Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1C4F52DA220C02CD7BEF0182BE0D4BD7E4A140FD805F1C75AEDB78C51C5055A4/0/3134362e38332e3233312e302f32342d3234203d3e203238313136.roa
File:                     3134362e38332e3233312e302f32342d3234203d3e203238313136.roa (raw, json)
Hash identifier:          PvQqkyZ9k+tqWWJrKoIpAvGPRwlA/1914WyJ/2oFpvI=
Subject key identifier:   16:32:66:2C:9F:47:74:41:A9:AB:63:6A:79:C6:BE:A0:57:62:50:FF
Certificate issuer:       /CN=1AE4EFA975B04248E7218A3BCCF4F7C3DB9D6910
Certificate serial:       4DFFDA075061F09D7F9643B30C1453DB0FA1BA66
Authority key identifier: 1A:E4:EF:A9:75:B0:42:48:E7:21:8A:3B:CC:F4:F7:C3:DB:9D:69:10
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1AE4EFA975B04248E7218A3BCCF4F7C3DB9D6910.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1C4F52DA220C02CD7BEF0182BE0D4BD7E4A140FD805F1C75AEDB78C51C5055A4/0/3134362e38332e3233312e302f32342d3234203d3e203238313136.roa
Signing time:             Tue 05 Mar 2024 17:58:12 +0000
ROA not before:           Tue 05 Mar 2024 17:53:12 +0000
ROA not after:            Tue 04 Mar 2025 17:58:12 +0000
asID:                     28116
IP address blocks:        146.83.231.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1C4F52DA220C02CD7BEF0182BE0D4BD7E4A140FD805F1C75AEDB78C51C5055A4/0/1AE4EFA975B04248E7218A3BCCF4F7C3DB9D6910.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1C4F52DA220C02CD7BEF0182BE0D4BD7E4A140FD805F1C75AEDB78C51C5055A4/0/1AE4EFA975B04248E7218A3BCCF4F7C3DB9D6910.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1AE4EFA975B04248E7218A3BCCF4F7C3DB9D6910.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:ff:da:07:50:61:f0:9d:7f:96:43:b3:0c:14:53:db:0f:a1:ba:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1AE4EFA975B04248E7218A3BCCF4F7C3DB9D6910
        Validity
            Not Before: Mar  5 17:53:12 2024 GMT
            Not After : Mar  4 17:58:12 2025 GMT
        Subject: CN=1632662C9F477441A9AB636A79C6BEA0576250FF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:90:6c:a8:2f:4f:1f:85:e0:12:e6:4b:fc:51:
                    14:43:72:9a:25:9f:d2:a3:fa:b5:99:c1:aa:f9:db:
                    b1:64:44:d5:60:c8:55:79:8d:85:1e:4a:8a:8b:8c:
                    26:fe:99:d8:ce:26:c5:58:cd:b6:6b:5a:21:76:12:
                    6f:c2:98:d5:ef:63:96:ff:00:ab:91:38:13:71:a2:
                    6c:f9:7f:bf:f8:66:39:00:86:cc:e9:ae:53:14:de:
                    82:bd:61:a0:dc:42:cc:83:ca:c6:3d:6c:d3:3a:af:
                    d5:4f:4f:09:d1:5c:fb:39:63:e0:45:8d:85:2c:62:
                    56:e8:68:47:80:1e:63:56:dc:07:34:ae:6b:17:b2:
                    78:20:07:a4:f7:fa:c4:8f:69:30:84:36:23:e5:f0:
                    d4:6a:6a:61:80:20:ed:fe:fa:e8:25:36:3b:02:d7:
                    0e:05:d5:f4:c6:54:1b:86:46:a8:65:21:6f:ff:9b:
                    a2:84:c4:2c:b2:91:21:57:0b:46:b4:0d:f7:f4:c4:
                    3e:ca:35:ea:e0:6e:18:d5:0d:2a:9b:01:6f:d5:4a:
                    d7:c5:da:b0:29:c0:1a:69:f9:49:46:c4:56:43:c8:
                    00:c5:9e:4d:ed:90:36:2a:85:94:8a:0e:96:7d:2c:
                    37:17:ff:81:35:07:8b:29:ec:93:a8:52:95:e4:57:
                    2e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:32:66:2C:9F:47:74:41:A9:AB:63:6A:79:C6:BE:A0:57:62:50:FF
            X509v3 Authority Key Identifier:
                keyid:1A:E4:EF:A9:75:B0:42:48:E7:21:8A:3B:CC:F4:F7:C3:DB:9D:69:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1C4F52DA220C02CD7BEF0182BE0D4BD7E4A140FD805F1C75AEDB78C51C5055A4/0/1AE4EFA975B04248E7218A3BCCF4F7C3DB9D6910.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1AE4EFA975B04248E7218A3BCCF4F7C3DB9D6910.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1C4F52DA220C02CD7BEF0182BE0D4BD7E4A140FD805F1C75AEDB78C51C5055A4/0/3134362e38332e3233312e302f32342d3234203d3e203238313136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.83.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:eb:57:7a:b4:d1:75:46:3f:47:9c:01:6a:cf:76:ec:4e:e9:
         9a:6f:35:4f:9a:78:46:26:71:d3:ff:f1:d3:42:c4:4b:50:be:
         74:88:03:21:66:d6:d7:0b:d5:39:d0:2c:4f:42:6f:fb:09:87:
         94:70:c3:eb:c3:52:31:4d:72:5f:34:85:f6:28:a2:08:e7:8f:
         13:4b:d5:a6:b3:50:4b:96:4b:cb:80:02:66:b6:05:f2:d7:c8:
         62:0e:9f:48:2a:c2:1e:be:0d:67:96:00:c6:93:ba:41:5e:60:
         ca:0a:ec:6e:6c:0c:25:6e:9b:1e:5d:52:79:32:02:73:08:04:
         25:56:4d:78:46:a1:1a:1c:7e:6c:7e:ea:65:cf:7f:2a:63:4b:
         10:61:2b:d2:cf:ed:a9:31:a5:3f:5f:2e:88:46:1a:3e:10:4b:
         aa:a8:03:c5:11:ac:e3:cc:10:29:86:40:56:bd:93:a7:2d:e3:
         97:09:cf:58:6a:9d:fe:a2:47:6c:75:82:4f:ad:4f:27:33:b8:
         cc:43:58:f5:60:5a:a0:ae:19:13:63:a9:67:33:a6:e6:58:11:
         1a:9c:c7:f8:09:1b:87:f4:6a:4c:1f:77:55:c7:e7:39:cd:6b:
         03:f8:c3:5f:5a:d2:a8:98:28:36:cc:73:4c:8b:c8:e1:63:8a:
         eb:7a:fb:79
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUTf/aB1Bh8J1/lkOzDBRT2w+humYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUFFNEVGQTk3NUIwNDI0OEU3MjE4QTNCQ0NGNEY3QzNE
QjlENjkxMDAeFw0yNDAzMDUxNzUzMTJaFw0yNTAzMDQxNzU4MTJaMDMxMTAvBgNV
BAMTKDE2MzI2NjJDOUY0Nzc0NDFBOUFCNjM2QTc5QzZCRUEwNTc2MjUwRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnkGyoL08fheAS5kv8URRDcpol
n9Kj+rWZwar527FkRNVgyFV5jYUeSoqLjCb+mdjOJsVYzbZrWiF2Em/CmNXvY5b/
AKuROBNxomz5f7/4ZjkAhszprlMU3oK9YaDcQsyDysY9bNM6r9VPTwnRXPs5Y+BF
jYUsYlboaEeAHmNW3Ac0rmsXsnggB6T3+sSPaTCENiPl8NRqamGAIO3++uglNjsC
1w4F1fTGVBuGRqhlIW//m6KExCyykSFXC0a0Dff0xD7KNergbhjVDSqbAW/VStfF
2rApwBpp+UlGxFZDyADFnk3tkDYqhZSKDpZ9LDcX/4E1B4sp7JOoUpXkVy4HAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUFjJmLJ9HdEGpq2Nqeca+oFdiUP8wHwYDVR0j
BBgwFoAUGuTvqXWwQkjnIYo7zPT3w9udaRAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQzRGNTJEQTIyMEMwMkNEN0JFRjAxODJCRTBENEJEN0U0
QTE0MEZEODA1RjFDNzVBRURCNzhDNTFDNTA1NUE0LzAvMUFFNEVGQTk3NUIwNDI0
OEU3MjE4QTNCQ0NGNEY3QzNEQjlENjkxMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xQUU0RUZBOTc1QjA0MjQ4RTcy
MThBM0JDQ0Y0RjdDM0RCOUQ2OTEwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUM0RjUyREEyMjBDMDJDRDdCRUYwMTgyQkUwRDRCRDdFNEExNDBGRDgw
NUYxQzc1QUVEQjc4QzUxQzUwNTVBNC8wLzMxMzQzNjJlMzgzMzJlMzIzMzMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODMxMzEzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJJT5zAN
BgkqhkiG9w0BAQsFAAOCAQEAeutXerTRdUY/R5wBas927E7pmm81T5p4RiZx0//x
00LES1C+dIgDIWbW1wvVOdAsT0Jv+wmHlHDD68NSMU1yXzSF9iiiCOePE0vVprNQ
S5ZLy4ACZrYF8tfIYg6fSCrCHr4NZ5YAxpO6QV5gygrsbmwMJW6bHl1SeTICcwgE
JVZNeEahGhx+bH7qZc9/KmNLEGEr0s/tqTGlP18uiEYaPhBLqqgDxRGs48wQKYZA
Vr2Tpy3jlwnPWGqd/qJHbHWCT61PJzO4zENY9WBaoK4ZE2OpZzOm5lgRGpzH+Akb
h/RqTB93VcfnOc1rA/jDX1rSqJgoNsxzTIvI4WOK63r7eQ==
-----END CERTIFICATE-----
Generated at Mon Dec 9 19:02:13 2024 by rpki-client on console-ams.rpki-client.org