Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/3133382e3138352e33312e302f32342d3234203d3e20323633383137.roa
File:                     3133382e3138352e33312e302f32342d3234203d3e20323633383137.roa (raw, json)
Hash identifier:          VITa9LAbVBdCjrr+gIhHTyhqtSeLVPp6gxU/ibtjuGM=
Subject key identifier:   C2:43:BF:C0:C8:B6:5F:F4:2B:A6:B8:B9:7F:FC:3D:3F:4D:BB:02:A1
Certificate issuer:       /CN=BE7683A0995880FB51F3BF98293EDECD286AF6A3
Certificate serial:       5E3F5CE82AA7AB9573157A9B764723D58E7E3C6E
Authority key identifier: BE:76:83:A0:99:58:80:FB:51:F3:BF:98:29:3E:DE:CD:28:6A:F6:A3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/3133382e3138352e33312e302f32342d3234203d3e20323633383137.roa
Signing time:             Tue 05 Mar 2024 17:47:24 +0000
ROA not before:           Tue 05 Mar 2024 17:42:24 +0000
ROA not after:            Tue 04 Mar 2025 17:47:24 +0000
asID:                     263817
IP address blocks:        138.185.31.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 21 Jul 2024 00:45:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:3f:5c:e8:2a:a7:ab:95:73:15:7a:9b:76:47:23:d5:8e:7e:3c:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BE7683A0995880FB51F3BF98293EDECD286AF6A3
        Validity
            Not Before: Mar  5 17:42:24 2024 GMT
            Not After : Mar  4 17:47:24 2025 GMT
        Subject: CN=C243BFC0C8B65FF42BA6B8B97FFC3D3F4DBB02A1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ea:25:42:a0:13:36:3b:f2:60:34:6c:85:0d:
                    66:d3:92:05:f8:13:b5:e9:50:a9:40:0a:02:f9:22:
                    0b:3b:24:44:e4:9b:32:b0:5d:42:fc:8d:0c:96:d8:
                    19:b1:fc:be:dc:8e:5d:09:14:ed:96:7e:77:3c:2c:
                    97:87:72:40:cd:5e:22:79:1b:e4:97:6a:0c:51:3d:
                    a4:97:07:15:4f:52:45:64:7a:64:f0:c3:a2:20:9e:
                    45:6c:89:cc:08:ba:f3:66:03:47:66:a5:02:43:e2:
                    ab:fb:60:cc:a2:27:96:23:20:05:d3:84:3c:53:3a:
                    c3:bf:3d:f5:58:bf:65:03:8c:55:05:97:f2:5b:81:
                    76:6a:3d:7a:77:a2:cd:b6:13:69:11:2d:1c:6e:09:
                    ce:35:73:fb:85:64:8d:52:50:f4:6a:32:b9:d5:d4:
                    9b:9b:d4:15:80:16:e2:8b:64:6d:d9:c6:ac:67:4f:
                    b5:5c:90:25:e4:95:e2:f4:d8:13:67:49:6e:f4:41:
                    0c:d8:e8:d9:65:6f:0f:a4:5f:32:09:ba:86:7f:70:
                    76:97:9d:ab:b8:4f:10:59:cb:47:48:c8:b1:8a:a0:
                    42:7f:89:a4:69:9f:0f:19:73:d7:de:f3:bf:d0:6a:
                    70:61:e1:89:2e:89:28:5b:ca:71:3d:06:04:f0:e5:
                    09:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:43:BF:C0:C8:B6:5F:F4:2B:A6:B8:B9:7F:FC:3D:3F:4D:BB:02:A1
            X509v3 Authority Key Identifier:
                keyid:BE:76:83:A0:99:58:80:FB:51:F3:BF:98:29:3E:DE:CD:28:6A:F6:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BE7683A0995880FB51F3BF98293EDECD286AF6A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/288024DE8736033154151253525598CEC89B9A0DE075117B13A60C8B7128E2D0/0/3133382e3138352e33312e302f32342d3234203d3e20323633383137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.185.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:97:cf:17:39:a4:59:72:25:8e:ab:b6:13:a7:e6:b3:5b:6d:
         8e:ff:d0:96:f7:80:8d:9d:2f:b5:c0:32:86:72:56:fd:ca:e1:
         9b:ad:8b:02:32:77:47:e1:e5:c3:7a:11:e8:23:58:40:d1:05:
         72:22:34:0f:86:ac:a2:26:c9:59:a5:61:48:67:82:64:e4:d2:
         05:4a:7d:ab:40:70:5a:e6:d2:7e:f6:ab:5b:4d:b2:7e:b4:cb:
         f5:94:63:a9:6b:da:47:ea:f9:96:cc:16:49:31:0e:bb:33:2b:
         be:fc:dd:f3:75:f8:d1:52:b0:e4:68:a5:bc:83:12:e4:17:ad:
         b7:6a:3e:50:37:0d:79:6b:ff:14:b9:96:d0:61:57:13:51:89:
         8a:35:6d:c1:a5:55:49:32:10:41:e5:bd:b2:52:a1:cc:6d:cf:
         06:05:15:29:48:24:e5:27:e9:e9:79:4a:64:1a:65:2a:25:8b:
         e9:d3:ae:1e:93:6b:27:35:f9:23:4d:2e:2f:d1:aa:5a:18:48:
         56:b5:27:d1:90:bd:ab:4a:73:b7:9d:02:ac:1d:b5:18:69:e7:
         f8:d4:c5:ff:e5:00:5b:2c:47:8f:2e:5f:f5:6c:95:19:f8:98:
         f7:0a:5c:7c:6d:fd:77:36:4a:6a:17:67:20:00:b6:7e:4d:bf:
         61:81:54:b4
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUXj9c6Cqnq5VzFXqbdkcj1Y5+PG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkU3NjgzQTA5OTU4ODBGQjUxRjNCRjk4MjkzRURFQ0Qy
ODZBRjZBMzAeFw0yNDAzMDUxNzQyMjRaFw0yNTAzMDQxNzQ3MjRaMDMxMTAvBgNV
BAMTKEMyNDNCRkMwQzhCNjVGRjQyQkE2QjhCOTdGRkMzRDNGNERCQjAyQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC06iVCoBM2O/JgNGyFDWbTkgX4
E7XpUKlACgL5Igs7JETkmzKwXUL8jQyW2Bmx/L7cjl0JFO2Wfnc8LJeHckDNXiJ5
G+SXagxRPaSXBxVPUkVkemTww6IgnkVsicwIuvNmA0dmpQJD4qv7YMyiJ5YjIAXT
hDxTOsO/PfVYv2UDjFUFl/JbgXZqPXp3os22E2kRLRxuCc41c/uFZI1SUPRqMrnV
1Jub1BWAFuKLZG3ZxqxnT7VckCXkleL02BNnSW70QQzY6Nllbw+kXzIJuoZ/cHaX
nau4TxBZy0dIyLGKoEJ/iaRpnw8Zc9fe87/QanBh4YkuiShbynE9BgTw5Qn/AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUwkO/wMi2X/Qrpri5f/w9P027AqEwHwYDVR0j
BBgwFoAUvnaDoJlYgPtR87+YKT7ezShq9qMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yODgwMjRERTg3MzYwMzMxNTQxNTEyNTM1MjU1OThDRUM4
OUI5QTBERTA3NTExN0IxM0E2MEM4QjcxMjhFMkQwLzAvQkU3NjgzQTA5OTU4ODBG
QjUxRjNCRjk4MjkzRURFQ0QyODZBRjZBMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CRTc2ODNBMDk5NTg4MEZCNTFG
M0JGOTgyOTNFREVDRDI4NkFGNkEzLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjg4MDI0REU4NzM2MDMzMTU0MTUxMjUzNTI1NTk4Q0VDODlCOUEwREUw
NzUxMTdCMTNBNjBDOEI3MTI4RTJEMC8wLzMxMzMzODJlMzEzODM1MmUzMzMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMzMzgzMTM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAirkf
MA0GCSqGSIb3DQEBCwUAA4IBAQBQl88XOaRZciWOq7YTp+azW22O/9CW94CNnS+1
wDKGclb9yuGbrYsCMndH4eXDehHoI1hA0QVyIjQPhqyiJslZpWFIZ4Jk5NIFSn2r
QHBa5tJ+9qtbTbJ+tMv1lGOpa9pH6vmWzBZJMQ67Myu+/N3zdfjRUrDkaKW8gxLk
F623aj5QNw15a/8UuZbQYVcTUYmKNW3BpVVJMhBB5b2yUqHMbc8GBRUpSCTlJ+np
eUpkGmUqJYvp064ek2snNfkjTS4v0apaGEhWtSfRkL2rSnO3nQKsHbUYaef41MX/
5QBbLEePLl/1bJUZ+Jj3Clx8bf13NkpqF2cgALZ+Tb9hgVS0
-----END CERTIFICATE-----
Generated at Tue Jul 16 20:07:12 2024 by rpki-client on console-ams.rpki-client.org