Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/13C21EB109DF0FFFE7B7CF55D4063ED964CFE1D5A19F869E39B681EF3C8E247C/0/3133382e3132322e352e302f32342d3234203d3e20323639393734.roa
File:                     3133382e3132322e352e302f32342d3234203d3e20323639393734.roa (raw, json)
Hash identifier:          BFPrCFOkqRI/3ZrUOEQ2ZrJfF2Ko0oYUtX9uLYxe78o=
Subject key identifier:   F5:03:F9:2D:DE:CE:DF:6D:F7:48:96:DD:3C:EC:C1:D7:D3:C9:1B:3C
Certificate issuer:       /CN=27B2C20B7F3B89ACF8EEF9843FF5DED4D058370F
Certificate serial:       6AA7CC271649463F16FE456C93DAC27B5A554302
Authority key identifier: 27:B2:C2:0B:7F:3B:89:AC:F8:EE:F9:84:3F:F5:DE:D4:D0:58:37:0F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/27B2C20B7F3B89ACF8EEF9843FF5DED4D058370F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/13C21EB109DF0FFFE7B7CF55D4063ED964CFE1D5A19F869E39B681EF3C8E247C/0/3133382e3132322e352e302f32342d3234203d3e20323639393734.roa
Signing time:             Tue 05 Mar 2024 17:45:34 +0000
ROA not before:           Tue 05 Mar 2024 17:40:34 +0000
ROA not after:            Tue 04 Mar 2025 17:45:34 +0000
asID:                     269974
IP address blocks:        138.122.5.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/13C21EB109DF0FFFE7B7CF55D4063ED964CFE1D5A19F869E39B681EF3C8E247C/0/27B2C20B7F3B89ACF8EEF9843FF5DED4D058370F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/13C21EB109DF0FFFE7B7CF55D4063ED964CFE1D5A19F869E39B681EF3C8E247C/0/27B2C20B7F3B89ACF8EEF9843FF5DED4D058370F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/27B2C20B7F3B89ACF8EEF9843FF5DED4D058370F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:a7:cc:27:16:49:46:3f:16:fe:45:6c:93:da:c2:7b:5a:55:43:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27B2C20B7F3B89ACF8EEF9843FF5DED4D058370F
        Validity
            Not Before: Mar  5 17:40:34 2024 GMT
            Not After : Mar  4 17:45:34 2025 GMT
        Subject: CN=F503F92DDECEDF6DF74896DD3CECC1D7D3C91B3C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:93:2b:14:3e:e4:7f:5f:42:a4:bd:97:14:b7:
                    d6:ce:d5:7c:0b:4a:9a:ff:40:f4:f0:f0:39:6b:af:
                    ce:54:36:01:3d:6c:12:76:6f:98:54:91:de:b5:3b:
                    8f:66:53:f1:7c:10:b5:74:c0:1d:80:d9:37:4c:85:
                    48:23:f6:4e:08:9b:1b:6c:2e:b5:a2:34:a8:3d:29:
                    07:ba:7c:a3:9d:c4:ad:66:2b:6c:bf:d0:d1:af:bb:
                    3c:b6:9c:d3:a3:52:3e:56:9d:a0:d9:10:ca:8c:e2:
                    72:dd:57:91:b3:dd:d1:28:10:05:89:c1:75:b6:a2:
                    24:bc:b9:d5:1e:88:d1:04:8f:e7:b0:dd:a7:6f:3a:
                    f4:6c:bf:99:92:fd:7f:92:fd:11:eb:40:d7:95:f8:
                    d3:15:45:8d:a3:30:90:04:06:c3:43:71:3a:ce:50:
                    5d:7a:43:a4:b7:4a:b7:3f:1e:49:8a:d9:33:03:15:
                    0f:18:a9:26:31:b5:4a:e2:f7:63:dd:8d:e2:43:84:
                    fa:5b:2c:b7:e9:69:ee:ca:75:22:f0:c5:50:8b:cb:
                    36:57:90:36:e1:51:84:cc:78:5e:82:ca:a4:69:74:
                    a8:59:7b:a4:fc:82:a9:17:ce:94:6b:72:c5:ec:c1:
                    3c:e8:85:d4:02:ec:bb:dc:b2:a8:69:4b:e8:fc:54:
                    81:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:03:F9:2D:DE:CE:DF:6D:F7:48:96:DD:3C:EC:C1:D7:D3:C9:1B:3C
            X509v3 Authority Key Identifier:
