Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3136372e3235302e3231312e302f32342d3234203d3e203532323731.roa
File:                     3136372e3235302e3231312e302f32342d3234203d3e203532323731.roa (raw, json)
Hash identifier:          vsxs/r80jdGJCo1HpomkKVE+fqP89YtXhybIinJvYGk=
Subject key identifier:   45:F4:7D:7C:39:A9:93:AF:08:91:F5:DB:30:7F:65:2F:3F:A0:91:0A
Certificate issuer:       /CN=85939B22368B791C18889C114876582A293716F4
Certificate serial:       32DCE0A40C72F7A54B23C6E1E43C393BC8057059
Authority key identifier: 85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3136372e3235302e3231312e302f32342d3234203d3e203532323731.roa
Signing time:             Tue 05 Mar 2024 17:44:55 +0000
ROA not before:           Tue 05 Mar 2024 17:39:55 +0000
ROA not after:            Tue 04 Mar 2025 17:44:55 +0000
asID:                     52271
IP address blocks:        167.250.211.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 04:34:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:dc:e0:a4:0c:72:f7:a5:4b:23:c6:e1:e4:3c:39:3b:c8:05:70:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85939B22368B791C18889C114876582A293716F4
        Validity
            Not Before: Mar  5 17:39:55 2024 GMT
            Not After : Mar  4 17:44:55 2025 GMT
        Subject: CN=45F47D7C39A993AF0891F5DB307F652F3FA0910A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:33:b7:fb:e1:18:ce:ed:7f:2e:ce:b5:a0:7c:
                    6e:5f:c3:62:ec:20:73:c5:eb:6f:b2:e2:54:44:00:
                    9e:ea:08:85:d0:27:dd:31:d0:72:67:13:a7:73:6a:
                    67:fe:bd:d4:29:68:d2:6e:2b:40:96:23:29:9c:e5:
                    59:1a:69:e3:bb:d2:97:e2:50:9f:72:a3:a7:0d:de:
                    bc:02:d5:f8:93:61:4f:bc:de:34:33:5b:fb:e8:ec:
                    e1:54:0d:1a:e7:b3:0c:ba:32:2e:b0:6c:73:8f:7c:
                    a8:ec:14:51:f4:27:f1:57:0d:72:94:f4:b5:03:7d:
                    f9:6f:98:f0:b4:7d:bf:79:2d:3e:55:93:1b:47:40:
                    7d:3f:42:9b:b1:4e:8c:01:6a:a7:4d:5f:8e:d7:d4:
                    ad:e7:54:0e:fc:fe:dd:d8:49:8e:c3:5d:d3:f7:54:
                    92:9a:12:14:f2:56:20:68:72:f6:9d:a0:d5:19:cf:
                    71:f3:0e:3a:2b:bf:8c:f2:87:ce:18:db:9b:ef:54:
                    c7:0a:cf:49:b7:d2:3b:96:c8:36:17:6d:64:ba:d9:
                    aa:43:12:d7:68:79:93:a3:6b:e5:06:5c:e4:80:49:
                    fd:e7:74:5d:14:b0:c8:20:a8:83:57:28:89:dc:8c:
                    6b:c1:2f:1f:2e:56:d5:f7:9e:04:21:6b:9b:e5:ca:
                    95:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:F4:7D:7C:39:A9:93:AF:08:91:F5:DB:30:7F:65:2F:3F:A0:91:0A
            X509v3 Authority Key Identifier:
                keyid:85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3136372e3235302e3231312e302f32342d3234203d3e203532323731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.250.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:41:63:09:1f:48:a3:2d:87:c4:46:b6:cd:f1:0b:54:06:cf:
         e7:ba:0d:b8:86:21:ae:cc:da:b1:fc:d7:9c:d4:86:90:aa:f6:
         c7:a2:ab:92:f1:38:4a:9a:ea:82:e2:21:09:e2:a6:52:fa:07:
         71:40:40:a2:30:fa:87:ce:10:e2:96:42:80:ea:61:70:c4:62:
         2f:c0:9d:af:11:b4:f3:8d:72:72:48:8b:5f:5a:a9:a0:7f:b7:
         e4:5a:6e:22:bf:b6:98:a3:74:08:f0:2d:61:c5:70:0c:98:b0:
         ec:f9:c0:2d:f5:66:03:46:1a:ce:8c:4e:ea:fc:b7:4e:a5:19:
         20:40:a6:34:09:78:aa:3e:a5:08:dd:f3:a3:6f:8f:63:a2:b4:
         d5:5a:d1:ff:20:d7:a9:13:8b:5a:d6:f4:cf:86:3e:37:e9:5c:
         13:9e:8d:8f:b3:55:da:9d:86:f3:1d:a8:75:ed:12:2c:4b:eb:
         55:a2:e3:db:b5:e8:0d:6c:f6:1a:d0:8e:90:77:13:d2:c9:ad:
         65:2d:e3:72:89:ba:d4:a7:d8:41:37:cb:f3:d0:04:11:87:be:
         01:db:9a:16:61:39:e3:35:96:53:a3:a9:fc:d1:29:10:f0:84:
         fc:f0:3f:94:56:da:43:df:d0:f7:d5:86:6c:64:14:1a:16:19:
         c7:e4:0b:74
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUMtzgpAxy96VLI8bh5Dw5O8gFcFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODU5MzlCMjIzNjhCNzkxQzE4ODg5QzExNDg3NjU4MkEy
OTM3MTZGNDAeFw0yNDAzMDUxNzM5NTVaFw0yNTAzMDQxNzQ0NTVaMDMxMTAvBgNV
BAMTKDQ1RjQ3RDdDMzlBOTkzQUYwODkxRjVEQjMwN0Y2NTJGM0ZBMDkxMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzM7f74RjO7X8uzrWgfG5fw2Ls
IHPF62+y4lREAJ7qCIXQJ90x0HJnE6dzamf+vdQpaNJuK0CWIymc5VkaaeO70pfi
UJ9yo6cN3rwC1fiTYU+83jQzW/vo7OFUDRrnswy6Mi6wbHOPfKjsFFH0J/FXDXKU
9LUDfflvmPC0fb95LT5VkxtHQH0/QpuxTowBaqdNX47X1K3nVA78/t3YSY7DXdP3
VJKaEhTyViBocvadoNUZz3HzDjorv4zyh84Y25vvVMcKz0m30juWyDYXbWS62apD
EtdoeZOja+UGXOSASf3ndF0UsMggqINXKIncjGvBLx8uVtX3ngQha5vlypWvAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQURfR9fDmpk68IkfXbMH9lLz+gkQowHwYDVR0j
BBgwFoAUhZObIjaLeRwYiJwRSHZYKik3FvQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xOEQ0REE2NEE5QzVCMjE5QjdFQkUxMEI4NDZGRjM5NDZB
NzdGNzQyMDQ0ODRFRDVFODVFNjA2NzAwNjM5MzYzLzAvODU5MzlCMjIzNjhCNzkx
QzE4ODg5QzExNDg3NjU4MkEyOTM3MTZGNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NTkzOUIyMjM2OEI3OTFDMTg4
ODlDMTE0ODc2NTgyQTI5MzcxNkY0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMThENERBNjRBOUM1QjIxOUI3RUJFMTBCODQ2RkYzOTQ2QTc3Rjc0MjA0
NDg0RUQ1RTg1RTYwNjcwMDYzOTM2My8wLzMxMzYzNzJlMzIzNTMwMmUzMjMxMzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzIzNzMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAp/rT
MA0GCSqGSIb3DQEBCwUAA4IBAQBiQWMJH0ijLYfERrbN8QtUBs/nug24hiGuzNqx
/Nec1IaQqvbHoquS8ThKmuqC4iEJ4qZS+gdxQECiMPqHzhDilkKA6mFwxGIvwJ2v
EbTzjXJySItfWqmgf7fkWm4iv7aYo3QI8C1hxXAMmLDs+cAt9WYDRhrOjE7q/LdO
pRkgQKY0CXiqPqUI3fOjb49jorTVWtH/INepE4ta1vTPhj436VwTno2Ps1XanYbz
Hah17RIsS+tVouPbtegNbPYa0I6QdxPSya1lLeNyibrUp9hBN8vz0AQRh74B25oW
YTnjNZZTo6n80SkQ8IT88D+UVtpD39D31YZsZBQaFhnH5At0
-----END CERTIFICATE-----
Generated at Thu Jun 13 04:54:42 2024 by rpki-client on console-fra.rpki-client.org