Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1AA2EBB687195FD49844E1D0D3115E92CDA6103B3994B0D6303D16B1799B337B/0/3133312e37322e3133382e302f32342d3234203d3e20323732393738.roa
File:                     3133312e37322e3133382e302f32342d3234203d3e20323732393738.roa (raw, json)
Hash identifier:          sMmmlxd7PyY4BmonsvaEyENx/06A2BtTdcw28wqXnkM=
Subject key identifier:   72:84:A8:59:37:F1:A3:B2:2D:35:29:4D:13:A2:1D:C9:4B:62:F0:1F
Certificate issuer:       /CN=AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192
Certificate serial:       5757D0A53412DF65E0CB778F7C132E064C1C7309
Authority key identifier: AD:0A:C5:C8:18:83:14:F9:3F:8D:AB:29:61:A0:B2:1B:0B:3B:21:92
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1AA2EBB687195FD49844E1D0D3115E92CDA6103B3994B0D6303D16B1799B337B/0/3133312e37322e3133382e302f32342d3234203d3e20323732393738.roa
Signing time:             Tue 05 Mar 2024 18:17:54 +0000
ROA not before:           Tue 05 Mar 2024 18:12:54 +0000
ROA not after:            Tue 04 Mar 2025 18:17:54 +0000
asID:                     272978
IP address blocks:        131.72.138.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1AA2EBB687195FD49844E1D0D3115E92CDA6103B3994B0D6303D16B1799B337B/0/AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1AA2EBB687195FD49844E1D0D3115E92CDA6103B3994B0D6303D16B1799B337B/0/AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:57:d0:a5:34:12:df:65:e0:cb:77:8f:7c:13:2e:06:4c:1c:73:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192
        Validity
            Not Before: Mar  5 18:12:54 2024 GMT
            Not After : Mar  4 18:17:54 2025 GMT
        Subject: CN=7284A85937F1A3B22D35294D13A21DC94B62F01F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a3:f6:53:4c:8d:aa:c2:9f:bd:2e:31:03:65:
                    e6:97:86:66:92:37:64:72:e3:33:42:65:3d:a5:bf:
                    e8:65:51:b1:59:00:6e:51:cf:de:27:37:fc:aa:f3:
                    4d:1b:12:63:1a:d1:a8:f4:e9:ea:c3:50:69:50:f7:
                    dc:5b:59:93:ab:07:cd:c7:ce:11:cc:5f:af:cd:01:
                    c0:c5:a2:c6:58:08:db:23:c8:53:a6:1c:97:fe:15:
                    b4:37:7a:12:4a:84:18:54:1c:99:53:bf:40:6e:b6:
                    6d:ab:09:46:35:ba:c9:09:9d:3e:b0:52:d4:54:82:
                    50:3d:04:6c:fb:ca:6b:fd:95:35:c9:b3:df:16:59:
                    13:3e:89:ad:e8:b8:5b:5e:2c:51:e2:fb:7c:d7:61:
                    99:0c:e9:6d:0c:23:5f:47:29:05:93:16:8e:42:21:
                    8b:53:ba:58:16:00:d3:88:a9:8d:b5:ba:73:60:d6:
                    c6:0d:23:b3:e4:ce:07:aa:ea:40:df:c1:4a:4c:84:
                    f8:dc:7f:ff:ad:a5:92:15:b3:2e:1d:34:2f:9a:d3:
                    fb:9d:95:ef:08:11:36:7d:24:0a:67:2a:bc:cf:d3:
                    3a:b9:1f:4a:44:37:11:ad:12:5a:9d:a2:80:fb:92:
                    8e:08:c4:2b:83:b9:5c:7a:11:8b:84:73:af:ea:4d:
                    92:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:84:A8:59:37:F1:A3:B2:2D:35:29:4D:13:A2:1D:C9:4B:62:F0:1F
            X509v3 Authority Key Identifier:
                keyid:AD:0A:C5:C8:18:83:14:F9:3F:8D:AB:29:61:A0:B2:1B:0B:3B:21:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1AA2EBB687195FD49844E1D0D3115E92CDA6103B3994B0D6303D16B1799B337B/0/AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1AA2EBB687195FD49844E1D0D3115E92CDA6103B3994B0D6303D16B1799B337B/0/3133312e37322e3133382e302f32342d3234203d3e20323732393738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.72.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c0:c8:8f:8f:7a:f6:2a:a6:19:f5:86:95:df:92:2c:31:45:4f:
         85:7f:a4:35:44:61:ec:52:dc:d6:f2:c5:35:2c:43:2a:46:4a:
         34:90:c2:c3:35:46:e7:ae:83:40:57:ec:33:cf:29:12:61:dd:
         c8:29:73:f6:ca:c0:f3:e2:dd:20:cc:6f:58:47:6b:72:17:b7:
         19:1e:05:5c:6f:01:41:19:af:49:db:5d:51:64:4a:a7:9d:93:
         68:97:0f:26:93:ea:1f:e6:04:e6:c3:73:ee:53:46:87:f4:5f:
         29:2b:0a:11:96:64:12:c3:41:51:95:71:57:97:53:d5:0c:4e:
         05:3e:1b:2c:49:c3:8e:89:26:e5:ba:78:db:35:b9:ce:94:42:
         cd:de:c8:14:c4:a6:25:da:a3:41:ff:89:2a:ff:6f:d9:12:c4:
         4c:01:e3:59:cb:d1:9b:65:d6:ed:a1:7a:ad:cf:7f:7a:c8:9a:
         47:40:d1:07:f5:d6:bb:0c:f7:43:64:2d:a7:a4:0b:4c:f5:68:
         71:74:4c:aa:2e:17:8d:53:e3:43:35:5d:87:13:51:68:d9:bf:
         df:39:a0:65:32:fd:55:4b:e4:be:b8:38:74:e2:bf:98:12:f4:
         4e:d0:7d:fd:cd:da:30:c8:d4:3f:ee:ab:11:02:6e:9d:6d:8a:
         c0:6c:dd:5b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUV1fQpTQS32Xgy3ePfBMuBkwccwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUQwQUM1QzgxODgzMTRGOTNGOERBQjI5NjFBMEIyMUIw
QjNCMjE5MjAeFw0yNDAzMDUxODEyNTRaFw0yNTAzMDQxODE3NTRaMDMxMTAvBgNV
BAMTKDcyODRBODU5MzdGMUEzQjIyRDM1Mjk0RDEzQTIxREM5NEI2MkYwMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9o/ZTTI2qwp+9LjEDZeaXhmaS
N2Ry4zNCZT2lv+hlUbFZAG5Rz94nN/yq800bEmMa0aj06erDUGlQ99xbWZOrB83H
zhHMX6/NAcDFosZYCNsjyFOmHJf+FbQ3ehJKhBhUHJlTv0Butm2rCUY1uskJnT6w
UtRUglA9BGz7ymv9lTXJs98WWRM+ia3ouFteLFHi+3zXYZkM6W0MI19HKQWTFo5C
IYtTulgWANOIqY21unNg1sYNI7Pkzgeq6kDfwUpMhPjcf/+tpZIVsy4dNC+a0/ud
le8IETZ9JApnKrzP0zq5H0pENxGtElqdooD7ko4IxCuDuVx6EYuEc6/qTZIpAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUcoSoWTfxo7ItNSlNE6IdyUti8B8wHwYDVR0j
BBgwFoAUrQrFyBiDFPk/jaspYaCyGws7IZIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQUEyRUJCNjg3MTk1RkQ0OTg0NEUxRDBEMzExNUU5MkNE
QTYxMDNCMzk5NEIwRDYzMDNEMTZCMTc5OUIzMzdCLzAvQUQwQUM1QzgxODgzMTRG
OTNGOERBQjI5NjFBMEIyMUIwQjNCMjE5Mi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BRDBBQzVDODE4ODMxNEY5M0Y4
REFCMjk2MUEwQjIxQjBCM0IyMTkyLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUFBMkVCQjY4NzE5NUZENDk4NDRFMUQwRDMxMTVFOTJDREE2MTAzQjM5
OTRCMEQ2MzAzRDE2QjE3OTlCMzM3Qi8wLzMxMzMzMTJlMzczMjJlMzEzMzM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzMyMzkzNzM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAg0iK
MA0GCSqGSIb3DQEBCwUAA4IBAQDAyI+PevYqphn1hpXfkiwxRU+Ff6Q1RGHsUtzW
8sU1LEMqRko0kMLDNUbnroNAV+wzzykSYd3IKXP2ysDz4t0gzG9YR2tyF7cZHgVc
bwFBGa9J211RZEqnnZNolw8mk+of5gTmw3PuU0aH9F8pKwoRlmQSw0FRlXFXl1PV
DE4FPhssScOOiSblunjbNbnOlELN3sgUxKYl2qNB/4kq/2/ZEsRMAeNZy9GbZdbt
oXqtz396yJpHQNEH9da7DPdDZC2npAtM9WhxdEyqLheNU+NDNV2HE1Fo2b/fOaBl
Mv1VS+S+uDh04r+YEvRO0H39zdowyNQ/7qsRAm6dbYrAbN1b
-----END CERTIFICATE-----
Generated at Wed Nov 20 20:04:31 2024 by rpki-client on console-fra.rpki-client.org