                keyid:27:B2:C2:0B:7F:3B:89:AC:F8:EE:F9:84:3F:F5:DE:D4:D0:58:37:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/13C21EB109DF0FFFE7B7CF55D4063ED964CFE1D5A19F869E39B681EF3C8E247C/0/27B2C20B7F3B89ACF8EEF9843FF5DED4D058370F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/27B2C20B7F3B89ACF8EEF9843FF5DED4D058370F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/13C21EB109DF0FFFE7B7CF55D4063ED964CFE1D5A19F869E39B681EF3C8E247C/0/3133382e3132322e352e302f32342d3234203d3e20323639393734.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.122.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:e6:d2:0b:28:0a:be:b9:fe:99:82:4b:c5:98:03:bb:00:1d:
         3e:fe:f4:f5:4e:f9:2a:31:3e:d3:47:dc:86:b0:63:1d:81:d5:
         7c:d6:f3:03:cf:1e:f4:42:70:a4:14:e5:66:3c:e9:df:1d:28:
         9e:a5:09:1e:47:fb:9c:c2:cd:f1:a2:76:68:96:24:0c:31:bb:
         7b:a1:58:69:a9:94:19:18:88:23:fc:bf:c9:90:5c:3d:33:b9:
         fb:e6:ca:40:e0:b7:7f:10:a3:81:2b:6a:49:c3:19:2a:e2:b0:
         da:b5:da:66:5e:1e:8a:db:cc:03:e6:fb:4b:78:ff:1f:a9:b9:
         48:26:c3:86:7f:93:64:c3:2e:ac:dc:f6:06:78:49:90:77:f1:
         60:cd:ed:31:99:a1:33:11:c9:c0:f7:dd:cb:79:a7:48:2a:61:
         14:92:7c:ce:43:5f:0c:dc:bd:5c:4a:99:bd:96:54:47:48:06:
         7a:88:84:2f:be:21:52:14:2b:54:27:46:33:d2:4e:cb:c7:d2:
         ab:a1:86:33:94:aa:c1:55:23:d5:42:0c:80:8c:a1:6f:5b:6a:
         01:95:ef:b0:1a:a8:ad:68:76:8f:3f:16:60:f9:a3:39:22:c0:
         38:8a:4e:df:f2:4b:2a:10:f6:b5:89:c5:c7:5a:d9:87:4e:20:
         cb:e2:84:fb
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUaqfMJxZJRj8W/kVsk9rCe1pVQwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjdCMkMyMEI3RjNCODlBQ0Y4RUVGOTg0M0ZGNURFRDRE
MDU4MzcwRjAeFw0yNDAzMDUxNzQwMzRaFw0yNTAzMDQxNzQ1MzRaMDMxMTAvBgNV
BAMTKEY1MDNGOTJEREVDRURGNkRGNzQ4OTZERDNDRUNDMUQ3RDNDOTFCM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgkysUPuR/X0KkvZcUt9bO1XwL
Spr/QPTw8Dlrr85UNgE9bBJ2b5hUkd61O49mU/F8ELV0wB2A2TdMhUgj9k4Imxts
LrWiNKg9KQe6fKOdxK1mK2y/0NGvuzy2nNOjUj5WnaDZEMqM4nLdV5Gz3dEoEAWJ
wXW2oiS8udUeiNEEj+ew3advOvRsv5mS/X+S/RHrQNeV+NMVRY2jMJAEBsNDcTrO
UF16Q6S3Src/HkmK2TMDFQ8YqSYxtUri92PdjeJDhPpbLLfpae7KdSLwxVCLyzZX
kDbhUYTMeF6CyqRpdKhZe6T8gqkXzpRrcsXswTzohdQC7LvcsqhpS+j8VIF3AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU9QP5Ld7O3233SJbdPOzB19PJGzwwHwYDVR0j
BBgwFoAUJ7LCC387iaz47vmEP/Xe1NBYNw8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xM0MyMUVCMTA5REYwRkZGRTdCN0NGNTVENDA2M0VEOTY0
Q0ZFMUQ1QTE5Rjg2OUUzOUI2ODFFRjNDOEUyNDdDLzAvMjdCMkMyMEI3RjNCODlB
Q0Y4RUVGOTg0M0ZGNURFRDREMDU4MzcwRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yN0IyQzIwQjdGM0I4OUFDRjhF
RUY5ODQzRkY1REVENEQwNTgzNzBGLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTNDMjFFQjEwOURGMEZGRkU3QjdDRjU1RDQwNjNFRDk2NENGRTFENUEx
OUY4NjlFMzlCNjgxRUYzQzhFMjQ3Qy8wLzMxMzMzODJlMzEzMjMyMmUzNTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzOTM5MzczNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIp6BTAN
BgkqhkiG9w0BAQsFAAOCAQEAXebSCygKvrn+mYJLxZgDuwAdPv709U75KjE+00fc
hrBjHYHVfNbzA88e9EJwpBTlZjzp3x0onqUJHkf7nMLN8aJ2aJYkDDG7e6FYaamU
GRiII/y/yZBcPTO5++bKQOC3fxCjgStqScMZKuKw2rXaZl4eitvMA+b7S3j/H6m5
SCbDhn+TZMMurNz2BnhJkHfxYM3tMZmhMxHJwPfdy3mnSCphFJJ8zkNfDNy9XEqZ
vZZUR0gGeoiEL74hUhQrVCdGM9JOy8fSq6GGM5SqwVUj1UIMgIyhb1tqAZXvsBqo
rWh2jz8WYPmjOSLAOIpO3/JLKhD2tYnFx1rZh04gy+KE+w==
-----END CERTIFICATE-----
Generated at Wed Nov 20 08:53:04 2024 by rpki-client on console-ams.rpki-client.org