Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3137302e3233392e35302e302f32342d3234203d3e203532323731.roa
File:                     3137302e3233392e35302e302f32342d3234203d3e203532323731.roa (raw, json)
Hash identifier:          f47mLa9bsutKNuRPQIWUqW9avH8G5+jGt4vQEgtp5kU=
Subject key identifier:   B6:B5:44:A1:1A:54:87:EC:9C:65:27:BF:7E:CF:A5:D4:B6:F5:4B:0E
Certificate issuer:       /CN=85939B22368B791C18889C114876582A293716F4
Certificate serial:       6517768A589504E7A91906E1C46747B06221DB27
Authority key identifier: 85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3137302e3233392e35302e302f32342d3234203d3e203532323731.roa
Signing time:             Tue 05 Mar 2024 17:44:55 +0000
ROA not before:           Tue 05 Mar 2024 17:39:55 +0000
ROA not after:            Tue 04 Mar 2025 17:44:55 +0000
asID:                     52271
IP address blocks:        170.239.50.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 04:34:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:17:76:8a:58:95:04:e7:a9:19:06:e1:c4:67:47:b0:62:21:db:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85939B22368B791C18889C114876582A293716F4
        Validity
            Not Before: Mar  5 17:39:55 2024 GMT
            Not After : Mar  4 17:44:55 2025 GMT
        Subject: CN=B6B544A11A5487EC9C6527BF7ECFA5D4B6F54B0E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:ec:82:7c:a2:ff:c2:59:88:07:24:9d:06:0c:
                    38:fc:ea:1f:81:78:f2:52:32:dc:66:7e:65:4e:9f:
                    f6:22:15:79:e7:42:4b:3b:15:bf:01:c5:02:bb:d7:
                    32:48:51:de:2b:26:ed:2d:de:ab:54:98:05:1f:39:
                    56:af:ea:73:dc:ab:d2:78:33:30:9f:d9:62:22:99:
                    91:8c:80:8e:27:03:d5:52:ff:9f:b3:b0:ff:71:4a:
                    50:60:8f:9a:b3:d3:f1:9c:68:c6:24:2d:2b:7d:5d:
                    04:20:45:69:d0:b1:57:ea:e2:18:d4:c9:00:f9:44:
                    91:e8:e2:66:9a:3c:3f:0a:19:65:89:5a:46:f5:b7:
                    2b:73:eb:57:0d:10:ad:67:f6:08:e2:52:d6:07:cb:
                    ef:63:68:eb:a7:37:c7:e2:55:aa:df:35:f7:1d:82:
                    12:e5:5c:89:c3:c0:f6:f0:be:aa:69:b3:a8:3f:82:
                    ce:62:44:94:f2:c1:4d:aa:cd:84:5a:38:7b:18:14:
                    b8:ec:41:68:c1:b5:bc:f4:b9:ea:e9:61:fe:0e:eb:
                    42:7a:86:39:33:66:7d:08:e8:5f:2a:0e:23:63:90:
                    bd:2a:15:22:fa:64:3d:35:a5:1f:c3:f4:d7:e1:ae:
                    42:07:04:cf:52:39:9e:de:c1:d0:b8:8f:84:9a:6e:
                    86:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:B5:44:A1:1A:54:87:EC:9C:65:27:BF:7E:CF:A5:D4:B6:F5:4B:0E
            X509v3 Authority Key Identifier:
                keyid:85:93:9B:22:36:8B:79:1C:18:88:9C:11:48:76:58:2A:29:37:16:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/85939B22368B791C18889C114876582A293716F4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85939B22368B791C18889C114876582A293716F4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/18D4DA64A9C5B219B7EBE10B846FF3946A77F74204484ED5E85E606700639363/0/3137302e3233392e35302e302f32342d3234203d3e203532323731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.239.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:06:4e:71:07:f5:cf:8d:3b:09:e7:06:00:7c:13:7f:e8:ea:
         87:1d:0f:3b:a4:52:5f:70:21:3c:da:ad:6d:43:98:e8:4f:48:
         4c:d7:7e:49:8c:3d:37:34:f5:e1:97:bf:14:74:bd:48:e2:47:
         29:31:bc:5d:26:82:05:77:ec:82:30:84:ca:d1:8e:f8:4c:34:
         62:6a:90:3e:a2:18:3b:fa:35:fc:21:1d:8c:1c:97:59:08:fc:
         d4:07:4a:a2:b8:3b:78:5a:d3:1b:f5:d6:4b:e1:54:f4:47:6d:
         3d:8e:20:e0:87:f8:b6:d8:b5:05:52:86:48:2e:99:cd:d5:27:
         9d:8c:13:e0:00:7e:23:f2:42:b5:74:e8:37:2a:f4:7a:64:9b:
         23:d5:07:f5:d9:80:d7:f6:5a:ca:31:12:63:ee:c4:63:43:20:
         31:41:a0:38:58:96:7d:a2:a4:48:83:5e:8e:82:60:8a:cd:aa:
         96:72:11:83:85:a4:a7:0c:2c:f7:b5:35:f2:1b:99:03:08:5c:
         2a:11:dd:dd:bc:c9:45:89:e7:ee:4b:82:df:02:b7:6a:8e:2a:
         c7:6a:ad:46:8e:2a:75:e6:13:e7:15:01:80:f8:b7:0b:e4:75:
         bc:0e:bf:35:80:e1:7c:44:d0:0c:38:1c:43:91:b3:e1:8d:4a:
         bd:12:ba:f5
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUZRd2iliVBOepGQbhxGdHsGIh2ycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODU5MzlCMjIzNjhCNzkxQzE4ODg5QzExNDg3NjU4MkEy
OTM3MTZGNDAeFw0yNDAzMDUxNzM5NTVaFw0yNTAzMDQxNzQ0NTVaMDMxMTAvBgNV
BAMTKEI2QjU0NEExMUE1NDg3RUM5QzY1MjdCRjdFQ0ZBNUQ0QjZGNTRCMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJ7IJ8ov/CWYgHJJ0GDDj86h+B
ePJSMtxmfmVOn/YiFXnnQks7Fb8BxQK71zJIUd4rJu0t3qtUmAUfOVav6nPcq9J4
MzCf2WIimZGMgI4nA9VS/5+zsP9xSlBgj5qz0/GcaMYkLSt9XQQgRWnQsVfq4hjU
yQD5RJHo4maaPD8KGWWJWkb1tytz61cNEK1n9gjiUtYHy+9jaOunN8fiVarfNfcd
ghLlXInDwPbwvqpps6g/gs5iRJTywU2qzYRaOHsYFLjsQWjBtbz0uerpYf4O60J6
hjkzZn0I6F8qDiNjkL0qFSL6ZD01pR/D9NfhrkIHBM9SOZ7ewdC4j4SabobDAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUtrVEoRpUh+ycZSe/fs+l1Lb1Sw4wHwYDVR0j
BBgwFoAUhZObIjaLeRwYiJwRSHZYKik3FvQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xOEQ0REE2NEE5QzVCMjE5QjdFQkUxMEI4NDZGRjM5NDZB
NzdGNzQyMDQ0ODRFRDVFODVFNjA2NzAwNjM5MzYzLzAvODU5MzlCMjIzNjhCNzkx
QzE4ODg5QzExNDg3NjU4MkEyOTM3MTZGNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NTkzOUIyMjM2OEI3OTFDMTg4
ODlDMTE0ODc2NTgyQTI5MzcxNkY0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMThENERBNjRBOUM1QjIxOUI3RUJFMTBCODQ2RkYzOTQ2QTc3Rjc0MjA0
NDg0RUQ1RTg1RTYwNjcwMDYzOTM2My8wLzMxMzczMDJlMzIzMzM5MmUzNTMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMyMzczMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKrvMjAN
BgkqhkiG9w0BAQsFAAOCAQEAMAZOcQf1z407CecGAHwTf+jqhx0PO6RSX3AhPNqt
bUOY6E9ITNd+SYw9NzT14Ze/FHS9SOJHKTG8XSaCBXfsgjCEytGO+Ew0YmqQPqIY
O/o1/CEdjByXWQj81AdKorg7eFrTG/XWS+FU9EdtPY4g4If4tti1BVKGSC6ZzdUn
nYwT4AB+I/JCtXToNyr0emSbI9UH9dmA1/ZayjESY+7EY0MgMUGgOFiWfaKkSINe
joJgis2qlnIRg4Wkpwws97U18huZAwhcKhHd3bzJRYnn7kuC3wK3ao4qx2qtRo4q
deYT5xUBgPi3C+R1vA6/NYDhfETQDDgcQ5Gz4Y1KvRK69Q==
-----END CERTIFICATE-----
Generated at Thu Jun 13 04:54:42 2024 by rpki-client on console-fra.rpki-client.org