Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3137302e3233392e34392e302f32342d3234203d3e203532323731.roa
File:                     3137302e3233392e34392e302f32342d3234203d3e203532323731.roa (raw, json)
Hash identifier:          6zOTEhQur3ISqfNpaqaa0wRQVAci4AvYY1VLpPT7l3w=
Subject key identifier:   91:19:4F:E1:28:04:4B:94:B3:BE:D7:5A:8F:F6:A8:BE:6C:63:08:49
Certificate issuer:       /CN=85939B22368B791C18889C114876582A293716F4
Certificate serial:       04BC86635A6C155BB2299F79F1F5EBBF4294367F
Authority key identifier: 85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3137302e3233392e34392e302f32342d3234203d3e203532323731.roa
Signing time:             Tue 05 Mar 2024 17:44:50 +0000
ROA not before:           Tue 05 Mar 2024 17:39:50 +0000
ROA not after:            Tue 04 Mar 2025 17:44:50 +0000
asID:                     52271
IP address blocks:        170.239.49.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 04:34:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:bc:86:63:5a:6c:15:5b:b2:29:9f:79:f1:f5:eb:bf:42:94:36:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85939B22368B791C18889C114876582A293716F4
        Validity
            Not Before: Mar  5 17:39:50 2024 GMT
            Not After : Mar  4 17:44:50 2025 GMT
        Subject: CN=91194FE128044B94B3BED75A8FF6A8BE6C630849
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:27:cf:17:ba:92:ab:9f:f0:05:d8:82:33:82:
                    9f:84:8e:61:9c:b4:be:59:c5:3c:59:a0:99:45:48:
                    cb:b4:4f:e7:b4:23:96:31:c1:39:29:46:6c:51:ec:
                    56:bf:99:1e:2a:dd:16:6d:ee:31:8b:28:d3:64:90:
                    9e:9d:a3:cf:77:81:f2:25:11:b5:7f:b1:1f:d8:e0:
                    dd:54:fc:ff:ce:b9:7c:4e:0b:95:b3:aa:e2:fb:a1:
                    76:13:18:f2:16:01:43:4e:e6:5e:bd:9d:b8:24:51:
                    c3:30:82:35:4f:9d:ed:11:30:d4:34:26:f1:3f:d0:
                    6d:9c:f9:ba:0e:23:fa:85:a7:7a:3f:c5:10:62:47:
                    93:1c:5b:5f:b8:f1:d3:7f:47:a6:1a:2a:e4:35:3a:
                    99:b0:e2:51:c8:a1:ad:47:88:10:61:d6:8c:d8:64:
                    f2:4e:21:d1:6a:ea:32:1b:0d:30:a3:10:f6:f9:fb:
                    9a:8a:d2:c9:ad:c9:e0:5b:74:83:b3:8a:e9:bc:d6:
                    c6:24:84:6d:60:bd:70:76:9e:bf:30:33:4a:ed:b0:
                    b9:48:d0:8d:d3:a8:27:48:f7:cd:c0:87:4b:69:c6:
                    e8:1b:f1:a2:88:89:f9:5d:52:a4:36:1f:55:39:82:
                    3c:af:c1:6c:02:66:d6:c9:d7:f4:d3:71:0b:e5:fe:
                    c2:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:19:4F:E1:28:04:4B:94:B3:BE:D7:5A:8F:F6:A8:BE:6C:63:08:49
            X509v3 Authority Key Identifier:
                keyid:85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3137302e3233392e34392e302f32342d3234203d3e203532323731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.239.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:b7:a9:2f:7b:b2:e7:c8:35:d0:7a:94:a5:c7:18:ac:5e:48:
         12:23:56:5a:e9:66:d1:7d:d2:21:fe:a5:e3:44:26:3e:b9:27:
         d8:09:03:51:ad:ca:50:00:0e:f6:eb:cd:55:44:e5:00:9c:c2:
         0c:d2:25:f1:e2:74:88:7d:ca:bd:18:9c:0b:b7:35:fe:57:a1:
         06:f8:08:a9:27:e7:f5:71:6c:d5:57:2a:05:1b:2f:20:a2:f0:
         d3:82:86:4e:9c:9d:94:73:56:58:91:3b:92:1f:e5:8d:a0:13:
         b1:50:b1:83:d7:18:b3:fb:5c:e2:b1:36:0f:f5:bf:d8:8c:ae:
         f9:e6:ad:82:09:9a:60:f9:2d:0f:fc:54:46:79:bf:e3:90:ec:
         2f:8f:d8:33:50:89:53:78:5c:86:72:dc:89:75:d8:f9:82:c1:
         ec:39:2a:7e:f1:b8:be:97:30:68:61:99:53:59:d7:f0:68:2a:
         b4:39:1b:76:8e:4e:40:90:aa:62:02:b9:42:06:47:98:71:fc:
         9d:6a:c0:53:32:49:cb:d6:52:3c:02:86:69:e9:a7:cf:24:8d:
         d9:50:94:83:87:80:29:21:86:52:13:f8:44:4f:72:2e:d6:fd:
         0e:c7:04:f7:8a:80:a3:4e:19:58:5f:ec:89:06:1f:56:89:a0:
         be:6b:6b:f9
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUBLyGY1psFVuyKZ958fXrv0KUNn8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODU5MzlCMjIzNjhCNzkxQzE4ODg5QzExNDg3NjU4MkEy
OTM3MTZGNDAeFw0yNDAzMDUxNzM5NTBaFw0yNTAzMDQxNzQ0NTBaMDMxMTAvBgNV
BAMTKDkxMTk0RkUxMjgwNDRCOTRCM0JFRDc1QThGRjZBOEJFNkM2MzA4NDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZJ88XupKrn/AF2IIzgp+EjmGc
tL5ZxTxZoJlFSMu0T+e0I5YxwTkpRmxR7Fa/mR4q3RZt7jGLKNNkkJ6do893gfIl
EbV/sR/Y4N1U/P/OuXxOC5WzquL7oXYTGPIWAUNO5l69nbgkUcMwgjVPne0RMNQ0
JvE/0G2c+boOI/qFp3o/xRBiR5McW1+48dN/R6YaKuQ1Opmw4lHIoa1HiBBh1ozY
ZPJOIdFq6jIbDTCjEPb5+5qK0smtyeBbdIOzium81sYkhG1gvXB2nr8wM0rtsLlI
0I3TqCdI983Ah0tpxugb8aKIifldUqQ2H1U5gjyvwWwCZtbJ1/TTcQvl/sIdAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUkRlP4SgES5Szvtdaj/aovmxjCEkwHwYDVR0j
BBgwFoAUhZObIjaLeRwYiJwRSHZYKik3FvQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xOEQ0REE2NEE5QzVCMjE5QjdFQkUxMEI4NDZGRjM5NDZB
NzdGNzQyMDQ0ODRFRDVFODVFNjA2NzAwNjM5MzYzLzAvODU5MzlCMjIzNjhCNzkx
QzE4ODg5QzExNDg3NjU4MkEyOTM3MTZGNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NTkzOUIyMjM2OEI3OTFDMTg4
ODlDMTE0ODc2NTgyQTI5MzcxNkY0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMThENERBNjRBOUM1QjIxOUI3RUJFMTBCODQ2RkYzOTQ2QTc3Rjc0MjA0
NDg0RUQ1RTg1RTYwNjcwMDYzOTM2My8wLzMxMzczMDJlMzIzMzM5MmUzNDM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMyMzczMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKrvMTAN
BgkqhkiG9w0BAQsFAAOCAQEAb7epL3uy58g10HqUpccYrF5IEiNWWulm0X3SIf6l
40QmPrkn2AkDUa3KUAAO9uvNVUTlAJzCDNIl8eJ0iH3KvRicC7c1/lehBvgIqSfn
9XFs1VcqBRsvIKLw04KGTpydlHNWWJE7kh/ljaATsVCxg9cYs/tc4rE2D/W/2Iyu
+eatggmaYPktD/xURnm/45DsL4/YM1CJU3hchnLciXXY+YLB7DkqfvG4vpcwaGGZ
U1nX8GgqtDkbdo5OQJCqYgK5QgZHmHH8nWrAUzJJy9ZSPAKGaemnzySN2VCUg4eA
KSGGUhP4RE9yLtb9DscE94qAo04ZWF/siQYfVomgvmtr+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 13 05:08:44 2024 by rpki-client on console-ams.rpki-client.org