Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3137302e3233392e34382e302f32322d3232203d3e203532323731.roa
File:                     3137302e3233392e34382e302f32322d3232203d3e203532323731.roa (raw, json)
Hash identifier:          Qa1gtaz2eWHj5HQS8P9Ev2rGSGcrrf435rJ/A6oPnho=
Subject key identifier:   46:2E:FE:34:11:1C:76:29:1D:42:91:AB:DF:EE:C4:77:B2:E9:66:50
Certificate issuer:       /CN=85939B22368B791C18889C114876582A293716F4
Certificate serial:       54E1208A0E69E9B183E84108926F0064CE0D23F6
Authority key identifier: 85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3137302e3233392e34382e302f32322d3232203d3e203532323731.roa
Signing time:             Tue 05 Mar 2024 17:44:52 +0000
ROA not before:           Tue 05 Mar 2024 17:39:52 +0000
ROA not after:            Tue 04 Mar 2025 17:44:52 +0000
asID:                     52271
IP address blocks:        170.239.48.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 04:34:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:e1:20:8a:0e:69:e9:b1:83:e8:41:08:92:6f:00:64:ce:0d:23:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85939B22368B791C18889C114876582A293716F4
        Validity
            Not Before: Mar  5 17:39:52 2024 GMT
            Not After : Mar  4 17:44:52 2025 GMT
        Subject: CN=462EFE34111C76291D4291ABDFEEC477B2E96650
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:28:92:cd:62:d8:a9:b5:2c:06:d5:01:9d:97:
                    35:cf:af:f0:25:d9:0d:a6:2a:07:3f:13:13:93:55:
                    5b:8b:61:2d:57:44:65:ba:3e:33:27:99:9e:09:4a:
                    27:99:6e:d2:db:4f:63:52:6c:04:84:04:1e:1f:3f:
                    ae:f1:5d:83:fd:20:03:a1:5d:b9:cb:11:e8:01:97:
                    4e:01:3c:c3:b1:ec:11:9f:49:ff:0b:3f:c1:88:32:
                    e1:7e:b8:e3:59:08:99:0e:6f:54:84:1f:14:98:ed:
                    32:d3:f4:68:39:ff:f1:dd:47:59:2d:6f:35:69:e8:
                    af:6a:b9:29:4b:61:7e:08:4b:8d:36:38:15:32:b2:
                    70:15:7f:0d:86:0a:6f:54:e7:85:fe:2a:52:52:2b:
                    b6:16:84:04:c7:20:92:fa:bb:44:66:74:e3:3e:4d:
                    d8:18:bc:cf:74:13:b7:2d:6f:85:57:b6:1c:a0:e5:
                    36:ed:60:1f:37:ee:c2:b3:80:45:2e:4c:7d:5b:d1:
                    eb:16:6d:98:e2:d2:fc:de:7b:b9:95:b1:27:9f:31:
                    40:66:8d:62:20:64:9f:7a:12:17:6e:14:98:46:6c:
                    38:50:ce:0a:01:44:48:2e:0d:5f:64:ac:42:c0:73:
                    26:d9:76:dc:9a:9a:d5:c7:d3:3b:41:75:6c:4d:71:
                    8a:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:2E:FE:34:11:1C:76:29:1D:42:91:AB:DF:EE:C4:77:B2:E9:66:50
            X509v3 Authority Key Identifier:
                keyid:85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3137302e3233392e34382e302f32322d3232203d3e203532323731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.239.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8c:3a:34:8c:86:5a:a5:90:88:5e:09:86:53:76:f0:7a:06:20:
         53:93:66:39:dd:d6:e3:5e:7e:47:15:0b:a1:28:9e:9e:17:48:
         2b:a4:6b:49:db:9c:68:f7:93:f6:ce:00:3b:e2:2b:b8:ac:c1:
         c4:e2:ca:b1:ba:f8:ee:a2:df:c8:cf:a9:50:e6:11:a5:0e:1f:
         e2:96:9c:29:98:fa:a8:5e:61:d9:65:dc:23:bc:47:2d:bf:69:
         62:c6:96:89:cc:fb:bd:91:2d:ad:01:ee:0b:df:34:8e:e3:d7:
         63:51:61:e0:07:16:65:bf:22:fd:4b:92:96:ec:fd:31:15:2f:
         4f:e0:e3:3b:e0:6a:3a:cd:94:e7:e1:e8:3a:98:4c:0e:e9:1e:
         45:08:a3:ab:f0:33:56:c0:f1:69:1c:1d:ba:59:38:1a:21:7d:
         72:50:16:ff:b6:1a:5c:56:77:df:e7:ca:41:b8:ec:35:38:15:
         06:73:39:2d:94:1a:5a:3d:fd:1d:9e:e5:96:9a:1d:9c:9e:34:
         21:f6:48:93:11:7b:97:0c:db:0f:14:eb:c7:61:dc:f7:c0:81:
         51:9a:23:ff:93:f6:af:aa:7d:1d:f6:bd:ba:bb:39:af:34:f5:
         6b:53:0b:7c:3e:7b:5e:96:9a:a0:98:5d:f7:f8:fb:d4:1a:41:
         e6:8a:eb:0c
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUVOEgig5p6bGD6EEIkm8AZM4NI/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODU5MzlCMjIzNjhCNzkxQzE4ODg5QzExNDg3NjU4MkEy
OTM3MTZGNDAeFw0yNDAzMDUxNzM5NTJaFw0yNTAzMDQxNzQ0NTJaMDMxMTAvBgNV
BAMTKDQ2MkVGRTM0MTExQzc2MjkxRDQyOTFBQkRGRUVDNDc3QjJFOTY2NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWKJLNYtiptSwG1QGdlzXPr/Al
2Q2mKgc/ExOTVVuLYS1XRGW6PjMnmZ4JSieZbtLbT2NSbASEBB4fP67xXYP9IAOh
XbnLEegBl04BPMOx7BGfSf8LP8GIMuF+uONZCJkOb1SEHxSY7TLT9Gg5//HdR1kt
bzVp6K9quSlLYX4IS402OBUysnAVfw2GCm9U54X+KlJSK7YWhATHIJL6u0RmdOM+
TdgYvM90E7ctb4VXthyg5TbtYB837sKzgEUuTH1b0esWbZji0vzee7mVsSefMUBm
jWIgZJ96EhduFJhGbDhQzgoBREguDV9krELAcybZdtyamtXH0ztBdWxNcYrPAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQURi7+NBEcdikdQpGr3+7Ed7LpZlAwHwYDVR0j
BBgwFoAUhZObIjaLeRwYiJwRSHZYKik3FvQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xOEQ0REE2NEE5QzVCMjE5QjdFQkUxMEI4NDZGRjM5NDZB
NzdGNzQyMDQ0ODRFRDVFODVFNjA2NzAwNjM5MzYzLzAvODU5MzlCMjIzNjhCNzkx
QzE4ODg5QzExNDg3NjU4MkEyOTM3MTZGNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NTkzOUIyMjM2OEI3OTFDMTg4
ODlDMTE0ODc2NTgyQTI5MzcxNkY0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMThENERBNjRBOUM1QjIxOUI3RUJFMTBCODQ2RkYzOTQ2QTc3Rjc0MjA0
NDg0RUQ1RTg1RTYwNjcwMDYzOTM2My8wLzMxMzczMDJlMzIzMzM5MmUzNDM4MmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzUzMjMyMzczMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqrvMDAN
BgkqhkiG9w0BAQsFAAOCAQEAjDo0jIZapZCIXgmGU3bwegYgU5NmOd3W415+RxUL
oSienhdIK6RrSducaPeT9s4AO+IruKzBxOLKsbr47qLfyM+pUOYRpQ4f4pacKZj6
qF5h2WXcI7xHLb9pYsaWicz7vZEtrQHuC980juPXY1Fh4AcWZb8i/UuSluz9MRUv
T+DjO+BqOs2U5+HoOphMDukeRQijq/AzVsDxaRwdulk4GiF9clAW/7YaXFZ33+fK
QbjsNTgVBnM5LZQaWj39HZ7llpodnJ40IfZIkxF7lwzbDxTrx2Hc98CBUZoj/5P2
r6p9Hfa9urs5rzT1a1MLfD57XpaaoJhd9/j71BpB5orrDA==
-----END CERTIFICATE-----
Generated at Thu Jun 13 04:54:42 2024 by rpki-client on console-fra.rpki-client.org