Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/193ABEC27115818C343AFFAEB9C4ECD22C90E84C79E30FF33644881DAEE6C20E/0/3137302e3233382e3235322e302f32322d3232203d3e20323635353233.roa
File:                     3137302e3233382e3235322e302f32322d3232203d3e20323635353233.roa (raw, json)
Hash identifier:          SjVd5D+iOof1GLT69CeFORfNfkXZR/D41oZ1peh1moo=
Subject key identifier:   9C:62:4B:0D:92:8B:C9:62:CB:B0:BA:A7:55:04:0E:10:2E:29:83:AF
Certificate issuer:       /CN=40486DCD4FF9A7DB635571FBC2CCD6D2ADB8625F
Certificate serial:       0B0B8D8169143D591C804CC871F8E206D2CFBEC5
Authority key identifier: 40:48:6D:CD:4F:F9:A7:DB:63:55:71:FB:C2:CC:D6:D2:AD:B8:62:5F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/40486DCD4FF9A7DB635571FBC2CCD6D2ADB8625F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/193ABEC27115818C343AFFAEB9C4ECD22C90E84C79E30FF33644881DAEE6C20E/0/3137302e3233382e3235322e302f32322d3232203d3e20323635353233.roa
Signing time:             Tue 05 Mar 2024 17:57:13 +0000
ROA not before:           Tue 05 Mar 2024 17:52:13 +0000
ROA not after:            Tue 04 Mar 2025 17:57:13 +0000
asID:                     265523
IP address blocks:        170.238.252.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/193ABEC27115818C343AFFAEB9C4ECD22C90E84C79E30FF33644881DAEE6C20E/0/40486DCD4FF9A7DB635571FBC2CCD6D2ADB8625F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/193ABEC27115818C343AFFAEB9C4ECD22C90E84C79E30FF33644881DAEE6C20E/0/40486DCD4FF9A7DB635571FBC2CCD6D2ADB8625F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/40486DCD4FF9A7DB635571FBC2CCD6D2ADB8625F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 27 Jul 2024 09:32:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:0b:8d:81:69:14:3d:59:1c:80:4c:c8:71:f8:e2:06:d2:cf:be:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40486DCD4FF9A7DB635571FBC2CCD6D2ADB8625F
        Validity
            Not Before: Mar  5 17:52:13 2024 GMT
            Not After : Mar  4 17:57:13 2025 GMT
        Subject: CN=9C624B0D928BC962CBB0BAA755040E102E2983AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:04:88:3b:ca:a5:f2:bf:5d:21:e0:b0:bd:6e:
                    16:90:ef:89:97:5d:67:aa:88:cf:3c:45:88:02:cb:
                    9a:07:46:67:11:7e:82:6c:88:6e:a5:46:35:9a:22:
                    8e:39:4c:b9:46:97:b3:e2:69:a1:35:c3:48:08:98:
                    58:e3:f5:66:2f:f5:15:12:3c:e1:a7:50:20:d6:0b:
                    f2:77:ed:ce:53:f8:8f:53:ab:d0:e2:24:2e:16:d7:
                    f6:40:31:65:28:98:68:76:df:63:91:8c:80:ca:f5:
                    24:fe:68:50:14:c2:16:2a:fc:67:32:23:13:2d:38:
                    f1:2f:b6:9f:82:84:3a:7d:59:85:85:7f:26:88:08:
                    e4:a1:37:0d:43:ba:8d:ad:52:82:bc:5d:a4:02:3a:
                    24:57:f8:13:4a:4e:7a:f6:ab:ea:99:52:ad:3b:c0:
                    04:b3:c4:76:a5:dc:a8:69:b7:9c:33:62:46:ac:1d:
                    f7:02:b2:55:d8:21:02:2e:6a:17:3b:33:94:d9:18:
                    5c:e1:f2:8a:83:4d:15:38:c1:9a:31:a9:f5:a5:73:
                    0f:8b:7d:6e:b7:e1:bb:cf:cd:b9:98:f0:3c:6d:37:
                    db:d1:db:6f:6c:db:a4:6c:af:45:fb:88:69:44:69:
                    bc:35:e0:31:f8:9c:02:bc:fe:eb:63:14:88:c4:f1:
                    1d:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:62:4B:0D:92:8B:C9:62:CB:B0:BA:A7:55:04:0E:10:2E:29:83:AF
            X509v3 Authority Key Identifier:
                keyid:40:48:6D:CD:4F:F9:A7:DB:63:55:71:FB:C2:CC:D6:D2:AD:B8:62:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/193ABEC27115818C343AFFAEB9C4ECD22C90E84C79E30FF33644881DAEE6C20E/0/40486DCD4FF9A7DB635571FBC2CCD6D2ADB8625F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/40486DCD4FF9A7DB635571FBC2CCD6D2ADB8625F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/193ABEC27115818C343AFFAEB9C4ECD22C90E84C79E30FF33644881DAEE6C20E/0/3137302e3233382e3235322e302f32322d3232203d3e20323635353233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.238.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         77:ba:f5:4c:83:e8:7a:ae:18:1d:fb:c2:16:11:8f:2c:67:ad:
         79:87:8c:5b:51:34:04:eb:73:fa:5d:03:a4:54:c1:bb:52:a4:
         09:c5:85:ef:31:a5:f9:3e:c7:3a:a7:ed:64:43:78:30:ee:11:
         dd:35:11:06:ea:f1:52:dd:0b:57:31:db:bc:d0:be:e6:36:99:
         d5:18:d4:82:6d:09:43:1c:2c:31:40:61:c6:65:a3:ee:17:f8:
         c5:7c:cc:15:62:f4:24:70:72:49:05:4b:1d:90:0c:d6:ce:0a:
         47:ad:26:af:a4:b7:25:b2:ee:c9:bb:08:2f:16:26:f3:0c:cc:
         d2:c6:8b:d3:5f:01:3c:b8:bf:a3:52:b5:95:51:2c:13:4f:0b:
         4f:1b:46:9a:b0:2a:dc:f3:6e:06:c7:ac:cf:64:75:73:95:42:
         4f:be:5a:76:1f:2a:11:97:8e:be:b0:9f:60:c4:0e:ab:10:c1:
         01:fd:97:db:14:26:78:24:d3:30:a3:24:5e:17:98:8e:1a:45:
         6c:30:21:91:f6:05:bd:fe:51:02:e9:cb:8c:3a:cc:aa:ca:25:
         5c:a4:dc:03:81:08:07:e8:9f:99:56:f3:24:86:d6:8e:79:49:
         85:5f:01:c0:e4:f6:d3:42:dd:59:c2:70:19:19:48:7b:ba:c6:
         54:8c:89:19
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUCwuNgWkUPVkcgEzIcfjiBtLPvsUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDA0ODZEQ0Q0RkY5QTdEQjYzNTU3MUZCQzJDQ0Q2RDJB
REI4NjI1RjAeFw0yNDAzMDUxNzUyMTNaFw0yNTAzMDQxNzU3MTNaMDMxMTAvBgNV
BAMTKDlDNjI0QjBEOTI4QkM5NjJDQkIwQkFBNzU1MDQwRTEwMkUyOTgzQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgBIg7yqXyv10h4LC9bhaQ74mX
XWeqiM88RYgCy5oHRmcRfoJsiG6lRjWaIo45TLlGl7PiaaE1w0gImFjj9WYv9RUS
POGnUCDWC/J37c5T+I9Tq9DiJC4W1/ZAMWUomGh232ORjIDK9ST+aFAUwhYq/Gcy
IxMtOPEvtp+ChDp9WYWFfyaICOShNw1Duo2tUoK8XaQCOiRX+BNKTnr2q+qZUq07
wASzxHal3Khpt5wzYkasHfcCslXYIQIuahc7M5TZGFzh8oqDTRU4wZoxqfWlcw+L
fW634bvPzbmY8DxtN9vR229s26Rsr0X7iGlEabw14DH4nAK8/utjFIjE8R1rAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUnGJLDZKLyWLLsLqnVQQOEC4pg68wHwYDVR0j
BBgwFoAUQEhtzU/5p9tjVXH7wszW0q24Yl8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xOTNBQkVDMjcxMTU4MThDMzQzQUZGQUVCOUM0RUNEMjJD
OTBFODRDNzlFMzBGRjMzNjQ0ODgxREFFRTZDMjBFLzAvNDA0ODZEQ0Q0RkY5QTdE
QjYzNTU3MUZCQzJDQ0Q2RDJBREI4NjI1Ri5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80MDQ4NkRDRDRGRjlBN0RCNjM1
NTcxRkJDMkNDRDZEMkFEQjg2MjVGLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTkzQUJFQzI3MTE1ODE4QzM0M0FGRkFFQjlDNEVDRDIyQzkwRTg0Qzc5
RTMwRkYzMzY0NDg4MURBRUU2QzIwRS8wLzMxMzczMDJlMzIzMzM4MmUzMjM1MzIy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM2MzUzNTMyMzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKq
7vwwDQYJKoZIhvcNAQELBQADggEBAHe69UyD6HquGB37whYRjyxnrXmHjFtRNATr
c/pdA6RUwbtSpAnFhe8xpfk+xzqn7WRDeDDuEd01EQbq8VLdC1cx27zQvuY2mdUY
1IJtCUMcLDFAYcZlo+4X+MV8zBVi9CRwckkFSx2QDNbOCketJq+ktyWy7sm7CC8W
JvMMzNLGi9NfATy4v6NStZVRLBNPC08bRpqwKtzzbgbHrM9kdXOVQk++WnYfKhGX
jr6wn2DEDqsQwQH9l9sUJngk0zCjJF4XmI4aRWwwIZH2Bb3+UQLpy4w6zKrKJVyk
3AOBCAfon5lW8ySG1o55SYVfAcDk9tNC3VnCcBkZSHu6xlSMiRk=
-----END CERTIFICATE-----
Generated at Tue Jul 23 16:33:39 2024 by rpki-client on console-ams.rpki-client.org