Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/30A2F43F3FB56944F31F8E74892769A0D2CFC2B00810BC0FE0D7E86178F99BF3/0/3136382e3139362e3232342e302f32322d3234203d3e20323634373635.roa
File:                     3136382e3139362e3232342e302f32322d3234203d3e20323634373635.roa (raw, json)
Hash identifier:          i6uYlAQnT9mD8OoPrRI/SDYMWEbrSJoVqtUhWQRxfeA=
Subject key identifier:   EA:C8:D9:1B:EB:01:06:BA:0F:9A:4F:BF:03:76:31:DE:29:B1:B4:E5
Certificate issuer:       /CN=D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A
Certificate serial:       233AFA284E02B3EC429D7D79D1F030ECEFBE7A09
Authority key identifier: D1:FF:BC:86:B2:5B:48:77:36:23:5C:5C:A0:D6:DD:00:4C:0C:AA:6A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/30A2F43F3FB56944F31F8E74892769A0D2CFC2B00810BC0FE0D7E86178F99BF3/0/3136382e3139362e3232342e302f32322d3234203d3e20323634373635.roa
Signing time:             Tue 05 Mar 2024 17:45:30 +0000
ROA not before:           Tue 05 Mar 2024 17:40:30 +0000
ROA not after:            Tue 04 Mar 2025 17:45:30 +0000
asID:                     264765
IP address blocks:        168.196.224.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/30A2F43F3FB56944F31F8E74892769A0D2CFC2B00810BC0FE0D7E86178F99BF3/0/D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/30A2F43F3FB56944F31F8E74892769A0D2CFC2B00810BC0FE0D7E86178F99BF3/0/D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 21 Jun 2024 08:25:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:3a:fa:28:4e:02:b3:ec:42:9d:7d:79:d1:f0:30:ec:ef:be:7a:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A
        Validity
            Not Before: Mar  5 17:40:30 2024 GMT
            Not After : Mar  4 17:45:30 2025 GMT
        Subject: CN=EAC8D91BEB0106BA0F9A4FBF037631DE29B1B4E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:04:35:a7:37:03:4c:4d:14:3f:7c:6e:8a:a4:
                    b8:43:c7:d7:01:9e:5e:22:75:ce:17:68:9a:a1:13:
                    19:fd:0e:21:9b:67:f0:7b:f1:d7:ab:6c:48:bf:e7:
                    49:0b:14:16:80:ce:e2:a8:23:0b:78:cc:3d:35:20:
                    94:91:7c:52:2b:d0:cc:ce:ca:8b:9b:39:93:a3:91:
                    e9:59:78:61:37:90:c4:9a:ce:c3:cc:3c:92:73:50:
                    b3:d1:05:3a:e0:5b:13:7b:c0:24:fe:05:62:d2:c0:
                    e1:71:41:97:7c:11:34:69:cf:a6:ce:cf:ef:7c:25:
                    a7:f5:30:fa:e2:76:93:0b:78:0a:31:d3:80:e8:35:
                    35:68:b8:79:26:05:25:e5:c8:53:87:8a:64:52:ea:
                    3e:40:44:1c:d7:d1:6c:fc:66:87:90:5e:1c:01:a7:
                    bd:26:ad:e7:d7:46:f6:e9:75:df:fd:53:22:fb:74:
                    9d:a4:0d:3c:e3:93:e6:c4:f2:cd:a1:b7:c5:f7:60:
                    f2:0c:38:30:23:35:49:5c:c0:73:47:bc:4e:ac:3b:
                    18:9d:b3:95:b2:2f:ac:73:83:c9:8d:6c:89:4e:c4:
                    81:2b:d1:1a:76:1f:bc:d9:a8:9b:15:5a:23:c5:45:
                    2f:66:c4:d6:97:f8:96:f4:22:97:45:dd:60:71:bb:
                    95:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:C8:D9:1B:EB:01:06:BA:0F:9A:4F:BF:03:76:31:DE:29:B1:B4:E5
            X509v3 Authority Key Identifier:
