Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0D1ABFF4AC22B0C55B28D05D7609B045D1B81439C709BC3FC881D29BCC8744E3/0/3139302e31342e34362e302f32342d3234203d3e203532333438.roa
File:                     3139302e31342e34362e302f32342d3234203d3e203532333438.roa (raw, json)
Hash identifier:          GP8BaXkW4EpUnabIbL0TTyxx8c/5T4QZPnNKxuA1QWY=
Subject key identifier:   DC:16:00:D0:F1:66:22:11:43:12:B5:A2:97:DB:E5:F9:69:47:9E:52
Certificate issuer:       /CN=0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13
Certificate serial:       31F12E82ED4A8A0F3C96A6B976101132020E6DC7
Authority key identifier: 0F:C3:C8:0E:69:A9:A2:F3:E7:BB:3F:33:64:40:B3:E8:7C:21:5F:13
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0D1ABFF4AC22B0C55B28D05D7609B045D1B81439C709BC3FC881D29BCC8744E3/0/3139302e31342e34362e302f32342d3234203d3e203532333438.roa
Signing time:             Tue 05 Mar 2024 18:11:40 +0000
ROA not before:           Tue 05 Mar 2024 18:06:40 +0000
ROA not after:            Tue 04 Mar 2025 18:11:40 +0000
asID:                     52348
IP address blocks:        190.14.46.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0D1ABFF4AC22B0C55B28D05D7609B045D1B81439C709BC3FC881D29BCC8744E3/0/0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0D1ABFF4AC22B0C55B28D05D7609B045D1B81439C709BC3FC881D29BCC8744E3/0/0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:f1:2e:82:ed:4a:8a:0f:3c:96:a6:b9:76:10:11:32:02:0e:6d:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13
        Validity
            Not Before: Mar  5 18:06:40 2024 GMT
            Not After : Mar  4 18:11:40 2025 GMT
        Subject: CN=DC1600D0F16622114312B5A297DBE5F969479E52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:03:75:bc:df:ab:7d:57:05:c3:46:43:42:53:
                    d5:fb:d0:d1:76:1d:d2:8a:ef:1e:28:11:31:e5:f9:
                    71:9b:b0:32:01:94:9a:b4:6a:3e:d4:ec:c5:36:8e:
                    bf:27:fa:8d:c4:97:d5:fc:cb:b6:2f:7f:50:cb:f6:
                    2b:d9:90:de:e2:bd:7a:2b:d3:12:97:22:62:18:fa:
                    4b:cb:b6:20:dd:86:62:f4:1e:dd:a4:7f:f6:70:bf:
                    44:07:86:eb:69:71:36:54:b4:0b:a0:c2:22:2a:96:
                    4b:07:f9:f6:eb:15:c5:41:b8:6f:be:e5:f9:1d:0c:
                    1c:f7:01:10:93:9e:e0:fc:3e:42:80:b5:a5:12:7a:
                    4a:f4:0b:3b:48:6f:cd:b4:c6:96:cb:85:1a:41:e0:
                    6e:32:77:6e:18:5f:2d:1a:68:a9:72:fb:5c:1d:77:
                    12:84:09:f9:f9:f1:ad:f2:4b:51:5e:b3:e6:bd:51:
                    d9:28:1a:ea:1a:82:d1:e4:25:98:fe:63:51:5e:25:
                    08:0f:68:12:db:a8:56:3e:d1:70:d8:20:dd:49:ba:
                    e5:f0:c7:12:30:9c:e6:4a:a9:44:dd:67:82:60:2f:
                    49:af:07:3d:9d:bc:8e:8d:39:0c:f3:a9:86:33:e6:
                    b3:da:2d:c3:1b:62:dd:a0:e6:d8:c7:2f:f2:48:55:
                    6f:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:16:00:D0:F1:66:22:11:43:12:B5:A2:97:DB:E5:F9:69:47:9E:52
            X509v3 Authority Key Identifier:
                keyid:0F:C3:C8:0E:69:A9:A2:F3:E7:BB:3F:33:64:40:B3:E8:7C:21:5F:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0D1ABFF4AC22B0C55B28D05D7609B045D1B81439C709BC3FC881D29BCC8744E3/0/0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0D1ABFF4AC22B0C55B28D05D7609B045D1B81439C709BC3FC881D29BCC8744E3/0/3139302e31342e34362e302f32342d3234203d3e203532333438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.14.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:eb:43:5f:da:a4:c5:fa:0d:71:2a:e5:a9:27:39:b9:47:c8:
         54:5e:2e:58:f0:2c:02:9c:d6:a3:70:91:10:8f:a4:f6:52:1f:
         db:45:1a:08:ba:16:6e:e5:40:2c:06:7e:af:63:1a:93:c3:0d:
         3e:96:e1:d3:ec:c0:5b:33:cc:e8:2b:29:ff:27:a1:8a:d6:46:
         b5:05:0d:32:96:1a:d3:7c:74:4b:72:36:03:dd:09:1d:33:a4:
         f9:33:31:f3:7c:6a:99:4b:2f:0a:5d:fb:2d:f0:b4:74:cd:c8:
         ca:59:e1:af:23:ef:f6:e8:48:3b:ed:de:b6:5d:47:75:83:5b:
         c4:a9:21:d9:20:f5:39:1d:f5:54:3d:2b:3f:5f:da:67:9c:b1:
         d1:5f:dc:b2:57:f5:e8:8a:7f:00:43:70:56:da:65:b1:bf:ea:
         07:2b:63:ed:cd:38:57:5b:d5:e1:25:fc:b0:08:09:84:4a:bd:
         f5:35:88:8c:05:2e:a4:06:70:96:d4:7b:84:22:9a:ff:f4:1c:
         7c:e7:32:83:f8:43:32:77:b7:ee:36:2a:8a:55:e6:21:00:89:
         46:e1:74:44:5c:fd:3c:d9:47:1b:57:4b:6d:2e:75:a5:1b:7a:
         84:78:b9:b1:82:4a:fa:a9:bf:7b:a1:01:f7:37:0d:74:a8:12:
         42:7d:71:7d
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUMfEugu1Kig88lqa5dhARMgIObccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEZDM0M4MEU2OUE5QTJGM0U3QkIzRjMzNjQ0MEIzRTg3
QzIxNUYxMzAeFw0yNDAzMDUxODA2NDBaFw0yNTAzMDQxODExNDBaMDMxMTAvBgNV
BAMTKERDMTYwMEQwRjE2NjIyMTE0MzEyQjVBMjk3REJFNUY5Njk0NzlFNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdA3W836t9VwXDRkNCU9X70NF2
HdKK7x4oETHl+XGbsDIBlJq0aj7U7MU2jr8n+o3El9X8y7Yvf1DL9ivZkN7ivXor
0xKXImIY+kvLtiDdhmL0Ht2kf/Zwv0QHhutpcTZUtAugwiIqlksH+fbrFcVBuG++
5fkdDBz3ARCTnuD8PkKAtaUSekr0CztIb820xpbLhRpB4G4yd24YXy0aaKly+1wd
dxKECfn58a3yS1Fes+a9UdkoGuoagtHkJZj+Y1FeJQgPaBLbqFY+0XDYIN1JuuXw
xxIwnOZKqUTdZ4JgL0mvBz2dvI6NOQzzqYYz5rPaLcMbYt2g5tjHL/JIVW9bAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU3BYA0PFmIhFDErWil9vl+WlHnlIwHwYDVR0j
BBgwFoAUD8PIDmmpovPnuz8zZECz6HwhXxMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wRDFBQkZGNEFDMjJCMEM1NUIyOEQwNUQ3NjA5QjA0NUQx
QjgxNDM5QzcwOUJDM0ZDODgxRDI5QkNDODc0NEUzLzAvMEZDM0M4MEU2OUE5QTJG
M0U3QkIzRjMzNjQ0MEIzRTg3QzIxNUYxMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wRkMzQzgwRTY5QTlBMkYzRTdC
QjNGMzM2NDQwQjNFODdDMjE1RjEzLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEQxQUJGRjRBQzIyQjBDNTVCMjhEMDVENzYwOUIwNDVEMUI4MTQzOUM3
MDlCQzNGQzg4MUQyOUJDQzg3NDRFMy8wLzMxMzkzMDJlMzEzNDJlMzQzNjJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzMzM0Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC+Di4wDQYJ
KoZIhvcNAQELBQADggEBAJrrQ1/apMX6DXEq5aknOblHyFReLljwLAKc1qNwkRCP
pPZSH9tFGgi6Fm7lQCwGfq9jGpPDDT6W4dPswFszzOgrKf8noYrWRrUFDTKWGtN8
dEtyNgPdCR0zpPkzMfN8aplLLwpd+y3wtHTNyMpZ4a8j7/boSDvt3rZdR3WDW8Sp
Idkg9Tkd9VQ9Kz9f2mecsdFf3LJX9eiKfwBDcFbaZbG/6gcrY+3NOFdb1eEl/LAI
CYRKvfU1iIwFLqQGcJbUe4Qimv/0HHznMoP4QzJ3t+42KopV5iEAiUbhdERc/TzZ
RxtXS20udaUbeoR4ubGCSvqpv3uhAfc3DXSoEkJ9cX0=
-----END CERTIFICATE-----
Generated at Thu Nov 21 06:48:41 2024 by rpki-client on console-fra.rpki-client.org