Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/3133312e3130382e3134312e302f32342d3234203d3e203631343930.roa
File:                     3133312e3130382e3134312e302f32342d3234203d3e203631343930.roa (raw, json)
Hash identifier:          jgiAhWUMxYxSJHZ9CU+GB8nqg82woIGE8yii5/1xEMQ=
Subject key identifier:   5D:C7:15:91:EA:A0:9B:7D:D3:16:3E:BA:50:FD:0E:D2:5B:F2:A0:F3
Certificate issuer:       /CN=D74EEC332802572047CBE0FAB13F3CF2BA417AFF
Certificate serial:       58A06F7889108C9CC31FA4530859E12F7793CF2A
Authority key identifier: D7:4E:EC:33:28:02:57:20:47:CB:E0:FA:B1:3F:3C:F2:BA:41:7A:FF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/3133312e3130382e3134312e302f32342d3234203d3e203631343930.roa
Signing time:             Tue 05 Mar 2024 17:42:45 +0000
ROA not before:           Tue 05 Mar 2024 17:37:45 +0000
ROA not after:            Tue 04 Mar 2025 17:42:45 +0000
asID:                     61490
IP address blocks:        131.108.141.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 14 Jun 2024 21:27:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:a0:6f:78:89:10:8c:9c:c3:1f:a4:53:08:59:e1:2f:77:93:cf:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D74EEC332802572047CBE0FAB13F3CF2BA417AFF
        Validity
            Not Before: Mar  5 17:37:45 2024 GMT
            Not After : Mar  4 17:42:45 2025 GMT
        Subject: CN=5DC71591EAA09B7DD3163EBA50FD0ED25BF2A0F3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:cb:74:47:8a:7a:7b:e1:df:e8:0c:61:35:43:
                    f2:cd:91:29:8d:dd:a0:fc:ac:90:55:6d:aa:89:b6:
                    19:32:f2:53:51:b7:d4:4b:33:32:72:94:7a:0f:57:
                    40:fc:21:3f:c3:d6:7e:53:39:3d:0b:b8:99:11:ef:
                    11:ae:7f:a0:d9:72:3b:70:1f:bd:97:c0:39:b4:05:
                    9d:09:5a:7f:a3:8a:af:0e:98:0f:05:8d:8e:57:ae:
                    82:28:40:a4:f6:47:79:ff:a5:b2:04:b7:bc:4c:6a:
                    f8:89:41:fa:88:96:9d:cb:7e:24:79:38:d5:d2:e9:
                    d8:1a:e2:80:b2:5b:a4:7b:c8:07:1e:69:d8:0c:be:
                    10:2f:f7:f6:7d:e0:af:96:8f:5a:9b:d8:a2:e5:6b:
                    3b:f8:ea:e1:ba:51:d7:bb:0e:df:ae:59:21:9f:63:
                    76:9c:e4:9b:6b:b2:1e:82:49:67:02:48:03:0f:22:
                    55:17:da:e2:a6:2f:4f:ff:a0:50:0e:d0:aa:eb:a9:
                    81:04:8b:59:16:79:5a:90:6d:f9:d1:8a:43:0d:c7:
                    bb:04:ed:cd:06:92:bf:0c:97:42:4c:ea:95:76:3d:
                    a3:2a:dd:f3:20:05:15:26:19:45:c1:18:6a:cf:ef:
                    8c:b3:03:4c:46:3b:81:ae:5c:b6:96:fe:88:a6:4b:
                    d8:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:C7:15:91:EA:A0:9B:7D:D3:16:3E:BA:50:FD:0E:D2:5B:F2:A0:F3
            X509v3 Authority Key Identifier:
                keyid:D7:4E:EC:33:28:02:57:20:47:CB:E0:FA:B1:3F:3C:F2:BA:41:7A:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/3133312e3130382e3134312e302f32342d3234203d3e203631343930.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.108.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:ae:55:33:63:8d:5f:87:01:8f:e1:12:f9:f2:54:be:c6:98:
