Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3138362e352e3233322e302f32312d3234203d3e203631343636.roa
File:                     3138362e352e3233322e302f32312d3234203d3e203631343636.roa (raw, json)
Hash identifier:          ThGQJ/tQpX4OxweVNtxh+W3PL3YV6hWKGxzDx7Mztpg=
Subject key identifier:   2A:75:E6:B3:BD:23:58:D8:70:7A:66:57:96:05:C7:4E:9F:7B:91:8B
Certificate issuer:       /CN=B3AC8703592539ADD492A1BDC08E997B67459567
Certificate serial:       0721F68A8EC7BE03CE77706E2DD90BC1B0D8734B
Authority key identifier: B3:AC:87:03:59:25:39:AD:D4:92:A1:BD:C0:8E:99:7B:67:45:95:67
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3138362e352e3233322e302f32312d3234203d3e203631343636.roa
Signing time:             Tue 05 Mar 2024 17:49:10 +0000
ROA not before:           Tue 05 Mar 2024 17:44:10 +0000
ROA not after:            Tue 04 Mar 2025 17:49:10 +0000
asID:                     61466
IP address blocks:        186.5.232.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/B3AC8703592539ADD492A1BDC08E997B67459567.crl
                          rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/B3AC8703592539ADD492A1BDC08E997B67459567.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 15 Dec 2024 06:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:21:f6:8a:8e:c7:be:03:ce:77:70:6e:2d:d9:0b:c1:b0:d8:73:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B3AC8703592539ADD492A1BDC08E997B67459567
        Validity
            Not Before: Mar  5 17:44:10 2024 GMT
            Not After : Mar  4 17:49:10 2025 GMT
        Subject: CN=2A75E6B3BD2358D8707A66579605C74E9F7B918B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:89:92:94:73:e8:85:21:8f:ed:c7:68:94:7f:
                    41:62:10:88:5e:7e:16:fa:7e:94:bb:26:79:2e:31:
                    3c:5a:d0:ac:7e:1c:f5:e5:73:db:07:23:32:6d:62:
                    d2:ab:6c:2d:f7:83:e4:10:5a:b1:47:9e:d2:af:5d:
                    48:69:21:7c:a9:da:09:e1:27:0d:65:e7:d3:a7:b0:
                    86:b0:d3:ab:8f:e6:83:00:c7:9f:cf:58:c8:47:d6:
                    8d:cb:6a:97:3c:46:dd:51:fd:75:46:6f:33:7f:e9:
                    78:fc:e7:db:a0:cb:ca:d9:74:6e:6f:92:95:ad:76:
                    0d:c9:fa:e7:43:ee:a3:7c:83:1f:de:6f:94:8b:96:
                    cc:82:2d:36:d2:40:ca:d6:a8:27:4e:c7:1a:d1:29:
                    75:9a:22:e3:b1:fb:df:c0:33:03:33:1b:18:63:31:
                    6c:1f:5c:38:7f:91:ae:f4:15:1e:31:ee:64:ff:e8:
                    3e:c2:97:55:26:0b:9a:4a:51:76:26:8d:d2:d0:ad:
                    02:e9:8c:bb:65:59:55:5c:da:c3:2b:7b:ff:89:32:
                    bf:82:66:33:1b:6a:cd:b8:77:44:54:a9:98:e0:30:
                    12:e4:43:05:71:a4:5d:f0:02:7f:5c:ec:44:34:64:
                    0b:bf:4f:7f:9d:2a:e2:6a:21:47:08:05:dc:55:33:
                    12:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:75:E6:B3:BD:23:58:D8:70:7A:66:57:96:05:C7:4E:9F:7B:91:8B
            X509v3 Authority Key Identifier:
