Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1244569586B78FBA22BD188209EE71ED9A1EBB587A0C94B828A92E7223D62984/0/3137392e34322e3137322e302f32322d3234203d3e20323633313935.roa
File:                     3137392e34322e3137322e302f32322d3234203d3e20323633313935.roa (raw, json)
Hash identifier:          vXWko1le2RnXG5BlBYK82maX0UkyGIvlG0gvU76Ccx8=
Subject key identifier:   F5:84:00:05:90:DC:E1:81:90:5F:B1:D5:82:4C:3F:65:1A:11:EA:F4
Certificate issuer:       /CN=67C6935F7C38762C3BEE650617B03328B96FF014
Certificate serial:       1A835D281977D6BEB24375EF6FB17E8C972FFAA6
Authority key identifier: 67:C6:93:5F:7C:38:76:2C:3B:EE:65:06:17:B0:33:28:B9:6F:F0:14
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/67C6935F7C38762C3BEE650617B03328B96FF014.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1244569586B78FBA22BD188209EE71ED9A1EBB587A0C94B828A92E7223D62984/0/3137392e34322e3137322e302f32322d3234203d3e20323633313935.roa
Signing time:             Tue 05 Mar 2024 18:02:06 +0000
ROA not before:           Tue 05 Mar 2024 17:57:06 +0000
ROA not after:            Tue 04 Mar 2025 18:02:06 +0000
asID:                     263195
IP address blocks:        179.42.172.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1244569586B78FBA22BD188209EE71ED9A1EBB587A0C94B828A92E7223D62984/0/67C6935F7C38762C3BEE650617B03328B96FF014.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1244569586B78FBA22BD188209EE71ED9A1EBB587A0C94B828A92E7223D62984/0/67C6935F7C38762C3BEE650617B03328B96FF014.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/67C6935F7C38762C3BEE650617B03328B96FF014.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:83:5d:28:19:77:d6:be:b2:43:75:ef:6f:b1:7e:8c:97:2f:fa:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67C6935F7C38762C3BEE650617B03328B96FF014
        Validity
            Not Before: Mar  5 17:57:06 2024 GMT
            Not After : Mar  4 18:02:06 2025 GMT
        Subject: CN=F584000590DCE181905FB1D5824C3F651A11EAF4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:32:bd:2d:d5:72:f6:1d:8a:43:3e:fa:4c:c3:
                    ff:0f:a8:76:40:ca:9d:2e:30:d0:1d:ba:39:ba:7f:
                    b4:f1:ae:3f:ed:87:65:53:75:7e:e3:8f:73:be:43:
                    6c:79:b3:8b:d1:9c:f2:d7:8d:40:f1:fe:2c:28:7b:
                    9d:7d:13:17:2f:24:6c:b0:10:bd:51:cd:54:91:3d:
                    6f:60:f8:be:f6:58:36:da:be:82:35:df:2b:ea:4e:
                    cf:10:ab:b7:07:1d:47:e7:a9:26:bb:31:38:48:f7:
                    a6:09:8b:60:65:df:95:da:35:2d:28:a4:37:b3:8f:
                    57:de:52:bc:5d:42:8e:e7:37:be:92:f8:b9:7d:be:
                    fd:53:4b:7e:46:8e:44:28:a1:24:6d:65:e8:5f:c6:
                    29:94:32:1c:5a:e7:f8:7f:e6:e5:17:8c:02:3c:2c:
                    e0:5a:b4:de:f1:d1:c3:01:6b:86:74:9c:77:31:42:
                    22:92:ed:5f:85:bc:c6:a1:7a:e2:8e:5a:7b:7a:85:
                    a9:9f:f8:c7:51:97:90:41:96:4e:85:91:d3:fe:bd:
                    32:dd:7b:09:2a:c3:a4:d3:78:77:75:5d:9a:05:9c:
                    b9:a2:d6:52:06:fa:f1:50:f8:b6:18:40:4b:e5:df:
                    62:a2:be:6d:5e:b6:95:99:40:b3:7d:1e:76:f8:b3:
                    64:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:84:00:05:90:DC:E1:81:90:5F:B1:D5:82:4C:3F:65:1A:11:EA:F4
            X509v3 Authority Key Identifier:
                keyid:67:C6:93:5F:7C:38:76:2C:3B:EE:65:06:17:B0:33:28:B9:6F:F0:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1244569586B78FBA22BD188209EE71ED9A1EBB587A0C94B828A92E7223D62984/0/67C6935F7C38762C3BEE650617B03328B96FF014.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/67C6935F7C38762C3BEE650617B03328B96FF014.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1244569586B78FBA22BD188209EE71ED9A1EBB587A0C94B828A92E7223D62984/0/3137392e34322e3137322e302f32322d3234203d3e20323633313935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.42.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         aa:1a:24:95:28:8e:eb:2a:5b:0f:a0:ca:95:f2:1f:14:19:10:
         f0:3b:db:d9:3e:60:03:96:30:65:28:33:a7:f8:89:a4:5d:81:
         99:61:2f:6c:6f:c4:4f:b4:8c:b0:ab:6c:c1:9d:b8:96:e9:b4:
         78:66:c2:dc:58:00:e3:18:b2:4d:bc:c0:88:84:f1:b1:23:95:
         55:34:f2:8f:f0:75:ff:ec:33:08:ee:f9:97:41:e3:dd:28:73:
         34:92:85:8d:98:70:01:49:4e:57:80:d3:bc:73:ca:ea:79:53:
         94:46:57:0e:77:71:79:6f:cf:c0:83:12:a9:6c:1d:3c:8b:72:
         5d:a9:5f:8d:43:a9:6d:d5:1b:cb:1d:3f:64:1f:57:c1:c8:f6:
         62:99:29:7d:1f:26:98:45:4b:42:8b:14:c3:e8:a1:d3:34:69:
         35:f7:8d:2f:a0:17:0f:27:65:a0:14:1a:f2:64:df:2b:49:db:
         6c:af:fa:2a:f0:a0:0a:9c:16:bd:82:9a:83:19:98:66:55:5d:
         be:a6:31:b4:c3:9d:f0:96:59:90:73:41:ce:58:05:df:d9:dc:
         23:35:cf:26:e6:cc:4c:51:72:38:c0:1f:78:16:1f:b0:df:a8:
         49:cf:7b:4c:53:e4:b0:80:63:15:a3:06:d3:aa:b9:3d:77:27:
         5d:11:6b:dc
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUGoNdKBl31r6yQ3Xvb7F+jJcv+qYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjdDNjkzNUY3QzM4NzYyQzNCRUU2NTA2MTdCMDMzMjhC
OTZGRjAxNDAeFw0yNDAzMDUxNzU3MDZaFw0yNTAzMDQxODAyMDZaMDMxMTAvBgNV
BAMTKEY1ODQwMDA1OTBEQ0UxODE5MDVGQjFENTgyNEMzRjY1MUExMUVBRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiMr0t1XL2HYpDPvpMw/8PqHZA
yp0uMNAdujm6f7Txrj/th2VTdX7jj3O+Q2x5s4vRnPLXjUDx/iwoe519ExcvJGyw
EL1RzVSRPW9g+L72WDbavoI13yvqTs8Qq7cHHUfnqSa7MThI96YJi2Bl35XaNS0o
pDezj1feUrxdQo7nN76S+Ll9vv1TS35GjkQooSRtZehfximUMhxa5/h/5uUXjAI8
LOBatN7x0cMBa4Z0nHcxQiKS7V+FvMaheuKOWnt6hamf+MdRl5BBlk6FkdP+vTLd
ewkqw6TTeHd1XZoFnLmi1lIG+vFQ+LYYQEvl32Kivm1etpWZQLN9Hnb4s2TrAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU9YQABZDc4YGQX7HVgkw/ZRoR6vQwHwYDVR0j
BBgwFoAUZ8aTX3w4diw77mUGF7AzKLlv8BQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMjQ0NTY5NTg2Qjc4RkJBMjJCRDE4ODIwOUVFNzFFRDlB
MUVCQjU4N0EwQzk0QjgyOEE5MkU3MjIzRDYyOTg0LzAvNjdDNjkzNUY3QzM4NzYy
QzNCRUU2NTA2MTdCMDMzMjhCOTZGRjAxNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82N0M2OTM1RjdDMzg3NjJDM0JF
RTY1MDYxN0IwMzMyOEI5NkZGMDE0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTI0NDU2OTU4NkI3OEZCQTIyQkQxODgyMDlFRTcxRUQ5QTFFQkI1ODdB
MEM5NEI4MjhBOTJFNzIyM0Q2Mjk4NC8wLzMxMzczOTJlMzQzMjJlMzEzNzMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjMzMzEzOTM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsyqs
MA0GCSqGSIb3DQEBCwUAA4IBAQCqGiSVKI7rKlsPoMqV8h8UGRDwO9vZPmADljBl
KDOn+ImkXYGZYS9sb8RPtIywq2zBnbiW6bR4ZsLcWADjGLJNvMCIhPGxI5VVNPKP
8HX/7DMI7vmXQePdKHM0koWNmHABSU5XgNO8c8rqeVOURlcOd3F5b8/AgxKpbB08
i3JdqV+NQ6lt1RvLHT9kH1fByPZimSl9HyaYRUtCixTD6KHTNGk1940voBcPJ2Wg
FBryZN8rSdtsr/oq8KAKnBa9gpqDGZhmVV2+pjG0w53wllmQc0HOWAXf2dwjNc8m
5sxMUXI4wB94Fh+w36hJz3tMU+SwgGMVowbTqrk9dyddEWvc
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:24:17 2024 by rpki-client on console-ams.rpki-client.org