Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/3133312e3130382e3134332e302f32342d3234203d3e203631343930.roa
File:                     3133312e3130382e3134332e302f32342d3234203d3e203631343930.roa (raw, json)
Hash identifier:          AGupaPAWG5cuzhBQE2PYovUBqJgq+LlY4joRyStlAU4=
Subject key identifier:   5A:45:4B:22:A4:06:3A:CF:5F:E7:CA:2C:0D:2C:96:48:64:4A:47:FC
Certificate issuer:       /CN=D74EEC332802572047CBE0FAB13F3CF2BA417AFF
Certificate serial:       486703771509088DB176D507C41EC7BF22060A2A
Authority key identifier: D7:4E:EC:33:28:02:57:20:47:CB:E0:FA:B1:3F:3C:F2:BA:41:7A:FF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/3133312e3130382e3134332e302f32342d3234203d3e203631343930.roa
Signing time:             Tue 05 Mar 2024 17:42:43 +0000
ROA not before:           Tue 05 Mar 2024 17:37:43 +0000
ROA not after:            Tue 04 Mar 2025 17:42:43 +0000
asID:                     61490
IP address blocks:        131.108.143.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:67:03:77:15:09:08:8d:b1:76:d5:07:c4:1e:c7:bf:22:06:0a:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D74EEC332802572047CBE0FAB13F3CF2BA417AFF
        Validity
            Not Before: Mar  5 17:37:43 2024 GMT
            Not After : Mar  4 17:42:43 2025 GMT
        Subject: CN=5A454B22A4063ACF5FE7CA2C0D2C9648644A47FC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:44:a9:16:2e:09:29:a8:18:fb:05:5d:5f:de:
                    27:af:1b:9d:1d:d7:66:38:fc:34:6c:02:97:b4:00:
                    43:f0:2d:ea:d8:50:28:3c:a8:aa:a4:20:33:4c:aa:
                    2e:73:8d:65:35:a1:32:48:e0:96:63:db:6d:c8:6d:
                    48:53:2c:4b:cf:c3:9b:3c:fc:fc:e9:20:3e:5e:e4:
                    55:90:b4:71:cb:85:31:bd:d8:6c:99:43:d4:84:68:
                    31:e7:47:97:a5:7c:e5:c1:5d:29:80:ee:e2:13:1d:
                    ec:28:1e:c8:d7:41:55:18:ca:be:cd:a8:36:8b:af:
                    5b:f1:3e:42:96:3c:7f:5a:1e:48:f6:37:f4:80:c2:
                    65:f0:52:68:a5:5f:54:f9:1a:5a:3e:96:99:4b:88:
                    1e:5e:a6:bf:f2:c2:83:bb:93:ea:cb:16:ff:89:8c:
                    a4:9c:3b:4e:71:5d:88:ee:be:66:13:c3:75:6a:02:
                    3c:37:70:a8:27:01:e0:90:91:bf:08:e2:df:74:b1:
                    37:71:6b:9e:7a:6a:59:ff:49:12:a5:55:6b:0b:00:
                    97:8a:e2:a7:06:c4:92:9d:65:9d:a8:52:65:60:40:
                    d3:d6:9b:50:6c:22:bf:dd:76:43:a4:cf:f4:4f:91:
                    1c:5d:69:e8:cf:06:bc:1c:5d:29:90:91:e8:89:a0:
                    05:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:45:4B:22:A4:06:3A:CF:5F:E7:CA:2C:0D:2C:96:48:64:4A:47:FC
            X509v3 Authority Key Identifier:
                keyid:D7:4E:EC:33:28:02:57:20:47:CB:E0:FA:B1:3F:3C:F2:BA:41:7A:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D74EEC332802572047CBE0FAB13F3CF2BA417AFF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/296CACF4DBEE77502940FAD50279723AF0DA139E5C75A6B5BCEBA6B1C143DB88/0/3133312e3130382e3134332e302f32342d3234203d3e203631343930.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.108.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:6e:59:c4:2a:ef:5f:10:66:bb:20:2e:b1:d7:43:8c:b8:af:
