Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1C2D9B1E616BFC6030F3DA1D6F20B6B414319A8CDD44EE6420B6FFE70D65C5B9/0/3136382e3139362e3235322e302f32322d3234203d3e203237393736.roa
File:                     3136382e3139362e3235322e302f32322d3234203d3e203237393736.roa (raw, json)
Hash identifier:          wRyjtOZ2vFBsTKBIuNKF+XgIid2eYua+J/N1UCcPTTE=
Subject key identifier:   D5:10:2E:0D:A6:C1:E1:01:0A:9E:AB:ED:15:98:B4:E2:BB:1E:50:99
Certificate issuer:       /CN=C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39
Certificate serial:       6A8F354C1032F0F1C893FE99FCEF63AB876BDA33
Authority key identifier: C4:E4:73:26:7C:7E:D8:DB:FC:CD:20:9A:C0:9A:1C:A7:B8:4A:7C:39
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1C2D9B1E616BFC6030F3DA1D6F20B6B414319A8CDD44EE6420B6FFE70D65C5B9/0/3136382e3139362e3235322e302f32322d3234203d3e203237393736.roa
Signing time:             Tue 05 Mar 2024 17:49:31 +0000
ROA not before:           Tue 05 Mar 2024 17:44:31 +0000
ROA not after:            Tue 04 Mar 2025 17:49:31 +0000
asID:                     27976
IP address blocks:        168.196.252.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1C2D9B1E616BFC6030F3DA1D6F20B6B414319A8CDD44EE6420B6FFE70D65C5B9/0/C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1C2D9B1E616BFC6030F3DA1D6F20B6B414319A8CDD44EE6420B6FFE70D65C5B9/0/C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:8f:35:4c:10:32:f0:f1:c8:93:fe:99:fc:ef:63:ab:87:6b:da:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39
        Validity
            Not Before: Mar  5 17:44:31 2024 GMT
            Not After : Mar  4 17:49:31 2025 GMT
        Subject: CN=D5102E0DA6C1E1010A9EABED1598B4E2BB1E5099
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:98:ec:ad:ea:10:65:0c:e2:01:25:28:7c:90:
                    5d:55:7b:9f:1b:7e:54:43:c9:65:69:b3:15:e4:05:
                    d5:40:90:d3:e5:d4:3c:b6:ed:21:ca:a3:20:cd:84:
                    98:36:ff:fb:ae:21:09:78:77:af:bf:1c:6f:58:99:
                    fa:1c:77:45:dc:2b:f3:b7:e7:0a:d2:db:93:77:fc:
                    ab:b9:5a:67:b2:ac:a6:74:2c:b9:e0:4b:db:8f:4f:
                    fa:2c:6d:f6:20:16:32:44:03:7f:d8:63:74:24:0c:
                    c0:59:8f:2d:1b:96:1c:6f:f6:04:15:fb:d2:d1:af:
                    1d:b9:d8:9d:4e:97:90:a4:b3:f8:ef:ca:95:84:8b:
                    31:a9:38:40:20:d0:ce:64:ae:de:61:54:be:dd:a8:
                    06:2e:1f:03:ad:2f:21:de:9e:a7:5e:2c:a2:d6:40:
                    8f:e5:73:8b:93:6b:71:d8:96:f1:13:e2:f2:c8:f3:
                    8f:76:75:c3:82:c9:1b:6c:e1:e6:73:69:c1:ad:6b:
                    32:5c:5f:19:79:ce:bd:dc:18:7e:36:17:f3:5b:9d:
                    79:47:5d:18:75:fb:b8:e9:0d:54:c9:ca:d2:d4:ae:
                    c7:55:0f:8a:c8:8b:83:6b:00:33:77:b6:c9:e0:15:
                    b0:2a:31:f5:b3:5c:9a:26:ad:74:11:6a:2c:b3:96:
                    44:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:10:2E:0D:A6:C1:E1:01:0A:9E:AB:ED:15:98:B4:E2:BB:1E:50:99
            X509v3 Authority Key Identifier:
