Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/23B7C697E988C14728015F75AD4BD621755BB39870EA2831B3CD053B988533F1/0/3134382e3230382e3131322e302f32342d3234203d3e20323730313439.roa
File:                     3134382e3230382e3131322e302f32342d3234203d3e20323730313439.roa (raw, json)
Hash identifier:          vQteO+7Y8l4OpSApAcDvnC525366JbZvttXItu4hq0g=
Subject key identifier:   4F:27:5C:8B:D2:A4:81:58:6B:B2:E1:E9:93:92:FA:59:5F:BA:B2:5C
Certificate issuer:       /CN=8A1267DCB4DC6FFA9FCDD7FEA9D7F9F78C3791DB
Certificate serial:       1DA76E34F623A5B61FEFEAB0AACAD6F8995EAFB1
Authority key identifier: 8A:12:67:DC:B4:DC:6F:FA:9F:CD:D7:FE:A9:D7:F9:F7:8C:37:91:DB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8A1267DCB4DC6FFA9FCDD7FEA9D7F9F78C3791DB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/23B7C697E988C14728015F75AD4BD621755BB39870EA2831B3CD053B988533F1/0/3134382e3230382e3131322e302f32342d3234203d3e20323730313439.roa
Signing time:             Tue 05 Mar 2024 17:42:21 +0000
ROA not before:           Tue 05 Mar 2024 17:37:21 +0000
ROA not after:            Tue 04 Mar 2025 17:42:21 +0000
asID:                     270149
IP address blocks:        148.208.112.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/23B7C697E988C14728015F75AD4BD621755BB39870EA2831B3CD053B988533F1/0/8A1267DCB4DC6FFA9FCDD7FEA9D7F9F78C3791DB.crl
                          rsync://repository.lacnic.net/rpki/lacnic/23B7C697E988C14728015F75AD4BD621755BB39870EA2831B3CD053B988533F1/0/8A1267DCB4DC6FFA9FCDD7FEA9D7F9F78C3791DB.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8A1267DCB4DC6FFA9FCDD7FEA9D7F9F78C3791DB.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:a7:6e:34:f6:23:a5:b6:1f:ef:ea:b0:aa:ca:d6:f8:99:5e:af:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8A1267DCB4DC6FFA9FCDD7FEA9D7F9F78C3791DB
        Validity
            Not Before: Mar  5 17:37:21 2024 GMT
            Not After : Mar  4 17:42:21 2025 GMT
        Subject: CN=4F275C8BD2A481586BB2E1E99392FA595FBAB25C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:0c:21:f1:7a:29:c9:0a:ed:6f:93:af:71:b6:
                    4c:62:79:22:c1:5c:3a:20:e7:fb:b2:67:75:81:dc:
                    f6:4e:6d:24:74:da:73:05:34:a3:90:d0:f1:7a:53:
                    43:0c:a8:cf:d1:b8:40:c8:dd:36:65:96:6c:b2:d0:
                    22:ae:9e:30:f8:71:9d:09:48:a1:2c:58:a9:0a:19:
                    a2:ee:54:e4:82:b3:bf:90:5b:41:10:a9:9f:4c:b7:
                    52:f2:00:8a:29:61:d7:12:cc:f8:80:56:15:08:db:
                    56:f4:c8:ec:ea:d0:fb:49:67:80:59:93:75:8d:83:
                    d0:be:05:a3:d9:2d:f5:9c:14:20:3e:be:97:2f:2d:
                    32:cb:4e:89:a7:60:71:12:4e:ed:94:c5:8d:54:59:
                    9a:b6:03:4a:56:0a:75:8c:6d:bf:07:c5:0a:84:c0:
                    3a:41:c4:ef:84:6a:85:16:62:96:e6:70:59:e2:66:
                    f3:00:1d:58:a5:c1:12:be:53:3f:b1:f3:25:26:21:
                    31:86:4c:fe:ea:cc:e4:1e:1d:4a:d0:1f:8c:2c:05:
                    59:d1:32:e4:0a:45:f1:39:39:57:ed:34:5f:91:1c:
                    36:aa:e8:db:6a:05:4e:25:9e:c9:19:9b:c3:1c:82:
                    b1:c2:1d:0c:81:a3:54:45:51:ed:a2:7a:9a:ab:ef:
                    43:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:27:5C:8B:D2:A4:81:58:6B:B2:E1:E9:93:92:FA:59:5F:BA:B2:5C
            X509v3 Authority Key Identifier:
                keyid:8A:12:67:DC:B4:DC:6F:FA:9F:CD:D7:FE:A9:D7:F9:F7:8C:37:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/23B7C697E988C14728015F75AD4BD621755BB39870EA2831B3CD053B988533F1/0/8A1267DCB4DC6FFA9FCDD7FEA9D7F9F78C3791DB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8A1267DCB4DC6FFA9FCDD7FEA9D7F9F78C3791DB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/23B7C697E988C14728015F75AD4BD621755BB39870EA2831B3CD053B988533F1/0/3134382e3230382e3131322e302f32342d3234203d3e20323730313439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.208.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:d6:a1:39:c1:da:94:14:2e:89:6b:ba:c9:06:a6:b2:a4:54:
         f2:7c:fd:56:a8:84:a5:fd:33:bd:ce:ec:7b:19:e5:98:2a:9b:
         46:33:2b:82:e4:4c:6b:50:63:35:50:8f:50:8b:25:0f:d0:85:
         00:5f:19:91:74:5e:cc:aa:67:80:52:11:7b:9b:77:6d:34:3a:
         42:b3:ef:45:61:3c:12:b2:bc:10:ed:d8:1e:d9:cb:9b:e9:8e:
         41:c5:f3:dd:ba:1e:20:9e:c8:c1:2f:3e:8d:8b:52:6c:cc:72:
         88:d0:1e:50:c6:e4:17:4c:44:76:a3:e0:fc:61:77:4c:ed:82:
         a2:5a:0e:c8:b3:dd:a3:cd:db:b0:50:ee:79:e3:d7:f2:dd:67:
         88:20:e9:b1:44:10:3e:4d:6c:0b:60:cb:8a:eb:a3:19:f0:40:
         55:51:5c:46:d3:cd:15:0e:32:94:b7:3f:6b:56:dc:88:9e:b2:
         c0:70:2a:5a:dc:b9:81:c0:1d:cb:9c:35:45:55:a6:ca:a0:2d:
         a1:cd:04:08:26:b2:64:07:38:49:1c:d6:f3:42:d8:8c:48:4d:
         fa:4e:13:8e:4e:a8:bb:39:0b:47:80:65:84:75:66:b8:78:2e:
         ef:b0:c8:fd:6d:a0:cb:1a:cb:ec:9f:d8:a2:22:37:4f:2c:c7:
         f1:47:24:13
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUHaduNPYjpbYf7+qwqsrW+Jler7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEExMjY3RENCNERDNkZGQTlGQ0REN0ZFQTlEN0Y5Rjc4
QzM3OTFEQjAeFw0yNDAzMDUxNzM3MjFaFw0yNTAzMDQxNzQyMjFaMDMxMTAvBgNV
BAMTKDRGMjc1QzhCRDJBNDgxNTg2QkIyRTFFOTkzOTJGQTU5NUZCQUIyNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/DCHxeinJCu1vk69xtkxieSLB
XDog5/uyZ3WB3PZObSR02nMFNKOQ0PF6U0MMqM/RuEDI3TZllmyy0CKunjD4cZ0J
SKEsWKkKGaLuVOSCs7+QW0EQqZ9Mt1LyAIopYdcSzPiAVhUI21b0yOzq0PtJZ4BZ
k3WNg9C+BaPZLfWcFCA+vpcvLTLLTomnYHESTu2UxY1UWZq2A0pWCnWMbb8HxQqE
wDpBxO+EaoUWYpbmcFniZvMAHVilwRK+Uz+x8yUmITGGTP7qzOQeHUrQH4wsBVnR
MuQKRfE5OVftNF+RHDaq6NtqBU4lnskZm8McgrHCHQyBo1RFUe2iepqr70MfAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUTydci9KkgVhrsuHpk5L6WV+6slwwHwYDVR0j
BBgwFoAUihJn3LTcb/qfzdf+qdf594w3kdswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yM0I3QzY5N0U5ODhDMTQ3MjgwMTVGNzVBRDRCRDYyMTc1
NUJCMzk4NzBFQTI4MzFCM0NEMDUzQjk4ODUzM0YxLzAvOEExMjY3RENCNERDNkZG
QTlGQ0REN0ZFQTlEN0Y5Rjc4QzM3OTFEQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84QTEyNjdEQ0I0REM2RkZBOUZD
REQ3RkVBOUQ3RjlGNzhDMzc5MURCLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjNCN0M2OTdFOTg4QzE0NzI4MDE1Rjc1QUQ0QkQ2MjE3NTVCQjM5ODcw
RUEyODMxQjNDRDA1M0I5ODg1MzNGMS8wLzMxMzQzODJlMzIzMDM4MmUzMTMxMzIy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzAzMTM0Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACU
0HAwDQYJKoZIhvcNAQELBQADggEBAD/WoTnB2pQULolruskGprKkVPJ8/VaohKX9
M73O7HsZ5Zgqm0YzK4LkTGtQYzVQj1CLJQ/QhQBfGZF0XsyqZ4BSEXubd200OkKz
70VhPBKyvBDt2B7Zy5vpjkHF8926HiCeyMEvPo2LUmzMcojQHlDG5BdMRHaj4Pxh
d0ztgqJaDsiz3aPN27BQ7nnj1/LdZ4gg6bFEED5NbAtgy4rroxnwQFVRXEbTzRUO
MpS3P2tW3IiessBwKlrcuYHAHcucNUVVpsqgLaHNBAgmsmQHOEkc1vNC2IxITfpO
E45OqLs5C0eAZYR1Zrh4Lu+wyP1toMsay+yf2KIiN08sx/FHJBM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 00:19:39 2024 by rpki-client on console-fra.rpki-client.org