Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/3136382e3233342e3230382e302f32312d3234203d3e20323632313636.roa
File:                     3136382e3233342e3230382e302f32312d3234203d3e20323632313636.roa (raw, json)
Hash identifier:          GbmyYri8c4lDrP+9i99lGIOQ95MBlsgOwivr1dB7Zb0=
Subject key identifier:   E6:2C:24:2C:C5:DC:B5:34:1F:1D:5A:BD:66:CC:16:1B:D1:8B:AB:59
Certificate issuer:       /CN=0D1797043F7F529F13952CEE646AE7365392BBC3
Certificate serial:       28E7AB0848079702ACEEE2272EA9FF8822F3BA04
Authority key identifier: 0D:17:97:04:3F:7F:52:9F:13:95:2C:EE:64:6A:E7:36:53:92:BB:C3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D1797043F7F529F13952CEE646AE7365392BBC3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/3136382e3233342e3230382e302f32312d3234203d3e20323632313636.roa
Signing time:             Tue 05 Mar 2024 17:49:19 +0000
ROA not before:           Tue 05 Mar 2024 17:44:19 +0000
ROA not after:            Tue 04 Mar 2025 17:49:19 +0000
asID:                     262166
IP address blocks:        168.234.208.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/0D1797043F7F529F13952CEE646AE7365392BBC3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/0D1797043F7F529F13952CEE646AE7365392BBC3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D1797043F7F529F13952CEE646AE7365392BBC3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 04:34:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:e7:ab:08:48:07:97:02:ac:ee:e2:27:2e:a9:ff:88:22:f3:ba:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0D1797043F7F529F13952CEE646AE7365392BBC3
        Validity
            Not Before: Mar  5 17:44:19 2024 GMT
            Not After : Mar  4 17:49:19 2025 GMT
        Subject: CN=E62C242CC5DCB5341F1D5ABD66CC161BD18BAB59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:b8:b9:b7:fb:2c:97:a2:bd:c7:8b:2e:51:48:
                    06:c0:8e:04:08:b6:4f:83:77:e0:af:0f:88:47:89:
                    5f:05:c8:3f:eb:37:24:4c:7f:a7:f5:96:ae:ae:aa:
                    c4:af:14:d1:1c:fb:2c:db:4c:57:79:8c:4d:b8:c4:
                    8b:07:15:74:a1:04:d3:8f:9b:0a:cc:b1:df:c4:96:
                    33:3e:9a:72:e6:79:c6:03:a9:a6:20:92:d0:08:c8:
                    b3:fa:bc:62:d6:bf:c7:c7:92:66:8e:f6:60:e7:12:
                    a8:37:86:73:f1:97:a5:7a:37:fa:6e:fe:ca:a0:88:
                    cb:57:04:87:5f:55:de:18:00:9f:e3:26:5a:ae:1d:
                    66:35:97:27:fd:6b:1c:d2:0f:66:2f:2e:da:7b:30:
                    72:01:ed:ab:22:38:30:a6:49:ab:06:2e:69:71:e2:
                    2b:24:5a:85:62:a9:66:37:1e:12:ba:98:96:34:f2:
                    4b:2f:8c:ff:70:11:fb:9b:66:f2:a9:27:96:1c:a2:
                    5e:6c:40:2a:48:7d:aa:e3:ed:79:48:b4:92:5b:b1:
                    5c:d5:29:51:89:f8:8e:4b:74:18:0a:e8:0c:ff:a3:
                    03:2d:40:2e:6f:89:dc:00:cf:8f:bd:af:3b:c1:8c:
                    ea:29:0d:00:d8:d8:5c:cd:dc:a9:a3:18:64:77:fd:
                    96:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:2C:24:2C:C5:DC:B5:34:1F:1D:5A:BD:66:CC:16:1B:D1:8B:AB:59
            X509v3 Authority Key Identifier:
                keyid:0D:17:97:04:3F:7F:52:9F:13:95:2C:EE:64:6A:E7:36:53:92:BB:C3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/0D1797043F7F529F13952CEE646AE7365392BBC3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D1797043F7F529F13952CEE646AE7365392BBC3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/3136382e3233342e3230382e302f32312d3234203d3e20323632313636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.234.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9b:d4:e7:18:e2:42:f9:78:9b:70:c2:e8:61:81:1b:33:02:d1:
         a6:be:de:25:4f:cf:83:1d:82:56:1d:40:5a:42:df:fb:32:27:
         fb:03:2b:0f:b2:08:fa:f3:9b:a3:14:e7:75:3b:31:41:41:a6:
         7a:13:a4:9b:fa:ab:63:7e:45:8f:45:f5:1e:1e:9a:8d:45:b6:
         46:05:ca:72:16:6a:a5:3a:61:3b:b0:35:3c:f6:38:64:a5:b0:
         2e:5b:d1:9f:6c:0c:e3:c9:9f:78:71:b7:0c:c3:a9:0b:2c:40:
         9a:ed:81:a0:66:5f:2d:e6:54:7b:28:35:94:b7:dc:c7:7d:d7:
         d3:2e:58:16:aa:af:85:cc:f7:d9:1a:1c:18:36:1b:f6:bc:aa:
         45:b6:e7:75:b6:0f:b4:84:6c:c4:9f:dc:8b:b3:39:e5:2b:53:
         9b:b8:c8:ba:40:03:c1:4f:be:49:d3:91:14:da:8b:53:d7:4d:
         f6:18:7b:30:79:2d:fb:40:c3:5d:c6:c3:af:ea:af:e7:f0:cf:
         ad:5c:47:86:ee:2a:50:89:1c:61:83:97:14:65:c4:d4:29:08:
         ea:2a:07:72:af:02:e5:17:f0:88:a6:b0:e9:b0:be:11:b7:d0:
         0c:fd:0b:89:7b:50:57:ee:1b:a3:6d:b4:34:da:ab:bc:51:93:
         01:d7:ef:21
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUKOerCEgHlwKs7uInLqn/iCLzugQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEQxNzk3MDQzRjdGNTI5RjEzOTUyQ0VFNjQ2QUU3MzY1
MzkyQkJDMzAeFw0yNDAzMDUxNzQ0MTlaFw0yNTAzMDQxNzQ5MTlaMDMxMTAvBgNV
BAMTKEU2MkMyNDJDQzVEQ0I1MzQxRjFENUFCRDY2Q0MxNjFCRDE4QkFCNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0uLm3+yyXor3Hiy5RSAbAjgQI
tk+Dd+CvD4hHiV8FyD/rNyRMf6f1lq6uqsSvFNEc+yzbTFd5jE24xIsHFXShBNOP
mwrMsd/EljM+mnLmecYDqaYgktAIyLP6vGLWv8fHkmaO9mDnEqg3hnPxl6V6N/pu
/sqgiMtXBIdfVd4YAJ/jJlquHWY1lyf9axzSD2YvLtp7MHIB7asiODCmSasGLmlx
4iskWoViqWY3HhK6mJY08ksvjP9wEfubZvKpJ5Ycol5sQCpIfarj7XlItJJbsVzV
KVGJ+I5LdBgK6Az/owMtQC5vidwAz4+9rzvBjOopDQDY2FzN3KmjGGR3/ZZzAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU5iwkLMXctTQfHVq9ZswWG9GLq1kwHwYDVR0j
BBgwFoAUDReXBD9/Up8TlSzuZGrnNlOSu8MwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNjM1NDU0M0QyMjQyNzJDRjQ3MjJGRjRENzE4MTk4RUI4
RTJGRjhDQkQ2RDlCN0I5N0NEQTg2MEQ5QzFDRDNCLzAvMEQxNzk3MDQzRjdGNTI5
RjEzOTUyQ0VFNjQ2QUU3MzY1MzkyQkJDMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wRDE3OTcwNDNGN0Y1MjlGMTM5
NTJDRUU2NDZBRTczNjUzOTJCQkMzLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzYzNTQ1NDNEMjI0MjcyQ0Y0NzIyRkY0RDcxODE5OEVCOEUyRkY4Q0JE
NkQ5QjdCOTdDREE4NjBEOUMxQ0QzQi8wLzMxMzYzODJlMzIzMzM0MmUzMjMwMzgy
ZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzMjM2MzIzMTM2MzYucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOo
6tAwDQYJKoZIhvcNAQELBQADggEBAJvU5xjiQvl4m3DC6GGBGzMC0aa+3iVPz4Md
glYdQFpC3/syJ/sDKw+yCPrzm6MU53U7MUFBpnoTpJv6q2N+RY9F9R4emo1FtkYF
ynIWaqU6YTuwNTz2OGSlsC5b0Z9sDOPJn3hxtwzDqQssQJrtgaBmXy3mVHsoNZS3
3Md919MuWBaqr4XM99kaHBg2G/a8qkW253W2D7SEbMSf3IuzOeUrU5u4yLpAA8FP
vknTkRTai1PXTfYYezB5LftAw13Gw6/qr+fwz61cR4buKlCJHGGDlxRlxNQpCOoq
B3KvAuUX8IimsOmwvhG30Az9C4l7UFfuG6NttDTaq7xRkwHX7yE=
-----END CERTIFICATE-----
Generated at Thu Jun 13 19:24:47 2024 by rpki-client on console-fra.rpki-client.org