                keyid:D1:FF:BC:86:B2:5B:48:77:36:23:5C:5C:A0:D6:DD:00:4C:0C:AA:6A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/30A2F43F3FB56944F31F8E74892769A0D2CFC2B00810BC0FE0D7E86178F99BF3/0/D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/30A2F43F3FB56944F31F8E74892769A0D2CFC2B00810BC0FE0D7E86178F99BF3/0/3136382e3139362e3232342e302f32322d3234203d3e20323634373635.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.196.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5c:90:cf:32:07:ca:08:0b:81:72:fe:a9:4b:32:2f:37:c6:ad:
         2a:8f:64:c8:87:d6:2c:dc:be:53:af:cb:f1:32:92:ed:30:15:
         d7:eb:a7:af:26:ea:33:20:b2:db:0b:01:b2:f1:6a:29:b6:fe:
         85:95:bd:0a:8a:a9:a1:90:a2:50:59:ef:a2:bd:cf:eb:ca:f7:
         06:80:77:0c:fe:bd:41:50:b3:fb:29:87:55:20:d5:ba:12:5c:
         49:70:ba:88:2a:11:76:36:ef:01:b7:b5:f4:a9:49:3a:a5:1f:
         08:23:92:06:1b:d2:22:df:d1:43:7b:68:98:ae:31:88:31:73:
         0d:ac:4c:b8:bb:a8:3b:7f:f3:bc:a7:0b:7a:df:f3:f9:e1:42:
         a9:d6:72:35:b3:40:3a:d8:55:c3:49:fc:05:89:1f:af:c3:dd:
         cb:b9:19:eb:49:15:49:30:90:f1:cd:89:4c:f2:87:61:31:5d:
         34:7a:16:55:f2:ee:7a:74:89:18:e9:b7:72:48:61:41:47:e1:
         c4:e3:85:c9:5f:3e:79:ea:a0:1e:05:8b:0f:a9:ba:98:0a:04:
         aa:18:c7:a5:e8:c6:9e:a7:0d:5e:bd:0f:21:23:fb:e9:74:64:
         27:7c:c1:c0:e0:d2:5f:dd:c1:2e:a6:90:16:be:80:65:17:1b:
         c1:42:92:ee
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUIzr6KE4Cs+xCnX150fAw7O++egkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDFGRkJDODZCMjVCNDg3NzM2MjM1QzVDQTBENkREMDA0
QzBDQUE2QTAeFw0yNDAzMDUxNzQwMzBaFw0yNTAzMDQxNzQ1MzBaMDMxMTAvBgNV
BAMTKEVBQzhEOTFCRUIwMTA2QkEwRjlBNEZCRjAzNzYzMURFMjlCMUI0RTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqBDWnNwNMTRQ/fG6KpLhDx9cB
nl4idc4XaJqhExn9DiGbZ/B78derbEi/50kLFBaAzuKoIwt4zD01IJSRfFIr0MzO
youbOZOjkelZeGE3kMSazsPMPJJzULPRBTrgWxN7wCT+BWLSwOFxQZd8ETRpz6bO
z+98Jaf1MPridpMLeAox04DoNTVouHkmBSXlyFOHimRS6j5ARBzX0Wz8ZoeQXhwB
p70mrefXRvbpdd/9UyL7dJ2kDTzjk+bE8s2ht8X3YPIMODAjNUlcwHNHvE6sOxid
s5WyL6xzg8mNbIlOxIEr0Rp2H7zZqJsVWiPFRS9mxNaX+Jb0IpdF3WBxu5U5AgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU6sjZG+sBBroPmk+/A3Yx3imxtOUwHwYDVR0j
BBgwFoAU0f+8hrJbSHc2I1xcoNbdAEwMqmowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zMEEyRjQzRjNGQjU2OTQ0RjMxRjhFNzQ4OTI3NjlBMEQy
Q0ZDMkIwMDgxMEJDMEZFMEQ3RTg2MTc4Rjk5QkYzLzAvRDFGRkJDODZCMjVCNDg3
NzM2MjM1QzVDQTBENkREMDA0QzBDQUE2QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMUZGQkM4NkIyNUI0ODc3MzYy
MzVDNUNBMEQ2REQwMDRDMENBQTZBLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzBBMkY0M0YzRkI1Njk0NEYzMUY4RTc0ODkyNzY5QTBEMkNGQzJCMDA4
MTBCQzBGRTBEN0U4NjE3OEY5OUJGMy8wLzMxMzYzODJlMzEzOTM2MmUzMjMyMzQy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzQzNzM2MzUucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKo
xOAwDQYJKoZIhvcNAQELBQADggEBAFyQzzIHyggLgXL+qUsyLzfGrSqPZMiH1izc
vlOvy/Eyku0wFdfrp68m6jMgstsLAbLxaim2/oWVvQqKqaGQolBZ76K9z+vK9waA
dwz+vUFQs/sph1Ug1boSXElwuogqEXY27wG3tfSpSTqlHwgjkgYb0iLf0UN7aJiu
MYgxcw2sTLi7qDt/87ynC3rf8/nhQqnWcjWzQDrYVcNJ/AWJH6/D3cu5GetJFUkw
kPHNiUzyh2ExXTR6FlXy7np0iRjpt3JIYUFH4cTjhclfPnnqoB4Fiw+pupgKBKoY
x6Xoxp6nDV69DyEj++l0ZCd8wcDg0l/dwS6mkBa+gGUXG8FCku4=
-----END CERTIFICATE-----
Generated at Mon Jun 17 07:35:46 2024 by rpki-client on console-fra.rpki-client.org