05896C714BAED34C9AB35748181F6C688BC/0/3139302e3132322e3139322e302f32302d3234203d3e203238303636.roa
File:                     3139302e3132322e3139322e302f32302d3234203d3e203238303636.roa (raw, json)
Hash identifier:          MdiNO1Z2ig4FXdSTddx8qh4xnPwN3JNCEYzuizltvbM=
Subject key identifier:   DA:C1:03:AE:91:0E:5E:D3:F3:4B:DE:3E:30:61:0E:5E:F3:97:51:74
Certificate issuer:       /CN=FB2370BF9B986D58F8105A4410005CD845985926
Certificate serial:       6BC3F43EC0A50D54785C79D7E6EAFBA2EADC3ACF
Authority key identifier: FB:23:70:BF:9B:98:6D:58:F8:10:5A:44:10:00:5C:D8:45:98:59:26
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FB2370BF9B986D58F8105A4410005CD845985926.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0608EC5A2F6EF061D863DFF54C1FC05896C714BAED34C9AB35748181F6C688BC/0/3139302e3132322e3139322e302f32302d3234203d3e203238303636.roa
Signing time:             Tue 05 Mar 2024 17:41:23 +0000
ROA not before:           Tue 05 Mar 2024 17:36:23 +0000
ROA not after:            Tue 04 Mar 2025 17:41:23 +0000
asID:                     28066
IP address blocks:        190.122.192.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0608EC5A2F6EF061D863DFF54C1FC05896C714BAED34C9AB35748181F6C688BC/0/FB2370BF9B986D58F8105A4410005CD845985926.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0608EC5A2F6EF061D863DFF54C1FC05896C714BAED34C9AB35748181F6C688BC/0/FB2370BF9B986D58F8105A4410005CD845985926.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FB2370BF9B986D58F8105A4410005CD845985926.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:c3:f4:3e:c0:a5:0d:54:78:5c:79:d7:e6:ea:fb:a2:ea:dc:3a:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB2370BF9B986D58F8105A4410005CD845985926
        Validity
            Not Before: Mar  5 17:36:23 2024 GMT
            Not After : Mar  4 17:41:23 2025 GMT
        Subject: CN=DAC103AE910E5ED3F34BDE3E30610E5EF3975174
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:e9:b0:2a:53:5a:1d:69:ef:45:fe:22:64:f4:
                    de:74:6a:02:93:c6:ec:86:e4:ea:70:67:80:6b:a4:
                    1f:c3:3e:77:67:44:d4:64:10:bc:d6:8b:6c:f3:71:
                    cb:75:8d:9d:9c:2a:53:84:49:99:89:0f:d6:20:93:
                    13:a8:7a:e1:ea:8f:ab:35:5c:77:7a:9a:58:a4:01:
                    ee:36:2e:d0:84:c7:43:03:26:53:26:66:d3:44:81:
                    e3:26:a5:b0:3c:63:93:42:52:02:49:97:87:3a:b9:
                    51:0c:ab:53:b5:47:38:79:ab:b4:97:3f:93:df:6b:
                    36:ac:75:8a:a4:c7:26:2b:af:19:f7:80:24:cc:8c:
                    a0:16:6c:ea:29:04:20:62:48:49:23:38:ca:aa:d8:
                    c7:11:58:76:cf:79:63:a7:22:a8:29:f5:ca:7a:fa:
                    fc:67:fe:d9:77:fc:eb:f7:c5:fb:f4:9f:2e:f9:82:
                    2e:71:6b:d4:b8:65:ba:11:7b:5d:e9:b8:b1:d7:7b:
                    e6:40:77:47:30:13:99:ef:92:b1:79:f8:a4:09:7a:
                    8b:95:8a:ac:0e:29:95:4e:01:4d:0a:3b:16:07:ab:
                    50:a4:60:31:da:08:62:70:6f:3c:10:c4:f9:69:eb:
                    cf:d8:29:2e:38:c0:0e:b7:3e:b6:18:c0:48:76:0d:
                    7d:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:C1:03:AE:91:0E:5E:D3:F3:4B:DE:3E:30:61:0E:5E:F3:97:51:74
            X509v3 Authority Key Identifier:
                keyid:FB:23:70:BF:9B:98:6D:58:F8:10:5A:44:10:00:5C:D8:45:98:59:26

