Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/29DB7344B82C38AD35114D1906578EABE7484BC2497FC09F1ADBB0C9E51474AB/0/3139312e3131372e36342e302f31382d3138203d3e203237383336.roa
File:                     3139312e3131372e36342e302f31382d3138203d3e203237383336.roa (raw, json)
Hash identifier:          i9NnH8kp75lI7okb6lc00rt5Ql8FxR1pM242I61HzN4=
Subject key identifier:   15:D8:B4:50:30:A8:81:DC:4C:01:EB:06:3F:13:DF:25:18:09:85:49
Certificate issuer:       /CN=516A0BAEF13F646C61E3AB03846DBFAD78DD7E99
Certificate serial:       46D0FC065A70C92ACC140FF1F57FC052BCC810B8
Authority key identifier: 51:6A:0B:AE:F1:3F:64:6C:61:E3:AB:03:84:6D:BF:AD:78:DD:7E:99
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/516A0BAEF13F646C61E3AB03846DBFAD78DD7E99.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/29DB7344B82C38AD35114D1906578EABE7484BC2497FC09F1ADBB0C9E51474AB/0/3139312e3131372e36342e302f31382d3138203d3e203237383336.roa
Signing time:             Tue 05 Mar 2024 17:47:49 +0000
ROA not before:           Tue 05 Mar 2024 17:42:49 +0000
ROA not after:            Tue 04 Mar 2025 17:47:49 +0000
asID:                     27836
IP address blocks:        191.117.64.0/18 maxlen: 18

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/29DB7344B82C38AD35114D1906578EABE7484BC2497FC09F1ADBB0C9E51474AB/0/516A0BAEF13F646C61E3AB03846DBFAD78DD7E99.crl
                          rsync://repository.lacnic.net/rpki/lacnic/29DB7344B82C38AD35114D1906578EABE7484BC2497FC09F1ADBB0C9E51474AB/0/516A0BAEF13F646C61E3AB03846DBFAD78DD7E99.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/516A0BAEF13F646C61E3AB03846DBFAD78DD7E99.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:d0:fc:06:5a:70:c9:2a:cc:14:0f:f1:f5:7f:c0:52:bc:c8:10:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=516A0BAEF13F646C61E3AB03846DBFAD78DD7E99
        Validity
            Not Before: Mar  5 17:42:49 2024 GMT
            Not After : Mar  4 17:47:49 2025 GMT
        Subject: CN=15D8B45030A881DC4C01EB063F13DF2518098549
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:55:d4:fb:2d:ec:4c:5d:c2:55:8d:04:f6:09:
                    df:ca:91:e5:6f:7f:df:9c:45:29:9f:5e:e2:15:3d:
                    f0:a5:67:77:2c:a4:27:78:30:c8:8a:36:44:9d:b1:
                    90:b0:ad:1e:0c:f7:f1:e2:b5:fa:11:8c:39:ff:32:
                    20:3f:cb:e2:3f:94:ee:34:b4:a4:e3:bb:20:0c:97:
                    0d:f8:0b:d3:9e:ad:5d:ec:ee:5d:c6:f9:9e:69:79:
                    71:04:73:95:29:c1:fe:66:90:43:57:ae:50:cd:bc:
                    cd:5c:1a:ce:1e:cf:01:6a:19:a1:34:1b:1a:9b:02:
                    78:ee:b3:ef:f2:3c:4c:fb:23:33:83:23:49:17:b5:
                    96:6f:79:1c:39:97:32:53:e1:22:4c:05:27:ed:c9:
                    ae:b3:a3:77:3f:53:73:81:51:d4:0f:28:59:e1:5e:
                    c0:23:f3:64:a0:df:2c:54:af:70:bd:c7:f0:d0:3e:
                    db:02:70:60:ee:c1:c4:2d:de:21:d9:e4:1d:16:24:
                    5e:1c:1a:7e:ac:c3:63:55:78:d5:a8:74:8b:3a:38:
                    1d:7e:88:50:74:47:bd:54:b4:6e:f8:3c:55:87:40:
                    b5:bf:8e:13:25:f0:76:73:c5:1f:73:9b:08:4a:67:
                    ed:1b:5e:a1:c7:48:43:14:29:d5:8c:64:f8:f7:76:
                    9e:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:D8:B4:50:30:A8:81:DC:4C:01:EB:06:3F:13:DF:25:18:09:85:49
            X509v3 Authority Key Identifier:
                keyid:51:6A:0B:AE:F1:3F:64:6C:61:E3:AB:03:84:6D:BF:AD:78:DD:7E:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/29DB7344B82C38AD35114D1906578EABE7484BC2497FC09F1ADBB0C9E51474AB/0/516A0BAEF13F646C61E3AB03846DBFAD78DD7E99.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/516A0BAEF13F646C61E3AB03846DBFAD78DD7E99.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/29DB7344B82C38AD35114D1906578EABE7484BC2497FC09F1ADBB0C9E51474AB/0/3139312e3131372e36342e302f31382d3138203d3e203237383336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.117.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         53:27:21:8a:98:61:71:b3:53:ac:67:a9:53:71:22:c6:14:39:
         7c:02:06:de:55:55:41:91:c0:0e:5e:1b:14:bb:c8:22:bb:7f:
         51:e5:cf:09:82:9f:14:b9:21:53:ce:7a:20:cb:28:b9:a8:56:
         8a:91:c0:51:78:c8:ef:53:4b:88:e4:6f:d4:03:fe:fd:27:c7:
         77:a7:9d:1d:fb:d2:78:17:5e:22:97:93:3d:61:d6:dd:2e:0d:
         03:1e:9a:ee:43:db:53:25:c4:aa:f1:4a:d6:e1:18:83:48:9e:
         b8:23:67:5b:b6:79:36:f4:36:fc:94:76:6b:ec:39:37:24:53:
         d3:ec:a7:d3:f3:71:fb:8e:5f:a0:5b:23:1f:2e:81:02:18:28:
         72:37:e9:8b:1f:33:19:eb:77:2c:83:cf:c9:e8:e4:a6:0b:72:
         e9:54:84:dd:b0:4d:e8:99:7e:a7:1a:5a:f9:b3:72:dc:86:2b:
         5e:e7:d7:10:75:4b:4a:54:38:4a:21:24:d5:6f:5e:bc:ba:0e:
         20:e6:64:37:6a:0e:f9:0d:d7:74:cd:13:f8:56:05:ce:2d:6e:
         62:24:a7:28:8e:58:46:14:9d:ec:2a:c9:00:67:19:61:52:ac:
         8a:ab:3c:31:fb:2e:ee:a2:29:fe:f1:f4:36:c6:da:7f:ef:ae:
         ae:2d:f4:04
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIURtD8BlpwySrMFA/x9X/AUrzIELgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTE2QTBCQUVGMTNGNjQ2QzYxRTNBQjAzODQ2REJGQUQ3
OEREN0U5OTAeFw0yNDAzMDUxNzQyNDlaFw0yNTAzMDQxNzQ3NDlaMDMxMTAvBgNV
BAMTKDE1RDhCNDUwMzBBODgxREM0QzAxRUIwNjNGMTNERjI1MTgwOTg1NDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+VdT7LexMXcJVjQT2Cd/KkeVv
f9+cRSmfXuIVPfClZ3cspCd4MMiKNkSdsZCwrR4M9/HitfoRjDn/MiA/y+I/lO40
tKTjuyAMlw34C9OerV3s7l3G+Z5peXEEc5Upwf5mkENXrlDNvM1cGs4ezwFqGaE0
GxqbAnjus+/yPEz7IzODI0kXtZZveRw5lzJT4SJMBSftya6zo3c/U3OBUdQPKFnh
XsAj82Sg3yxUr3C9x/DQPtsCcGDuwcQt3iHZ5B0WJF4cGn6sw2NVeNWodIs6OB1+
iFB0R71UtG74PFWHQLW/jhMl8HZzxR9zmwhKZ+0bXqHHSEMUKdWMZPj3dp6zAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUFdi0UDCogdxMAesGPxPfJRgJhUkwHwYDVR0j
BBgwFoAUUWoLrvE/ZGxh46sDhG2/rXjdfpkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yOURCNzM0NEI4MkMzOEFEMzUxMTREMTkwNjU3OEVBQkU3
NDg0QkMyNDk3RkMwOUYxQURCQjBDOUU1MTQ3NEFCLzAvNTE2QTBCQUVGMTNGNjQ2
QzYxRTNBQjAzODQ2REJGQUQ3OEREN0U5OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81MTZBMEJBRUYxM0Y2NDZDNjFF
M0FCMDM4NDZEQkZBRDc4REQ3RTk5LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjlEQjczNDRCODJDMzhBRDM1MTE0RDE5MDY1NzhFQUJFNzQ4NEJDMjQ5
N0ZDMDlGMUFEQkIwQzlFNTE0NzRBQi8wLzMxMzkzMTJlMzEzMTM3MmUzNjM0MmUz
MDJmMzEzODJkMzEzODIwM2QzZTIwMzIzNzM4MzMzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBr91QDAN
BgkqhkiG9w0BAQsFAAOCAQEAUychiphhcbNTrGepU3EixhQ5fAIG3lVVQZHADl4b
FLvIIrt/UeXPCYKfFLkhU856IMsouahWipHAUXjI71NLiORv1AP+/SfHd6edHfvS
eBdeIpeTPWHW3S4NAx6a7kPbUyXEqvFK1uEYg0ieuCNnW7Z5NvQ2/JR2a+w5NyRT
0+yn0/Nx+45foFsjHy6BAhgocjfpix8zGet3LIPPyejkpgty6VSE3bBN6Jl+pxpa
+bNy3IYrXufXEHVLSlQ4SiEk1W9evLoOIOZkN2oO+Q3XdM0T+FYFzi1uYiSnKI5Y
RhSd7CrJAGcZYVKsiqs8Mfsu7qIp/vH0Nsbaf++uri30BA==
-----END CERTIFICATE-----
Generated at Wed Nov 20 03:14:22 2024 by rpki-client on console-fra.rpki-client.org