Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3133382e3131372e36382e302f32322d3234203d3e203631343636.roa
File:                     3133382e3131372e36382e302f32322d3234203d3e203631343636.roa (raw, json)
Hash identifier:          9442Q9wCBTDTAnylxRkmyJAU7s8sCyX7otTYeGPTKIs=
Subject key identifier:   03:82:C4:90:70:1F:10:FD:63:67:C8:DA:A7:79:09:8E:41:1F:54:07
Certificate issuer:       /CN=B3AC8703592539ADD492A1BDC08E997B67459567
Certificate serial:       1B14FE9AE2DCE3EF8AEF615739BEF2F37FDB5DFA
Authority key identifier: B3:AC:87:03:59:25:39:AD:D4:92:A1:BD:C0:8E:99:7B:67:45:95:67
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3133382e3131372e36382e302f32322d3234203d3e203631343636.roa
Signing time:             Tue 05 Mar 2024 17:49:09 +0000
ROA not before:           Tue 05 Mar 2024 17:44:09 +0000
ROA not after:            Tue 04 Mar 2025 17:49:09 +0000
asID:                     61466
IP address blocks:        138.117.68.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/B3AC8703592539ADD492A1BDC08E997B67459567.crl
                          rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/B3AC8703592539ADD492A1BDC08E997B67459567.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 15 Dec 2024 06:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:14:fe:9a:e2:dc:e3:ef:8a:ef:61:57:39:be:f2:f3:7f:db:5d:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B3AC8703592539ADD492A1BDC08E997B67459567
        Validity
            Not Before: Mar  5 17:44:09 2024 GMT
            Not After : Mar  4 17:49:09 2025 GMT
        Subject: CN=0382C490701F10FD6367C8DAA779098E411F5407
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:45:39:93:bb:f3:92:a1:3d:aa:c4:ad:d9:64:
                    74:c8:32:f2:e1:51:ae:4c:6e:8f:c5:0a:1d:67:bb:
                    60:41:ed:db:f8:d9:92:ad:e4:48:ee:9d:90:69:29:
                    96:89:d5:28:48:8f:b2:eb:08:4b:40:77:15:eb:74:
                    e9:80:e8:92:bd:f6:3f:76:be:a8:2c:bb:66:15:85:
                    e6:43:87:20:cb:fb:ee:51:b4:10:41:e4:06:29:fe:
                    a6:b0:c6:8d:d2:36:ab:48:18:98:ee:f4:d6:7a:08:
                    38:f8:2a:e8:74:73:7d:e1:bf:d2:21:a0:f7:0b:03:
                    81:bf:d7:65:fd:57:16:88:50:da:af:54:a4:73:04:
                    f6:22:6f:98:6c:e6:da:96:29:bc:df:f2:74:7c:68:
                    3c:4b:bc:24:15:a0:df:20:a4:ee:46:5f:a4:ef:ab:
                    4c:d7:e7:ee:35:ca:62:3d:ae:38:04:d8:ea:69:db:
                    15:ee:21:8e:e4:c9:c5:aa:a3:29:95:fb:f2:ff:c0:
                    dc:f7:75:11:59:63:4a:38:eb:90:b7:8a:2f:be:e7:
                    60:35:eb:db:ac:60:25:64:e7:ce:26:b6:ac:10:a8:
                    c7:80:4f:31:b4:9d:7b:23:29:1d:40:c1:1c:94:b5:
                    c9:3d:6b:77:98:aa:c2:4f:35:be:ef:8d:fd:c4:a1:
                    89:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:82:C4:90:70:1F:10:FD:63:67:C8:DA:A7:79:09:8E:41:1F:54:07
            X509v3 Authority Key Identifier:
                keyid:B3:AC:87:03:59:25:39:AD:D4:92:A1:BD:C0:8E:99:7B:67:45:95:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/B3AC8703592539ADD492A1BDC08E997B67459567.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3133382e3131372e36382e302f32322d3234203d3e203631343636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.117.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7b:c5:14:b6:87:ad:27:a2:c4:09:67:6c:1c:72:eb:a5:62:ed:
         85:04:d5:97:1e:b0:85:63:bc:dc:57:09:b1:27:53:03:82:ec:
         23:e9:48:50:a5:1d:d9:11:e3:98:00:53:8b:06:39:69:93:44:
         b7:cc:97:e5:2a:c5:6d:21:73:0b:16:0e:a3:f7:02:44:de:02:
         40:38:c6:c5:cf:2f:13:67:ec:5b:d8:48:a4:e9:66:24:47:43:
         94:73:32:9d:4d:68:11:ae:8c:2b:4f:d6:5c:41:82:31:39:4f:
         b2:4f:38:72:bf:c5:51:ed:04:be:bd:98:fb:12:58:39:a1:4e:
         91:7e:48:6a:7e:2e:ba:80:40:ff:15:04:8e:ec:77:a9:b3:5a:
         94:fc:c8:28:bb:64:c0:97:3c:8c:26:b0:bd:58:c6:18:e5:04:
         64:05:6a:cb:25:48:f5:53:9b:5f:97:26:b6:d5:ae:b7:ff:61:
         5e:41:9d:b4:66:0d:52:a8:4f:c2:21:0a:06:59:b7:de:00:c9:
         96:6d:01:7e:da:08:e9:35:08:3d:15:5c:50:a5:79:1d:ae:cc:
         e7:d0:1b:0d:39:00:66:29:4c:50:69:37:7f:95:0b:4a:a8:3a:
         0f:f4:c9:20:eb:3e:16:ae:9a:11:60:d0:7f:68:18:83:39:d3:
         16:d7:5f:f6
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUGxT+muLc4++K72FXOb7y83/bXfowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjNBQzg3MDM1OTI1MzlBREQ0OTJBMUJEQzA4RTk5N0I2
NzQ1OTU2NzAeFw0yNDAzMDUxNzQ0MDlaFw0yNTAzMDQxNzQ5MDlaMDMxMTAvBgNV
BAMTKDAzODJDNDkwNzAxRjEwRkQ2MzY3QzhEQUE3NzkwOThFNDExRjU0MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfRTmTu/OSoT2qxK3ZZHTIMvLh
Ua5Mbo/FCh1nu2BB7dv42ZKt5EjunZBpKZaJ1ShIj7LrCEtAdxXrdOmA6JK99j92
vqgsu2YVheZDhyDL++5RtBBB5AYp/qawxo3SNqtIGJju9NZ6CDj4Kuh0c33hv9Ih
oPcLA4G/12X9VxaIUNqvVKRzBPYib5hs5tqWKbzf8nR8aDxLvCQVoN8gpO5GX6Tv
q0zX5+41ymI9rjgE2Opp2xXuIY7kycWqoymV+/L/wNz3dRFZY0o465C3ii++52A1
69usYCVk584mtqwQqMeATzG0nXsjKR1AwRyUtck9a3eYqsJPNb7vjf3EoYnNAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUA4LEkHAfEP1jZ8jap3kJjkEfVAcwHwYDVR0j
BBgwFoAUs6yHA1klOa3UkqG9wI6Ze2dFlWcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMTU1OUFBMzM0OUZFMkQ2NUE1QTU3Njk5MTM1NzNBOTk3
MThENDNEQTJEMERGQkI1QzNDNUZFOUQwREVFRTRELzAvQjNBQzg3MDM1OTI1MzlB
REQ0OTJBMUJEQzA4RTk5N0I2NzQ1OTU2Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CM0FDODcwMzU5MjUzOUFERDQ5
MkExQkRDMDhFOTk3QjY3NDU5NTY3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTE1NTlBQTMzNDlGRTJENjVBNUE1NzY5OTEzNTczQTk5NzE4RDQzREEy
RDBERkJCNUMzQzVGRTlEMERFRUU0RC8wLzMxMzMzODJlMzEzMTM3MmUzNjM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzYzMTM0MzYzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAop1RDAN
BgkqhkiG9w0BAQsFAAOCAQEAe8UUtoetJ6LECWdsHHLrpWLthQTVlx6whWO83FcJ
sSdTA4LsI+lIUKUd2RHjmABTiwY5aZNEt8yX5SrFbSFzCxYOo/cCRN4CQDjGxc8v
E2fsW9hIpOlmJEdDlHMynU1oEa6MK0/WXEGCMTlPsk84cr/FUe0Evr2Y+xJYOaFO
kX5Ian4uuoBA/xUEjux3qbNalPzIKLtkwJc8jCawvVjGGOUEZAVqyyVI9VObX5cm
ttWut/9hXkGdtGYNUqhPwiEKBlm33gDJlm0BftoI6TUIPRVcUKV5Ha7M59AbDTkA
ZilMUGk3f5ULSqg6D/TJIOs+Fq6aEWDQf2gYgznTFtdf9g==
-----END CERTIFICATE-----
Generated at Wed Dec 11 08:27:10 2024 by rpki-client on console-fra.rpki-client.org