Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1CBEE792A2D9789F26940C4FA5AD02A2EF19EDCA696828A818B05D2EFE80B65F/0/3137372e3235322e302e302f31342d3136203d3e203237383331.roa
File:                     3137372e3235322e302e302f31342d3136203d3e203237383331.roa (raw, json)
Hash identifier:          6sWHSJL7raiXdy783yrRZyqLd5/UCxJIedHp6oaMC8g=
Subject key identifier:   E6:0A:C5:DF:C8:DA:92:7D:46:78:F1:BB:EA:5C:54:EE:57:57:4E:9A
Certificate issuer:       /CN=3F426F657C9D6BF6728B5D80B4D03FE245BCD97E
Certificate serial:       265820D7BF9BD2FA7D5B0A2C330CB14304F28BCD
Authority key identifier: 3F:42:6F:65:7C:9D:6B:F6:72:8B:5D:80:B4:D0:3F:E2:45:BC:D9:7E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3F426F657C9D6BF6728B5D80B4D03FE245BCD97E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1CBEE792A2D9789F26940C4FA5AD02A2EF19EDCA696828A818B05D2EFE80B65F/0/3137372e3235322e302e302f31342d3136203d3e203237383331.roa
Signing time:             Tue 05 Mar 2024 18:15:41 +0000
ROA not before:           Tue 05 Mar 2024 18:10:41 +0000
ROA not after:            Tue 04 Mar 2025 18:15:41 +0000
asID:                     27831
IP address blocks:        177.252.0.0/14 maxlen: 16

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1CBEE792A2D9789F26940C4FA5AD02A2EF19EDCA696828A818B05D2EFE80B65F/0/3F426F657C9D6BF6728B5D80B4D03FE245BCD97E.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1CBEE792A2D9789F26940C4FA5AD02A2EF19EDCA696828A818B05D2EFE80B65F/0/3F426F657C9D6BF6728B5D80B4D03FE245BCD97E.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3F426F657C9D6BF6728B5D80B4D03FE245BCD97E.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 15 Jun 2024 15:53:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:58:20:d7:bf:9b:d2:fa:7d:5b:0a:2c:33:0c:b1:43:04:f2:8b:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3F426F657C9D6BF6728B5D80B4D03FE245BCD97E
        Validity
            Not Before: Mar  5 18:10:41 2024 GMT
            Not After : Mar  4 18:15:41 2025 GMT
        Subject: CN=E60AC5DFC8DA927D4678F1BBEA5C54EE57574E9A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4d:b5:1f:55:01:e5:6a:44:bf:1e:19:00:9a:
                    6e:af:9a:39:a0:3d:fc:cb:50:ea:96:2b:3b:4a:03:
                    75:92:e3:29:97:4f:5a:33:5f:13:79:a7:a7:5a:12:
                    a0:4c:77:cc:62:f5:c8:80:4f:08:c9:6c:94:60:8a:
                    c8:4d:07:0d:68:0b:16:7e:d6:13:f9:db:25:34:d6:
                    04:83:4e:24:7e:c6:96:40:17:a0:6a:fd:aa:a7:c8:
                    aa:e4:a9:12:37:41:f3:18:8f:28:7e:11:94:f3:c2:
                    22:19:37:b6:8d:23:9c:e9:79:26:ac:85:69:89:68:
                    95:6a:ca:a3:f0:c0:07:26:ee:1d:99:18:80:eb:12:
                    1f:31:b7:ee:a9:44:bb:fc:31:de:78:d0:8c:d4:79:
                    e3:d7:9a:14:d0:ac:4d:c1:b5:57:2e:45:f1:3d:0c:
                    f9:75:fd:cd:5a:0d:10:c2:bb:d6:ca:bc:5a:c9:96:
                    f3:b8:8c:8e:ce:df:5c:7f:d3:2a:c8:13:31:0b:e6:
                    9e:8a:01:c8:d3:56:ae:ad:49:0e:f1:e2:8e:47:73:
                    1b:08:41:66:80:ab:3d:47:d7:47:9c:08:53:6c:42:
                    f4:d8:36:b6:5e:12:33:aa:15:54:47:a1:21:a7:03:
                    3b:77:5d:b4:f6:b0:ce:03:dc:f0:03:d8:96:ba:f7:
                    4a:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:0A:C5:DF:C8:DA:92:7D:46:78:F1:BB:EA:5C:54:EE:57:57:4E:9A
            X509v3 Authority Key Identifier:
                keyid:3F:42:6F:65:7C:9D:6B:F6:72:8B:5D:80:B4:D0:3F:E2:45:BC:D9:7E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1CBEE792A2D9789F26940C4FA5AD02A2EF19EDCA696828A818B05D2EFE80B65F/0/3F426F657C9D6BF6728B5D80B4D03FE245BCD97E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3F426F657C9D6BF6728B5D80B4D03FE245BCD97E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1CBEE792A2D9789F26940C4FA5AD02A2EF19EDCA696828A818B05D2EFE80B65F/0/3137372e3235322e302e302f31342d3136203d3e203237383331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.252.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         76:d0:b2:5f:26:11:80:34:2b:80:6c:39:c9:02:51:27:5f:51:
         43:6e:d8:c9:88:ff:0f:cf:26:b7:85:cd:a5:6c:73:d5:9f:c3:
         d3:7d:9f:dd:ef:80:30:bc:cc:bd:f5:dc:01:6a:b2:12:56:c7:
         52:8e:54:55:b9:56:74:8b:c7:31:d9:d7:69:e4:e4:6d:41:d9:
         8e:33:13:0e:2c:3a:2d:fa:f5:69:3a:88:71:4a:3f:b1:2d:cf:
         64:ad:84:c7:10:b6:3f:57:9f:3f:66:ca:75:89:f0:0d:e0:16:
         42:a9:d7:70:03:bf:1d:a4:2b:92:16:b1:7a:bd:3a:5e:47:c3:
         13:ac:44:c4:34:2d:0b:dc:05:c7:ba:d7:45:19:e8:65:b6:d1:
         4c:b0:9b:ba:fd:cd:8d:aa:cf:6b:4b:48:a2:d6:e2:ff:4b:f4:
         b8:4c:03:d8:c1:a4:8e:eb:28:53:44:66:4b:25:d8:43:ae:19:
         82:6b:34:2f:66:d7:f0:bf:3d:25:46:c3:6c:33:00:9f:62:8b:
         c2:36:de:78:33:90:fa:d7:13:84:4f:8a:7c:a1:0d:a3:ce:72:
         48:1f:87:9d:5e:1c:50:18:6e:5a:52:de:d0:eb:e2:8a:0f:9e:
         38:cd:e8:58:a5:09:4a:32:aa:75:9b:d8:a5:53:c9:13:6f:aa:
         1b:8d:09:9a
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUJlgg17+b0vp9WwosMwyxQwTyi80wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Y0MjZGNjU3QzlENkJGNjcyOEI1RDgwQjREMDNGRTI0
NUJDRDk3RTAeFw0yNDAzMDUxODEwNDFaFw0yNTAzMDQxODE1NDFaMDMxMTAvBgNV
BAMTKEU2MEFDNURGQzhEQTkyN0Q0Njc4RjFCQkVBNUM1NEVFNTc1NzRFOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvTbUfVQHlakS/HhkAmm6vmjmg
PfzLUOqWKztKA3WS4ymXT1ozXxN5p6daEqBMd8xi9ciATwjJbJRgishNBw1oCxZ+
1hP52yU01gSDTiR+xpZAF6Bq/aqnyKrkqRI3QfMYjyh+EZTzwiIZN7aNI5zpeSas
hWmJaJVqyqPwwAcm7h2ZGIDrEh8xt+6pRLv8Md540IzUeePXmhTQrE3BtVcuRfE9
DPl1/c1aDRDCu9bKvFrJlvO4jI7O31x/0yrIEzEL5p6KAcjTVq6tSQ7x4o5HcxsI
QWaAqz1H10ecCFNsQvTYNrZeEjOqFVRHoSGnAzt3XbT2sM4D3PAD2Ja690r/AgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQU5grF38jakn1GePG76lxU7ldXTpowHwYDVR0j
BBgwFoAUP0JvZXyda/Zyi12AtNA/4kW82X4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQ0JFRTc5MkEyRDk3ODlGMjY5NDBDNEZBNUFEMDJBMkVG
MTlFRENBNjk2ODI4QTgxOEIwNUQyRUZFODBCNjVGLzAvM0Y0MjZGNjU3QzlENkJG
NjcyOEI1RDgwQjREMDNGRTI0NUJDRDk3RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRjQyNkY2NTdDOUQ2QkY2NzI4
QjVEODBCNEQwM0ZFMjQ1QkNEOTdFLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUNCRUU3OTJBMkQ5Nzg5RjI2OTQwQzRGQTVBRDAyQTJFRjE5RURDQTY5
NjgyOEE4MThCMDVEMkVGRTgwQjY1Ri8wLzMxMzczNzJlMzIzNTMyMmUzMDJlMzAy
ZjMxMzQyZDMxMzYyMDNkM2UyMDMyMzczODMzMzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwKx/DANBgkq
hkiG9w0BAQsFAAOCAQEAdtCyXyYRgDQrgGw5yQJRJ19RQ27YyYj/D88mt4XNpWxz
1Z/D032f3e+AMLzMvfXcAWqyElbHUo5UVblWdIvHMdnXaeTkbUHZjjMTDiw6Lfr1
aTqIcUo/sS3PZK2ExxC2P1efP2bKdYnwDeAWQqnXcAO/HaQrkhaxer06XkfDE6xE
xDQtC9wFx7rXRRnoZbbRTLCbuv3NjarPa0tIotbi/0v0uEwD2MGkjusoU0RmSyXY
Q64Zgms0L2bX8L89JUbDbDMAn2KLwjbeeDOQ+tcThE+KfKENo85ySB+HnV4cUBhu
WlLe0Oviig+eOM3oWKUJSjKqdZvYpVPJE2+qG40Jmg==
-----END CERTIFICATE-----
Generated at Wed Jun 12 15:43:21 2024 by rpki-client on console-ams.rpki-client.org