Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3136372e3235302e3230382e302f32342d3234203d3e203532323731.roa
File:                     3136372e3235302e3230382e302f32342d3234203d3e203532323731.roa (raw, json)
Hash identifier:          cwmZvFrvu31Y5JVICcPpAuKvKzY9Y+ZRo9W0GLKkqRQ=
Subject key identifier:   BD:10:F0:80:B9:40:39:62:23:17:50:5A:17:9E:30:4E:15:8D:02:AB
Certificate issuer:       /CN=85939B22368B791C18889C114876582A293716F4
Certificate serial:       0FAA09ABE546C5804D51456537BB34E466094CD1
Authority key identifier: 85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3136372e3235302e3230382e302f32342d3234203d3e203532323731.roa
Signing time:             Tue 05 Mar 2024 17:44:52 +0000
ROA not before:           Tue 05 Mar 2024 17:39:52 +0000
ROA not after:            Tue 04 Mar 2025 17:44:52 +0000
asID:                     52271
IP address blocks:        167.250.208.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 04:34:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:aa:09:ab:e5:46:c5:80:4d:51:45:65:37:bb:34:e4:66:09:4c:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85939B22368B791C18889C114876582A293716F4
        Validity
            Not Before: Mar  5 17:39:52 2024 GMT
            Not After : Mar  4 17:44:52 2025 GMT
        Subject: CN=BD10F080B94039622317505A179E304E158D02AB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:0f:5c:bd:8f:f1:85:d5:6e:07:2d:73:10:3a:
                    db:ab:12:78:30:c4:28:a6:c4:da:9c:3b:70:f1:38:
                    60:93:a5:9f:55:14:68:98:53:39:df:13:23:5d:70:
                    e5:ff:03:c3:6a:be:a9:48:33:0a:81:17:ca:83:de:
                    93:7d:6f:94:91:df:57:bc:09:a6:00:06:99:42:a1:
                    ea:95:9d:67:c3:e7:39:30:2c:5d:8d:f5:44:17:d0:
                    c4:57:9e:4e:e5:93:4c:ef:21:9c:42:67:4e:15:01:
                    be:4b:21:2a:95:8f:77:4b:38:6f:c3:ac:76:57:e8:
                    be:de:d8:13:48:e0:4a:02:b6:8d:5e:f6:fc:2c:1b:
                    3c:ae:67:a4:51:38:72:7f:da:ae:8f:ff:7f:be:33:
                    a6:1f:57:7f:1b:8d:99:42:08:e8:6b:88:4a:a3:be:
                    4a:88:5c:9c:89:5a:9c:2e:be:4c:ab:39:81:46:59:
                    bb:db:b8:c8:90:b2:a6:38:da:ee:2a:9c:10:eb:64:
                    ca:f3:91:db:b3:b6:6c:64:52:65:94:6e:e1:3c:0f:
                    4c:b0:91:52:a1:30:17:f4:76:f1:1f:9f:54:2f:46:
                    51:60:23:c3:d8:06:30:46:f4:1b:e3:c2:b3:c3:bb:
                    73:e4:1b:8f:80:83:df:86:30:aa:b5:b8:8b:8c:ae:
                    d5:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:10:F0:80:B9:40:39:62:23:17:50:5A:17:9E:30:4E:15:8D:02:AB
            X509v3 Authority Key Identifier:
                keyid:85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3136372e3235302e3230382e302f32342d3234203d3e203532323731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.250.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:d3:20:2e:d0:7b:3b:a6:18:80:2d:22:97:19:dd:9c:ec:a3:
