Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/25464C9B8AD92A55446F1DB59CF02C7287BE2E0239736DBA2E6AAEEC851E35C8/0/3138362e3135312e3132382e302f31372d3234203d3e203134373534.roa
File:                     3138362e3135312e3132382e302f31372d3234203d3e203134373534.roa (raw, json)
Hash identifier:          tg9Rl9uUJogIVPAMxv+l5hygSjpbUalG4eFdWvmqtCc=
Subject key identifier:   43:82:D3:C0:4C:99:B1:46:78:C4:65:C8:C5:1C:0C:77:C6:C5:E8:F4
Certificate issuer:       /CN=30B067F4705EDF16C63ED51B9F8946787B07F237
Certificate serial:       0397AB60EDCFD40810737410245DE5ABAB06E87A
Authority key identifier: 30:B0:67:F4:70:5E:DF:16:C6:3E:D5:1B:9F:89:46:78:7B:07:F2:37
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/30B067F4705EDF16C63ED51B9F8946787B07F237.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/25464C9B8AD92A55446F1DB59CF02C7287BE2E0239736DBA2E6AAEEC851E35C8/0/3138362e3135312e3132382e302f31372d3234203d3e203134373534.roa
Signing time:             Tue 05 Mar 2024 17:42:37 +0000
ROA not before:           Tue 05 Mar 2024 17:37:37 +0000
ROA not after:            Tue 04 Mar 2025 17:42:37 +0000
asID:                     14754
IP address blocks:        186.151.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/25464C9B8AD92A55446F1DB59CF02C7287BE2E0239736DBA2E6AAEEC851E35C8/0/30B067F4705EDF16C63ED51B9F8946787B07F237.crl
                          rsync://repository.lacnic.net/rpki/lacnic/25464C9B8AD92A55446F1DB59CF02C7287BE2E0239736DBA2E6AAEEC851E35C8/0/30B067F4705EDF16C63ED51B9F8946787B07F237.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/30B067F4705EDF16C63ED51B9F8946787B07F237.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Jul 2024 11:47:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:97:ab:60:ed:cf:d4:08:10:73:74:10:24:5d:e5:ab:ab:06:e8:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30B067F4705EDF16C63ED51B9F8946787B07F237
        Validity
            Not Before: Mar  5 17:37:37 2024 GMT
            Not After : Mar  4 17:42:37 2025 GMT
        Subject: CN=4382D3C04C99B14678C465C8C51C0C77C6C5E8F4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:29:be:1e:02:f9:5d:fc:e2:53:fc:00:d9:07:
                    01:4c:d6:d6:66:a6:18:27:3c:af:6d:de:8f:e4:d5:
                    99:01:8f:e5:87:51:92:0f:80:f7:75:13:15:92:d5:
                    d4:58:a5:46:ef:60:94:19:27:38:09:cc:ca:b9:1b:
                    e8:95:ff:8d:62:6d:04:c3:4b:26:7e:28:51:a6:37:
                    4d:dc:45:83:4d:a6:94:1a:9b:ec:ed:61:60:bf:1b:
                    f0:21:6e:26:23:bb:1b:08:7d:dd:a1:c8:37:b0:a6:
                    81:67:3d:3f:ec:02:c5:da:f3:01:04:cf:c7:a6:9f:
                    14:70:ef:22:ba:29:5f:47:d4:d8:e2:d2:a4:dc:7d:
                    a0:34:20:87:99:5d:b5:fd:9c:cc:e7:d7:72:1c:da:
                    d4:18:f1:26:d9:e0:b9:73:a1:90:fb:4e:76:db:d5:
                    fe:19:f0:45:2e:43:74:26:35:16:e2:08:1b:36:03:
                    2d:4e:0a:6f:d5:3f:44:97:a0:ce:31:7f:69:24:3d:
                    14:d2:0b:a1:b9:81:c2:93:b3:31:d4:5c:8c:df:af:
                    ed:63:c4:ee:49:7e:97:be:c6:f9:ab:0a:b2:f8:0c:
                    f5:bf:b8:ab:6c:7d:a2:f6:a1:f2:fb:8c:04:f2:07:
                    0e:81:12:a8:2a:d3:34:d3:8f:c9:ad:a7:eb:e0:a3:
                    6b:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:82:D3:C0:4C:99:B1:46:78:C4:65:C8:C5:1C:0C:77:C6:C5:E8:F4
            X509v3 Authority Key Identifier:
                keyid:30:B0:67:F4:70:5E:DF:16:C6:3E:D5:1B:9F:89:46:78:7B:07:F2:37

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/25464C9B8AD92A55446F1DB59CF02C7287BE2E0239736DBA2E6AAEEC851E35C8/0/30B067F4705EDF16C63ED51B9F8946787B07F237.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/30B067F4705EDF16C63ED51B9F8946787B07F237.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/25464C9B8AD92A55446F1DB59CF02C7287BE2E0239736DBA2E6AAEEC851E35C8/0/3138362e3135312e3132382e302f31372d3234203d3e203134373534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.151.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         b3:4a:74:9a:8e:e5:10:fb:9a:b6:9b:d6:5b:ed:94:80:af:37:
         b4:b7:93:92:b6:11:7e:bb:d1:34:ad:74:34:b2:bb:8a:ef:bc:
         e7:57:99:a9:45:42:a0:a4:ba:e6:de:b4:55:3e:cb:9e:ea:ef:
         cb:a1:44:00:f1:5d:80:fd:c5:85:a5:5a:19:d2:dc:8a:c2:23:
         66:85:66:df:f8:10:ca:d9:7e:1e:48:b3:0c:25:8b:05:71:42:
         53:42:d5:e5:58:42:e2:c0:22:a3:c0:76:5a:39:ad:ee:1a:40:
         02:08:db:73:1d:86:0c:10:1f:d2:ba:3d:37:20:5b:86:a9:49:
         c2:ce:c4:25:53:d7:df:d8:6c:4b:70:fb:60:f8:67:7c:2e:af:
         d3:e8:e4:d6:ca:1a:f5:8c:87:b9:2c:7d:eb:61:d1:e0:43:a6:
         d1:64:fd:aa:7f:18:86:fd:92:cd:46:b4:7c:98:1a:3d:c1:91:
         41:58:e0:78:45:40:b3:8c:5f:76:b7:df:5e:ce:5b:dd:6a:58:
         9c:72:62:c6:20:aa:fa:1c:7f:5e:2c:87:c3:85:00:8a:73:27:
         3d:97:33:97:ac:41:9e:73:d8:1e:95:99:c3:05:3b:9e:19:22:
         77:1c:73:12:5e:8f:92:b0:96:e4:c5:9f:50:15:bb:46:f9:a9:
         b7:d3:f4:fc
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUA5erYO3P1AgQc3QQJF3lq6sG6HowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBCMDY3RjQ3MDVFREYxNkM2M0VENTFCOUY4OTQ2Nzg3
QjA3RjIzNzAeFw0yNDAzMDUxNzM3MzdaFw0yNTAzMDQxNzQyMzdaMDMxMTAvBgNV
BAMTKDQzODJEM0MwNEM5OUIxNDY3OEM0NjVDOEM1MUMwQzc3QzZDNUU4RjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsKb4eAvld/OJT/ADZBwFM1tZm
phgnPK9t3o/k1ZkBj+WHUZIPgPd1ExWS1dRYpUbvYJQZJzgJzMq5G+iV/41ibQTD
SyZ+KFGmN03cRYNNppQam+ztYWC/G/AhbiYjuxsIfd2hyDewpoFnPT/sAsXa8wEE
z8emnxRw7yK6KV9H1Nji0qTcfaA0IIeZXbX9nMzn13Ic2tQY8SbZ4LlzoZD7Tnbb
1f4Z8EUuQ3QmNRbiCBs2Ay1OCm/VP0SXoM4xf2kkPRTSC6G5gcKTszHUXIzfr+1j
xO5Jfpe+xvmrCrL4DPW/uKtsfaL2ofL7jATyBw6BEqgq0zTTj8mtp+vgo2sxAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUQ4LTwEyZsUZ4xGXIxRwMd8bF6PQwHwYDVR0j
BBgwFoAUMLBn9HBe3xbGPtUbn4lGeHsH8jcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yNTQ2NEM5QjhBRDkyQTU1NDQ2RjFEQjU5Q0YwMkM3Mjg3
QkUyRTAyMzk3MzZEQkEyRTZBQUVFQzg1MUUzNUM4LzAvMzBCMDY3RjQ3MDVFREYx
NkM2M0VENTFCOUY4OTQ2Nzg3QjA3RjIzNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zMEIwNjdGNDcwNUVERjE2QzYz
RUQ1MUI5Rjg5NDY3ODdCMDdGMjM3LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjU0NjRDOUI4QUQ5MkE1NTQ0NkYxREI1OUNGMDJDNzI4N0JFMkUwMjM5
NzM2REJBMkU2QUFFRUM4NTFFMzVDOC8wLzMxMzgzNjJlMzEzNTMxMmUzMTMyMzgy
ZTMwMmYzMTM3MmQzMjM0MjAzZDNlMjAzMTM0MzczNTM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHupeA
MA0GCSqGSIb3DQEBCwUAA4IBAQCzSnSajuUQ+5q2m9Zb7ZSArze0t5OSthF+u9E0
rXQ0sruK77znV5mpRUKgpLrm3rRVPsue6u/LoUQA8V2A/cWFpVoZ0tyKwiNmhWbf
+BDK2X4eSLMMJYsFcUJTQtXlWELiwCKjwHZaOa3uGkACCNtzHYYMEB/Suj03IFuG
qUnCzsQlU9ff2GxLcPtg+Gd8Lq/T6OTWyhr1jIe5LH3rYdHgQ6bRZP2qfxiG/ZLN
RrR8mBo9wZFBWOB4RUCzjF92t99ezlvdaliccmLGIKr6HH9eLIfDhQCKcyc9lzOX
rEGec9gelZnDBTueGSJ3HHMSXo+SsJbkxZ9QFbtG+am30/T8
-----END CERTIFICATE-----
Generated at Mon Jul 15 00:15:22 2024 by rpki-client on console-fra.rpki-client.org