Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1F00C0A324484A0E532189EE68B426AA220331435BA450CFFCF3816BF1031989/0/3136382e3139372e39372e302f32342d3234203d3e20323634373633.roa
File:                     3136382e3139372e39372e302f32342d3234203d3e20323634373633.roa (raw, json)
Hash identifier:          JaYhfdxtVs39+C7noQTgbhElry27/NM7x24eTLOmoKA=
Subject key identifier:   80:BB:10:9F:C7:38:25:04:E6:AB:DD:FC:75:39:7B:A4:BF:33:FA:0F
Certificate issuer:       /CN=044328B588D7E6AB4F049D26F9E6FDBB2FB51970
Certificate serial:       54D977112233B6F0C9DE2D3ABDFF88860CF68A9A
Authority key identifier: 04:43:28:B5:88:D7:E6:AB:4F:04:9D:26:F9:E6:FD:BB:2F:B5:19:70
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/044328B588D7E6AB4F049D26F9E6FDBB2FB51970.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1F00C0A324484A0E532189EE68B426AA220331435BA450CFFCF3816BF1031989/0/3136382e3139372e39372e302f32342d3234203d3e20323634373633.roa
Signing time:             Tue 05 Mar 2024 17:56:50 +0000
ROA not before:           Tue 05 Mar 2024 17:51:50 +0000
ROA not after:            Tue 04 Mar 2025 17:56:50 +0000
asID:                     264763
IP address blocks:        168.197.97.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1F00C0A324484A0E532189EE68B426AA220331435BA450CFFCF3816BF1031989/0/044328B588D7E6AB4F049D26F9E6FDBB2FB51970.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1F00C0A324484A0E532189EE68B426AA220331435BA450CFFCF3816BF1031989/0/044328B588D7E6AB4F049D26F9E6FDBB2FB51970.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/044328B588D7E6AB4F049D26F9E6FDBB2FB51970.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 22 Nov 2024 14:52:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:d9:77:11:22:33:b6:f0:c9:de:2d:3a:bd:ff:88:86:0c:f6:8a:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=044328B588D7E6AB4F049D26F9E6FDBB2FB51970
        Validity
            Not Before: Mar  5 17:51:50 2024 GMT
            Not After : Mar  4 17:56:50 2025 GMT
        Subject: CN=80BB109FC7382504E6ABDDFC75397BA4BF33FA0F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:66:f4:3f:ae:af:85:b0:4e:4d:53:60:39:e2:
                    6e:61:81:52:c7:46:61:c0:4d:73:5f:7a:95:99:98:
                    5a:5d:76:f2:96:36:8e:d4:3b:6c:5c:02:19:80:1e:
                    30:ab:c6:d9:67:5c:26:7a:7b:9d:48:26:e8:ce:2a:
                    4a:87:bf:f6:15:b2:97:a9:bf:bc:89:0d:76:51:ad:
                    1f:3a:e7:9d:e4:29:ba:fb:2c:d7:bc:e4:09:7d:5e:
                    eb:d9:f1:1f:a2:8d:b6:85:81:25:78:f8:79:0e:99:
                    d8:c1:09:80:b7:f6:3f:5e:91:b7:dd:5f:c0:00:6b:
                    5d:d8:50:9d:5d:c5:22:92:b1:58:02:fb:08:86:92:
                    4c:6a:4b:74:9e:13:d1:3e:cd:6e:49:27:5e:b6:94:
                    87:46:fb:b6:97:aa:88:c3:f1:a8:bf:d1:85:93:96:
                    8f:23:cc:d8:fa:b0:ab:b9:a1:82:19:b7:57:89:a3:
                    39:20:91:75:21:1d:c9:7f:ba:fd:44:5c:4c:fc:57:
                    5e:5d:8a:bd:bb:fd:a2:95:29:6b:ae:67:4d:d5:82:
                    4b:16:d6:23:af:2c:e3:07:18:31:b0:55:df:d4:cd:
                    72:d1:09:ac:57:91:ca:34:99:a5:a5:03:14:5f:9d:
                    3f:66:58:79:d3:1d:15:c0:23:cf:91:65:29:b2:58:
                    2b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:BB:10:9F:C7:38:25:04:E6:AB:DD:FC:75:39:7B:A4:BF:33:FA:0F
            X509v3 Authority Key Identifier:
                keyid:04:43:28:B5:88:D7:E6:AB:4F:04:9D:26:F9:E6:FD:BB:2F:B5:19:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1F00C0A324484A0E532189EE68B426AA220331435BA450CFFCF3816BF1031989/0/044328B588D7E6AB4F049D26F9E6FDBB2FB51970.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/044328B588D7E6AB4F049D26F9E6FDBB2FB51970.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1F00C0A324484A0E532189EE68B426AA220331435BA450CFFCF3816BF1031989/0/3136382e3139372e39372e302f32342d3234203d3e20323634373633.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.197.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:35:cd:c8:5c:e3:67:6b:ed:f4:a4:89:3d:bd:38:5f:53:b2:
         3a:f1:fd:27:0d:e8:02:c2:49:9f:94:3b:c9:fc:4d:00:2a:31:
         8a:22:63:49:a8:1f:52:3d:fc:35:83:d2:15:02:97:ba:34:77:
         8d:25:fb:db:be:c4:8a:fa:53:b9:1f:9f:3d:7e:db:d1:e1:60:
         cc:86:f1:9b:35:67:2f:d8:34:88:14:25:4e:fb:9b:21:01:8f:
         4c:4c:89:7f:c1:21:d7:55:b6:9e:21:1f:8a:c2:96:74:5c:06:
         2e:b6:67:bf:aa:77:01:12:cb:42:7d:3c:7d:96:45:e6:8c:8e:
         00:d1:31:f9:0c:94:30:88:74:d8:03:7e:9c:8a:af:c7:48:d2:
         01:03:0f:cd:87:f5:35:fd:62:cf:41:0f:fc:ca:42:cc:ef:15:
         25:aa:e8:c7:b0:da:26:2e:50:9c:7d:17:72:cf:99:ee:af:b2:
         d6:c8:33:df:fe:03:4e:44:09:87:73:52:68:09:aa:fd:1a:df:
         8e:bd:f3:a7:c8:01:8d:69:29:10:24:b2:12:68:b1:da:7c:7e:
         ff:7c:76:59:98:39:54:4f:96:be:9c:e7:1e:ee:18:0f:b2:54:
         73:e8:49:f2:c5:cf:69:bc:8d:50:30:85:ca:f5:7e:ee:12:15:
         0b:2a:f4:bf
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUVNl3ESIztvDJ3i06vf+Ihgz2ipowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ0MzI4QjU4OEQ3RTZBQjRGMDQ5RDI2RjlFNkZEQkIy
RkI1MTk3MDAeFw0yNDAzMDUxNzUxNTBaFw0yNTAzMDQxNzU2NTBaMDMxMTAvBgNV
BAMTKDgwQkIxMDlGQzczODI1MDRFNkFCRERGQzc1Mzk3QkE0QkYzM0ZBMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEZvQ/rq+FsE5NU2A54m5hgVLH
RmHATXNfepWZmFpddvKWNo7UO2xcAhmAHjCrxtlnXCZ6e51IJujOKkqHv/YVspep
v7yJDXZRrR86553kKbr7LNe85Al9XuvZ8R+ijbaFgSV4+HkOmdjBCYC39j9ekbfd
X8AAa13YUJ1dxSKSsVgC+wiGkkxqS3SeE9E+zW5JJ162lIdG+7aXqojD8ai/0YWT
lo8jzNj6sKu5oYIZt1eJozkgkXUhHcl/uv1EXEz8V15dir27/aKVKWuuZ03VgksW
1iOvLOMHGDGwVd/UzXLRCaxXkco0maWlAxRfnT9mWHnTHRXAI8+RZSmyWCupAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUgLsQn8c4JQTmq938dTl7pL8z+g8wHwYDVR0j
BBgwFoAUBEMotYjX5qtPBJ0m+eb9uy+1GXAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xRjAwQzBBMzI0NDg0QTBFNTMyMTg5RUU2OEI0MjZBQTIy
MDMzMTQzNUJBNDUwQ0ZGQ0YzODE2QkYxMDMxOTg5LzAvMDQ0MzI4QjU4OEQ3RTZB
QjRGMDQ5RDI2RjlFNkZEQkIyRkI1MTk3MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wNDQzMjhCNTg4RDdFNkFCNEYw
NDlEMjZGOUU2RkRCQjJGQjUxOTcwLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUYwMEMwQTMyNDQ4NEEwRTUzMjE4OUVFNjhCNDI2QUEyMjAzMzE0MzVC
QTQ1MENGRkNGMzgxNkJGMTAzMTk4OS8wLzMxMzYzODJlMzEzOTM3MmUzOTM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM0MzczNjMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqMVh
MA0GCSqGSIb3DQEBCwUAA4IBAQBTNc3IXONna+30pIk9vThfU7I68f0nDegCwkmf
lDvJ/E0AKjGKImNJqB9SPfw1g9IVApe6NHeNJfvbvsSK+lO5H589ftvR4WDMhvGb
NWcv2DSIFCVO+5shAY9MTIl/wSHXVbaeIR+KwpZ0XAYutme/qncBEstCfTx9lkXm
jI4A0TH5DJQwiHTYA36ciq/HSNIBAw/Nh/U1/WLPQQ/8ykLM7xUlqujHsNomLlCc
fRdyz5nur7LWyDPf/gNORAmHc1JoCar9Gt+OvfOnyAGNaSkQJLISaLHafH7/fHZZ
mDlUT5a+nOce7hgPslRz6Enyxc9pvI1QMIXK9X7uEhULKvS/
-----END CERTIFICATE-----
Generated at Tue Nov 19 13:08:47 2024 by rpki-client on console-ams.rpki-client.org