Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1F174878F65C3099DEE26EA2965185DD2C010153C5DC343723B50A4060A8A0EA/0/3138362e32362e302e302f31382d3230203d3e203237383839.roa
File:                     3138362e32362e302e302f31382d3230203d3e203237383839.roa (raw, json)
Hash identifier:          xu7FYtT9PxFvye5Jv3qPF1tQY1VYSHVUK78K50PGILQ=
Subject key identifier:   C2:BD:D2:0B:E4:40:50:3C:9A:AB:CA:06:B0:45:67:AD:36:6A:ED:87
Certificate issuer:       /CN=3D2C065C974E700B1369EDF4ADBE1BD11272B09A
Certificate serial:       085BED4F2F8232568BC0B13760F0B80905133BDB
Authority key identifier: 3D:2C:06:5C:97:4E:70:0B:13:69:ED:F4:AD:BE:1B:D1:12:72:B0:9A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D2C065C974E700B1369EDF4ADBE1BD11272B09A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1F174878F65C3099DEE26EA2965185DD2C010153C5DC343723B50A4060A8A0EA/0/3138362e32362e302e302f31382d3230203d3e203237383839.roa
Signing time:             Tue 05 Mar 2024 18:18:24 +0000
ROA not before:           Tue 05 Mar 2024 18:13:24 +0000
ROA not after:            Tue 04 Mar 2025 18:18:24 +0000
asID:                     27889
IP address blocks:        186.26.0.0/18 maxlen: 20

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1F174878F65C3099DEE26EA2965185DD2C010153C5DC343723B50A4060A8A0EA/0/3D2C065C974E700B1369EDF4ADBE1BD11272B09A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1F174878F65C3099DEE26EA2965185DD2C010153C5DC343723B50A4060A8A0EA/0/3D2C065C974E700B1369EDF4ADBE1BD11272B09A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D2C065C974E700B1369EDF4ADBE1BD11272B09A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 29 Nov 2024 03:21:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:5b:ed:4f:2f:82:32:56:8b:c0:b1:37:60:f0:b8:09:05:13:3b:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3D2C065C974E700B1369EDF4ADBE1BD11272B09A
        Validity
            Not Before: Mar  5 18:13:24 2024 GMT
            Not After : Mar  4 18:18:24 2025 GMT
        Subject: CN=C2BDD20BE440503C9AABCA06B04567AD366AED87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:61:2f:bf:39:0a:5b:d1:3a:d2:7b:f7:90:fe:
                    52:fd:02:f8:47:3f:1b:f5:88:7b:23:c5:f7:43:96:
                    de:b4:3b:c8:2d:2e:9e:78:05:27:dc:e6:ff:66:3e:
                    24:4e:9d:24:7c:df:cb:4e:27:88:e2:6a:b1:fc:9a:
                    19:d3:92:da:a4:0f:03:66:6a:28:db:2a:33:89:c9:
                    24:6e:e5:b2:2a:c1:77:21:35:a2:d2:bb:65:8c:35:
                    29:f9:2d:ef:5a:34:c5:e0:d5:ef:54:af:ec:bf:1b:
                    79:55:14:b8:a4:80:5b:60:f0:76:b1:8c:66:09:83:
                    14:13:91:d8:41:51:45:cc:1b:89:ec:91:39:7f:69:
                    e1:ba:43:e1:07:8a:22:d3:a3:0c:0d:91:fe:27:be:
                    b3:5a:c4:f1:c2:74:95:cd:4f:f0:b2:2d:d1:a9:3c:
                    38:61:89:51:ad:27:f1:e4:24:34:ad:2b:d9:8c:02:
                    3c:6f:e1:c3:19:6b:10:bd:6a:c2:b7:6b:c6:4b:c9:
                    fd:3c:93:71:9d:b6:b4:6a:13:93:46:d8:e3:56:9a:
                    4a:0c:e9:d2:4a:66:39:c3:5e:e8:02:54:23:14:ba:
                    ea:da:77:06:d6:df:b7:51:33:43:39:5e:8a:b0:a2:
                    da:7b:20:ca:76:47:11:65:1f:38:14:38:07:1f:c4:
                    74:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:BD:D2:0B:E4:40:50:3C:9A:AB:CA:06:B0:45:67:AD:36:6A:ED:87
            X509v3 Authority Key Identifier:
                keyid:3D:2C:06:5C:97:4E:70:0B:13:69:ED:F4:AD:BE:1B:D1:12:72:B0:9A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1F174878F65C3099DEE26EA2965185DD2C010153C5DC343723B50A4060A8A0EA/0/3D2C065C974E700B1369EDF4ADBE1BD11272B09A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D2C065C974E700B1369EDF4ADBE1BD11272B09A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1F174878F65C3099DEE26EA2965185DD2C010153C5DC343723B50A4060A8A0EA/0/3138362e32362e302e302f31382d3230203d3e203237383839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.26.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         8d:1c:dc:67:eb:f7:24:6f:a7:56:ac:e9:b9:5b:40:d2:d0:c5:
         1d:5d:1f:45:6e:7a:67:b4:98:ea:31:cb:68:88:8b:ef:50:70:
         32:03:ee:aa:2d:89:05:10:bc:61:ff:82:0c:12:05:60:66:8b:
         bf:78:d0:6a:78:33:b0:c4:68:ea:81:fd:fd:22:b1:68:ea:79:
         0a:30:44:38:b1:9a:18:d6:48:c0:ac:c1:5c:bd:c7:cc:7d:d4:
         91:92:aa:3f:2b:d5:39:c8:cc:51:2c:b4:30:77:c2:19:82:78:
         88:7c:8f:e5:5c:b3:3b:90:e8:2b:39:b1:3f:7a:07:58:4b:65:
         05:3b:34:0d:f9:61:1f:84:08:cc:3b:c4:d2:a6:20:86:a4:5d:
         92:9b:83:21:07:e5:60:92:ee:4d:46:16:f1:c2:37:1e:af:c3:
         ba:ff:6d:6f:a0:32:1c:63:1c:53:4d:b5:36:90:f0:39:06:66:
         62:92:71:b1:21:ab:4e:a7:a4:94:9f:1b:ec:6a:c7:f5:99:ec:
         03:37:9e:8c:50:90:b4:ba:c3:af:68:f2:78:eb:fa:b7:65:94:
         a2:6d:36:19:bb:7e:af:fc:24:20:f3:60:ec:96:43:24:3c:f9:
         87:1c:0f:db:7e:f9:f4:8b:92:67:ca:05:72:c0:f6:5f:30:88:
         53:0d:4a:d2
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUCFvtTy+CMlaLwLE3YPC4CQUTO9swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0QyQzA2NUM5NzRFNzAwQjEzNjlFREY0QURCRTFCRDEx
MjcyQjA5QTAeFw0yNDAzMDUxODEzMjRaFw0yNTAzMDQxODE4MjRaMDMxMTAvBgNV
BAMTKEMyQkREMjBCRTQ0MDUwM0M5QUFCQ0EwNkIwNDU2N0FEMzY2QUVEODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrYS+/OQpb0TrSe/eQ/lL9AvhH
Pxv1iHsjxfdDlt60O8gtLp54BSfc5v9mPiROnSR838tOJ4jiarH8mhnTktqkDwNm
aijbKjOJySRu5bIqwXchNaLSu2WMNSn5Le9aNMXg1e9Ur+y/G3lVFLikgFtg8Hax
jGYJgxQTkdhBUUXMG4nskTl/aeG6Q+EHiiLTowwNkf4nvrNaxPHCdJXNT/CyLdGp
PDhhiVGtJ/HkJDStK9mMAjxv4cMZaxC9asK3a8ZLyf08k3GdtrRqE5NG2ONWmkoM
6dJKZjnDXugCVCMUuuradwbW37dRM0M5Xoqwotp7IMp2RxFlHzgUOAcfxHSlAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUwr3SC+RAUDyaq8oGsEVnrTZq7YcwHwYDVR0j
BBgwFoAUPSwGXJdOcAsTae30rb4b0RJysJowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xRjE3NDg3OEY2NUMzMDk5REVFMjZFQTI5NjUxODVERDJD
MDEwMTUzQzVEQzM0MzcyM0I1MEE0MDYwQThBMEVBLzAvM0QyQzA2NUM5NzRFNzAw
QjEzNjlFREY0QURCRTFCRDExMjcyQjA5QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRDJDMDY1Qzk3NEU3MDBCMTM2
OUVERjRBREJFMUJEMTEyNzJCMDlBLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUYxNzQ4NzhGNjVDMzA5OURFRTI2RUEyOTY1MTg1REQyQzAxMDE1M0M1
REMzNDM3MjNCNTBBNDA2MEE4QTBFQS8wLzMxMzgzNjJlMzIzNjJlMzAyZTMwMmYz
MTM4MmQzMjMwMjAzZDNlMjAzMjM3MzgzODM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGuhoAMA0GCSqG
SIb3DQEBCwUAA4IBAQCNHNxn6/ckb6dWrOm5W0DS0MUdXR9FbnpntJjqMctoiIvv
UHAyA+6qLYkFELxh/4IMEgVgZou/eNBqeDOwxGjqgf39IrFo6nkKMEQ4sZoY1kjA
rMFcvcfMfdSRkqo/K9U5yMxRLLQwd8IZgniIfI/lXLM7kOgrObE/egdYS2UFOzQN
+WEfhAjMO8TSpiCGpF2Sm4MhB+Vgku5NRhbxwjcer8O6/21voDIcYxxTTbU2kPA5
BmZiknGxIatOp6SUnxvsasf1mewDN56MUJC0usOvaPJ46/q3ZZSibTYZu36v/CQg
82DslkMkPPmHHA/bfvn0i5JnygVywPZfMIhTDUrS
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:20:20 2024 by rpki-client on console-ams.rpki-client.org