Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3137302e3233392e34382e302f32342d3234203d3e203532323731.roa
File:                     3137302e3233392e34382e302f32342d3234203d3e203532323731.roa (raw, json)
Hash identifier:          yaPC8uf5lAQeanEKLuf+n6rMz0vZ2GJr8QYErLvthW8=
Subject key identifier:   96:D7:E7:22:27:B4:2A:58:9F:9F:EB:58:B3:28:AB:85:3F:A4:63:34
Certificate issuer:       /CN=85939B22368B791C18889C114876582A293716F4
Certificate serial:       67F54CA6AA634B371184E8452A1E40A5FCBF12B1
Authority key identifier: 85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3137302e3233392e34382e302f32342d3234203d3e203532323731.roa
Signing time:             Tue 05 Mar 2024 17:44:55 +0000
ROA not before:           Tue 05 Mar 2024 17:39:55 +0000
ROA not after:            Tue 04 Mar 2025 17:44:55 +0000
asID:                     52271
IP address blocks:        170.239.48.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 04:34:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:f5:4c:a6:aa:63:4b:37:11:84:e8:45:2a:1e:40:a5:fc:bf:12:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85939B22368B791C18889C114876582A293716F4
        Validity
            Not Before: Mar  5 17:39:55 2024 GMT
            Not After : Mar  4 17:44:55 2025 GMT
        Subject: CN=96D7E72227B42A589F9FEB58B328AB853FA46334
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:08:d5:89:72:22:c4:99:53:8e:9e:f9:91:60:
                    a2:cf:7c:dd:dc:77:9f:12:39:6a:d8:e8:01:00:10:
                    6b:b5:d9:45:35:86:b8:3a:00:d8:fb:17:9f:b3:b3:
                    8d:2c:82:a3:4f:ac:5d:91:61:15:8a:1f:a3:0b:18:
                    08:f0:44:19:5f:f0:32:59:0d:1d:92:2e:53:42:de:
                    84:d0:8d:d1:65:5b:0f:37:be:fb:e7:8e:02:d4:24:
                    49:93:88:53:a7:f5:96:c3:c7:2f:81:ed:c1:c7:37:
                    a3:1d:a7:c7:8c:8b:1c:64:61:dc:20:c2:6b:5c:5a:
                    89:e8:33:88:1d:1d:43:0d:30:c3:1b:e1:55:23:f8:
                    ce:14:7a:18:41:d3:ab:93:e9:63:7a:54:c8:a2:0a:
                    39:f4:ac:d8:2c:c8:17:7a:5e:6d:c5:cc:7b:88:8b:
                    41:d4:21:74:76:0c:b5:c2:87:4b:92:a5:03:51:c8:
                    01:d6:65:88:94:a3:74:4a:5f:e0:36:93:c9:56:74:
                    a1:8a:3c:98:4f:57:2a:1f:2d:e4:ff:f4:e1:c4:30:
                    c4:2d:76:de:3f:a3:e2:41:74:8e:f8:f9:56:42:ee:
                    c9:21:ae:3c:e1:e3:09:ff:72:a2:31:f4:16:25:11:
                    a4:bb:25:54:ea:14:ea:d4:07:1e:67:ee:08:32:fb:
                    83:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:D7:E7:22:27:B4:2A:58:9F:9F:EB:58:B3:28:AB:85:3F:A4:63:34
            X509v3 Authority Key Identifier:
                keyid:85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3137302e3233392e34382e302f32342d3234203d3e203532323731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.239.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:10:58:ba:63:8e:e1:53:74:ac:05:2a:d0:2f:42:9a:1a:b0:
