Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/3136382e3233342e302e302f32302d3234203d3e20323632313636.roa
File:                     3136382e3233342e302e302f32302d3234203d3e20323632313636.roa (raw, json)
Hash identifier:          85fvadc8uM//MF6DTB58Yko3FuXvBJCsHM2nneTjDPE=
Subject key identifier:   0A:11:A4:C2:69:03:A6:6A:3B:EA:A1:A4:AC:DE:ED:89:61:9F:BD:D1
Certificate issuer:       /CN=0D1797043F7F529F13952CEE646AE7365392BBC3
Certificate serial:       02F34D630030FC1943D179E2521B44CEA845B7B7
Authority key identifier: 0D:17:97:04:3F:7F:52:9F:13:95:2C:EE:64:6A:E7:36:53:92:BB:C3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D1797043F7F529F13952CEE646AE7365392BBC3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/3136382e3233342e302e302f32302d3234203d3e20323632313636.roa
Signing time:             Tue 05 Mar 2024 17:49:19 +0000
ROA not before:           Tue 05 Mar 2024 17:44:19 +0000
ROA not after:            Tue 04 Mar 2025 17:49:19 +0000
asID:                     262166
IP address blocks:        168.234.0.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/0D1797043F7F529F13952CEE646AE7365392BBC3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/0D1797043F7F529F13952CEE646AE7365392BBC3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D1797043F7F529F13952CEE646AE7365392BBC3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 04:34:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:f3:4d:63:00:30:fc:19:43:d1:79:e2:52:1b:44:ce:a8:45:b7:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0D1797043F7F529F13952CEE646AE7365392BBC3
        Validity
            Not Before: Mar  5 17:44:19 2024 GMT
            Not After : Mar  4 17:49:19 2025 GMT
        Subject: CN=0A11A4C26903A66A3BEAA1A4ACDEED89619FBDD1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:21:1f:d7:17:97:a4:09:ba:af:6d:36:03:d6:
                    a0:53:11:d8:5f:08:db:91:12:76:3a:9c:6e:f0:30:
                    7e:4a:c4:0c:79:c4:ec:6e:44:94:72:2a:49:15:5c:
                    dd:88:d3:f8:31:5e:b6:a0:c8:b3:48:7a:f1:59:b0:
                    e8:b2:eb:33:7b:7d:3f:de:db:47:be:4d:fb:76:53:
                    ec:93:65:c4:b8:44:17:3c:ec:36:0e:24:3b:e2:33:
                    d2:81:85:68:2f:24:10:a1:08:46:50:bb:87:50:06:
                    91:e0:a7:c6:5a:0e:7d:c4:71:2d:28:1d:1b:78:3c:
                    73:63:24:63:7f:cd:ee:f8:84:d6:28:13:5a:34:a2:
                    50:a6:4d:ac:f3:a9:2f:0d:ef:a4:75:41:db:c9:e4:
                    89:76:4f:f1:87:a4:1e:28:37:7b:66:86:99:a6:e2:
                    f3:a1:1e:d3:07:03:83:08:f7:3a:08:21:c3:8f:c0:
                    93:19:93:57:26:9e:48:a8:ff:16:1d:96:29:42:24:
                    fc:68:4d:cd:0e:73:66:e1:fb:ff:44:51:59:22:10:
                    00:1a:f1:6f:37:11:4a:2e:49:d7:e3:77:ae:7f:12:
                    7b:b7:0b:0b:ee:75:61:cc:ce:b9:d4:e3:11:02:58:
                    f3:4d:87:c4:8d:07:f6:be:46:72:69:12:14:7c:05:
                    23:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:11:A4:C2:69:03:A6:6A:3B:EA:A1:A4:AC:DE:ED:89:61:9F:BD:D1
            X509v3 Authority Key Identifier:
                keyid:0D:17:97:04:3F:7F:52:9F:13:95:2C:EE:64:6A:E7:36:53:92:BB:C3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/0D1797043F7F529F13952CEE646AE7365392BBC3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D1797043F7F529F13952CEE646AE7365392BBC3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/3136382e3233342e302e302f32302d3234203d3e20323632313636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.234.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         86:65:4d:9f:e2:8c:be:fc:98:d3:b1:4e:79:7d:3f:8d:a5:3d:
         8d:6e:f8:4d:7b:4c:37:ea:9b:2f:3a:71:ca:70:40:af:4d:cc:
         f6:43:24:d4:eb:2e:d1:c7:49:a3:53:05:59:de:99:e3:cb:3f:
         d7:d1:37:0c:bc:95:dc:50:43:27:67:ec:16:c3:0f:67:f8:49:
         08:bb:44:ae:4c:94:13:c3:99:a6:67:5f:b0:ff:70:16:c2:19:
         6a:1b:95:65:81:bc:61:53:ea:e0:92:2b:70:5c:ea:a7:24:fe:
         f2:a3:d1:56:68:4c:28:5c:4b:c5:4b:74:8b:07:43:e7:21:26:
         73:fe:1a:47:2c:c5:2e:88:1c:1b:c1:af:38:7f:a7:7d:ef:8f:
         f9:fc:5b:00:cd:ff:4f:8e:11:a3:66:5d:70:2d:84:7a:58:b0:
         70:7e:39:8d:cd:bb:36:19:7a:ce:68:ea:f4:5e:e0:74:f2:9e:
         78:09:a0:87:ae:be:5b:44:cc:24:72:bd:58:52:f1:61:7b:66:
         d0:e8:a6:e6:4b:ca:58:4a:2b:0a:28:aa:9a:14:03:55:8b:4d:
         d3:59:29:e1:e4:95:ae:c9:74:be:4e:33:df:b8:12:58:de:c8:
         29:0e:9f:bd:fb:3c:bd:0d:69:96:c5:9e:90:43:d6:2d:d6:6d:
         d1:d6:50:02
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUAvNNYwAw/BlD0XniUhtEzqhFt7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEQxNzk3MDQzRjdGNTI5RjEzOTUyQ0VFNjQ2QUU3MzY1
MzkyQkJDMzAeFw0yNDAzMDUxNzQ0MTlaFw0yNTAzMDQxNzQ5MTlaMDMxMTAvBgNV
BAMTKDBBMTFBNEMyNjkwM0E2NkEzQkVBQTFBNEFDREVFRDg5NjE5RkJERDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNIR/XF5ekCbqvbTYD1qBTEdhf
CNuREnY6nG7wMH5KxAx5xOxuRJRyKkkVXN2I0/gxXragyLNIevFZsOiy6zN7fT/e
20e+Tft2U+yTZcS4RBc87DYOJDviM9KBhWgvJBChCEZQu4dQBpHgp8ZaDn3EcS0o
HRt4PHNjJGN/ze74hNYoE1o0olCmTazzqS8N76R1QdvJ5Il2T/GHpB4oN3tmhpmm
4vOhHtMHA4MI9zoIIcOPwJMZk1cmnkio/xYdlilCJPxoTc0Oc2bh+/9EUVkiEAAa
8W83EUouSdfjd65/Enu3CwvudWHMzrnU4xECWPNNh8SNB/a+RnJpEhR8BSNhAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUChGkwmkDpmo76qGkrN7tiWGfvdEwHwYDVR0j
BBgwFoAUDReXBD9/Up8TlSzuZGrnNlOSu8MwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNjM1NDU0M0QyMjQyNzJDRjQ3MjJGRjRENzE4MTk4RUI4
RTJGRjhDQkQ2RDlCN0I5N0NEQTg2MEQ5QzFDRDNCLzAvMEQxNzk3MDQzRjdGNTI5
RjEzOTUyQ0VFNjQ2QUU3MzY1MzkyQkJDMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wRDE3OTcwNDNGN0Y1MjlGMTM5
NTJDRUU2NDZBRTczNjUzOTJCQkMzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzYzNTQ1NDNEMjI0MjcyQ0Y0NzIyRkY0RDcxODE5OEVCOEUyRkY4Q0JE
NkQ5QjdCOTdDREE4NjBEOUMxQ0QzQi8wLzMxMzYzODJlMzIzMzM0MmUzMDJlMzAy
ZjMyMzAyZDMyMzQyMDNkM2UyMDMyMzYzMjMxMzYzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBKjqADAN
BgkqhkiG9w0BAQsFAAOCAQEAhmVNn+KMvvyY07FOeX0/jaU9jW74TXtMN+qbLzpx
ynBAr03M9kMk1Osu0cdJo1MFWd6Z48s/19E3DLyV3FBDJ2fsFsMPZ/hJCLtErkyU
E8OZpmdfsP9wFsIZahuVZYG8YVPq4JIrcFzqpyT+8qPRVmhMKFxLxUt0iwdD5yEm
c/4aRyzFLogcG8GvOH+nfe+P+fxbAM3/T44Ro2ZdcC2EeliwcH45jc27Nhl6zmjq
9F7gdPKeeAmgh66+W0TMJHK9WFLxYXtm0Oim5kvKWEorCiiqmhQDVYtN01kp4eSV
rsl0vk4z37gSWN7IKQ6fvfs8vQ1plsWekEPWLdZt0dZQAg==
-----END CERTIFICATE-----
Generated at Thu Jun 13 21:24:56 2024 by rpki-client on console-ams.rpki-client.org