         b1:93:9f:69:45:b6:5e:d2:be:5b:6d:e5:15:35:b9:78:fd:7c:
         61:83:a3:b4:5c:82:53:7e:6e:04:5d:41:86:8c:33:00:01:c7:
         2f:6e:e9:6e:78:65:23:dd:99:58:6f:17:f6:9a:53:b7:c0:45:
         73:3d:79:e8:d2:8c:f4:8f:08:60:d0:43:56:51:e8:be:b7:3d:
         af:f8:fd:d1:9b:f4:b6:7e:a5:fb:b5:53:15:e0:71:68:10:87:
         5c:07:d0:32:ad:95:76:24:26:b0:7a:f7:bf:49:ec:03:f4:62:
         6d:bc:fd:4c:f1:ad:5b:4e:72:8a:11:3c:f5:1e:4f:90:42:02:
         23:50:54:a5:20:87:5f:ee:30:8d:c3:3c:9a:0e:e7:6a:61:2c:
         91:d5:3f:3b:49:24:a4:d8:44:e6:18:78:88:2f:2d:42:eb:78:
         e1:11:ce:96:dd:a3:aa:b4:4a:0a:42:5d:72:65:bb:d7:fe:1f:
         42:3e:11:a7:d0:38:be:82:20:76:aa:52:f2:43:fd:a2:36:2a:
         9d:8c:72:bb:6b:4d:65:d3:6c:82:1e:83:3b:7c:00:e7:f1:d2:
         8d:4a:dd:82:0a:8d:13:43:da:d0:92:d2:1c:aa:84:98:66:46:
         56:7d:8f:c0
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUSGcDdxUJCI2xdtUHxB7HvyIGCiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDc0RUVDMzMyODAyNTcyMDQ3Q0JFMEZBQjEzRjNDRjJC
QTQxN0FGRjAeFw0yNDAzMDUxNzM3NDNaFw0yNTAzMDQxNzQyNDNaMDMxMTAvBgNV
BAMTKDVBNDU0QjIyQTQwNjNBQ0Y1RkU3Q0EyQzBEMkM5NjQ4NjQ0QTQ3RkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKRKkWLgkpqBj7BV1f3ievG50d
12Y4/DRsApe0AEPwLerYUCg8qKqkIDNMqi5zjWU1oTJI4JZj223IbUhTLEvPw5s8
/PzpID5e5FWQtHHLhTG92GyZQ9SEaDHnR5elfOXBXSmA7uITHewoHsjXQVUYyr7N
qDaLr1vxPkKWPH9aHkj2N/SAwmXwUmilX1T5Glo+lplLiB5epr/ywoO7k+rLFv+J
jKScO05xXYjuvmYTw3VqAjw3cKgnAeCQkb8I4t90sTdxa556aln/SRKlVWsLAJeK
4qcGxJKdZZ2oUmVgQNPWm1BsIr/ddkOkz/RPkRxdaejPBrwcXSmQkeiJoAW7AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUWkVLIqQGOs9f58osDSyWSGRKR/wwHwYDVR0j
BBgwFoAU107sMygCVyBHy+D6sT888rpBev8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yOTZDQUNGNERCRUU3NzUwMjk0MEZBRDUwMjc5NzIzQUYw
REExMzlFNUM3NUE2QjVCQ0VCQTZCMUMxNDNEQjg4LzAvRDc0RUVDMzMyODAyNTcy
MDQ3Q0JFMEZBQjEzRjNDRjJCQTQxN0FGRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENzRFRUMzMzI4MDI1NzIwNDdD
QkUwRkFCMTNGM0NGMkJBNDE3QUZGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjk2Q0FDRjREQkVFNzc1MDI5NDBGQUQ1MDI3OTcyM0FGMERBMTM5RTVD
NzVBNkI1QkNFQkE2QjFDMTQzREI4OC8wLzMxMzMzMTJlMzEzMDM4MmUzMTM0MzMy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzQzOTMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAg2yP
MA0GCSqGSIb3DQEBCwUAA4IBAQBublnEKu9fEGa7IC6x10OMuK+xk59pRbZe0r5b
beUVNbl4/Xxhg6O0XIJTfm4EXUGGjDMAAccvbulueGUj3ZlYbxf2mlO3wEVzPXno
0oz0jwhg0ENWUei+tz2v+P3Rm/S2fqX7tVMV4HFoEIdcB9AyrZV2JCaweve/SewD
9GJtvP1M8a1bTnKKETz1Hk+QQgIjUFSlIIdf7jCNwzyaDudqYSyR1T87SSSk2ETm
GHiILy1C63jhEc6W3aOqtEoKQl1yZbvX/h9CPhGn0Di+giB2qlLyQ/2iNiqdjHK7
a01l02yCHoM7fADn8dKNSt2CCo0TQ9rQktIcqoSYZkZWfY/A
-----END CERTIFICATE-----
Generated at Wed Nov 20 16:08:10 2024 by rpki-client on console-fra.rpki-client.org