         c7:fa:ee:85:14:73:c8:27:ee:a8:46:fd:54:ba:0f:1f:10:c1:
         34:e5:83:d2:18:48:05:e9:19:fd:0a:37:58:81:67:66:80:5a:
         54:d9:d4:48:4e:d7:ce:f7:b5:56:4d:dc:50:e9:24:b7:2e:0e:
         72:8c:13:30:86:ea:bd:c3:2c:56:b9:a8:47:0c:30:bb:50:3f:
         90:5b:82:01:c0:c1:da:67:0f:aa:89:cb:3b:7e:2c:ff:96:1c:
         b6:3e:59:f8:f5:de:ac:af:c3:3c:9a:a4:37:01:6c:c9:0b:84:
         3d:49:26:8b:86:fd:79:0b:e4:25:fa:71:a2:e8:3f:5b:8d:38:
         ea:f1:4a:32:9b:d6:58:4b:09:8c:ea:76:27:74:62:75:ef:3d:
         6b:91:b7:d1:d6:02:8e:30:1f:1e:7b:4a:b4:d9:7b:8c:73:6a:
         45:d7:8d:47:51:d6:29:e1:78:50:1f:ed:4b:50:0a:de:c0:95:
         1b:4d:12:ed:5d:f9:6c:d0:09:e9:ce:4d:94:33:30:e2:3c:b1:
         fa:b7:1d:ff:0d:66:de:af:2f:ce:de:35:6d:17:5c:2c:9a:5c:
         ff:bd:a6:f0:35:7b:81:0a:8c:cf:ef:1b:89:af:f0:20:ff:e0:
         7b:8a:ad:38
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUWKBveIkQjJzDH6RTCFnhL3eTzyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDc0RUVDMzMyODAyNTcyMDQ3Q0JFMEZBQjEzRjNDRjJC
QTQxN0FGRjAeFw0yNDAzMDUxNzM3NDVaFw0yNTAzMDQxNzQyNDVaMDMxMTAvBgNV
BAMTKDVEQzcxNTkxRUFBMDlCN0REMzE2M0VCQTUwRkQwRUQyNUJGMkEwRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLy3RHinp74d/oDGE1Q/LNkSmN
3aD8rJBVbaqJthky8lNRt9RLMzJylHoPV0D8IT/D1n5TOT0LuJkR7xGuf6DZcjtw
H72XwDm0BZ0JWn+jiq8OmA8FjY5XroIoQKT2R3n/pbIEt7xMaviJQfqIlp3LfiR5
ONXS6dga4oCyW6R7yAceadgMvhAv9/Z94K+Wj1qb2KLlazv46uG6Ude7Dt+uWSGf
Y3ac5Jtrsh6CSWcCSAMPIlUX2uKmL0//oFAO0KrrqYEEi1kWeVqQbfnRikMNx7sE
7c0Gkr8Ml0JM6pV2PaMq3fMgBRUmGUXBGGrP74yzA0xGO4GuXLaW/oimS9gJAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUXccVkeqgm33TFj66UP0O0lvyoPMwHwYDVR0j
BBgwFoAU107sMygCVyBHy+D6sT888rpBev8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yOTZDQUNGNERCRUU3NzUwMjk0MEZBRDUwMjc5NzIzQUYw
REExMzlFNUM3NUE2QjVCQ0VCQTZCMUMxNDNEQjg4LzAvRDc0RUVDMzMyODAyNTcy
MDQ3Q0JFMEZBQjEzRjNDRjJCQTQxN0FGRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENzRFRUMzMzI4MDI1NzIwNDdD
QkUwRkFCMTNGM0NGMkJBNDE3QUZGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjk2Q0FDRjREQkVFNzc1MDI5NDBGQUQ1MDI3OTcyM0FGMERBMTM5RTVD
NzVBNkI1QkNFQkE2QjFDMTQzREI4OC8wLzMxMzMzMTJlMzEzMDM4MmUzMTM0MzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzQzOTMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAg2yN
MA0GCSqGSIb3DQEBCwUAA4IBAQAzrlUzY41fhwGP4RL58lS+xpjH+u6FFHPIJ+6o
Rv1Uug8fEME05YPSGEgF6Rn9CjdYgWdmgFpU2dRITtfO97VWTdxQ6SS3Lg5yjBMw
huq9wyxWuahHDDC7UD+QW4IBwMHaZw+qics7fiz/lhy2Pln49d6sr8M8mqQ3AWzJ
C4Q9SSaLhv15C+Ql+nGi6D9bjTjq8Uoym9ZYSwmM6nYndGJ17z1rkbfR1gKOMB8e
e0q02XuMc2pF141HUdYp4XhQH+1LUArewJUbTRLtXfls0Anpzk2UMzDiPLH6tx3/
DWbery/O3jVtF1wsmlz/vabwNXuBCozP7xuJr/Ag/+B7iq04
-----END CERTIFICATE-----
Generated at Tue Jun 11 09:28:13 2024 by rpki-client on console-fra.rpki-client.org