Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/3137392e34322e3138362e302f32342d3234203d3e203532333639.roa
File:                     3137392e34322e3138362e302f32342d3234203d3e203532333639.roa (raw, json)
Hash identifier:          +UqRBj3DKbIAJmOS9xNwhReUN91TVe1w0AvjdgiWXXM=
Subject key identifier:   BA:E5:FF:78:68:B5:D5:F0:8D:B7:2E:91:F4:D9:22:E4:3C:0C:66:F7
Certificate issuer:       /CN=8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84
Certificate serial:       5FE7FC20BC35285AFFB3257328F6094452AD0F1E
Authority key identifier: 8E:F9:C7:D6:5A:4C:BA:F5:D2:1A:15:FA:2C:23:7D:D8:7F:F7:EF:84
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/3137392e34322e3138362e302f32342d3234203d3e203532333639.roa
Signing time:             Sun 31 Mar 2024 03:25:01 +0000
ROA not before:           Sun 31 Mar 2024 03:20:01 +0000
ROA not after:            Sun 30 Mar 2025 03:25:01 +0000
asID:                     52369
IP address blocks:        179.42.186.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:e7:fc:20:bc:35:28:5a:ff:b3:25:73:28:f6:09:44:52:ad:0f:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84
        Validity
            Not Before: Mar 31 03:20:01 2024 GMT
            Not After : Mar 30 03:25:01 2025 GMT
        Subject: CN=BAE5FF7868B5D5F08DB72E91F4D922E43C0C66F7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b9:57:59:44:18:b7:72:68:f0:8d:44:f4:90:
                    4c:de:74:c1:fc:f9:0d:87:18:9c:61:e0:9c:7e:44:
                    64:f7:4b:e3:01:68:8b:41:45:c9:41:f1:f0:fe:22:
                    a1:42:e8:5e:2d:43:fc:68:3a:02:2e:14:41:0e:37:
                    e9:e5:e1:75:7d:4c:83:ce:dc:e3:ec:1e:e0:c8:fa:
                    f6:11:32:0b:5b:1d:ee:01:64:61:52:b1:28:79:c5:
                    f1:50:c8:ca:45:db:f9:30:04:6f:71:0e:e0:cb:c3:
                    c5:73:a4:f4:3b:6a:3c:ce:0f:09:30:cc:9a:8d:ad:
                    b1:27:5e:b9:c1:4c:d6:f4:29:41:4a:13:63:40:07:
                    22:74:75:fb:59:aa:a2:bc:33:f9:ab:9b:a6:7f:bc:
                    ba:6b:2d:b6:9e:99:21:c6:49:39:81:bf:4f:b8:51:
                    8f:34:aa:be:89:6c:eb:9a:ce:a0:7e:49:ba:61:7c:
                    df:3f:91:4b:68:65:4f:6d:e8:e9:47:c4:4e:59:f9:
                    ad:ae:89:30:1b:23:3d:da:cf:e9:a1:49:f9:95:f2:
                    99:fc:41:2d:c9:50:8b:ba:f4:9a:7a:1b:2b:dd:0c:
                    34:67:f8:aa:a8:2f:34:37:c4:06:f6:6f:0a:76:b7:
                    cc:a2:4d:66:c7:17:3f:a5:5e:a8:72:4d:cf:ff:b6:
                    1a:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:E5:FF:78:68:B5:D5:F0:8D:B7:2E:91:F4:D9:22:E4:3C:0C:66:F7
            X509v3 Authority Key Identifier:
                keyid:8E:F9:C7:D6:5A:4C:BA:F5:D2:1A:15:FA:2C:23:7D:D8:7F:F7:EF:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/3137392e34322e3138362e302f32342d3234203d3e203532333639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.42.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:03:dd:62:33:21:11:1e:9d:66:a7:a1:ea:b8:e0:8f:30:85:
         dc:aa:90:9c:f3:70:41:58:0b:fa:ed:e9:d6:91:cc:44:50:0d:
         b3:cc:b2:d1:7f:56:b9:11:36:e3:38:82:31:e8:10:9e:02:dc:
         7b:02:bb:3a:31:82:d6:ea:cf:2c:62:54:ad:27:26:40:03:35:
         7e:91:ec:ec:3a:cb:4a:a8:40:0b:47:d0:55:8c:6e:87:94:6a:
         36:92:de:1a:88:c0:0b:bb:b9:b3:b0:9f:3f:64:88:c0:c3:14:
         c3:bf:ac:d8:84:f0:3e:43:d6:bb:3f:db:22:a0:01:07:fb:fd:
         51:ba:77:a2:92:d7:a8:5a:1d:5a:6b:57:35:8e:6a:56:57:68:
         23:6c:2c:91:f1:46:db:1d:cb:37:a2:9b:b6:b3:bf:b6:d2:e4:
         3a:5f:49:57:ab:dd:c9:ce:c2:d9:1b:bc:df:ef:47:20:79:a0:
         2b:51:5c:e7:23:4a:9a:84:53:9f:6a:74:67:7a:7f:16:c7:37:
         ae:a4:4c:6c:75:21:f8:84:8e:5e:20:f3:2b:d5:cd:e1:d6:73:
         d2:b4:30:0c:42:86:fc:70:41:73:79:85:a6:ec:b9:83:48:7a:
         61:16:c7:f5:cf:c8:c6:e5:48:13:5a:ab:37:82:4d:86:21:c0:
         d2:8a:52:fd
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUX+f8ILw1KFr/syVzKPYJRFKtDx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEVGOUM3RDY1QTRDQkFGNUQyMUExNUZBMkMyMzdERDg3
RkY3RUY4NDAeFw0yNDAzMzEwMzIwMDFaFw0yNTAzMzAwMzI1MDFaMDMxMTAvBgNV
BAMTKEJBRTVGRjc4NjhCNUQ1RjA4REI3MkU5MUY0RDkyMkU0M0MwQzY2RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxuVdZRBi3cmjwjUT0kEzedMH8
+Q2HGJxh4Jx+RGT3S+MBaItBRclB8fD+IqFC6F4tQ/xoOgIuFEEON+nl4XV9TIPO
3OPsHuDI+vYRMgtbHe4BZGFSsSh5xfFQyMpF2/kwBG9xDuDLw8VzpPQ7ajzODwkw
zJqNrbEnXrnBTNb0KUFKE2NAByJ0dftZqqK8M/mrm6Z/vLprLbaemSHGSTmBv0+4
UY80qr6JbOuazqB+SbphfN8/kUtoZU9t6OlHxE5Z+a2uiTAbIz3az+mhSfmV8pn8
QS3JUIu69Jp6GyvdDDRn+KqoLzQ3xAb2bwp2t8yiTWbHFz+lXqhyTc//thoxAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUuuX/eGi11fCNty6R9Nki5DwMZvcwHwYDVR0j
BBgwFoAUjvnH1lpMuvXSGhX6LCN92H/374QwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkVDNERCQ0IxREE4NjZBQUYzNzExMjYyOTA5QjFCM0Q1
NTNBOUZBRTkxMTkyMTI2OEYyNTk2MkY1NUQ1QTFDLzAvOEVGOUM3RDY1QTRDQkFG
NUQyMUExNUZBMkMyMzdERDg3RkY3RUY4NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RUY5QzdENjVBNENCQUY1RDIx
QTE1RkEyQzIzN0REODdGRjdFRjg0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZFQzREQkNCMURBODY2QUFGMzcxMTI2MjkwOUIxQjNENTUzQTlGQUU5
MTE5MjEyNjhGMjU5NjJGNTVENUExQy8wLzMxMzczOTJlMzQzMjJlMzEzODM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMzMzYzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALMqujAN
BgkqhkiG9w0BAQsFAAOCAQEAnQPdYjMhER6dZqeh6rjgjzCF3KqQnPNwQVgL+u3p
1pHMRFANs8yy0X9WuRE24ziCMegQngLcewK7OjGC1urPLGJUrScmQAM1fpHs7DrL
SqhAC0fQVYxuh5RqNpLeGojAC7u5s7CfP2SIwMMUw7+s2ITwPkPWuz/bIqABB/v9
Ubp3opLXqFodWmtXNY5qVldoI2wskfFG2x3LN6KbtrO/ttLkOl9JV6vdyc7C2Ru8
3+9HIHmgK1Fc5yNKmoRTn2p0Z3p/Fsc3rqRMbHUh+ISOXiDzK9XN4dZz0rQwDEKG
/HBBc3mFpuy5g0h6YRbH9c/IxuVIE1qrN4JNhiHA0opS/Q==
-----END CERTIFICATE-----
Generated at Wed Nov 20 06:22:13 2024 by rpki-client on console-ams.rpki-client.org