Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/3139302e3138342e3232342e302f32302d3230203d3e203532333639.roa
File:                     3139302e3138342e3232342e302f32302d3230203d3e203532333639.roa (raw, json)
Hash identifier:          e5a/RtKMAce/0Ds1pUrogKqxsIo/ERG4HnCAM43l7sU=
Subject key identifier:   A9:60:14:9B:66:30:27:07:9D:76:E5:76:26:0C:AC:80:CC:31:CC:15
Certificate issuer:       /CN=8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84
Certificate serial:       7460D489B0D96448C8028C97B86A4AD414E1B502
Authority key identifier: 8E:F9:C7:D6:5A:4C:BA:F5:D2:1A:15:FA:2C:23:7D:D8:7F:F7:EF:84
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/3139302e3138342e3232342e302f32302d3230203d3e203532333639.roa
Signing time:             Sun 31 Mar 2024 03:25:11 +0000
ROA not before:           Sun 31 Mar 2024 03:20:11 +0000
ROA not after:            Sun 30 Mar 2025 03:25:11 +0000
asID:                     52369
IP address blocks:        190.184.224.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:60:d4:89:b0:d9:64:48:c8:02:8c:97:b8:6a:4a:d4:14:e1:b5:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84
        Validity
            Not Before: Mar 31 03:20:11 2024 GMT
            Not After : Mar 30 03:25:11 2025 GMT
        Subject: CN=A960149B663027079D76E576260CAC80CC31CC15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d7:2c:bb:4e:5f:ab:0e:cd:df:1a:24:61:a2:
                    78:b0:a0:99:08:59:56:65:12:3e:ec:e1:89:ca:95:
                    ae:1a:e3:ab:a7:26:ab:12:d9:16:a1:fa:ac:fc:10:
                    8c:13:ae:54:23:da:fd:7e:a4:3f:62:8c:61:15:db:
                    70:c1:3d:30:f1:8e:08:5e:0f:41:ce:aa:36:c3:02:
                    69:d8:13:87:f2:14:81:da:5a:5b:e4:13:27:0b:ba:
                    73:21:dc:eb:b8:1b:91:05:bd:c7:b7:01:5b:e3:f3:
                    a0:ac:a2:38:5a:c2:1f:85:0c:5d:07:f2:7a:9d:dd:
                    79:ad:89:de:88:61:c6:9b:3b:ae:7e:d6:1b:bc:64:
                    70:06:c8:ae:78:32:c1:9b:99:37:18:3c:7b:c6:3f:
                    01:b8:25:29:2a:2e:69:e1:52:1f:fd:bb:3c:b3:fd:
                    8d:38:b2:87:8d:b2:7d:bd:ad:76:c6:d5:1a:63:8e:
                    a4:02:d7:3f:d3:82:fa:20:4d:2d:f3:35:a9:80:e7:
                    63:b2:de:71:56:71:97:84:b5:57:aa:f6:c8:71:ad:
                    ee:28:d6:89:17:72:30:29:b7:87:53:e7:f0:d9:da:
                    3f:6a:ff:4a:e9:27:9f:62:bf:8e:e7:ba:59:cb:5e:
                    30:26:9a:74:c5:c1:76:c6:12:ff:49:1c:8a:19:47:
                    06:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:60:14:9B:66:30:27:07:9D:76:E5:76:26:0C:AC:80:CC:31:CC:15
            X509v3 Authority Key Identifier:
                keyid:8E:F9:C7:D6:5A:4C:BA:F5:D2:1A:15:FA:2C:23:7D:D8:7F:F7:EF:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/3139302e3138342e3232342e302f32302d3230203d3e203532333639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.184.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         3f:f4:fe:79:34:3b:08:a5:70:1b:2b:ea:a8:16:2e:d5:18:4f:
         46:41:db:f4:3e:93:75:b8:b8:8c:b2:92:3c:d1:7d:53:37:b5:
         a9:45:1b:39:22:5b:78:47:9f:41:c1:33:dd:0a:7d:e6:c5:87:
         89:8f:7c:92:b1:f0:f2:84:53:20:2a:56:fe:12:b4:2e:0d:e0:
         55:b9:0a:ff:aa:95:74:6f:e6:66:29:c3:69:84:bb:aa:33:36:
         60:53:cc:cb:7d:fe:3d:d2:a2:bd:f0:c3:e9:7f:79:cc:4e:41:
         8b:55:cf:ba:98:e3:87:8f:8b:61:b6:3e:11:c0:90:68:af:ef:
         f5:20:1e:ee:37:f9:f8:10:a8:1a:da:ef:d0:16:c9:91:18:e7:
         46:64:dd:e7:8d:08:87:38:a0:3f:90:7d:96:52:71:e7:46:a4:
         07:7a:5b:68:1c:fa:8b:3f:41:14:14:0b:a5:76:be:1f:ff:d9:
         fd:dd:69:4e:e7:a2:61:57:b9:5b:d7:c7:24:34:98:d1:04:f9:
         7b:21:d5:78:3a:39:08:f1:d5:94:f5:39:da:85:da:b5:13:15:
         67:28:5c:58:2e:64:86:e2:eb:70:a7:6d:79:97:7e:f9:68:e4:
         70:97:af:61:df:a1:68:87:31:0f:59:db:7e:01:25:7c:4a:6d:
         82:73:79:c8
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUdGDUibDZZEjIAoyXuGpK1BThtQIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEVGOUM3RDY1QTRDQkFGNUQyMUExNUZBMkMyMzdERDg3
RkY3RUY4NDAeFw0yNDAzMzEwMzIwMTFaFw0yNTAzMzAwMzI1MTFaMDMxMTAvBgNV
BAMTKEE5NjAxNDlCNjYzMDI3MDc5RDc2RTU3NjI2MENBQzgwQ0MzMUNDMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf1yy7Tl+rDs3fGiRhoniwoJkI
WVZlEj7s4YnKla4a46unJqsS2Rah+qz8EIwTrlQj2v1+pD9ijGEV23DBPTDxjghe
D0HOqjbDAmnYE4fyFIHaWlvkEycLunMh3Ou4G5EFvce3AVvj86Csojhawh+FDF0H
8nqd3Xmtid6IYcabO65+1hu8ZHAGyK54MsGbmTcYPHvGPwG4JSkqLmnhUh/9uzyz
/Y04soeNsn29rXbG1RpjjqQC1z/TgvogTS3zNamA52Oy3nFWcZeEtVeq9shxre4o
1okXcjApt4dT5/DZ2j9q/0rpJ59iv47nulnLXjAmmnTFwXbGEv9JHIoZRwYTAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUqWAUm2YwJwedduV2JgysgMwxzBUwHwYDVR0j
BBgwFoAUjvnH1lpMuvXSGhX6LCN92H/374QwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkVDNERCQ0IxREE4NjZBQUYzNzExMjYyOTA5QjFCM0Q1
NTNBOUZBRTkxMTkyMTI2OEYyNTk2MkY1NUQ1QTFDLzAvOEVGOUM3RDY1QTRDQkFG
NUQyMUExNUZBMkMyMzdERDg3RkY3RUY4NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RUY5QzdENjVBNENCQUY1RDIx
QTE1RkEyQzIzN0REODdGRjdFRjg0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZFQzREQkNCMURBODY2QUFGMzcxMTI2MjkwOUIxQjNENTUzQTlGQUU5
MTE5MjEyNjhGMjU5NjJGNTVENUExQy8wLzMxMzkzMDJlMzEzODM0MmUzMjMyMzQy
ZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzNTMyMzMzNjM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEvrjg
MA0GCSqGSIb3DQEBCwUAA4IBAQA/9P55NDsIpXAbK+qoFi7VGE9GQdv0PpN1uLiM
spI80X1TN7WpRRs5Ilt4R59BwTPdCn3mxYeJj3ySsfDyhFMgKlb+ErQuDeBVuQr/
qpV0b+ZmKcNphLuqMzZgU8zLff490qK98MPpf3nMTkGLVc+6mOOHj4thtj4RwJBo
r+/1IB7uN/n4EKga2u/QFsmRGOdGZN3njQiHOKA/kH2WUnHnRqQHeltoHPqLP0EU
FAuldr4f/9n93WlO56JhV7lb18ckNJjRBPl7IdV4OjkI8dWU9Tnahdq1ExVnKFxY
LmSG4utwp215l375aORwl69h36FohzEPWdt+ASV8Sm2Cc3nI
-----END CERTIFICATE-----
Generated at Wed Nov 20 05:43:17 2024 by rpki-client on console-fra.rpki-client.org