Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1A0F06438A6D2CB7E76DCCAAB955CAA75D96D39D1C3EF40D5760BD7069AF638F/0/3138362e322e3133362e302f32312d3234203d3e203532323632.roa
File:                     3138362e322e3133362e302f32312d3234203d3e203532323632.roa (raw, json)
Hash identifier:          HV/0dxb/tgdrPo0dNXSClpf199flo7IskiGnphu5A/g=
Subject key identifier:   FC:8E:DD:93:82:8F:D6:B0:AF:34:85:53:62:F9:FE:E7:B7:8D:DA:9C
Certificate issuer:       /CN=E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66
Certificate serial:       19E4EA70BC2D82109FF09C1A756F11B49392D208
Authority key identifier: E1:2E:5A:81:FF:61:5D:36:EE:5D:FA:42:78:2C:CB:7E:1F:D5:BB:66
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1A0F06438A6D2CB7E76DCCAAB955CAA75D96D39D1C3EF40D5760BD7069AF638F/0/3138362e322e3133362e302f32312d3234203d3e203532323632.roa
Signing time:             Tue 04 Feb 2025 20:04:54 +0000
ROA not before:           Tue 04 Feb 2025 19:59:54 +0000
ROA not after:            Tue 03 Feb 2026 20:04:54 +0000
asID:                     52262
IP address blocks:        186.2.136.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1A0F06438A6D2CB7E76DCCAAB955CAA75D96D39D1C3EF40D5760BD7069AF638F/0/E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1A0F06438A6D2CB7E76DCCAAB955CAA75D96D39D1C3EF40D5760BD7069AF638F/0/E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Feb 2025 20:43:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:e4:ea:70:bc:2d:82:10:9f:f0:9c:1a:75:6f:11:b4:93:92:d2:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66
        Validity
            Not Before: Feb  4 19:59:54 2025 GMT
            Not After : Feb  3 20:04:54 2026 GMT
        Subject: CN=FC8EDD93828FD6B0AF34855362F9FEE7B78DDA9C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:53:fe:05:24:a6:e1:7f:00:21:cf:be:c8:04:
                    a0:1b:9d:17:7e:ea:41:0e:ed:89:3a:bc:d8:8b:20:
                    8e:8c:69:16:98:1f:ef:7b:0c:c6:91:8f:8a:f7:ce:
                    d4:82:e6:3e:34:6d:dd:b7:95:99:c6:d2:2d:d1:95:
                    b0:96:2d:2c:b2:ef:5c:ec:d9:0f:24:99:d9:df:84:
                    a1:de:28:d6:65:f6:c2:2a:e6:36:2e:de:bc:6f:60:
                    cf:17:ca:42:68:87:64:0c:ac:a2:e9:61:3c:1c:c6:
                    a5:fc:25:7e:15:72:b8:98:68:17:36:19:00:3b:46:
                    bd:40:92:68:50:fc:66:74:4f:58:98:bf:a5:c4:67:
                    eb:7b:5a:5d:da:5b:8e:92:6a:db:f7:b4:54:1e:9e:
                    dc:d6:d1:f5:9f:c6:de:24:53:f3:55:6a:35:52:95:
                    0c:e6:57:02:ea:57:3a:97:47:3c:5f:61:92:3e:ba:
                    a9:bb:48:87:c2:37:ed:e9:6e:14:1b:90:f3:53:87:
                    af:fb:fc:fe:12:e0:31:5e:c4:97:5b:ca:16:ea:08:
                    ab:85:a8:d5:18:ba:3f:a1:d3:be:63:68:fd:ee:35:
                    2a:d8:04:64:9a:a4:1e:b0:3e:40:86:f8:6d:de:41:
                    cf:7f:fa:fc:4e:59:ef:8c:40:14:30:54:6f:27:3c:
                    85:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:8E:DD:93:82:8F:D6:B0:AF:34:85:53:62:F9:FE:E7:B7:8D:DA:9C
            X509v3 Authority Key Identifier:
                keyid:E1:2E:5A:81:FF:61:5D:36:EE:5D:FA:42:78:2C:CB:7E:1F:D5:BB:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1A0F06438A6D2CB7E76DCCAAB955CAA75D96D39D1C3EF40D5760BD7069AF638F/0/E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1A0F06438A6D2CB7E76DCCAAB955CAA75D96D39D1C3EF40D5760BD7069AF638F/0/3138362e322e3133362e302f32312d3234203d3e203532323632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.2.136.0/21

    Signature Algorithm: sha256WithRSAEncryption
         64:8e:39:b2:af:fc:ca:b1:89:7d:66:68:61:e0:07:1f:18:6c:
         96:56:ca:0f:2f:e1:b2:90:e9:a8:f2:ca:d7:59:00:80:f2:38:
         c7:97:58:61:8c:11:cf:ea:7c:18:2c:53:32:fe:62:37:45:48:
         86:03:fb:a0:2a:01:7f:3c:b0:e8:10:b2:90:d2:d6:84:df:29:
         b0:98:d5:eb:20:02:8e:b1:4d:f5:2d:60:25:fa:22:fa:22:4f:
         2f:c9:3f:01:c4:d8:2f:58:0f:dd:14:23:d6:1d:f5:89:ac:34:
         a3:a7:5f:30:78:69:68:0e:a6:a9:bf:56:f1:3d:71:6e:ea:64:
         f8:26:96:ab:a4:17:b9:cf:96:9e:f7:2b:b7:f3:b6:f6:a0:33:
         d9:5a:27:7d:b2:20:be:4a:13:cc:32:0f:96:27:6e:c3:44:ea:
         4a:25:95:6b:29:4b:6c:4c:51:8e:56:70:3a:83:83:f7:10:2f:
         11:2d:31:02:5a:94:7f:f7:87:42:6d:c7:41:a0:48:31:21:3a:
         18:0f:5d:59:26:24:d7:e3:71:f4:19:4e:18:c8:d2:7a:d8:53:
         f5:c7:d8:d4:a5:52:89:be:70:70:6f:a6:7c:bd:a6:ad:c8:53:
         4a:e1:4f:b2:db:0b:33:71:6d:d8:87:49:ce:a3:82:ed:7c:0f:
         59:30:1b:8d
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUGeTqcLwtghCf8JwadW8RtJOS0ggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTEyRTVBODFGRjYxNUQzNkVFNURGQTQyNzgyQ0NCN0Ux
RkQ1QkI2NjAeFw0yNTAyMDQxOTU5NTRaFw0yNjAyMDMyMDA0NTRaMDMxMTAvBgNV
BAMTKEZDOEVERDkzODI4RkQ2QjBBRjM0ODU1MzYyRjlGRUU3Qjc4RERBOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuU/4FJKbhfwAhz77IBKAbnRd+
6kEO7Yk6vNiLII6MaRaYH+97DMaRj4r3ztSC5j40bd23lZnG0i3RlbCWLSyy71zs
2Q8kmdnfhKHeKNZl9sIq5jYu3rxvYM8XykJoh2QMrKLpYTwcxqX8JX4VcriYaBc2
GQA7Rr1AkmhQ/GZ0T1iYv6XEZ+t7Wl3aW46Satv3tFQentzW0fWfxt4kU/NVajVS
lQzmVwLqVzqXRzxfYZI+uqm7SIfCN+3pbhQbkPNTh6/7/P4S4DFexJdbyhbqCKuF
qNUYuj+h075jaP3uNSrYBGSapB6wPkCG+G3eQc9/+vxOWe+MQBQwVG8nPIXBAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU/I7dk4KP1rCvNIVTYvn+57eN2pwwHwYDVR0j
BBgwFoAU4S5agf9hXTbuXfpCeCzLfh/Vu2YwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQTBGMDY0MzhBNkQyQ0I3RTc2RENDQUFCOTU1Q0FBNzVE
OTZEMzlEMUMzRUY0MEQ1NzYwQkQ3MDY5QUY2MzhGLzAvRTEyRTVBODFGRjYxNUQz
NkVFNURGQTQyNzgyQ0NCN0UxRkQ1QkI2Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FMTJFNUE4MUZGNjE1RDM2RUU1
REZBNDI3ODJDQ0I3RTFGRDVCQjY2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUEwRjA2NDM4QTZEMkNCN0U3NkRDQ0FBQjk1NUNBQTc1RDk2RDM5RDFD
M0VGNDBENTc2MEJENzA2OUFGNjM4Ri8wLzMxMzgzNjJlMzIyZTMxMzMzNjJlMzAy
ZjMyMzEyZDMyMzQyMDNkM2UyMDM1MzIzMjM2MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO6AogwDQYJ
KoZIhvcNAQELBQADggEBAGSOObKv/MqxiX1maGHgBx8YbJZWyg8v4bKQ6ajyytdZ
AIDyOMeXWGGMEc/qfBgsUzL+YjdFSIYD+6AqAX88sOgQspDS1oTfKbCY1esgAo6x
TfUtYCX6IvoiTy/JPwHE2C9YD90UI9Yd9YmsNKOnXzB4aWgOpqm/VvE9cW7qZPgm
lqukF7nPlp73K7fztvagM9laJ32yIL5KE8wyD5YnbsNE6kollWspS2xMUY5WcDqD
g/cQLxEtMQJalH/3h0Jtx0GgSDEhOhgPXVkmJNfjcfQZThjI0nrYU/XH2NSlUom+
cHBvpny9pq3IU0rhT7LbCzNxbdiHSc6jgu18D1kwG40=
-----END CERTIFICATE-----
Generated at Thu Feb 13 18:32:02 2025 by rpki-client