Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e33362e3233362e302f32322d3234203d3e203237383233.roa
File:                     3133382e33362e3233362e302f32322d3234203d3e203237383233.roa (raw, json)
Hash identifier:          LUzJiyOvrTXkpRPRiIbOlCCDSS6JAMRrdrFfiVseeCg=
Subject key identifier:   B1:00:B7:12:14:47:D1:B0:18:DF:C1:E0:C9:B2:79:95:34:4D:CB:D4
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       5252593E23F50A61B87FCA1AC41251CB45FA85BA
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e33362e3233362e302f32322d3234203d3e203237383233.roa
Signing time:             Tue 05 Mar 2024 17:40:12 +0000
ROA not before:           Tue 05 Mar 2024 17:35:12 +0000
ROA not after:            Tue 04 Mar 2025 17:40:12 +0000
asID:                     27823
IP address blocks:        138.36.236.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 26 Nov 2024 22:33:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:52:59:3e:23:f5:0a:61:b8:7f:ca:1a:c4:12:51:cb:45:fa:85:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Mar  5 17:35:12 2024 GMT
            Not After : Mar  4 17:40:12 2025 GMT
        Subject: CN=B100B7121447D1B018DFC1E0C9B27995344DCBD4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:f4:62:3f:7e:f1:b6:79:a1:7d:d3:dc:0d:63:
                    78:0d:7e:a0:3d:13:07:4f:d9:b2:09:ba:21:7c:40:
                    09:e1:d2:e2:ff:0d:4d:4a:e6:72:26:04:cc:5c:f9:
                    f2:19:d9:9f:1e:5e:75:08:5b:9b:92:54:ab:48:34:
                    35:ae:91:1e:82:76:37:7a:4b:a0:01:f5:f6:da:c9:
                    2f:04:4d:c7:55:1e:cd:c0:e1:a5:75:ee:58:15:e1:
                    a5:99:2a:af:34:e3:32:b1:ea:6d:a6:a1:5a:6e:6a:
                    bf:99:9f:87:25:78:4b:37:1a:7a:d5:81:31:cf:a4:
                    55:f3:bb:6c:47:5c:78:19:84:40:ba:23:fd:93:fd:
                    fe:70:e7:32:7e:de:12:3c:3e:83:2c:cd:04:8f:28:
                    7e:74:d7:72:be:54:9e:92:df:a4:6b:65:98:b7:1a:
                    2c:f5:d5:14:b1:0d:0d:a7:28:7d:30:f6:b1:2d:d0:
                    7e:69:69:25:68:8b:07:f9:46:b4:0d:46:52:6f:ac:
                    1e:25:09:ac:e8:78:88:57:c1:15:7a:33:60:38:a2:
                    dc:5d:9e:a0:e0:ea:2b:5d:87:a0:6b:97:96:26:64:
                    09:f8:c1:82:57:d9:96:69:d7:8f:5c:65:28:71:ca:
                    63:fb:fb:17:03:c8:16:5b:66:86:81:8e:c6:ff:2f:
                    0b:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:00:B7:12:14:47:D1:B0:18:DF:C1:E0:C9:B2:79:95:34:4D:CB:D4
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e33362e3233362e302f32322d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.36.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9c:47:4f:e2:9a:b9:67:4f:38:30:a0:ab:f1:8a:18:02:66:ee:
         ac:65:fe:e8:99:01:9b:ca:39:e7:95:98:db:4b:23:31:cf:0e:
         44:a1:fa:ef:a1:71:e5:75:91:05:aa:e1:f8:f6:37:cb:ac:a7:
         35:d5:df:c7:f0:13:86:8d:bc:f8:6f:76:a3:fc:77:04:ae:9d:
         89:e5:5d:d8:8c:01:67:7d:63:ec:36:48:6b:50:39:b6:c5:8f:
         0e:ea:51:b4:9a:49:36:0b:2c:6e:5a:23:53:03:5c:03:ac:6b:
         5f:c7:d8:9c:2a:40:58:3d:24:4f:1f:59:9e:ab:25:15:3f:37:
         46:cd:ba:ba:8f:e7:4f:d3:1f:d3:b7:a4:cb:ea:5e:5c:f3:53:
         78:b7:10:eb:d6:fc:e6:17:78:be:52:e1:6a:a7:83:56:89:ec:
         fe:81:71:76:2a:10:6d:89:14:de:3b:15:1e:f0:24:06:18:a4:
         ae:02:9a:21:18:28:95:7d:db:9b:52:d0:3f:70:47:b9:65:bf:
         48:5a:06:0e:e0:cb:aa:04:8c:60:98:4c:e0:05:0e:84:7b:7c:
         11:09:a6:2d:29:6b:5c:37:34:a6:8f:10:55:1d:c2:fb:44:81:
         24:b8:c5:07:dd:23:b6:73:2e:37:15:56:a2:01:61:42:da:8e:
         16:9a:f4:6b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUUlJZPiP1CmG4f8oaxBJRy0X6hbowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNDAzMDUxNzM1MTJaFw0yNTAzMDQxNzQwMTJaMDMxMTAvBgNV
BAMTKEIxMDBCNzEyMTQ0N0QxQjAxOERGQzFFMEM5QjI3OTk1MzQ0RENCRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp9GI/fvG2eaF909wNY3gNfqA9
EwdP2bIJuiF8QAnh0uL/DU1K5nImBMxc+fIZ2Z8eXnUIW5uSVKtINDWukR6Cdjd6
S6AB9fbayS8ETcdVHs3A4aV17lgV4aWZKq804zKx6m2moVpuar+Zn4cleEs3GnrV
gTHPpFXzu2xHXHgZhEC6I/2T/f5w5zJ+3hI8PoMszQSPKH5013K+VJ6S36RrZZi3
Giz11RSxDQ2nKH0w9rEt0H5paSVoiwf5RrQNRlJvrB4lCazoeIhXwRV6M2A4otxd
nqDg6itdh6Brl5YmZAn4wYJX2ZZp149cZShxymP7+xcDyBZbZoaBjsb/LwtzAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUsQC3EhRH0bAY38HgybJ5lTRNy9QwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzMzODJlMzMzNjJlMzIzMzM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAook7DAN
BgkqhkiG9w0BAQsFAAOCAQEAnEdP4pq5Z084MKCr8YoYAmburGX+6JkBm8o555WY
20sjMc8ORKH676Fx5XWRBarh+PY3y6ynNdXfx/ATho28+G92o/x3BK6dieVd2IwB
Z31j7DZIa1A5tsWPDupRtJpJNgssblojUwNcA6xrX8fYnCpAWD0kTx9ZnqslFT83
Rs26uo/nT9Mf07eky+peXPNTeLcQ69b85hd4vlLhaqeDVons/oFxdioQbYkU3jsV
HvAkBhikrgKaIRgolX3bm1LQP3BHuWW/SFoGDuDLqgSMYJhM4AUOhHt8EQmmLSlr
XDc0po8QVR3C+0SBJLjFB90jtnMuNxVWogFhQtqOFpr0aw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:58 2024 by rpki-client on console-ams.rpki-client.org