Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3136382e3230352e3230342e302f32322d3234203d3e203631343636.roa
File:                     3136382e3230352e3230342e302f32322d3234203d3e203631343636.roa (raw, json)
Hash identifier:          xrR1FwuxOR9rWTVft/J/unu7c/vXUNfi9xmPBLViTus=
Subject key identifier:   25:26:AA:7C:B0:A8:7A:70:F6:55:06:FA:85:C9:67:7F:94:74:71:66
Certificate issuer:       /CN=B3AC8703592539ADD492A1BDC08E997B67459567
Certificate serial:       311F311446EC00F243D5B1AD729B94329AA121C5
Authority key identifier: B3:AC:87:03:59:25:39:AD:D4:92:A1:BD:C0:8E:99:7B:67:45:95:67
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3136382e3230352e3230342e302f32322d3234203d3e203631343636.roa
Signing time:             Tue 05 Mar 2024 17:49:11 +0000
ROA not before:           Tue 05 Mar 2024 17:44:11 +0000
ROA not after:            Tue 04 Mar 2025 17:49:11 +0000
asID:                     61466
IP address blocks:        168.205.204.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/B3AC8703592539ADD492A1BDC08E997B67459567.crl
                          rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/B3AC8703592539ADD492A1BDC08E997B67459567.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 15 Dec 2024 06:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:1f:31:14:46:ec:00:f2:43:d5:b1:ad:72:9b:94:32:9a:a1:21:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B3AC8703592539ADD492A1BDC08E997B67459567
        Validity
            Not Before: Mar  5 17:44:11 2024 GMT
            Not After : Mar  4 17:49:11 2025 GMT
        Subject: CN=2526AA7CB0A87A70F65506FA85C9677F94747166
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:0f:69:cc:ba:16:01:34:9f:c4:bc:3b:36:c0:
                    2a:a0:5b:32:45:e9:79:0b:28:c3:54:a7:13:ac:33:
                    f2:cc:97:1c:70:1e:a6:40:24:b9:5a:c4:9d:aa:35:
                    2b:d7:3b:4d:de:84:f7:32:f0:a1:2f:a2:c5:c9:e2:
                    29:fe:7b:87:28:3f:99:99:ba:1d:60:0c:4a:03:d3:
                    63:ce:3d:4e:f1:0a:42:f8:d9:b4:4d:53:cb:55:47:
                    a1:ae:71:12:d4:02:8e:2b:04:f3:32:2a:72:fa:09:
                    e2:1e:29:e5:28:e3:92:1d:27:43:13:5a:bf:b0:27:
                    66:01:66:91:21:7d:fc:3f:78:23:39:eb:ab:92:01:
                    f4:2c:54:cc:77:99:98:3c:e1:50:04:e0:ec:fd:3a:
                    f9:73:0a:98:10:12:3c:a0:43:97:ff:00:1a:c4:3d:
                    4c:d6:75:2c:9f:14:9c:16:9c:3b:bf:67:be:c1:31:
                    96:3b:ba:99:63:e7:4c:3b:41:c1:a6:3f:cc:48:db:
                    7a:f8:b1:51:0e:32:c7:a0:16:27:96:43:42:e1:e9:
                    76:0b:10:7b:93:4a:e5:cb:01:c1:1e:04:02:5a:84:
                    61:e0:ec:cf:7f:20:63:92:f4:85:6f:1f:b8:db:b7:
                    fc:27:08:bf:e8:41:db:12:19:38:7f:af:a6:c3:16:
                    a6:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:26:AA:7C:B0:A8:7A:70:F6:55:06:FA:85:C9:67:7F:94:74:71:66
            X509v3 Authority Key Identifier:
                keyid:B3:AC:87:03:59:25:39:AD:D4:92:A1:BD:C0:8E:99:7B:67:45:95:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/B3AC8703592539ADD492A1BDC08E997B67459567.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3136382e3230352e3230342e302f32322d3234203d3e203631343636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.205.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:f2:27:72:d4:d7:58:66:d2:a0:30:b6:8c:06:b2:72:4c:d9:
         93:27:5b:af:e9:62:b0:4e:cb:85:36:0d:12:61:57:7e:17:69:
         a5:8c:f8:07:3e:86:84:5f:f5:fa:98:fc:96:ba:f2:b7:03:32:
         fa:c5:ff:1f:e9:27:30:c7:87:38:ad:80:22:7a:dd:20:9d:fe:
         ec:f6:4f:d1:50:4a:f8:5c:88:75:f2:19:a0:04:b3:b9:9c:f7:
         42:3d:5d:17:ca:16:54:42:49:b2:32:98:87:81:5b:bc:58:c4:
         b6:f3:b7:c1:d8:b4:ba:2b:f3:c6:88:dd:88:d7:04:25:20:72:
         7c:b7:6f:ae:75:18:a9:eb:90:d7:65:fa:7e:a4:d1:b0:15:91:
         5b:61:f2:eb:95:37:71:f3:f9:17:43:e4:0d:65:9f:c6:16:1b:
         1e:53:b5:c6:13:02:98:d3:07:c5:a0:69:ec:09:3a:3f:7e:fc:
         5d:13:0f:a5:66:48:8b:b7:95:f0:80:f2:0e:92:e5:5b:48:57:
         46:a9:10:4e:b2:96:58:77:67:44:05:0c:a7:36:68:d9:34:a9:
         d6:2a:d4:36:52:63:c5:c2:c4:c8:ec:fc:2f:9a:da:2e:de:c0:
         a0:98:18:70:72:66:d7:0d:5c:10:5d:c9:97:c7:a9:59:60:f4:
         0c:0f:06:90
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUMR8xFEbsAPJD1bGtcpuUMpqhIcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjNBQzg3MDM1OTI1MzlBREQ0OTJBMUJEQzA4RTk5N0I2
NzQ1OTU2NzAeFw0yNDAzMDUxNzQ0MTFaFw0yNTAzMDQxNzQ5MTFaMDMxMTAvBgNV
BAMTKDI1MjZBQTdDQjBBODdBNzBGNjU1MDZGQTg1Qzk2NzdGOTQ3NDcxNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClD2nMuhYBNJ/EvDs2wCqgWzJF
6XkLKMNUpxOsM/LMlxxwHqZAJLlaxJ2qNSvXO03ehPcy8KEvosXJ4in+e4coP5mZ
uh1gDEoD02POPU7xCkL42bRNU8tVR6GucRLUAo4rBPMyKnL6CeIeKeUo45IdJ0MT
Wr+wJ2YBZpEhffw/eCM566uSAfQsVMx3mZg84VAE4Oz9OvlzCpgQEjygQ5f/ABrE
PUzWdSyfFJwWnDu/Z77BMZY7uplj50w7QcGmP8xI23r4sVEOMsegFieWQ0Lh6XYL
EHuTSuXLAcEeBAJahGHg7M9/IGOS9IVvH7jbt/wnCL/oQdsSGTh/r6bDFqYrAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUJSaqfLCoenD2VQb6hclnf5R0cWYwHwYDVR0j
BBgwFoAUs6yHA1klOa3UkqG9wI6Ze2dFlWcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMTU1OUFBMzM0OUZFMkQ2NUE1QTU3Njk5MTM1NzNBOTk3
MThENDNEQTJEMERGQkI1QzNDNUZFOUQwREVFRTRELzAvQjNBQzg3MDM1OTI1MzlB
REQ0OTJBMUJEQzA4RTk5N0I2NzQ1OTU2Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CM0FDODcwMzU5MjUzOUFERDQ5
MkExQkRDMDhFOTk3QjY3NDU5NTY3LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTE1NTlBQTMzNDlGRTJENjVBNUE1NzY5OTEzNTczQTk5NzE4RDQzREEy
RDBERkJCNUMzQzVGRTlEMERFRUU0RC8wLzMxMzYzODJlMzIzMDM1MmUzMjMwMzQy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNjMxMzQzNjM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqM3M
MA0GCSqGSIb3DQEBCwUAA4IBAQCS8idy1NdYZtKgMLaMBrJyTNmTJ1uv6WKwTsuF
Ng0SYVd+F2mljPgHPoaEX/X6mPyWuvK3AzL6xf8f6Scwx4c4rYAiet0gnf7s9k/R
UEr4XIh18hmgBLO5nPdCPV0XyhZUQkmyMpiHgVu8WMS287fB2LS6K/PGiN2I1wQl
IHJ8t2+udRip65DXZfp+pNGwFZFbYfLrlTdx8/kXQ+QNZZ/GFhseU7XGEwKY0wfF
oGnsCTo/fvxdEw+lZkiLt5XwgPIOkuVbSFdGqRBOspZYd2dEBQynNmjZNKnWKtQ2
UmPFwsTI7Pwvmtou3sCgmBhwcmbXDVwQXcmXx6lZYPQMDwaQ
-----END CERTIFICATE-----
Generated at Wed Dec 11 09:23:40 2024 by rpki-client on console-ams.rpki-client.org