Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/090546218E9321C949CA5DB7B29F5A997FB047519B3E67B5D3CABDB9B936B5D0/0/3133312e3139362e3231322e302f32322d3234203d3e20323635363936.roa
File:                     3133312e3139362e3231322e302f32322d3234203d3e20323635363936.roa (raw, json)
Hash identifier:          MEHoiwCkZ3AksDmQASLUTzvSBrFdVao2gGQw1dIjwDY=
Subject key identifier:   15:3E:6B:C5:7A:46:8B:E5:98:05:4E:BD:30:D5:C8:CA:9D:3A:25:A5
Certificate issuer:       /CN=1B9066B2C8923ED70E1BBD9C8EE15F273D6716E9
Certificate serial:       35C4AED11E77EF83EA37B00F7C2754D9BA51F83E
Authority key identifier: 1B:90:66:B2:C8:92:3E:D7:0E:1B:BD:9C:8E:E1:5F:27:3D:67:16:E9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1B9066B2C8923ED70E1BBD9C8EE15F273D6716E9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/090546218E9321C949CA5DB7B29F5A997FB047519B3E67B5D3CABDB9B936B5D0/0/3133312e3139362e3231322e302f32322d3234203d3e20323635363936.roa
Signing time:             Tue 05 Mar 2024 18:19:06 +0000
ROA not before:           Tue 05 Mar 2024 18:14:06 +0000
ROA not after:            Tue 04 Mar 2025 18:19:06 +0000
asID:                     265696
IP address blocks:        131.196.212.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/090546218E9321C949CA5DB7B29F5A997FB047519B3E67B5D3CABDB9B936B5D0/0/1B9066B2C8923ED70E1BBD9C8EE15F273D6716E9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/090546218E9321C949CA5DB7B29F5A997FB047519B3E67B5D3CABDB9B936B5D0/0/1B9066B2C8923ED70E1BBD9C8EE15F273D6716E9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1B9066B2C8923ED70E1BBD9C8EE15F273D6716E9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:c4:ae:d1:1e:77:ef:83:ea:37:b0:0f:7c:27:54:d9:ba:51:f8:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1B9066B2C8923ED70E1BBD9C8EE15F273D6716E9
        Validity
            Not Before: Mar  5 18:14:06 2024 GMT
            Not After : Mar  4 18:19:06 2025 GMT
        Subject: CN=153E6BC57A468BE598054EBD30D5C8CA9D3A25A5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:71:a6:32:68:70:5b:4a:aa:d3:15:54:ea:52:
                    e1:a3:3a:05:5d:da:22:9c:f0:26:5d:1d:9a:e2:6a:
                    af:ce:61:7d:13:99:8a:6e:2d:b7:17:4b:5c:bf:34:
                    2d:8b:2b:91:a0:41:df:21:1c:31:01:de:3b:66:ec:
                    13:7c:2e:78:46:4a:88:6a:20:9c:96:7c:2a:2a:bb:
                    16:c6:da:25:cc:a5:20:9a:80:01:81:62:e0:d7:f3:
                    19:aa:63:32:05:80:20:71:b3:93:ef:1c:4e:54:17:
                    fa:8c:c6:57:d2:82:21:39:1f:30:33:07:00:80:6b:
                    6e:91:f1:07:c5:d4:bb:1c:dc:3c:5e:2c:7f:32:e7:
                    ec:c1:0c:da:b0:3f:85:26:58:1a:28:a0:05:9f:ef:
                    e8:df:81:d6:b1:9d:79:e3:f9:8a:92:1c:b8:cb:2d:
                    47:c2:6f:a4:31:77:a9:b6:33:37:40:b2:73:29:49:
                    9c:8d:54:3d:db:30:41:91:0f:7d:05:97:3d:bd:89:
                    be:57:e2:f9:f1:60:60:47:a2:05:f8:7e:e3:1f:4e:
                    ad:d9:b1:b2:81:fd:47:96:a6:b8:06:63:85:ae:7f:
                    06:2f:50:c2:c3:f5:ce:f2:96:9d:0f:a9:09:91:3d:
                    d2:03:7f:a5:8c:d2:34:5a:5b:d1:54:b1:90:94:b7:
                    80:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:3E:6B:C5:7A:46:8B:E5:98:05:4E:BD:30:D5:C8:CA:9D:3A:25:A5
            X509v3 Authority Key Identifier:
                keyid:1B:90:66:B2:C8:92:3E:D7:0E:1B:BD:9C:8E:E1:5F:27:3D:67:16:E9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/090546218E9321C949CA5DB7B29F5A997FB047519B3E67B5D3CABDB9B936B5D0/0/1B9066B2C8923ED70E1BBD9C8EE15F273D6716E9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1B9066B2C8923ED70E1BBD9C8EE15F273D6716E9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/090546218E9321C949CA5DB7B29F5A997FB047519B3E67B5D3CABDB9B936B5D0/0/3133312e3139362e3231322e302f32322d3234203d3e20323635363936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.196.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         98:b9:84:f9:bd:c0:18:4e:44:66:2f:53:0f:07:bf:0b:b1:e8:
         e7:df:ba:a2:80:6b:b7:ae:68:43:53:65:a4:cf:8c:f3:c1:2b:
         56:7e:b2:d3:8b:e0:04:bd:8c:07:f5:39:10:ff:5a:60:29:68:
         6b:95:a4:3f:87:7e:57:d0:f0:a4:8a:3f:63:fd:01:cf:1a:72:
         66:46:ca:40:4f:ae:89:f5:b7:37:7f:58:1b:72:83:ad:6c:54:
         c5:89:d9:6b:00:3c:02:c5:25:ae:0c:ac:fc:19:e1:47:e2:99:
         9d:ff:a1:38:c5:48:fc:e1:02:00:c5:1a:54:22:80:1c:46:69:
         11:41:36:b7:18:fa:df:12:65:9d:08:62:12:50:b8:49:23:90:
         53:aa:22:11:51:fd:d8:9e:b3:9a:05:68:40:43:2f:c2:ef:cb:
         6a:fd:c9:46:31:7e:36:f6:b5:25:23:ed:90:8e:de:80:93:be:
         f6:00:5b:6f:4b:c8:48:6c:68:f4:5b:22:f7:4f:9e:85:33:de:
         ad:06:13:e2:a2:16:75:f0:ec:4f:b5:29:a3:90:0b:e9:5b:14:
         8f:4b:6d:64:6b:7a:c0:7a:09:cf:3e:2f:ef:92:25:9d:48:92:
         ad:60:81:16:f2:ee:3f:48:99:9a:0d:79:e6:b0:08:57:6b:cd:
         01:96:f8:79
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUNcSu0R5374PqN7APfCdU2bpR+D4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUI5MDY2QjJDODkyM0VENzBFMUJCRDlDOEVFMTVGMjcz
RDY3MTZFOTAeFw0yNDAzMDUxODE0MDZaFw0yNTAzMDQxODE5MDZaMDMxMTAvBgNV
BAMTKDE1M0U2QkM1N0E0NjhCRTU5ODA1NEVCRDMwRDVDOENBOUQzQTI1QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQcaYyaHBbSqrTFVTqUuGjOgVd
2iKc8CZdHZriaq/OYX0TmYpuLbcXS1y/NC2LK5GgQd8hHDEB3jtm7BN8LnhGSohq
IJyWfCoquxbG2iXMpSCagAGBYuDX8xmqYzIFgCBxs5PvHE5UF/qMxlfSgiE5HzAz
BwCAa26R8QfF1Lsc3DxeLH8y5+zBDNqwP4UmWBoooAWf7+jfgdaxnXnj+YqSHLjL
LUfCb6Qxd6m2MzdAsnMpSZyNVD3bMEGRD30Flz29ib5X4vnxYGBHogX4fuMfTq3Z
sbKB/UeWprgGY4WufwYvUMLD9c7ylp0PqQmRPdIDf6WM0jRaW9FUsZCUt4CfAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUFT5rxXpGi+WYBU69MNXIyp06JaUwHwYDVR0j
BBgwFoAUG5BmssiSPtcOG72cjuFfJz1nFukwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wOTA1NDYyMThFOTMyMUM5NDlDQTVEQjdCMjlGNUE5OTdG
QjA0NzUxOUIzRTY3QjVEM0NBQkRCOUI5MzZCNUQwLzAvMUI5MDY2QjJDODkyM0VE
NzBFMUJCRDlDOEVFMTVGMjczRDY3MTZFOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xQjkwNjZCMkM4OTIzRUQ3MEUx
QkJEOUM4RUUxNUYyNzNENjcxNkU5LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDkwNTQ2MjE4RTkzMjFDOTQ5Q0E1REI3QjI5RjVBOTk3RkIwNDc1MTlC
M0U2N0I1RDNDQUJEQjlCOTM2QjVEMC8wLzMxMzMzMTJlMzEzOTM2MmUzMjMxMzIy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzUzNjM5MzYucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKD
xNQwDQYJKoZIhvcNAQELBQADggEBAJi5hPm9wBhORGYvUw8Hvwux6OffuqKAa7eu
aENTZaTPjPPBK1Z+stOL4AS9jAf1ORD/WmApaGuVpD+HflfQ8KSKP2P9Ac8acmZG
ykBPron1tzd/WBtyg61sVMWJ2WsAPALFJa4MrPwZ4UfimZ3/oTjFSPzhAgDFGlQi
gBxGaRFBNrcY+t8SZZ0IYhJQuEkjkFOqIhFR/dies5oFaEBDL8Lvy2r9yUYxfjb2
tSUj7ZCO3oCTvvYAW29LyEhsaPRbIvdPnoUz3q0GE+KiFnXw7E+1KaOQC+lbFI9L
bWRresB6Cc8+L++SJZ1Ikq1ggRby7j9ImZoNeeawCFdrzQGW+Hk=
-----END CERTIFICATE-----
Generated at Wed Nov 20 13:43:34 2024 by rpki-client on console-ams.rpki-client.org