Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/3136382e3233342e35322e302f32342d3234203d3e20323632313636.roa
File:                     3136382e3233342e35322e302f32342d3234203d3e20323632313636.roa (raw, json)
Hash identifier:          8Y55VJV3hEKUSQiDM7+7xAnXlUAyAHA5LfLf5INkGKw=
Subject key identifier:   62:E6:B1:4A:D4:40:FC:1D:6C:92:43:6B:BA:3C:EA:53:52:90:C6:75
Certificate issuer:       /CN=0D1797043F7F529F13952CEE646AE7365392BBC3
Certificate serial:       65EC042C4EF396DB6B6387F98D99E5D40F60463A
Authority key identifier: 0D:17:97:04:3F:7F:52:9F:13:95:2C:EE:64:6A:E7:36:53:92:BB:C3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D1797043F7F529F13952CEE646AE7365392BBC3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/3136382e3233342e35322e302f32342d3234203d3e20323632313636.roa
Signing time:             Tue 05 Mar 2024 17:49:20 +0000
ROA not before:           Tue 05 Mar 2024 17:44:20 +0000
ROA not after:            Tue 04 Mar 2025 17:49:20 +0000
asID:                     262166
IP address blocks:        168.234.52.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/0D1797043F7F529F13952CEE646AE7365392BBC3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/0D1797043F7F529F13952CEE646AE7365392BBC3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D1797043F7F529F13952CEE646AE7365392BBC3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:ec:04:2c:4e:f3:96:db:6b:63:87:f9:8d:99:e5:d4:0f:60:46:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0D1797043F7F529F13952CEE646AE7365392BBC3
        Validity
            Not Before: Mar  5 17:44:20 2024 GMT
            Not After : Mar  4 17:49:20 2025 GMT
        Subject: CN=62E6B14AD440FC1D6C92436BBA3CEA535290C675
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:67:8f:e1:a9:a7:7f:8c:1f:49:bc:85:d6:02:
                    37:23:f9:74:f9:2e:88:9f:86:1f:06:a3:1a:b6:ac:
                    ae:78:7c:0d:c3:30:3f:00:6d:8c:26:71:01:07:7c:
                    da:22:61:27:b1:f8:30:35:ed:1f:73:3b:17:1f:32:
                    62:68:9c:9a:4c:aa:c5:1d:5a:7c:5b:6c:51:7c:60:
                    c3:55:4c:5a:63:25:4b:08:76:e4:9b:1a:d6:e9:63:
                    15:62:77:c0:f8:41:1e:1b:0e:fe:a2:e3:7c:76:1c:
                    6d:e0:75:7f:b9:3c:46:f2:08:50:7b:42:cd:9a:10:
                    ea:5d:c7:c9:91:10:3e:ff:a5:ab:85:1c:5f:03:05:
                    a3:d5:91:33:83:4d:60:66:d7:6b:28:c2:e3:46:2e:
                    0d:53:fa:23:82:d6:4d:9f:50:90:3a:e9:d5:a8:62:
                    50:29:7a:db:07:b4:bb:dd:f7:00:ae:8d:62:fc:89:
                    fd:16:df:5f:85:f4:29:4d:86:6c:dd:da:7d:85:02:
                    4b:b1:31:5f:05:c9:39:ac:98:eb:88:f1:ef:ba:f5:
                    7a:62:00:a2:ad:a7:5b:1a:d9:a5:66:66:4f:47:c4:
                    aa:97:42:67:99:cf:dd:24:d0:b7:df:ee:fd:9e:01:
                    76:6f:d1:b1:67:9a:b3:9d:97:c5:b0:1d:b7:3d:a3:
                    5c:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:E6:B1:4A:D4:40:FC:1D:6C:92:43:6B:BA:3C:EA:53:52:90:C6:75
            X509v3 Authority Key Identifier:
                keyid:0D:17:97:04:3F:7F:52:9F:13:95:2C:EE:64:6A:E7:36:53:92:BB:C3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/0D1797043F7F529F13952CEE646AE7365392BBC3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D1797043F7F529F13952CEE646AE7365392BBC3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/3136382e3233342e35322e302f32342d3234203d3e20323632313636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.234.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:22:48:fb:d2:0c:f0:8b:9b:97:ec:9b:ac:bf:63:1f:95:58:
         46:a4:08:a9:f8:ee:47:bb:87:1a:ba:52:36:86:06:01:65:86:
         2c:33:58:66:5e:4c:2e:5c:db:85:03:38:35:7c:0a:95:cf:4a:
         cb:ae:06:18:67:16:e0:23:49:99:0d:0e:15:fd:af:3e:18:9e:
         f8:62:02:f1:74:d2:7a:47:39:1d:47:0d:1d:56:26:32:05:64:
         72:3a:28:1d:f8:2b:ac:7b:17:16:0a:92:b5:70:e8:c1:06:79:
         9c:33:0d:cd:94:3f:5b:ba:54:88:01:2f:e7:36:1d:e9:44:06:
         8c:26:9b:d3:c8:f7:0f:f3:0d:bd:ac:94:c6:fd:43:8d:dc:7e:
         87:d1:e6:d7:42:bd:b4:44:40:eb:ef:a5:8b:78:80:1a:74:cd:
         39:32:0c:0e:d9:e4:fe:f1:3d:03:aa:b8:9e:8f:7a:a0:77:76:
         14:9a:7b:84:a0:cc:16:a7:79:b6:1b:25:7c:cc:1d:4b:9f:42:
         f8:bd:0d:a0:69:11:79:7d:5a:1e:a8:07:6d:0e:90:26:f1:53:
         e6:c9:a7:8b:d9:b5:62:23:73:77:6b:6e:4e:c3:70:d5:ec:1b:
         24:dc:ff:03:49:09:31:29:cd:2c:ba:73:86:20:f6:b7:f2:2d:
         e1:2a:a7:77
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUZewELE7zlttrY4f5jZnl1A9gRjowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEQxNzk3MDQzRjdGNTI5RjEzOTUyQ0VFNjQ2QUU3MzY1
MzkyQkJDMzAeFw0yNDAzMDUxNzQ0MjBaFw0yNTAzMDQxNzQ5MjBaMDMxMTAvBgNV
BAMTKDYyRTZCMTRBRDQ0MEZDMUQ2QzkyNDM2QkJBM0NFQTUzNTI5MEM2NzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcZ4/hqad/jB9JvIXWAjcj+XT5
Loifhh8Goxq2rK54fA3DMD8AbYwmcQEHfNoiYSex+DA17R9zOxcfMmJonJpMqsUd
WnxbbFF8YMNVTFpjJUsIduSbGtbpYxVid8D4QR4bDv6i43x2HG3gdX+5PEbyCFB7
Qs2aEOpdx8mRED7/pauFHF8DBaPVkTODTWBm12sowuNGLg1T+iOC1k2fUJA66dWo
YlApetsHtLvd9wCujWL8if0W31+F9ClNhmzd2n2FAkuxMV8FyTmsmOuI8e+69Xpi
AKKtp1sa2aVmZk9HxKqXQmeZz90k0Lff7v2eAXZv0bFnmrOdl8WwHbc9o1wtAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUYuaxStRA/B1skkNrujzqU1KQxnUwHwYDVR0j
BBgwFoAUDReXBD9/Up8TlSzuZGrnNlOSu8MwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNjM1NDU0M0QyMjQyNzJDRjQ3MjJGRjRENzE4MTk4RUI4
RTJGRjhDQkQ2RDlCN0I5N0NEQTg2MEQ5QzFDRDNCLzAvMEQxNzk3MDQzRjdGNTI5
RjEzOTUyQ0VFNjQ2QUU3MzY1MzkyQkJDMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wRDE3OTcwNDNGN0Y1MjlGMTM5
NTJDRUU2NDZBRTczNjUzOTJCQkMzLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzYzNTQ1NDNEMjI0MjcyQ0Y0NzIyRkY0RDcxODE5OEVCOEUyRkY4Q0JE
NkQ5QjdCOTdDREE4NjBEOUMxQ0QzQi8wLzMxMzYzODJlMzIzMzM0MmUzNTMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMyMzEzNjM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqOo0
MA0GCSqGSIb3DQEBCwUAA4IBAQBhIkj70gzwi5uX7Jusv2MflVhGpAip+O5Hu4ca
ulI2hgYBZYYsM1hmXkwuXNuFAzg1fAqVz0rLrgYYZxbgI0mZDQ4V/a8+GJ74YgLx
dNJ6RzkdRw0dViYyBWRyOigd+CusexcWCpK1cOjBBnmcMw3NlD9bulSIAS/nNh3p
RAaMJpvTyPcP8w29rJTG/UON3H6H0ebXQr20REDr76WLeIAadM05MgwO2eT+8T0D
qriej3qgd3YUmnuEoMwWp3m2GyV8zB1Ln0L4vQ2gaRF5fVoeqAdtDpAm8VPmyaeL
2bViI3N3a25Ow3DV7Bsk3P8DSQkxKc0sunOGIPa38i3hKqd3
-----END CERTIFICATE-----
Generated at Thu Nov 21 17:25:50 2024 by rpki-client on console-fra.rpki-client.org