         8b:0a:ad:89:7a:de:cd:e8:b1:c7:14:52:ab:56:8a:ba:fb:a4:
         dd:96:c1:ce:56:98:a5:c1:22:09:cd:03:9b:01:c1:2e:b9:1f:
         3f:93:9e:2f:00:a4:8e:5d:72:81:32:cf:5a:22:7e:8e:86:62:
         cb:ed:9a:97:8d:72:83:5d:90:78:ea:5d:11:7a:2d:f6:92:45:
         97:4c:1f:18:85:e9:be:09:f3:20:24:17:50:0e:cd:28:0d:6d:
         d0:91:0c:da:54:fd:f7:54:1d:54:df:57:30:df:d0:ff:fa:84:
         b5:9f:98:a0:37:3d:71:fb:57:fa:7d:cd:ed:6a:f4:96:7d:3f:
         dd:ea:3f:d3:b5:07:5f:7e:4b:b6:a1:97:5b:12:84:17:fa:55:
         80:e8:b0:21:e3:69:d2:2e:1c:58:ba:fc:4a:17:1a:70:04:e8:
         e2:47:d8:be:3d:49:d1:a6:e2:58:25:05:9d:61:b8:d7:5f:28:
         5b:cc:76:0b:d0:cb:6c:f7:4c:42:e3:f6:f8:ec:11:6a:8b:e6:
         1d:92:88:81:58:17:b7:77:ed:ee:ab:bd:2e:8d:87:7f:58:ec:
         e5:08:b0:6b:c2:49:e4:e5:b5:58:ad:f3:22:14:1c:fb:f7:e4:
         52:16:d5:cd
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUD6oJq+VGxYBNUUVlN7s05GYJTNEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODU5MzlCMjIzNjhCNzkxQzE4ODg5QzExNDg3NjU4MkEy
OTM3MTZGNDAeFw0yNDAzMDUxNzM5NTJaFw0yNTAzMDQxNzQ0NTJaMDMxMTAvBgNV
BAMTKEJEMTBGMDgwQjk0MDM5NjIyMzE3NTA1QTE3OUUzMDRFMTU4RDAyQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoD1y9j/GF1W4HLXMQOturEngw
xCimxNqcO3DxOGCTpZ9VFGiYUznfEyNdcOX/A8NqvqlIMwqBF8qD3pN9b5SR31e8
CaYABplCoeqVnWfD5zkwLF2N9UQX0MRXnk7lk0zvIZxCZ04VAb5LISqVj3dLOG/D
rHZX6L7e2BNI4EoCto1e9vwsGzyuZ6RROHJ/2q6P/3++M6YfV38bjZlCCOhriEqj
vkqIXJyJWpwuvkyrOYFGWbvbuMiQsqY42u4qnBDrZMrzkduztmxkUmWUbuE8D0yw
kVKhMBf0dvEfn1QvRlFgI8PYBjBG9BvjwrPDu3PkG4+Ag9+GMKq1uIuMrtVLAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUvRDwgLlAOWIjF1BaF54wThWNAqswHwYDVR0j
BBgwFoAUhZObIjaLeRwYiJwRSHZYKik3FvQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xOEQ0REE2NEE5QzVCMjE5QjdFQkUxMEI4NDZGRjM5NDZB
NzdGNzQyMDQ0ODRFRDVFODVFNjA2NzAwNjM5MzYzLzAvODU5MzlCMjIzNjhCNzkx
QzE4ODg5QzExNDg3NjU4MkEyOTM3MTZGNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NTkzOUIyMjM2OEI3OTFDMTg4
ODlDMTE0ODc2NTgyQTI5MzcxNkY0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMThENERBNjRBOUM1QjIxOUI3RUJFMTBCODQ2RkYzOTQ2QTc3Rjc0MjA0
NDg0RUQ1RTg1RTYwNjcwMDYzOTM2My8wLzMxMzYzNzJlMzIzNTMwMmUzMjMwMzgy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzIzNzMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAp/rQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA60yAu0Hs7phiALSKXGd2c7KOLCq2Jet7N6LHH
FFKrVoq6+6TdlsHOVpilwSIJzQObAcEuuR8/k54vAKSOXXKBMs9aIn6OhmLL7ZqX
jXKDXZB46l0Rei32kkWXTB8Yhem+CfMgJBdQDs0oDW3QkQzaVP33VB1U31cw39D/
+oS1n5igNz1x+1f6fc3tavSWfT/d6j/TtQdffku2oZdbEoQX+lWA6LAh42nSLhxY
uvxKFxpwBOjiR9i+PUnRpuJYJQWdYbjXXyhbzHYL0Mts90xC4/b47BFqi+YdkoiB
WBe3d+3uq70ujYd/WOzlCLBrwknk5bVYrfMiFBz79+RSFtXN
-----END CERTIFICATE-----
Generated at Thu Jun 13 04:54:42 2024 by rpki-client on console-fra.rpki-client.org