         0e:7c:57:30:44:61:e6:45:ff:dc:90:38:98:d0:a1:8e:23:7b:
         63:51:8f:20:a4:84:98:5a:af:3c:0d:a1:85:d4:0d:89:62:96:
         c1:f6:b5:d4:04:7b:1b:4d:51:8e:ba:de:d7:e1:22:0f:9a:a2:
         42:55:1a:7d:9e:9a:82:51:3c:85:c7:e2:c0:f1:39:fe:e0:26:
         27:6e:c6:40:14:26:1e:af:c3:ab:ff:77:b6:10:97:5c:b9:29:
         f5:a9:82:94:11:db:c8:70:06:af:79:d6:1c:82:82:ea:f6:c7:
         a3:b3:22:f4:77:a0:23:00:7f:2b:5b:f5:69:30:ef:5d:22:49:
         64:09:f2:a4:e4:79:6f:74:ee:8c:5a:7d:51:da:3a:4a:e5:cf:
         84:82:fe:f7:82:1d:cf:81:5a:57:4c:b4:5d:54:7b:f1:08:80:
         f0:db:b6:3a:c5:bc:89:21:30:ba:10:85:6d:4c:cc:94:88:e6:
         96:f2:c9:6f:17:ae:0e:b1:06:61:b0:e5:e7:6c:51:5b:27:b6:
         fc:74:d5:8c:fc:17:4c:66:81:80:ae:a7:41:a9:e8:34:92:bd:
         72:3b:85:72:67:d2:ee:dc:94:63:66:00:de:89:18:3e:9e:41:
         24:e7:4e:40
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUZ/VMpqpjSzcRhOhFKh5Apfy/ErEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODU5MzlCMjIzNjhCNzkxQzE4ODg5QzExNDg3NjU4MkEy
OTM3MTZGNDAeFw0yNDAzMDUxNzM5NTVaFw0yNTAzMDQxNzQ0NTVaMDMxMTAvBgNV
BAMTKDk2RDdFNzIyMjdCNDJBNTg5RjlGRUI1OEIzMjhBQjg1M0ZBNDYzMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxCNWJciLEmVOOnvmRYKLPfN3c
d58SOWrY6AEAEGu12UU1hrg6ANj7F5+zs40sgqNPrF2RYRWKH6MLGAjwRBlf8DJZ
DR2SLlNC3oTQjdFlWw83vvvnjgLUJEmTiFOn9ZbDxy+B7cHHN6Mdp8eMixxkYdwg
wmtcWonoM4gdHUMNMMMb4VUj+M4UehhB06uT6WN6VMiiCjn0rNgsyBd6Xm3FzHuI
i0HUIXR2DLXCh0uSpQNRyAHWZYiUo3RKX+A2k8lWdKGKPJhPVyofLeT/9OHEMMQt
dt4/o+JBdI74+VZC7skhrjzh4wn/cqIx9BYlEaS7JVTqFOrUBx5n7ggy+4PzAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUltfnIie0Klifn+tYsyirhT+kYzQwHwYDVR0j
BBgwFoAUhZObIjaLeRwYiJwRSHZYKik3FvQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xOEQ0REE2NEE5QzVCMjE5QjdFQkUxMEI4NDZGRjM5NDZB
NzdGNzQyMDQ0ODRFRDVFODVFNjA2NzAwNjM5MzYzLzAvODU5MzlCMjIzNjhCNzkx
QzE4ODg5QzExNDg3NjU4MkEyOTM3MTZGNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NTkzOUIyMjM2OEI3OTFDMTg4
ODlDMTE0ODc2NTgyQTI5MzcxNkY0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMThENERBNjRBOUM1QjIxOUI3RUJFMTBCODQ2RkYzOTQ2QTc3Rjc0MjA0
NDg0RUQ1RTg1RTYwNjcwMDYzOTM2My8wLzMxMzczMDJlMzIzMzM5MmUzNDM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMyMzczMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKrvMDAN
BgkqhkiG9w0BAQsFAAOCAQEAcRBYumOO4VN0rAUq0C9CmhqwDnxXMERh5kX/3JA4
mNChjiN7Y1GPIKSEmFqvPA2hhdQNiWKWwfa11AR7G01Rjrre1+EiD5qiQlUafZ6a
glE8hcfiwPE5/uAmJ27GQBQmHq/Dq/93thCXXLkp9amClBHbyHAGr3nWHIKC6vbH
o7Mi9HegIwB/K1v1aTDvXSJJZAnypOR5b3TujFp9Udo6SuXPhIL+94Idz4FaV0y0
XVR78QiA8Nu2OsW8iSEwuhCFbUzMlIjmlvLJbxeuDrEGYbDl52xRWye2/HTVjPwX
TGaBgK6nQanoNJK9cjuFcmfS7tyUY2YA3okYPp5BJOdOQA==
-----END CERTIFICATE-----
Generated at Thu Jun 13 05:08:44 2024 by rpki-client on console-ams.rpki-client.org