Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e33362e3233392e302f32342d3234203d3e203237383233.roa
File:                     3133382e33362e3233392e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          RcVSudgW+qG3LEbrvhTiaCiXCEBOysnxnWSi8Dgynt4=
Subject key identifier:   EF:8B:1C:FE:63:CF:AC:95:30:3F:70:47:1D:59:79:31:4D:01:E2:BE
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       178F82FBFDAD0B8992D4F46FC43927F14993A703
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e33362e3233392e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 05 Mar 2024 17:40:06 +0000
ROA not before:           Tue 05 Mar 2024 17:35:06 +0000
ROA not after:            Tue 04 Mar 2025 17:40:06 +0000
asID:                     27823
IP address blocks:        138.36.239.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:8f:82:fb:fd:ad:0b:89:92:d4:f4:6f:c4:39:27:f1:49:93:a7:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Mar  5 17:35:06 2024 GMT
            Not After : Mar  4 17:40:06 2025 GMT
        Subject: CN=EF8B1CFE63CFAC95303F70471D5979314D01E2BE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:b9:7c:3b:0b:5f:9d:bc:63:f2:41:19:42:39:
                    43:61:ad:52:53:3e:af:b4:8c:b3:24:c7:b4:98:88:
                    fd:9a:d7:f4:de:d3:67:60:66:51:8c:f6:77:d9:69:
                    d0:62:98:65:0b:8c:65:b9:18:5d:b9:02:55:75:8c:
                    2d:90:dd:8e:68:4c:03:84:40:8f:23:d2:05:ed:7f:
                    ee:dc:5d:47:bb:fe:81:ae:64:6d:0f:9e:8a:84:53:
                    34:b5:81:15:5f:dc:c1:14:a6:05:cb:19:63:b4:71:
                    69:54:79:9c:f5:c1:35:49:50:1c:86:a7:2d:a8:aa:
                    6a:c4:86:a3:55:95:46:47:bf:7c:3f:cd:5c:d8:78:
                    52:d3:eb:c0:e5:ae:d5:e4:8c:49:55:ed:79:1a:8d:
                    2b:cd:22:7a:1c:85:0b:c1:67:51:f8:6e:11:f0:28:
                    68:b5:bf:e4:67:42:7f:f1:f6:1d:23:37:19:2e:67:
                    a6:71:df:8d:c8:c0:98:62:e3:78:c3:f6:61:8c:6d:
                    b2:8b:dc:4d:e7:52:fc:9b:3b:6a:20:93:da:ba:92:
                    86:d7:6e:b3:3c:87:f9:0c:d4:c1:c3:4a:b9:af:6f:
                    be:48:a7:64:52:93:5b:8c:f9:4b:8d:31:50:87:e3:
                    ad:a2:b2:8b:44:a4:cf:ff:38:07:4c:66:34:d4:33:
                    8c:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:8B:1C:FE:63:CF:AC:95:30:3F:70:47:1D:59:79:31:4D:01:E2:BE
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e33362e3233392e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.36.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:48:be:c7:05:be:ad:84:5b:55:a8:31:35:14:34:09:2b:28:
         62:fa:be:8e:b8:d3:32:26:70:ce:42:af:b0:20:85:e0:07:e9:
         eb:12:44:e8:43:48:91:fe:28:78:ff:72:4e:5b:f5:fa:4b:00:
         d1:90:7a:8d:d8:7a:b8:d3:30:b7:f7:05:79:66:73:e6:66:14:
         fa:f0:88:12:86:bc:9a:da:29:f0:f5:34:d9:a0:2f:f6:8f:44:
         21:62:ef:66:a8:74:83:79:7f:ea:63:5d:4d:a9:09:44:21:ec:
         54:ca:fd:c9:8c:b6:52:b7:36:d2:b6:71:6a:47:56:33:86:2a:
         3f:54:c0:84:f1:7f:ec:8d:e8:34:f2:d0:e7:64:12:51:e3:d3:
         f1:6c:67:44:8e:e7:11:74:d5:5f:8f:e9:42:d9:75:44:6a:4d:
         69:08:20:1a:6d:51:b3:c5:13:d1:31:85:71:92:c9:fa:c1:52:
         1c:4f:bd:85:1a:f6:14:82:43:fa:95:b8:eb:0d:a8:4e:7f:94:
         ab:6d:c2:4d:ba:60:04:3c:f2:b2:3e:6e:40:0b:c8:3d:d6:e6:
         f6:2e:0c:07:8f:a6:d2:1a:5a:22:b3:6f:19:fb:cb:99:fa:89:
         68:2f:89:d3:ef:d4:49:cd:a9:f1:6b:21:ce:da:76:9d:dd:1f:
         88:8b:9d:7f
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUF4+C+/2tC4mS1PRvxDkn8UmTpwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNDAzMDUxNzM1MDZaFw0yNTAzMDQxNzQwMDZaMDMxMTAvBgNV
BAMTKEVGOEIxQ0ZFNjNDRkFDOTUzMDNGNzA0NzFENTk3OTMxNEQwMUUyQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDduXw7C1+dvGPyQRlCOUNhrVJT
Pq+0jLMkx7SYiP2a1/Te02dgZlGM9nfZadBimGULjGW5GF25AlV1jC2Q3Y5oTAOE
QI8j0gXtf+7cXUe7/oGuZG0PnoqEUzS1gRVf3MEUpgXLGWO0cWlUeZz1wTVJUByG
py2oqmrEhqNVlUZHv3w/zVzYeFLT68DlrtXkjElV7XkajSvNInochQvBZ1H4bhHw
KGi1v+RnQn/x9h0jNxkuZ6Zx343IwJhi43jD9mGMbbKL3E3nUvybO2ogk9q6kobX
brM8h/kM1MHDSrmvb75Ip2RSk1uM+UuNMVCH462isotEpM//OAdMZjTUM4wlAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU74sc/mPPrJUwP3BHHVl5MU0B4r4wHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzMzODJlMzMzNjJlMzIzMzM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIok7zAN
BgkqhkiG9w0BAQsFAAOCAQEAL0i+xwW+rYRbVagxNRQ0CSsoYvq+jrjTMiZwzkKv
sCCF4Afp6xJE6ENIkf4oeP9yTlv1+ksA0ZB6jdh6uNMwt/cFeWZz5mYU+vCIEoa8
mtop8PU02aAv9o9EIWLvZqh0g3l/6mNdTakJRCHsVMr9yYy2Urc20rZxakdWM4Yq
P1TAhPF/7I3oNPLQ52QSUePT8WxnRI7nEXTVX4/pQtl1RGpNaQggGm1Rs8UT0TGF
cZLJ+sFSHE+9hRr2FIJD+pW46w2oTn+Uq23CTbpgBDzysj5uQAvIPdbm9i4MB4+m
0hpaIrNvGfvLmfqJaC+J0+/USc2p8Wshztp2nd0fiIudfw==
-----END CERTIFICATE-----
Generated at Wed Nov 20 05:43:17 2024 by rpki-client on console-fra.rpki-client.org