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0608EC5A2F6EF061D863DFF54C1FC05896C714BAED34C9AB35748181F6C688BC/0/FB2370BF9B986D58F8105A4410005CD845985926.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FB2370BF9B986D58F8105A4410005CD845985926.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0608EC5A2F6EF061D863DFF54C1FC05896C714BAED34C9AB35748181F6C688BC/0/3139302e3132322e3139322e302f32302d3234203d3e203238303636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.122.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         97:67:79:2e:67:4f:e5:1f:2f:9d:00:3a:59:7f:59:04:30:61:
         e2:1c:67:90:cb:c7:59:b4:98:12:dc:9d:1a:d7:db:85:f1:f8:
         38:11:88:f2:e6:a1:b6:4d:74:d2:df:12:87:3e:ca:44:86:58:
         8b:84:2e:6a:78:e9:e1:d8:b2:94:bf:a7:6f:83:b9:44:8c:8c:
         85:dc:35:5d:c2:80:aa:08:20:3c:c2:d1:1d:50:14:5d:8f:73:
         c0:c6:7e:77:47:d2:29:a1:3d:62:53:d9:96:67:e2:05:21:41:
         96:9a:5f:db:dd:02:bb:df:86:2d:3d:da:06:41:ad:84:bf:75:
         87:76:f0:09:bd:0d:0c:f6:d6:eb:eb:b8:a7:56:b1:32:65:63:
         77:3c:34:ac:19:dd:df:aa:d5:a4:e9:3c:df:f5:1a:75:04:4f:
         db:f0:39:d9:c6:64:2c:bc:6d:9b:10:91:37:38:00:76:c7:97:
         36:7f:ef:6e:37:5a:b5:de:68:00:58:75:37:60:5d:69:b1:91:
         dd:7a:09:28:4f:ea:44:5f:0d:32:8d:b6:9c:1d:58:27:da:09:
         b6:f1:c0:28:6a:44:93:47:21:98:fa:ec:da:01:39:a6:c7:7e:
         c8:bf:80:58:0a:16:42:97:ce:cb:86:8f:96:99:d4:a6:d0:1a:
         97:c4:bd:f3
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUa8P0PsClDVR4XHnX5ur7ourcOs8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkIyMzcwQkY5Qjk4NkQ1OEY4MTA1QTQ0MTAwMDVDRDg0
NTk4NTkyNjAeFw0yNDAzMDUxNzM2MjNaFw0yNTAzMDQxNzQxMjNaMDMxMTAvBgNV
BAMTKERBQzEwM0FFOTEwRTVFRDNGMzRCREUzRTMwNjEwRTVFRjM5NzUxNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT6bAqU1odae9F/iJk9N50agKT
xuyG5OpwZ4BrpB/DPndnRNRkELzWi2zzcct1jZ2cKlOESZmJD9YgkxOoeuHqj6s1
XHd6mlikAe42LtCEx0MDJlMmZtNEgeMmpbA8Y5NCUgJJl4c6uVEMq1O1Rzh5q7SX
P5PfazasdYqkxyYrrxn3gCTMjKAWbOopBCBiSEkjOMqq2McRWHbPeWOnIqgp9cp6
+vxn/tl3/Ov3xfv0ny75gi5xa9S4ZboRe13puLHXe+ZAd0cwE5nvkrF5+KQJeouV
iqwOKZVOAU0KOxYHq1CkYDHaCGJwbzwQxPlp68/YKS44wA63PrYYwEh2DX1NAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU2sEDrpEOXtPzS94+MGEOXvOXUXQwHwYDVR0j
BBgwFoAU+yNwv5uYbVj4EFpEEABc2EWYWSYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wNjA4RUM1QTJGNkVGMDYxRDg2M0RGRjU0QzFGQzA1ODk2
QzcxNEJBRUQzNEM5QUIzNTc0ODE4MUY2QzY4OEJDLzAvRkIyMzcwQkY5Qjk4NkQ1
OEY4MTA1QTQ0MTAwMDVDRDg0NTk4NTkyNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GQjIzNzBCRjlCOTg2RDU4Rjgx
MDVBNDQxMDAwNUNEODQ1OTg1OTI2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDYwOEVDNUEyRjZFRjA2MUQ4NjNERkY1NEMxRkMwNTg5NkM3MTRCQUVE
MzRDOUFCMzU3NDgxODFGNkM2ODhCQy8wLzMxMzkzMDJlMzEzMjMyMmUzMTM5MzIy
ZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMjM4MzAzNjM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEvnrA
MA0GCSqGSIb3DQEBCwUAA4IBAQCXZ3kuZ0/lHy+dADpZf1kEMGHiHGeQy8dZtJgS
3J0a19uF8fg4EYjy5qG2TXTS3xKHPspEhliLhC5qeOnh2LKUv6dvg7lEjIyF3DVd
woCqCCA8wtEdUBRdj3PAxn53R9IpoT1iU9mWZ+IFIUGWml/b3QK734YtPdoGQa2E
v3WHdvAJvQ0M9tbr67inVrEyZWN3PDSsGd3fqtWk6Tzf9Rp1BE/b8DnZxmQsvG2b
EJE3OAB2x5c2f+9uN1q13mgAWHU3YF1psZHdegkoT+pEXw0yjbacHVgn2gm28cAo
akSTRyGY+uzaATmmx37Iv4BYChZCl87Lho+WmdSm0BqXxL3z
-----END CERTIFICATE-----
Generated at Wed Nov 20 15:56:09 2024 by rpki-client on console-ams.rpki-client.org