Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0D1ABFF4AC22B0C55B28D05D7609B045D1B81439C709BC3FC881D29BCC8744E3/0/3139302e31342e34372e302f32342d3234203d3e203532333438.roa
File:                     3139302e31342e34372e302f32342d3234203d3e203532333438.roa (raw, json)
Hash identifier:          Ink1y1y8Da+etp0jkW0aGLfnjmpUrJYWKgsJFtgcg7U=
Subject key identifier:   B5:68:00:17:6C:BC:F2:B6:1A:EC:3D:DF:62:50:56:45:57:92:92:56
Certificate issuer:       /CN=0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13
Certificate serial:       59AB658734D77643E5A5CEF41A3B505E71162B3C
Authority key identifier: 0F:C3:C8:0E:69:A9:A2:F3:E7:BB:3F:33:64:40:B3:E8:7C:21:5F:13
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0D1ABFF4AC22B0C55B28D05D7609B045D1B81439C709BC3FC881D29BCC8744E3/0/3139302e31342e34372e302f32342d3234203d3e203532333438.roa
Signing time:             Tue 05 Mar 2024 18:11:41 +0000
ROA not before:           Tue 05 Mar 2024 18:06:41 +0000
ROA not after:            Tue 04 Mar 2025 18:11:41 +0000
asID:                     52348
IP address blocks:        190.14.47.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0D1ABFF4AC22B0C55B28D05D7609B045D1B81439C709BC3FC881D29BCC8744E3/0/0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0D1ABFF4AC22B0C55B28D05D7609B045D1B81439C709BC3FC881D29BCC8744E3/0/0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:ab:65:87:34:d7:76:43:e5:a5:ce:f4:1a:3b:50:5e:71:16:2b:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13
        Validity
            Not Before: Mar  5 18:06:41 2024 GMT
            Not After : Mar  4 18:11:41 2025 GMT
        Subject: CN=B56800176CBCF2B61AEC3DDF6250564557929256
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:32:2b:7b:d5:9d:a3:35:f2:e1:2f:5e:57:b3:
                    85:13:32:10:96:b6:38:88:12:66:78:99:51:fc:06:
                    f6:82:b6:c9:09:70:f6:05:f8:1b:16:96:23:00:9a:
                    05:6e:b2:c7:0f:c8:0f:a3:50:03:23:38:f6:8b:a7:
                    5e:11:45:4c:15:e3:9f:c7:75:3a:e9:cc:d0:50:c0:
                    43:fe:66:09:52:01:ef:99:70:6d:8b:2c:aa:3a:05:
                    a3:48:62:d4:48:ae:09:36:96:6c:cb:b8:31:ee:7e:
                    a1:2e:d1:a5:05:c6:38:a6:c1:37:67:60:fb:0c:e4:
                    00:7e:ed:0a:0e:0d:7e:25:e7:06:35:bd:4a:b8:e2:
                    f9:fb:a4:2f:61:1e:cc:aa:9c:9c:6f:10:3b:9c:18:
                    f3:c1:37:8e:9e:98:bc:d7:b9:f8:f2:b7:d5:20:b7:
                    c4:36:94:81:c8:53:15:b5:c3:df:4c:e2:e0:4e:42:
                    64:21:e5:91:9c:8e:12:4b:72:b5:9c:c9:a5:49:58:
                    98:22:0a:60:1c:39:55:d7:10:98:d4:52:c5:62:6e:
                    75:1f:84:90:3d:7a:ed:1e:57:ff:f7:d7:ff:5c:46:
                    69:d8:4e:57:27:fc:5b:fa:79:08:c3:00:e4:1b:c2:
                    eb:ff:aa:3f:4f:9c:f5:9c:e6:b9:b3:a6:14:21:da:
                    5e:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:68:00:17:6C:BC:F2:B6:1A:EC:3D:DF:62:50:56:45:57:92:92:56
            X509v3 Authority Key Identifier:
                keyid:0F:C3:C8:0E:69:A9:A2:F3:E7:BB:3F:33:64:40:B3:E8:7C:21:5F:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0D1ABFF4AC22B0C55B28D05D7609B045D1B81439C709BC3FC881D29BCC8744E3/0/0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0FC3C80E69A9A2F3E7BB3F336440B3E87C215F13.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0D1ABFF4AC22B0C55B28D05D7609B045D1B81439C709BC3FC881D29BCC8744E3/0/3139302e31342e34372e302f32342d3234203d3e203532333438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.14.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:38:97:d9:cc:ed:24:88:35:fc:d9:32:99:ff:28:10:9d:68:
         01:03:8c:72:0b:05:eb:b7:2e:ad:27:71:f9:8f:64:69:01:d5:
         df:a3:f7:5a:aa:d6:9c:6a:4b:a8:a9:31:9b:29:52:25:ae:4e:
         4a:62:c3:4a:0a:c2:f2:05:ba:8d:7c:76:23:bf:86:1c:37:b8:
         02:18:a4:c3:2c:e9:d4:57:37:d8:88:1c:a5:8c:d3:57:4e:9a:
         dd:80:5d:52:59:f2:52:e9:d3:ad:fe:cf:27:e1:ce:07:f6:af:
         1a:ed:a5:7a:28:a3:03:21:b0:f4:82:30:7c:45:e5:bb:7b:4a:
         bc:e2:13:c7:e6:74:4b:4e:77:83:19:11:fb:eb:7b:5f:64:3a:
         a0:85:fb:dc:53:d0:a1:dd:d6:10:97:5f:54:24:91:19:a4:0a:
         d2:e1:3c:8e:e8:e4:fc:87:f0:08:3b:48:35:d0:60:4c:3c:07:
         13:8f:f1:79:7e:5f:db:a9:4d:ff:af:00:57:6d:28:f3:22:15:
         ec:24:52:a9:5c:ad:9a:2f:e8:f7:da:a6:ba:e2:e1:72:ba:e7:
         38:bd:5f:b7:c1:51:6c:26:24:7a:40:0d:c2:8d:ca:f5:18:50:
         fa:4b:ec:9e:b4:99:41:ed:dc:0d:3d:4b:5c:70:03:16:8d:9f:
         b3:22:c2:65
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUWatlhzTXdkPlpc70GjtQXnEWKzwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEZDM0M4MEU2OUE5QTJGM0U3QkIzRjMzNjQ0MEIzRTg3
QzIxNUYxMzAeFw0yNDAzMDUxODA2NDFaFw0yNTAzMDQxODExNDFaMDMxMTAvBgNV
BAMTKEI1NjgwMDE3NkNCQ0YyQjYxQUVDM0RERjYyNTA1NjQ1NTc5MjkyNTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUMit71Z2jNfLhL15Xs4UTMhCW
tjiIEmZ4mVH8BvaCtskJcPYF+BsWliMAmgVusscPyA+jUAMjOPaLp14RRUwV45/H
dTrpzNBQwEP+ZglSAe+ZcG2LLKo6BaNIYtRIrgk2lmzLuDHufqEu0aUFxjimwTdn
YPsM5AB+7QoODX4l5wY1vUq44vn7pC9hHsyqnJxvEDucGPPBN46emLzXufjyt9Ug
t8Q2lIHIUxW1w99M4uBOQmQh5ZGcjhJLcrWcyaVJWJgiCmAcOVXXEJjUUsVibnUf
hJA9eu0eV//31/9cRmnYTlcn/Fv6eQjDAOQbwuv/qj9PnPWc5rmzphQh2l7BAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUtWgAF2y88rYa7D3fYlBWRVeSklYwHwYDVR0j
BBgwFoAUD8PIDmmpovPnuz8zZECz6HwhXxMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wRDFBQkZGNEFDMjJCMEM1NUIyOEQwNUQ3NjA5QjA0NUQx
QjgxNDM5QzcwOUJDM0ZDODgxRDI5QkNDODc0NEUzLzAvMEZDM0M4MEU2OUE5QTJG
M0U3QkIzRjMzNjQ0MEIzRTg3QzIxNUYxMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wRkMzQzgwRTY5QTlBMkYzRTdC
QjNGMzM2NDQwQjNFODdDMjE1RjEzLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEQxQUJGRjRBQzIyQjBDNTVCMjhEMDVENzYwOUIwNDVEMUI4MTQzOUM3
MDlCQzNGQzg4MUQyOUJDQzg3NDRFMy8wLzMxMzkzMDJlMzEzNDJlMzQzNzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzMzM0Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC+Di8wDQYJ
KoZIhvcNAQELBQADggEBAKI4l9nM7SSINfzZMpn/KBCdaAEDjHILBeu3Lq0ncfmP
ZGkB1d+j91qq1pxqS6ipMZspUiWuTkpiw0oKwvIFuo18diO/hhw3uAIYpMMs6dRX
N9iIHKWM01dOmt2AXVJZ8lLp063+zyfhzgf2rxrtpXooowMhsPSCMHxF5bt7Srzi
E8fmdEtOd4MZEfvre19kOqCF+9xT0KHd1hCXX1QkkRmkCtLhPI7o5PyH8Ag7SDXQ
YEw8BxOP8Xl+X9upTf+vAFdtKPMiFewkUqlcrZov6Pfaprri4XK65zi9X7fBUWwm
JHpADcKNyvUYUPpL7J60mUHt3A09S1xwAxaNn7MiwmU=
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:38:04 2024 by rpki-client on console-ams.rpki-client.org