Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/3133382e3138352e32382e302f32342d3234203d3e20323633383137.roa
File:                     3133382e3138352e32382e302f32342d3234203d3e20323633383137.roa (raw, json)
Hash identifier:          SJFXqJfWU/aYHbW9tcckHxxWhwj6swUDxWmctTio/+s=
Subject key identifier:   54:9E:94:26:35:A6:51:7E:50:D9:85:4F:05:6A:74:A2:76:DE:84:D6
Certificate issuer:       /CN=BE7683A0995880FB51F3BF98293EDECD286AF6A3
Certificate serial:       6878F35D6EF4C3E0B41741B63CE1CD691904B2EB
Authority key identifier: BE:76:83:A0:99:58:80:FB:51:F3:BF:98:29:3E:DE:CD:28:6A:F6:A3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/3133382e3138352e32382e302f32342d3234203d3e20323633383137.roa
Signing time:             Tue 05 Mar 2024 17:47:25 +0000
ROA not before:           Tue 05 Mar 2024 17:42:25 +0000
ROA not after:            Tue 04 Mar 2025 17:47:25 +0000
asID:                     263817
IP address blocks:        138.185.28.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 21 Jul 2024 00:45:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:78:f3:5d:6e:f4:c3:e0:b4:17:41:b6:3c:e1:cd:69:19:04:b2:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BE7683A0995880FB51F3BF98293EDECD286AF6A3
        Validity
            Not Before: Mar  5 17:42:25 2024 GMT
            Not After : Mar  4 17:47:25 2025 GMT
        Subject: CN=549E942635A6517E50D9854F056A74A276DE84D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:ed:90:ad:fa:9a:eb:58:e1:d8:d1:2d:8b:53:
                    2f:7b:af:69:60:37:ca:5b:fb:cc:8f:df:c1:a7:c6:
                    8b:48:b7:66:3e:9f:88:1b:d4:a5:71:64:c3:b0:87:
                    e0:5c:a4:df:33:3c:16:8a:c8:83:41:07:83:32:34:
                    2f:62:f1:69:42:e8:fc:29:58:88:be:6f:e2:a1:fd:
                    51:44:50:5b:1b:3b:3c:93:f6:fc:8f:b5:07:a5:41:
                    9c:86:e6:cd:45:ea:af:1f:c4:8f:70:86:8f:47:49:
                    87:09:8f:c4:e0:51:98:a4:67:72:78:12:cf:38:61:
                    29:53:ed:88:ed:3d:a6:b9:84:0d:49:71:2a:7c:7e:
                    03:6f:91:44:6d:7b:6b:e6:78:fe:fe:4c:da:4d:eb:
                    a5:97:6d:f5:10:21:b2:92:b9:17:fa:a4:15:9e:a8:
                    b3:70:dc:ac:d8:15:65:34:8b:67:4b:b7:29:61:8c:
                    86:d4:5d:c0:91:f5:de:68:f4:93:87:ae:b2:ad:a3:
                    f5:73:84:2c:d4:2d:80:bb:bc:26:8a:ce:85:3a:a8:
                    e8:e3:22:95:53:31:4c:80:d3:89:fe:ac:d9:6f:be:
                    88:35:c7:e2:ba:25:e7:85:42:13:99:2b:52:64:b8:
                    3d:5e:47:8c:d4:f8:9e:98:4e:bc:c5:64:2e:6e:61:
                    5c:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:9E:94:26:35:A6:51:7E:50:D9:85:4F:05:6A:74:A2:76:DE:84:D6
            X509v3 Authority Key Identifier:
                keyid:BE:76:83:A0:99:58:80:FB:51:F3:BF:98:29:3E:DE:CD:28:6A:F6:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/3133382e3138352e32382e302f32342d3234203d3e20323633383137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.185.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:a6:d2:d9:ed:81:c0:21:ff:90:e4:38:66:3a:c9:2a:13:1d:
         5f:75:10:85:bf:08:8f:f3:eb:eb:d3:e7:0b:96:f6:04:0f:e4:
         0a:67:94:5f:be:d5:d4:27:97:82:bd:18:1f:8a:f5:b5:13:13:
         a0:20:98:d1:cf:2c:ac:24:08:b9:7c:79:20:1e:e8:9c:d6:7d:
         87:75:a9:2e:45:cd:1f:b6:f8:37:cd:b9:6d:b0:c5:cf:1a:e4:
         b0:b7:79:89:52:5b:a0:52:42:f0:19:c4:0b:2d:b0:1e:f5:cf:
         32:53:85:37:7a:b9:9d:92:53:df:c1:7e:a5:90:fd:0c:09:9e:
         6c:2b:40:a2:82:c2:c5:48:fb:11:c8:ef:c3:46:c8:f5:39:84:
         f4:c6:36:88:84:9a:3f:3a:2b:59:15:86:d9:6f:93:0e:54:63:
         7c:56:49:b1:55:58:52:c2:c5:b6:6c:b4:4c:52:d6:37:74:e3:
         79:9c:3f:00:eb:4a:2b:3e:a6:6d:15:a4:a8:f4:ee:eb:99:55:
         27:70:ca:46:be:78:17:13:1e:9a:26:78:f6:d8:a7:eb:49:54:
         7e:71:e4:44:4b:c9:2a:dd:0d:c3:e8:2c:2b:1e:d5:0f:54:87:
         07:6c:db:f7:b1:1c:1f:e9:d4:de:a6:49:98:d7:1e:84:b6:48:
         b0:3d:91:23
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUaHjzXW70w+C0F0G2POHNaRkEsuswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkU3NjgzQTA5OTU4ODBGQjUxRjNCRjk4MjkzRURFQ0Qy
ODZBRjZBMzAeFw0yNDAzMDUxNzQyMjVaFw0yNTAzMDQxNzQ3MjVaMDMxMTAvBgNV
BAMTKDU0OUU5NDI2MzVBNjUxN0U1MEQ5ODU0RjA1NkE3NEEyNzZERTg0RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq7ZCt+prrWOHY0S2LUy97r2lg
N8pb+8yP38GnxotIt2Y+n4gb1KVxZMOwh+BcpN8zPBaKyINBB4MyNC9i8WlC6Pwp
WIi+b+Kh/VFEUFsbOzyT9vyPtQelQZyG5s1F6q8fxI9who9HSYcJj8TgUZikZ3J4
Es84YSlT7YjtPaa5hA1JcSp8fgNvkURte2vmeP7+TNpN66WXbfUQIbKSuRf6pBWe
qLNw3KzYFWU0i2dLtylhjIbUXcCR9d5o9JOHrrKto/VzhCzULYC7vCaKzoU6qOjj
IpVTMUyA04n+rNlvvog1x+K6JeeFQhOZK1JkuD1eR4zU+J6YTrzFZC5uYVxTAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUVJ6UJjWmUX5Q2YVPBWp0onbehNYwHwYDVR0j
BBgwFoAUvnaDoJlYgPtR87+YKT7ezShq9qMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yODgwMjRERTg3MzYwMzMxNTQxNTEyNTM1MjU1OThDRUM4
OUI5QTBERTA3NTExN0IxM0E2MEM4QjcxMjhFMkQwLzAvQkU3NjgzQTA5OTU4ODBG
QjUxRjNCRjk4MjkzRURFQ0QyODZBRjZBMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CRTc2ODNBMDk5NTg4MEZCNTFG
M0JGOTgyOTNFREVDRDI4NkFGNkEzLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjg4MDI0REU4NzM2MDMzMTU0MTUxMjUzNTI1NTk4Q0VDODlCOUEwREUw
NzUxMTdCMTNBNjBDOEI3MTI4RTJEMC8wLzMxMzMzODJlMzEzODM1MmUzMjM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMzMzgzMTM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAirkc
MA0GCSqGSIb3DQEBCwUAA4IBAQCSptLZ7YHAIf+Q5DhmOskqEx1fdRCFvwiP8+vr
0+cLlvYED+QKZ5RfvtXUJ5eCvRgfivW1ExOgIJjRzyysJAi5fHkgHuic1n2Hdaku
Rc0ftvg3zbltsMXPGuSwt3mJUlugUkLwGcQLLbAe9c8yU4U3ermdklPfwX6lkP0M
CZ5sK0CigsLFSPsRyO/DRsj1OYT0xjaIhJo/OitZFYbZb5MOVGN8VkmxVVhSwsW2
bLRMUtY3dON5nD8A60orPqZtFaSo9O7rmVUncMpGvngXEx6aJnj22KfrSVR+ceRE
S8kq3Q3D6CwrHtUPVIcHbNv3sRwf6dTepkmY1x6EtkiwPZEj
-----END CERTIFICATE-----
Generated at Tue Jul 16 20:07:12 2024 by rpki-client on console-ams.rpki-client.org