Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3136372e3235302e3230392e302f32342d3234203d3e203532323731.roa
File:                     3136372e3235302e3230392e302f32342d3234203d3e203532323731.roa (raw, json)
Hash identifier:          mkxDJ0sCWPzZ56RqCjpC/DmDMLCn2lGnaggrss4n+Cg=
Subject key identifier:   67:F3:BB:3E:F3:18:C7:F3:A5:EA:E0:18:4E:5A:B4:0B:EB:A8:A7:67
Certificate issuer:       /CN=85939B22368B791C18889C114876582A293716F4
Certificate serial:       2204825BDE0D9E1FF12A5CBE5F6A29E9FD0215A8
Authority key identifier: 85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3136372e3235302e3230392e302f32342d3234203d3e203532323731.roa
Signing time:             Tue 05 Mar 2024 17:44:52 +0000
ROA not before:           Tue 05 Mar 2024 17:39:52 +0000
ROA not after:            Tue 04 Mar 2025 17:44:52 +0000
asID:                     52271
IP address blocks:        167.250.209.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 04:34:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:04:82:5b:de:0d:9e:1f:f1:2a:5c:be:5f:6a:29:e9:fd:02:15:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85939B22368B791C18889C114876582A293716F4
        Validity
            Not Before: Mar  5 17:39:52 2024 GMT
            Not After : Mar  4 17:44:52 2025 GMT
        Subject: CN=67F3BB3EF318C7F3A5EAE0184E5AB40BEBA8A767
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a9:4e:79:04:02:22:ed:b2:a8:e5:67:86:1d:
                    99:e9:08:b4:22:01:17:8b:2e:f6:63:3a:d5:5a:9f:
                    6e:ba:29:4d:53:8d:e9:21:87:0d:e9:9b:27:28:98:
                    47:0b:09:e4:9e:1d:7e:2f:5b:25:ab:ae:91:8a:ef:
                    ec:d1:f5:b2:ba:39:72:28:53:dd:f5:9e:37:4c:b9:
                    6a:52:2d:95:0a:75:58:12:5e:52:31:6d:e3:92:5b:
                    34:3b:63:99:b3:7d:d2:34:41:ca:1a:a0:ca:d3:6b:
                    aa:2c:1e:cd:35:cb:36:6a:03:c6:5f:ae:3e:aa:cd:
                    08:da:83:2c:a5:3a:ff:cd:f7:c4:5e:a9:93:28:af:
                    02:b0:2b:9b:0c:cb:a0:c5:46:cc:89:85:64:e4:dd:
                    77:f1:4c:0a:19:e8:c2:d6:cd:9a:6a:7c:c9:38:d9:
                    1f:12:60:77:1a:84:9a:f9:af:2d:0f:9c:af:b4:10:
                    a8:02:3c:87:8d:79:81:16:59:0f:7d:c8:6d:28:83:
                    11:a2:71:21:f1:f8:b9:5c:89:61:ed:7e:6c:00:5e:
                    90:ed:c0:cc:36:a6:12:b5:8f:ca:8d:09:2a:9c:2b:
                    25:d3:ff:c4:1e:c9:03:6e:6a:78:a5:f1:1e:d2:82:
                    c9:c1:66:34:e8:21:89:a4:44:dc:e8:0f:4a:c3:1b:
                    59:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:F3:BB:3E:F3:18:C7:F3:A5:EA:E0:18:4E:5A:B4:0B:EB:A8:A7:67
            X509v3 Authority Key Identifier:
                keyid:85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3136372e3235302e3230392e302f32342d3234203d3e203532323731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.250.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:71:ba:1b:53:3e:38:5b:6e:8b:e9:3a:43:1c:cc:7c:00:a1:
         e0:97:5a:22:59:00:7f:71:91:08:10:2f:53:f3:ce:59:ce:bc:
         14:f7:61:dd:66:b9:91:75:a6:b4:39:3b:07:1f:68:fd:30:a8:
         89:5d:3b:74:f4:66:4e:f8:9c:2e:a6:40:19:ec:6e:cb:ea:64:
         95:65:99:6f:51:ff:2c:d4:75:06:3a:35:ed:e8:1a:c8:0d:7c:
         03:83:bc:67:c2:8c:88:17:ce:9c:e0:a1:45:b9:cc:23:b1:dd:
         bd:66:45:42:05:7e:ec:bd:93:bd:4a:85:f4:20:84:a0:df:91:
         37:4d:12:7c:24:bb:15:53:a4:74:7b:e0:17:e4:d6:f4:3a:30:
         09:67:dd:53:d6:d1:9d:a5:d6:a7:c6:bd:17:8a:a8:d1:e2:5d:
         c1:7d:0e:21:22:db:2d:ac:d3:5b:bf:7c:da:e0:1d:7a:68:4d:
         d4:f0:2b:b4:42:77:c4:61:e0:5f:8f:c7:b6:98:93:22:f3:c2:
         b7:fa:a6:c7:fc:7b:7c:e0:37:24:6b:30:14:5e:cc:2f:08:77:
         d1:58:aa:50:9f:2f:3a:fe:a4:b6:40:9a:6a:20:3a:ef:a6:b9:
         5c:c4:6c:22:4d:ff:7c:90:31:0c:e7:90:c6:ab:ab:92:d8:26:
         70:f7:83:4d
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUIgSCW94Nnh/xKly+X2op6f0CFagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODU5MzlCMjIzNjhCNzkxQzE4ODg5QzExNDg3NjU4MkEy
OTM3MTZGNDAeFw0yNDAzMDUxNzM5NTJaFw0yNTAzMDQxNzQ0NTJaMDMxMTAvBgNV
BAMTKDY3RjNCQjNFRjMxOEM3RjNBNUVBRTAxODRFNUFCNDBCRUJBOEE3NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJqU55BAIi7bKo5WeGHZnpCLQi
AReLLvZjOtVan266KU1Tjekhhw3pmycomEcLCeSeHX4vWyWrrpGK7+zR9bK6OXIo
U931njdMuWpSLZUKdVgSXlIxbeOSWzQ7Y5mzfdI0QcoaoMrTa6osHs01yzZqA8Zf
rj6qzQjagyylOv/N98ReqZMorwKwK5sMy6DFRsyJhWTk3XfxTAoZ6MLWzZpqfMk4
2R8SYHcahJr5ry0PnK+0EKgCPIeNeYEWWQ99yG0ogxGicSHx+LlciWHtfmwAXpDt
wMw2phK1j8qNCSqcKyXT/8QeyQNuanil8R7SgsnBZjToIYmkRNzoD0rDG1lHAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUZ/O7PvMYx/Ol6uAYTlq0C+uop2cwHwYDVR0j
BBgwFoAUhZObIjaLeRwYiJwRSHZYKik3FvQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xOEQ0REE2NEE5QzVCMjE5QjdFQkUxMEI4NDZGRjM5NDZB
NzdGNzQyMDQ0ODRFRDVFODVFNjA2NzAwNjM5MzYzLzAvODU5MzlCMjIzNjhCNzkx
QzE4ODg5QzExNDg3NjU4MkEyOTM3MTZGNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NTkzOUIyMjM2OEI3OTFDMTg4
ODlDMTE0ODc2NTgyQTI5MzcxNkY0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMThENERBNjRBOUM1QjIxOUI3RUJFMTBCODQ2RkYzOTQ2QTc3Rjc0MjA0
NDg0RUQ1RTg1RTYwNjcwMDYzOTM2My8wLzMxMzYzNzJlMzIzNTMwMmUzMjMwMzky
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzIzNzMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAp/rR
MA0GCSqGSIb3DQEBCwUAA4IBAQA1cbobUz44W26L6TpDHMx8AKHgl1oiWQB/cZEI
EC9T885ZzrwU92HdZrmRdaa0OTsHH2j9MKiJXTt09GZO+JwupkAZ7G7L6mSVZZlv
Uf8s1HUGOjXt6BrIDXwDg7xnwoyIF86c4KFFucwjsd29ZkVCBX7svZO9SoX0IISg
35E3TRJ8JLsVU6R0e+AX5Nb0OjAJZ91T1tGdpdanxr0XiqjR4l3BfQ4hItstrNNb
v3za4B16aE3U8Cu0QnfEYeBfj8e2mJMi88K3+qbH/Ht84DckazAUXswvCHfRWKpQ
ny86/qS2QJpqIDrvprlcxGwiTf98kDEM55DGq6uS2CZw94NN
-----END CERTIFICATE-----
Generated at Thu Jun 13 04:54:42 2024 by rpki-client on console-fra.rpki-client.org