                keyid:C4:E4:73:26:7C:7E:D8:DB:FC:CD:20:9A:C0:9A:1C:A7:B8:4A:7C:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1C2D9B1E616BFC6030F3DA1D6F20B6B414319A8CDD44EE6420B6FFE70D65C5B9/0/C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1C2D9B1E616BFC6030F3DA1D6F20B6B414319A8CDD44EE6420B6FFE70D65C5B9/0/3136382e3139362e3235322e302f32322d3234203d3e203237393736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.196.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         86:a5:a0:12:b5:37:5d:b9:fe:a6:06:dc:9b:dd:3a:65:6f:ee:
         98:15:ec:64:02:92:1b:82:93:7c:96:10:44:fa:b4:e0:ed:ca:
         88:97:7f:cb:f6:88:2a:02:b3:4f:08:ab:2a:07:a8:ba:07:58:
         79:ec:e0:4f:02:4f:3a:72:4a:d5:23:94:24:25:ef:cb:0a:40:
         34:41:fb:45:fb:ff:5f:ae:a7:5b:3c:fe:7a:f0:ec:ea:00:62:
         97:e8:a0:5e:c5:73:5c:d2:09:8b:a2:dd:bd:78:21:2b:ce:4e:
         dd:61:f4:90:56:be:3a:3d:13:d6:6e:62:29:e4:4d:f6:4d:36:
         fd:f0:4a:2b:33:b7:63:37:d5:94:7f:5d:7f:9e:07:8f:c6:1c:
         14:5a:46:30:6d:f4:2a:34:62:5a:c7:83:01:8b:cd:80:7d:aa:
         5e:d6:df:79:1e:75:2b:46:eb:56:9e:b5:22:73:51:84:f1:31:
         f3:33:a1:f3:83:1f:3b:12:cb:37:45:9f:89:96:28:ff:ec:46:
         64:25:43:03:8e:ee:e7:3a:09:cf:51:98:52:92:94:12:46:e0:
         3a:f1:a0:b0:c8:f9:7d:c9:6c:41:49:16:3e:fb:33:e6:02:c5:
         e6:96:ab:42:02:53:8e:e4:f2:28:65:be:8f:18:11:03:df:b7:
         51:25:2c:66
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUao81TBAy8PHIk/6Z/O9jq4dr2jMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzRFNDczMjY3QzdFRDhEQkZDQ0QyMDlBQzA5QTFDQTdC
ODRBN0MzOTAeFw0yNDAzMDUxNzQ0MzFaFw0yNTAzMDQxNzQ5MzFaMDMxMTAvBgNV
BAMTKEQ1MTAyRTBEQTZDMUUxMDEwQTlFQUJFRDE1OThCNEUyQkIxRTUwOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCumOyt6hBlDOIBJSh8kF1Ve58b
flRDyWVpsxXkBdVAkNPl1Dy27SHKoyDNhJg2//uuIQl4d6+/HG9Ymfocd0XcK/O3
5wrS25N3/Ku5WmeyrKZ0LLngS9uPT/osbfYgFjJEA3/YY3QkDMBZjy0blhxv9gQV
+9LRrx252J1Ol5Cks/jvypWEizGpOEAg0M5krt5hVL7dqAYuHwOtLyHenqdeLKLW
QI/lc4uTa3HYlvET4vLI8492dcOCyRts4eZzacGtazJcXxl5zr3cGH42F/NbnXlH
XRh1+7jpDVTJytLUrsdVD4rIi4NrADN3tsngFbAqMfWzXJomrXQRaiyzlkThAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU1RAuDabB4QEKnqvtFZi04rseUJkwHwYDVR0j
BBgwFoAUxORzJnx+2Nv8zSCawJocp7hKfDkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQzJEOUIxRTYxNkJGQzYwMzBGM0RBMUQ2RjIwQjZCNDE0
MzE5QThDREQ0NEVFNjQyMEI2RkZFNzBENjVDNUI5LzAvQzRFNDczMjY3QzdFRDhE
QkZDQ0QyMDlBQzA5QTFDQTdCODRBN0MzOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DNEU0NzMyNjdDN0VEOERCRkND
RDIwOUFDMDlBMUNBN0I4NEE3QzM5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUMyRDlCMUU2MTZCRkM2MDMwRjNEQTFENkYyMEI2QjQxNDMxOUE4Q0RE
NDRFRTY0MjBCNkZGRTcwRDY1QzVCOS8wLzMxMzYzODJlMzEzOTM2MmUzMjM1MzIy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM3MzkzNzM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqMT8
MA0GCSqGSIb3DQEBCwUAA4IBAQCGpaAStTdduf6mBtyb3Tplb+6YFexkApIbgpN8
lhBE+rTg7cqIl3/L9ogqArNPCKsqB6i6B1h57OBPAk86ckrVI5QkJe/LCkA0QftF
+/9frqdbPP568OzqAGKX6KBexXNc0gmLot29eCErzk7dYfSQVr46PRPWbmIp5E32
TTb98EorM7djN9WUf11/ngePxhwUWkYwbfQqNGJax4MBi82Afape1t95HnUrRutW
nrUic1GE8THzM6Hzgx87Ess3RZ+Jlij/7EZkJUMDju7nOgnPUZhSkpQSRuA68aCw
yPl9yWxBSRY++zPmAsXmlqtCAlOO5PIoZb6PGBED37dRJSxm
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:46:58 2024 by rpki-client on console-ams.rpki-client.org