Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3137302e37392e34302e302f32322d3234203d3e203631343636.roa
File:                     3137302e37392e34302e302f32322d3234203d3e203631343636.roa (raw, json)
Hash identifier:          5SDU7cB2hqT5KqLQESxoVMjbKhojq57Q8jgP68VRJeY=
Subject key identifier:   07:13:87:F2:4E:7D:61:4C:75:85:BC:7B:64:AF:73:5D:F7:5E:49:80
Certificate issuer:       /CN=B3AC8703592539ADD492A1BDC08E997B67459567
Certificate serial:       6A703442DF4D56F8BEE20963F43388C7B4FF6D15
Authority key identifier: B3:AC:87:03:59:25:39:AD:D4:92:A1:BD:C0:8E:99:7B:67:45:95:67
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3137302e37392e34302e302f32322d3234203d3e203631343636.roa
Signing time:             Tue 05 Mar 2024 17:49:10 +0000
ROA not before:           Tue 05 Mar 2024 17:44:10 +0000
ROA not after:            Tue 04 Mar 2025 17:49:10 +0000
asID:                     61466
IP address blocks:        170.79.40.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/B3AC8703592539ADD492A1BDC08E997B67459567.crl
                          rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/B3AC8703592539ADD492A1BDC08E997B67459567.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 15 Dec 2024 06:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:70:34:42:df:4d:56:f8:be:e2:09:63:f4:33:88:c7:b4:ff:6d:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B3AC8703592539ADD492A1BDC08E997B67459567
        Validity
            Not Before: Mar  5 17:44:10 2024 GMT
            Not After : Mar  4 17:49:10 2025 GMT
        Subject: CN=071387F24E7D614C7585BC7B64AF735DF75E4980
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:a3:dd:13:a0:15:a0:d3:dd:d2:50:26:6e:dc:
                    6e:be:ae:f7:ea:84:f5:04:f1:eb:fe:34:46:6b:34:
                    57:96:b2:7c:d7:7f:87:19:81:f5:fa:10:5d:2d:29:
                    f8:f8:8b:37:fe:b8:89:38:47:df:ce:4d:da:12:dc:
                    59:61:b0:e2:70:04:3e:ca:4e:8e:5b:f3:11:e4:71:
                    b2:cf:a3:6a:94:ac:7b:c3:b1:b3:ea:5f:4e:7a:19:
                    6c:3b:b0:c0:39:31:ce:bc:6d:b5:19:e1:1c:de:e3:
                    45:35:a4:0b:5f:f6:9c:ef:66:fd:04:2d:21:7f:bd:
                    ef:7e:24:30:67:6d:b9:38:1c:70:73:99:45:8b:98:
                    94:f3:42:f2:15:e2:48:67:cc:2c:ad:a3:0d:3f:d7:
                    9a:ba:8e:f9:30:9f:95:e6:67:d1:2e:4d:54:fb:98:
                    ee:48:16:fb:03:31:e8:43:60:df:1a:39:41:dc:ba:
                    f8:04:78:b9:b4:ce:4f:9f:07:15:dc:7b:15:7a:4b:
                    05:e0:61:05:82:69:a4:b7:ae:f7:55:10:3d:69:09:
                    b5:32:96:32:65:26:a3:3a:7c:b9:e8:4c:b7:fe:a1:
                    8b:62:11:49:26:af:70:0d:00:ce:d6:e2:a8:ec:19:
                    1e:20:33:48:21:4c:f6:75:d3:fd:6e:e1:8a:71:a2:
                    c9:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:13:87:F2:4E:7D:61:4C:75:85:BC:7B:64:AF:73:5D:F7:5E:49:80
            X509v3 Authority Key Identifier:
                keyid:B3:AC:87:03:59:25:39:AD:D4:92:A1:BD:C0:8E:99:7B:67:45:95:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/B3AC8703592539ADD492A1BDC08E997B67459567.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3137302e37392e34302e302f32322d3234203d3e203631343636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.79.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         55:f2:aa:ef:43:12:9b:5b:29:3e:50:0a:e5:55:55:30:0f:26:
         68:fc:a6:47:12:b0:78:2d:de:14:f7:22:35:d0:de:aa:97:17:
         52:b5:c2:9e:94:31:9b:22:2e:05:6a:44:4c:6b:f3:82:f2:31:
         e5:77:b3:99:84:ea:96:f3:c5:36:1e:70:ee:0a:d9:2c:f8:a3:
         68:e7:d3:44:47:a9:c7:2b:a9:8e:96:07:70:b9:85:56:62:2b:
         0d:9d:18:d9:76:76:59:fa:04:98:1c:0e:90:95:6b:f9:43:68:
         1d:a7:58:a8:a9:60:9e:26:88:89:88:2c:15:74:b9:16:d3:b6:
         7d:4c:99:bb:f9:3b:50:bf:ae:09:65:32:5f:17:29:01:8d:a7:
         82:c5:9b:fe:0e:17:dd:1e:f6:86:bc:30:7d:0b:d9:6a:0c:fa:
         39:5f:4a:8b:ff:8b:e6:97:99:b2:bf:af:ba:56:9a:b2:35:d1:
         39:fe:c1:21:23:e2:e0:55:f4:66:6d:3f:60:87:3d:e0:f4:17:
         d2:b5:cd:ed:86:4a:27:af:9f:2a:29:1a:84:c7:48:31:a1:d0:
         0c:b1:03:25:ee:bb:73:8f:ea:e4:99:4e:4a:8e:8e:33:f5:6e:
         3a:34:ef:25:63:e8:68:06:f3:eb:a0:03:7a:79:96:8a:4c:1b:
         8a:55:5d:af
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUanA0Qt9NVvi+4glj9DOIx7T/bRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjNBQzg3MDM1OTI1MzlBREQ0OTJBMUJEQzA4RTk5N0I2
NzQ1OTU2NzAeFw0yNDAzMDUxNzQ0MTBaFw0yNTAzMDQxNzQ5MTBaMDMxMTAvBgNV
BAMTKDA3MTM4N0YyNEU3RDYxNEM3NTg1QkM3QjY0QUY3MzVERjc1RTQ5ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXo90ToBWg093SUCZu3G6+rvfq
hPUE8ev+NEZrNFeWsnzXf4cZgfX6EF0tKfj4izf+uIk4R9/OTdoS3FlhsOJwBD7K
To5b8xHkcbLPo2qUrHvDsbPqX056GWw7sMA5Mc68bbUZ4Rze40U1pAtf9pzvZv0E
LSF/ve9+JDBnbbk4HHBzmUWLmJTzQvIV4khnzCytow0/15q6jvkwn5XmZ9EuTVT7
mO5IFvsDMehDYN8aOUHcuvgEeLm0zk+fBxXcexV6SwXgYQWCaaS3rvdVED1pCbUy
ljJlJqM6fLnoTLf+oYtiEUkmr3ANAM7W4qjsGR4gM0ghTPZ10/1u4YpxosnfAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUBxOH8k59YUx1hbx7ZK9zXfdeSYAwHwYDVR0j
BBgwFoAUs6yHA1klOa3UkqG9wI6Ze2dFlWcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMTU1OUFBMzM0OUZFMkQ2NUE1QTU3Njk5MTM1NzNBOTk3
MThENDNEQTJEMERGQkI1QzNDNUZFOUQwREVFRTRELzAvQjNBQzg3MDM1OTI1MzlB
REQ0OTJBMUJEQzA4RTk5N0I2NzQ1OTU2Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CM0FDODcwMzU5MjUzOUFERDQ5
MkExQkRDMDhFOTk3QjY3NDU5NTY3LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTE1NTlBQTMzNDlGRTJENjVBNUE1NzY5OTEzNTczQTk5NzE4RDQzREEy
RDBERkJCNUMzQzVGRTlEMERFRUU0RC8wLzMxMzczMDJlMzczOTJlMzQzMDJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDM2MzEzNDM2MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKqTygwDQYJ
KoZIhvcNAQELBQADggEBAFXyqu9DEptbKT5QCuVVVTAPJmj8pkcSsHgt3hT3IjXQ
3qqXF1K1wp6UMZsiLgVqRExr84LyMeV3s5mE6pbzxTYecO4K2Sz4o2jn00RHqccr
qY6WB3C5hVZiKw2dGNl2dln6BJgcDpCVa/lDaB2nWKipYJ4miImILBV0uRbTtn1M
mbv5O1C/rgllMl8XKQGNp4LFm/4OF90e9oa8MH0L2WoM+jlfSov/i+aXmbK/r7pW
mrI10Tn+wSEj4uBV9GZtP2CHPeD0F9K1ze2GSievnyopGoTHSDGh0AyxAyXuu3OP
6uSZTkqOjjP1bjo07yVj6GgG8+ugA3p5lopMG4pVXa8=
-----END CERTIFICATE-----
Generated at Wed Dec 11 08:27:10 2024 by rpki-client on console-fra.rpki-client.org