Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1E17080BF341711B27BE627D469BC3FEC4C5DD66588222F5E5558083B67A36C8/0/3136382e3139342e3137312e302f32342d3234203d3e20323639383632.roa
File:                     3136382e3139342e3137312e302f32342d3234203d3e20323639383632.roa (raw, json)
Hash identifier:          GX/HToNWxCn4ylRYqJu2CN0CM4RhkIjMGlHg/Wc0SzI=
Subject key identifier:   AE:67:11:99:9D:AC:30:B3:65:0B:12:21:78:2A:FC:47:D2:20:2A:07
Certificate issuer:       /CN=A5ADA847947FFCAAF29C2E41F2DEF23FE82B94DD
Certificate serial:       2AAB3D1198C47EEB29DA806A4F9AE7163EE53DE4
Authority key identifier: A5:AD:A8:47:94:7F:FC:AA:F2:9C:2E:41:F2:DE:F2:3F:E8:2B:94:DD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5ADA847947FFCAAF29C2E41F2DEF23FE82B94DD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1E17080BF341711B27BE627D469BC3FEC4C5DD66588222F5E5558083B67A36C8/0/3136382e3139342e3137312e302f32342d3234203d3e20323639383632.roa
Signing time:             Tue 05 Mar 2024 18:08:22 +0000
ROA not before:           Tue 05 Mar 2024 18:03:22 +0000
ROA not after:            Tue 04 Mar 2025 18:08:22 +0000
asID:                     269862
IP address blocks:        168.194.171.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1E17080BF341711B27BE627D469BC3FEC4C5DD66588222F5E5558083B67A36C8/0/A5ADA847947FFCAAF29C2E41F2DEF23FE82B94DD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1E17080BF341711B27BE627D469BC3FEC4C5DD66588222F5E5558083B67A36C8/0/A5ADA847947FFCAAF29C2E41F2DEF23FE82B94DD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5ADA847947FFCAAF29C2E41F2DEF23FE82B94DD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:ab:3d:11:98:c4:7e:eb:29:da:80:6a:4f:9a:e7:16:3e:e5:3d:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5ADA847947FFCAAF29C2E41F2DEF23FE82B94DD
        Validity
            Not Before: Mar  5 18:03:22 2024 GMT
            Not After : Mar  4 18:08:22 2025 GMT
        Subject: CN=AE6711999DAC30B3650B1221782AFC47D2202A07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b2:af:e6:f3:dd:09:74:50:b7:1e:c5:1c:12:
                    49:44:d2:fc:03:0d:0b:93:c3:87:87:85:c1:db:a5:
                    74:33:0f:9c:41:9c:74:df:15:12:07:53:1c:df:8f:
                    21:8b:5e:b5:18:33:fa:6e:a8:f2:ea:a3:5e:9d:58:
                    ff:18:ef:82:e3:a7:3a:ce:d5:3f:02:02:7b:a7:5f:
                    8b:5a:6d:db:14:57:e8:fb:f4:03:8a:15:e4:5d:0e:
                    a5:38:83:8b:38:73:6c:cd:ee:2b:d3:79:5d:bc:b0:
                    80:1f:1e:27:d9:36:90:82:bb:84:1b:b0:87:51:fe:
                    c4:a3:da:9f:98:92:e3:10:d2:71:05:6b:6c:0e:90:
                    ae:f3:49:08:f2:28:d9:35:5d:e0:7d:03:49:07:fa:
                    0a:5f:77:38:0d:c5:c1:57:be:cf:1e:fe:99:78:16:
                    1b:57:75:ad:1b:d5:a3:de:6d:cb:1c:da:85:67:a3:
                    f0:7c:60:fa:37:68:c5:f0:1d:55:53:02:0a:29:ce:
                    b4:d7:9e:9e:ff:5d:26:01:dc:64:c6:5b:64:63:cf:
                    64:12:0e:34:33:63:e0:23:bd:00:c0:dd:38:15:af:
                    cd:ac:01:9a:db:59:4a:76:49:bb:2b:0f:24:2f:39:
                    4f:4b:f0:98:a5:72:ef:d7:56:07:ae:e7:a4:3d:48:
                    03:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:67:11:99:9D:AC:30:B3:65:0B:12:21:78:2A:FC:47:D2:20:2A:07
            X509v3 Authority Key Identifier:
                keyid:A5:AD:A8:47:94:7F:FC:AA:F2:9C:2E:41:F2:DE:F2:3F:E8:2B:94:DD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1E17080BF341711B27BE627D469BC3FEC4C5DD66588222F5E5558083B67A36C8/0/A5ADA847947FFCAAF29C2E41F2DEF23FE82B94DD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5ADA847947FFCAAF29C2E41F2DEF23FE82B94DD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1E17080BF341711B27BE627D469BC3FEC4C5DD66588222F5E5558083B67A36C8/0/3136382e3139342e3137312e302f32342d3234203d3e20323639383632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.194.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:80:d3:a4:7f:7f:16:0c:27:87:73:cc:53:5c:c2:5c:39:ed:
         c3:78:77:e7:e2:a0:59:b6:45:b9:0d:e5:a9:39:c5:66:a6:c8:
         d0:20:a7:20:f1:fc:c2:83:87:5f:4e:1e:0d:c3:1b:bd:51:c5:
         8c:80:b4:ce:5d:23:e7:6d:e4:7e:b2:ef:b1:2e:16:8c:d6:59:
         df:5b:f5:7f:ae:9f:e4:31:e9:e4:63:d3:34:14:e4:16:31:e2:
         3e:5f:f8:ff:0e:77:64:9b:88:ac:3e:10:15:0b:d4:41:a1:cb:
         a8:7c:cb:8f:9a:b1:2b:a8:ff:a7:64:b3:21:78:52:f1:02:22:
         23:8c:2d:7b:7b:2f:00:67:e0:7a:e9:a8:73:6d:09:1a:9d:f7:
         56:c5:b7:28:e6:fc:68:ff:91:ac:37:17:c8:4c:8d:fe:60:f6:
         d3:d5:3b:c4:d1:6f:b6:7f:91:4a:4a:8f:c1:e8:0a:f5:84:af:
         0d:a7:49:de:38:de:65:5d:36:9a:13:18:20:6c:a8:86:0b:f0:
         28:f1:08:40:1c:cf:a7:69:e9:2b:83:45:26:65:e6:a0:c5:0e:
         e5:32:53:b3:9a:d8:5e:f1:d0:15:11:47:56:e8:bc:f3:9f:d2:
         a3:88:94:92:0e:a0:85:e5:a3:b9:c7:55:fb:4f:8b:3c:c2:65:
         6a:8e:8e:85
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUKqs9EZjEfusp2oBqT5rnFj7lPeQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVBREE4NDc5NDdGRkNBQUYyOUMyRTQxRjJERUYyM0ZF
ODJCOTRERDAeFw0yNDAzMDUxODAzMjJaFw0yNTAzMDQxODA4MjJaMDMxMTAvBgNV
BAMTKEFFNjcxMTk5OURBQzMwQjM2NTBCMTIyMTc4MkFGQzQ3RDIyMDJBMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/sq/m890JdFC3HsUcEklE0vwD
DQuTw4eHhcHbpXQzD5xBnHTfFRIHUxzfjyGLXrUYM/puqPLqo16dWP8Y74LjpzrO
1T8CAnunX4tabdsUV+j79AOKFeRdDqU4g4s4c2zN7ivTeV28sIAfHifZNpCCu4Qb
sIdR/sSj2p+YkuMQ0nEFa2wOkK7zSQjyKNk1XeB9A0kH+gpfdzgNxcFXvs8e/pl4
FhtXda0b1aPebcsc2oVno/B8YPo3aMXwHVVTAgopzrTXnp7/XSYB3GTGW2Rjz2QS
DjQzY+AjvQDA3TgVr82sAZrbWUp2SbsrDyQvOU9L8Jilcu/XVgeu56Q9SAOFAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUrmcRmZ2sMLNlCxIheCr8R9IgKgcwHwYDVR0j
BBgwFoAUpa2oR5R//KrynC5B8t7yP+grlN0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xRTE3MDgwQkYzNDE3MTFCMjdCRTYyN0Q0NjlCQzNGRUM0
QzVERDY2NTg4MjIyRjVFNTU1ODA4M0I2N0EzNkM4LzAvQTVBREE4NDc5NDdGRkNB
QUYyOUMyRTQxRjJERUYyM0ZFODJCOTRERC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUFEQTg0Nzk0N0ZGQ0FBRjI5
QzJFNDFGMkRFRjIzRkU4MkI5NERELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUUxNzA4MEJGMzQxNzExQjI3QkU2MjdENDY5QkMzRkVDNEM1REQ2NjU4
ODIyMkY1RTU1NTgwODNCNjdBMzZDOC8wLzMxMzYzODJlMzEzOTM0MmUzMTM3MzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzkzODM2MzIucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACo
wqswDQYJKoZIhvcNAQELBQADggEBAAiA06R/fxYMJ4dzzFNcwlw57cN4d+fioFm2
RbkN5ak5xWamyNAgpyDx/MKDh19OHg3DG71RxYyAtM5dI+dt5H6y77EuFozWWd9b
9X+un+Qx6eRj0zQU5BYx4j5f+P8Od2SbiKw+EBUL1EGhy6h8y4+asSuo/6dksyF4
UvECIiOMLXt7LwBn4HrpqHNtCRqd91bFtyjm/Gj/kaw3F8hMjf5g9tPVO8TRb7Z/
kUpKj8HoCvWErw2nSd443mVdNpoTGCBsqIYL8CjxCEAcz6dp6SuDRSZl5qDFDuUy
U7Oa2F7x0BURR1bovPOf0qOIlJIOoIXlo7nHVftPizzCZWqOjoU=
-----END CERTIFICATE-----
Generated at Wed Nov 20 10:24:15 2024 by rpki-client on console-fra.rpki-client.org