Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/21F5134D3F7842FC83A15DEBA24B51C70BE726DAF9F2D16AC545EEAD744327FE/0/3138312e3137342e3132382e302f31392d3234203d3e203532333038.roa
File:                     3138312e3137342e3132382e302f31392d3234203d3e203532333038.roa (raw, json)
Hash identifier:          +SyUWCWCkpmVr0dyyyof1drHE280t5hMPN8hyxwmo6c=
Subject key identifier:   7F:2A:D8:1D:64:9B:81:CF:7C:79:A3:A7:F9:99:72:C1:CD:92:BB:F7
Certificate issuer:       /CN=8C02E0E579C60369B9E5962BC7E700427B6915B6
Certificate serial:       39E801D1BAD43344847ADA37561BB9ECCDAF51D9
Authority key identifier: 8C:02:E0:E5:79:C6:03:69:B9:E5:96:2B:C7:E7:00:42:7B:69:15:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8C02E0E579C60369B9E5962BC7E700427B6915B6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/21F5134D3F7842FC83A15DEBA24B51C70BE726DAF9F2D16AC545EEAD744327FE/0/3138312e3137342e3132382e302f31392d3234203d3e203532333038.roa
Signing time:             Tue 05 Mar 2024 18:00:02 +0000
ROA not before:           Tue 05 Mar 2024 17:55:02 +0000
ROA not after:            Tue 04 Mar 2025 18:00:02 +0000
asID:                     52308
IP address blocks:        181.174.128.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/21F5134D3F7842FC83A15DEBA24B51C70BE726DAF9F2D16AC545EEAD744327FE/0/8C02E0E579C60369B9E5962BC7E700427B6915B6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/21F5134D3F7842FC83A15DEBA24B51C70BE726DAF9F2D16AC545EEAD744327FE/0/8C02E0E579C60369B9E5962BC7E700427B6915B6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8C02E0E579C60369B9E5962BC7E700427B6915B6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:e8:01:d1:ba:d4:33:44:84:7a:da:37:56:1b:b9:ec:cd:af:51:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8C02E0E579C60369B9E5962BC7E700427B6915B6
        Validity
            Not Before: Mar  5 17:55:02 2024 GMT
            Not After : Mar  4 18:00:02 2025 GMT
        Subject: CN=7F2AD81D649B81CF7C79A3A7F99972C1CD92BBF7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e4:02:b4:70:4d:1d:7f:93:1d:00:03:f4:5b:
                    2f:e6:cd:d5:1d:cb:fb:9d:06:a4:6b:1d:8d:ca:bc:
                    b3:4a:47:a3:f5:26:fc:d4:38:cf:b1:e1:a3:4e:40:
                    4b:41:5d:05:b4:ba:b0:c3:2f:2f:1d:de:d8:e3:39:
                    0c:00:c9:bf:03:b6:3b:7e:36:3d:a8:0a:8c:89:8e:
                    a5:01:e1:96:db:4c:60:29:27:a4:ae:64:f8:87:37:
                    34:05:82:07:90:b6:e7:13:e1:cb:3d:a8:e9:4f:6a:
                    07:04:b4:65:ad:a3:93:14:99:9a:b4:79:cd:2d:ce:
                    b4:2b:e7:36:c6:ad:d0:ec:6d:12:b2:4a:71:0f:c0:
                    4d:65:10:c1:cf:fb:5d:ae:be:c1:f3:44:1d:a6:f5:
                    a8:a0:65:ea:12:cf:f9:72:6c:c7:51:cf:43:8e:a9:
                    a7:94:f5:9a:b0:67:d5:e5:08:1c:ac:68:e9:01:ea:
                    fb:d8:b5:63:c2:64:b5:25:d4:ec:91:46:33:c5:79:
                    03:4a:df:2a:bd:55:2a:30:a5:33:52:7d:9c:cf:de:
                    98:18:71:a1:e5:90:74:0d:a7:f2:d5:3d:0f:eb:11:
                    4b:c7:df:72:32:c1:3d:15:d8:db:ac:ce:20:e3:e1:
                    8d:aa:eb:c2:e0:0b:b8:6a:78:47:9a:42:2e:ae:d0:
                    a0:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:2A:D8:1D:64:9B:81:CF:7C:79:A3:A7:F9:99:72:C1:CD:92:BB:F7
            X509v3 Authority Key Identifier:
                keyid:8C:02:E0:E5:79:C6:03:69:B9:E5:96:2B:C7:E7:00:42:7B:69:15:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/21F5134D3F7842FC83A15DEBA24B51C70BE726DAF9F2D16AC545EEAD744327FE/0/8C02E0E579C60369B9E5962BC7E700427B6915B6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8C02E0E579C60369B9E5962BC7E700427B6915B6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/21F5134D3F7842FC83A15DEBA24B51C70BE726DAF9F2D16AC545EEAD744327FE/0/3138312e3137342e3132382e302f31392d3234203d3e203532333038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.174.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         c0:30:3b:59:59:8a:70:5a:e0:df:66:a8:c1:c2:d7:f7:2b:14:
         b5:40:9d:d2:ac:41:1d:8e:a6:fd:17:49:f4:a3:d6:7d:26:c1:
         12:ab:30:7e:34:97:0c:9a:15:d8:fd:0f:ab:2a:57:7b:86:2a:
         27:ad:be:5f:42:ec:1a:95:56:e0:0a:15:ef:3e:98:1e:52:35:
         d1:45:db:14:59:ef:61:8f:38:26:0e:fe:4f:aa:06:c7:58:7b:
         c5:fa:a4:85:46:19:83:c4:82:94:56:d9:ed:08:a6:e7:01:c2:
         fc:45:97:09:ad:31:13:ec:50:eb:e3:c5:96:df:51:3f:dc:84:
         14:a0:dc:cc:93:a3:49:7e:d6:12:0c:0b:b4:54:fd:00:1e:1a:
         db:c4:db:f1:df:9a:94:bd:e4:b9:f9:b3:d8:a0:17:a2:fe:dd:
         d9:31:36:35:a8:71:70:fb:6f:57:db:70:77:1b:54:4a:fa:53:
         c5:d9:03:27:a0:08:7e:f5:17:c2:8f:3e:60:0d:66:45:2a:41:
         56:ae:94:ef:2a:a2:f4:71:40:e4:cd:ff:4e:65:0f:9f:a4:f5:
         c5:fe:8b:9a:9f:10:e7:7d:21:a1:9e:fb:39:83:02:6a:59:c6:
         78:42:8b:fd:a6:ed:b3:c7:9f:28:70:8d:4c:99:67:9b:3e:b8:
         fc:f2:07:c9
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUOegB0brUM0SEeto3Vhu57M2vUdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEMwMkUwRTU3OUM2MDM2OUI5RTU5NjJCQzdFNzAwNDI3
QjY5MTVCNjAeFw0yNDAzMDUxNzU1MDJaFw0yNTAzMDQxODAwMDJaMDMxMTAvBgNV
BAMTKDdGMkFEODFENjQ5QjgxQ0Y3Qzc5QTNBN0Y5OTk3MkMxQ0Q5MkJCRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC25AK0cE0df5MdAAP0Wy/mzdUd
y/udBqRrHY3KvLNKR6P1JvzUOM+x4aNOQEtBXQW0urDDLy8d3tjjOQwAyb8Dtjt+
Nj2oCoyJjqUB4ZbbTGApJ6SuZPiHNzQFggeQtucT4cs9qOlPagcEtGWto5MUmZq0
ec0tzrQr5zbGrdDsbRKySnEPwE1lEMHP+12uvsHzRB2m9aigZeoSz/lybMdRz0OO
qaeU9ZqwZ9XlCBysaOkB6vvYtWPCZLUl1OyRRjPFeQNK3yq9VSowpTNSfZzP3pgY
caHlkHQNp/LVPQ/rEUvH33IywT0V2NusziDj4Y2q68LgC7hqeEeaQi6u0KD1AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUfyrYHWSbgc98eaOn+Zlywc2Su/cwHwYDVR0j
BBgwFoAUjALg5XnGA2m55ZYrx+cAQntpFbYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMUY1MTM0RDNGNzg0MkZDODNBMTVERUJBMjRCNTFDNzBC
RTcyNkRBRjlGMkQxNkFDNTQ1RUVBRDc0NDMyN0ZFLzAvOEMwMkUwRTU3OUM2MDM2
OUI5RTU5NjJCQzdFNzAwNDI3QjY5MTVCNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84QzAyRTBFNTc5QzYwMzY5QjlF
NTk2MkJDN0U3MDA0MjdCNjkxNUI2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjFGNTEzNEQzRjc4NDJGQzgzQTE1REVCQTI0QjUxQzcwQkU3MjZEQUY5
RjJEMTZBQzU0NUVFQUQ3NDQzMjdGRS8wLzMxMzgzMTJlMzEzNzM0MmUzMTMyMzgy
ZTMwMmYzMTM5MmQzMjM0MjAzZDNlMjAzNTMyMzMzMDM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFta6A
MA0GCSqGSIb3DQEBCwUAA4IBAQDAMDtZWYpwWuDfZqjBwtf3KxS1QJ3SrEEdjqb9
F0n0o9Z9JsESqzB+NJcMmhXY/Q+rKld7hionrb5fQuwalVbgChXvPpgeUjXRRdsU
We9hjzgmDv5PqgbHWHvF+qSFRhmDxIKUVtntCKbnAcL8RZcJrTET7FDr48WW31E/
3IQUoNzMk6NJftYSDAu0VP0AHhrbxNvx35qUveS5+bPYoBei/t3ZMTY1qHFw+29X
23B3G1RK+lPF2QMnoAh+9RfCjz5gDWZFKkFWrpTvKqL0cUDkzf9OZQ+fpPXF/oua
nxDnfSGhnvs5gwJqWcZ4Qov9pu2zx58ocI1MmWebPrj88gfJ
-----END CERTIFICATE-----
Generated at Tue Nov 19 18:42:44 2024 by rpki-client on console-fra.rpki-client.org