Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/085BDDDF5F7A9600FE9C41871A2EB67C1F6DA1BE7DFA6E71EE3A62128E734133/0/3139302e3132312e3234302e302f32332d3234203d3e203630303232.roa
File:                     3139302e3132312e3234302e302f32332d3234203d3e203630303232.roa (raw, json)
Hash identifier:          AsfTryvoiM/8X1oN1k41akdTStd9oY6VGB0LqCPFxzM=
Subject key identifier:   D3:7F:F7:E3:D0:42:0B:09:1F:B2:0C:16:32:17:4B:EC:4B:D8:FC:EA
Certificate issuer:       /CN=32DACDC930712AC6C14A51E11EE334A3F6C82286
Certificate serial:       16BF47A67BEF36F0B6FD67A51EC34D3B20931ACB
Authority key identifier: 32:DA:CD:C9:30:71:2A:C6:C1:4A:51:E1:1E:E3:34:A3:F6:C8:22:86
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/32DACDC930712AC6C14A51E11EE334A3F6C82286.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/085BDDDF5F7A9600FE9C41871A2EB67C1F6DA1BE7DFA6E71EE3A62128E734133/0/3139302e3132312e3234302e302f32332d3234203d3e203630303232.roa
Signing time:             Tue 05 Mar 2024 18:13:33 +0000
ROA not before:           Tue 05 Mar 2024 18:08:33 +0000
ROA not after:            Tue 04 Mar 2025 18:13:33 +0000
asID:                     60022
IP address blocks:        190.121.240.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/085BDDDF5F7A9600FE9C41871A2EB67C1F6DA1BE7DFA6E71EE3A62128E734133/0/32DACDC930712AC6C14A51E11EE334A3F6C82286.crl
                          rsync://repository.lacnic.net/rpki/lacnic/085BDDDF5F7A9600FE9C41871A2EB67C1F6DA1BE7DFA6E71EE3A62128E734133/0/32DACDC930712AC6C14A51E11EE334A3F6C82286.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/32DACDC930712AC6C14A51E11EE334A3F6C82286.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:bf:47:a6:7b:ef:36:f0:b6:fd:67:a5:1e:c3:4d:3b:20:93:1a:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32DACDC930712AC6C14A51E11EE334A3F6C82286
        Validity
            Not Before: Mar  5 18:08:33 2024 GMT
            Not After : Mar  4 18:13:33 2025 GMT
        Subject: CN=D37FF7E3D0420B091FB20C1632174BEC4BD8FCEA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:75:80:2f:73:70:8b:50:24:7a:ea:ab:c4:75:
                    d1:1c:43:8a:75:81:2f:97:bd:e5:65:b2:b8:f2:6e:
                    a0:98:eb:7c:05:22:49:ba:60:be:6c:2e:0f:87:51:
                    a4:b3:28:d3:12:1d:85:a7:30:ad:27:d8:e3:bd:aa:
                    a3:eb:a1:db:00:27:ad:ee:63:5a:57:f1:af:ab:80:
                    e5:56:3a:2a:a8:85:86:b7:c3:e8:64:bd:fb:0e:94:
                    be:b3:37:9b:be:86:60:7b:dc:d7:3a:e4:f0:db:01:
                    27:f2:e1:d1:98:08:e2:8f:ee:b7:76:91:b0:0a:bc:
                    25:23:ad:b9:27:9e:13:26:dc:34:1e:d6:78:2f:ba:
                    60:82:01:1b:e9:ef:f3:c3:1a:a6:9e:97:03:86:ab:
                    ee:7b:56:57:28:37:6b:af:0e:14:8b:0f:fe:be:86:
                    3c:36:c8:51:34:14:6f:cb:22:52:5d:b4:04:9c:07:
                    9e:8a:80:0e:02:9f:5a:1d:3e:2c:55:56:cc:d0:c4:
                    0a:a5:7e:3b:de:df:67:0a:5f:e2:27:86:7b:6d:25:
                    8a:1d:9b:ed:c5:54:ec:52:27:00:b9:2a:66:10:52:
                    4a:f7:04:95:18:b5:ee:23:11:83:24:68:47:80:66:
                    5a:49:14:e1:a4:a5:ab:8d:40:80:23:d5:ec:c2:be:
                    bd:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:7F:F7:E3:D0:42:0B:09:1F:B2:0C:16:32:17:4B:EC:4B:D8:FC:EA
            X509v3 Authority Key Identifier:
                keyid:32:DA:CD:C9:30:71:2A:C6:C1:4A:51:E1:1E:E3:34:A3:F6:C8:22:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/085BDDDF5F7A9600FE9C41871A2EB67C1F6DA1BE7DFA6E71EE3A62128E734133/0/32DACDC930712AC6C14A51E11EE334A3F6C82286.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/32DACDC930712AC6C14A51E11EE334A3F6C82286.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/085BDDDF5F7A9600FE9C41871A2EB67C1F6DA1BE7DFA6E71EE3A62128E734133/0/3139302e3132312e3234302e302f32332d3234203d3e203630303232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.121.240.0/23

    Signature Algorithm: sha256WithRSAEncryption
         09:76:e9:2b:91:7b:d6:fe:9c:53:26:ed:3c:d6:b8:6c:b2:bb:
         b5:71:1f:a3:09:4a:ee:4f:d1:88:8e:64:98:c8:08:28:43:d3:
         03:cb:8e:69:51:0f:b7:e7:1a:83:f6:4f:7e:2d:78:1c:c2:24:
         0b:4c:ea:dc:e9:91:ed:01:0b:70:72:24:31:76:f0:70:9a:8f:
         09:a0:ad:68:12:04:6f:5e:72:94:9c:26:95:c9:0a:da:12:18:
         3d:f7:ff:f5:35:d0:89:d4:72:a5:10:a1:c5:e4:d1:a9:e2:41:
         a9:6e:14:fa:8e:ee:6f:5f:6d:e3:17:cb:6d:0c:7f:0a:9e:d8:
         e7:72:75:63:bd:38:31:f1:e7:da:52:e0:c0:69:39:bf:f4:53:
         95:52:f2:e8:77:64:8e:a2:70:cc:95:ef:44:18:93:23:22:3c:
         1d:64:13:ee:a3:b0:61:60:99:56:8e:4f:d4:fc:51:54:49:a7:
         0e:f0:44:12:9a:c9:5d:dd:17:9a:a4:fe:bd:6a:5b:4e:cf:e6:
         2e:03:bc:b2:04:70:41:db:c7:20:1c:89:f7:67:10:9c:56:4d:
         e4:c2:47:4d:7f:51:a0:be:3b:3a:48:2d:ee:c1:fd:4d:9b:ab:
         04:67:4b:37:1d:52:ef:c8:08:f1:fb:92:8a:d1:3d:0b:f7:7d:
         10:6d:fd:11
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUFr9HpnvvNvC2/WelHsNNOyCTGsswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzJEQUNEQzkzMDcxMkFDNkMxNEE1MUUxMUVFMzM0QTNG
NkM4MjI4NjAeFw0yNDAzMDUxODA4MzNaFw0yNTAzMDQxODEzMzNaMDMxMTAvBgNV
BAMTKEQzN0ZGN0UzRDA0MjBCMDkxRkIyMEMxNjMyMTc0QkVDNEJEOEZDRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPdYAvc3CLUCR66qvEddEcQ4p1
gS+XveVlsrjybqCY63wFIkm6YL5sLg+HUaSzKNMSHYWnMK0n2OO9qqProdsAJ63u
Y1pX8a+rgOVWOiqohYa3w+hkvfsOlL6zN5u+hmB73Nc65PDbASfy4dGYCOKP7rd2
kbAKvCUjrbknnhMm3DQe1ngvumCCARvp7/PDGqaelwOGq+57VlcoN2uvDhSLD/6+
hjw2yFE0FG/LIlJdtAScB56KgA4Cn1odPixVVszQxAqlfjve32cKX+InhnttJYod
m+3FVOxSJwC5KmYQUkr3BJUYte4jEYMkaEeAZlpJFOGkpauNQIAj1ezCvr0/AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU03/349BCCwkfsgwWMhdL7EvY/OowHwYDVR0j
BBgwFoAUMtrNyTBxKsbBSlHhHuM0o/bIIoYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wODVCRERERjVGN0E5NjAwRkU5QzQxODcxQTJFQjY3QzFG
NkRBMUJFN0RGQTZFNzFFRTNBNjIxMjhFNzM0MTMzLzAvMzJEQUNEQzkzMDcxMkFD
NkMxNEE1MUUxMUVFMzM0QTNGNkM4MjI4Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zMkRBQ0RDOTMwNzEyQUM2QzE0
QTUxRTExRUUzMzRBM0Y2QzgyMjg2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDg1QkREREY1RjdBOTYwMEZFOUM0MTg3MUEyRUI2N0MxRjZEQTFCRTdE
RkE2RTcxRUUzQTYyMTI4RTczNDEzMy8wLzMxMzkzMDJlMzEzMjMxMmUzMjM0MzAy
ZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNjMwMzAzMjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvnnw
MA0GCSqGSIb3DQEBCwUAA4IBAQAJdukrkXvW/pxTJu081rhssru1cR+jCUruT9GI
jmSYyAgoQ9MDy45pUQ+35xqD9k9+LXgcwiQLTOrc6ZHtAQtwciQxdvBwmo8JoK1o
EgRvXnKUnCaVyQraEhg99//1NdCJ1HKlEKHF5NGp4kGpbhT6ju5vX23jF8ttDH8K
ntjncnVjvTgx8efaUuDAaTm/9FOVUvLod2SOonDMle9EGJMjIjwdZBPuo7BhYJlW
jk/U/FFUSacO8EQSmsld3ReapP69altOz+YuA7yyBHBB28cgHIn3ZxCcVk3kwkdN
f1Ggvjs6SC3uwf1Nm6sEZ0s3HVLvyAjx+5KK0T0L930Qbf0R
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:10:18 2024 by rpki-client on console-fra.rpki-client.org