                keyid:B3:AC:87:03:59:25:39:AD:D4:92:A1:BD:C0:8E:99:7B:67:45:95:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/B3AC8703592539ADD492A1BDC08E997B67459567.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3138362e352e3233322e302f32312d3234203d3e203631343636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.5.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         65:aa:b7:56:69:f9:43:03:f7:28:9d:a9:9e:7d:8f:9c:12:4e:
         24:6e:4a:f2:05:a7:bd:5d:26:d4:8b:75:89:f3:98:67:83:5e:
         ef:74:b3:d5:fd:9c:8d:99:2e:fb:d1:03:74:ad:fc:2f:eb:c7:
         73:b1:8e:1e:a9:66:8e:96:7d:b0:5a:fa:4a:7c:09:9c:9f:f6:
         44:df:79:36:20:fe:53:45:27:a2:23:89:18:12:b1:6b:9a:5a:
         7a:33:db:2b:d3:86:70:85:40:ee:ca:2a:62:12:0f:10:9b:37:
         76:ef:ca:81:52:89:02:fd:c6:91:67:13:a1:d5:a0:b2:fa:5f:
         a9:99:18:e3:c5:8a:af:21:70:66:92:42:d8:32:98:b0:27:c9:
         d7:32:b0:94:5f:aa:93:fc:0f:fb:9d:5e:4c:70:4e:b5:28:33:
         c8:81:85:38:d7:6f:2c:ca:98:19:3e:4e:41:95:ed:1b:72:e0:
         01:57:5d:03:74:d6:67:eb:a3:67:fc:a3:4f:24:d2:6a:9a:1d:
         b3:c8:2a:3e:97:2c:c1:34:75:10:84:0c:50:12:88:dc:e9:35:
         fb:ee:8b:15:e7:d6:68:05:19:c5:2d:e0:13:01:ae:af:47:30:
         4e:1a:db:9d:7d:55:7c:66:f2:45:32:a9:b2:fa:f9:a0:47:74:
         66:8e:05:91
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUByH2io7HvgPOd3BuLdkLwbDYc0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjNBQzg3MDM1OTI1MzlBREQ0OTJBMUJEQzA4RTk5N0I2
NzQ1OTU2NzAeFw0yNDAzMDUxNzQ0MTBaFw0yNTAzMDQxNzQ5MTBaMDMxMTAvBgNV
BAMTKDJBNzVFNkIzQkQyMzU4RDg3MDdBNjY1Nzk2MDVDNzRFOUY3QjkxOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjiZKUc+iFIY/tx2iUf0FiEIhe
fhb6fpS7JnkuMTxa0Kx+HPXlc9sHIzJtYtKrbC33g+QQWrFHntKvXUhpIXyp2gnh
Jw1l59OnsIaw06uP5oMAx5/PWMhH1o3Lapc8Rt1R/XVGbzN/6Xj859ugy8rZdG5v
kpWtdg3J+udD7qN8gx/eb5SLlsyCLTbSQMrWqCdOxxrRKXWaIuOx+9/AMwMzGxhj
MWwfXDh/ka70FR4x7mT/6D7Cl1UmC5pKUXYmjdLQrQLpjLtlWVVc2sMre/+JMr+C
ZjMbas24d0RUqZjgMBLkQwVxpF3wAn9c7EQ0ZAu/T3+dKuJqIUcIBdxVMxLlAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUKnXms70jWNhwemZXlgXHTp97kYswHwYDVR0j
BBgwFoAUs6yHA1klOa3UkqG9wI6Ze2dFlWcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMTU1OUFBMzM0OUZFMkQ2NUE1QTU3Njk5MTM1NzNBOTk3
MThENDNEQTJEMERGQkI1QzNDNUZFOUQwREVFRTRELzAvQjNBQzg3MDM1OTI1MzlB
REQ0OTJBMUJEQzA4RTk5N0I2NzQ1OTU2Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CM0FDODcwMzU5MjUzOUFERDQ5
MkExQkRDMDhFOTk3QjY3NDU5NTY3LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTE1NTlBQTMzNDlGRTJENjVBNUE1NzY5OTEzNTczQTk5NzE4RDQzREEy
RDBERkJCNUMzQzVGRTlEMERFRUU0RC8wLzMxMzgzNjJlMzUyZTMyMzMzMjJlMzAy
ZjMyMzEyZDMyMzQyMDNkM2UyMDM2MzEzNDM2MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO6BegwDQYJ
KoZIhvcNAQELBQADggEBAGWqt1Zp+UMD9yidqZ59j5wSTiRuSvIFp71dJtSLdYnz
mGeDXu90s9X9nI2ZLvvRA3St/C/rx3Oxjh6pZo6WfbBa+kp8CZyf9kTfeTYg/lNF
J6IjiRgSsWuaWnoz2yvThnCFQO7KKmISDxCbN3bvyoFSiQL9xpFnE6HVoLL6X6mZ
GOPFiq8hcGaSQtgymLAnydcysJRfqpP8D/udXkxwTrUoM8iBhTjXbyzKmBk+TkGV
7Rty4AFXXQN01mfro2f8o08k0mqaHbPIKj6XLME0dRCEDFASiNzpNfvuixXn1mgF
GcUt4BMBrq9HME4a2519VXxm8kUyqbL6+aBHdGaOBZE=
-----END CERTIFICATE-----
Generated at Wed Dec 11 09:23:40 2024 by rpki-client on console-ams.rpki-client.org