Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/37CFF943F3D0FB1389C93A9DA757DDADF3CB337907F05C792CF045EDB30DE20F/0/3139302e35322e35362e302f32312d3234203d3e203532333237.roa
File:                     3139302e35322e35362e302f32312d3234203d3e203532333237.roa (raw, json)
Hash identifier:          qKVk00fcMwzvMgV78Gnq5aEnyOAUopVkcZ+IyOcr/bg=
Subject key identifier:   9C:8B:75:7F:A3:52:41:B9:3F:45:AF:F1:FF:E4:4C:13:02:B2:CE:81
Certificate issuer:       /CN=0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5
Certificate serial:       74D86E353EE69D951D630433E869363483413629
Authority key identifier: 0A:0D:46:01:A8:F3:B3:F6:CC:82:B6:D8:9F:BF:E7:8F:28:D0:DD:C5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/37CFF943F3D0FB1389C93A9DA757DDADF3CB337907F05C792CF045EDB30DE20F/0/3139302e35322e35362e302f32312d3234203d3e203532333237.roa
Signing time:             Tue 05 Mar 2024 18:15:07 +0000
ROA not before:           Tue 05 Mar 2024 18:10:07 +0000
ROA not after:            Tue 04 Mar 2025 18:15:07 +0000
asID:                     52327
IP address blocks:        190.52.56.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/37CFF943F3D0FB1389C93A9DA757DDADF3CB337907F05C792CF045EDB30DE20F/0/0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/37CFF943F3D0FB1389C93A9DA757DDADF3CB337907F05C792CF045EDB30DE20F/0/0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 20 Jul 2024 13:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:d8:6e:35:3e:e6:9d:95:1d:63:04:33:e8:69:36:34:83:41:36:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5
        Validity
            Not Before: Mar  5 18:10:07 2024 GMT
            Not After : Mar  4 18:15:07 2025 GMT
        Subject: CN=9C8B757FA35241B93F45AFF1FFE44C1302B2CE81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:a0:eb:da:e6:c5:18:45:3b:34:f4:05:8f:bd:
                    25:50:b2:55:eb:f6:8f:04:60:8a:bb:67:af:79:da:
                    77:6f:96:96:dd:61:45:03:41:6e:3f:65:10:68:ef:
                    98:df:9a:80:c2:07:c9:ec:2c:e0:06:35:69:41:cb:
                    07:a3:ca:77:2a:47:9b:d1:ae:94:52:bd:bd:7a:fb:
                    60:ef:c8:18:c3:2b:0e:9a:b0:4a:80:3b:d6:26:ef:
                    36:71:c4:2e:16:0b:25:9e:0f:37:79:a4:5e:03:be:
                    82:c0:dc:b0:4e:58:e9:7f:b6:12:39:02:81:87:bf:
                    ff:eb:6d:45:96:39:71:8b:57:0b:f0:db:b4:3d:00:
                    c0:87:c2:98:21:d8:8c:ec:c4:c0:af:4d:0a:ba:f3:
                    41:84:65:b6:86:7c:b9:08:bf:53:ef:a8:35:50:1b:
                    51:35:03:0f:c9:fc:35:f4:19:95:05:a6:08:24:a2:
                    0c:0a:08:99:dc:75:e7:17:d0:89:bc:9e:8b:ca:b1:
                    9f:4b:36:06:83:89:4a:40:7a:3e:af:6c:7a:75:82:
                    9e:42:f0:8a:9b:44:00:19:da:69:37:a4:fa:fc:c1:
                    84:69:a7:d7:18:a8:3c:2a:3b:23:b0:13:b4:71:2b:
                    35:7c:2d:0e:75:de:be:99:b0:2e:ef:6a:f3:4d:5e:
                    08:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:8B:75:7F:A3:52:41:B9:3F:45:AF:F1:FF:E4:4C:13:02:B2:CE:81
            X509v3 Authority Key Identifier:
                keyid:0A:0D:46:01:A8:F3:B3:F6:CC:82:B6:D8:9F:BF:E7:8F:28:D0:DD:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/37CFF943F3D0FB1389C93A9DA757DDADF3CB337907F05C792CF045EDB30DE20F/0/0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0A0D4601A8F3B3F6CC82B6D89FBFE78F28D0DDC5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/37CFF943F3D0FB1389C93A9DA757DDADF3CB337907F05C792CF045EDB30DE20F/0/3139302e35322e35362e302f32312d3234203d3e203532333237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.52.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0b:68:ee:39:70:b3:e6:68:92:58:58:72:fb:bc:3e:d4:4e:8d:
         b4:8d:03:55:29:e5:53:71:38:e2:c8:3e:31:d4:b4:9b:28:e5:
         f6:ee:7c:67:dc:2d:e1:e8:71:de:d8:84:e1:a1:61:e3:5b:f9:
         1b:60:7a:40:b0:ed:f0:f9:2f:e8:ef:73:f2:22:f5:d8:80:a6:
         0e:7d:38:c1:85:48:2d:25:fb:b6:35:f6:f6:17:c6:c6:f0:03:
         70:9c:80:fe:ef:2f:68:c5:a3:75:25:48:04:a3:29:73:95:f0:
         49:a6:a4:75:b9:18:aa:8c:64:14:98:a2:1d:0e:8c:db:47:3c:
         7e:0c:84:de:e7:f8:88:6f:94:31:0a:8b:cb:86:4f:f6:6b:f6:
         06:88:55:b7:31:af:d0:11:5c:ab:e5:31:49:94:17:f3:5a:b7:
         37:08:aa:fb:75:3a:08:c9:03:54:e9:bc:71:7c:d2:2e:72:9e:
         fb:7f:f8:7c:95:16:aa:98:b9:d4:fa:76:98:de:22:14:c3:4c:
         c3:9f:62:36:51:95:a7:8c:b5:81:ec:ed:94:91:31:5b:9b:b4:
         98:b4:04:98:8e:80:7a:82:a8:86:dd:62:03:7c:8c:49:28:16:
         92:3b:1d:a7:88:87:0c:87:6e:0d:a9:c3:62:27:91:1d:4f:0e:
         32:ea:0a:1b
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUdNhuNT7mnZUdYwQz6Gk2NINBNikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEEwRDQ2MDFBOEYzQjNGNkNDODJCNkQ4OUZCRkU3OEYy
OEQwRERDNTAeFw0yNDAzMDUxODEwMDdaFw0yNTAzMDQxODE1MDdaMDMxMTAvBgNV
BAMTKDlDOEI3NTdGQTM1MjQxQjkzRjQ1QUZGMUZGRTQ0QzEzMDJCMkNFODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVoOva5sUYRTs09AWPvSVQslXr
9o8EYIq7Z6952ndvlpbdYUUDQW4/ZRBo75jfmoDCB8nsLOAGNWlBywejyncqR5vR
rpRSvb16+2DvyBjDKw6asEqAO9Ym7zZxxC4WCyWeDzd5pF4DvoLA3LBOWOl/thI5
AoGHv//rbUWWOXGLVwvw27Q9AMCHwpgh2IzsxMCvTQq680GEZbaGfLkIv1PvqDVQ
G1E1Aw/J/DX0GZUFpggkogwKCJncdecX0Im8novKsZ9LNgaDiUpAej6vbHp1gp5C
8IqbRAAZ2mk3pPr8wYRpp9cYqDwqOyOwE7RxKzV8LQ513r6ZsC7vavNNXghJAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUnIt1f6NSQbk/Ra/x/+RMEwKyzoEwHwYDVR0j
BBgwFoAUCg1GAajzs/bMgrbYn7/njyjQ3cUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zN0NGRjk0M0YzRDBGQjEzODlDOTNBOURBNzU3RERBREYz
Q0IzMzc5MDdGMDVDNzkyQ0YwNDVFREIzMERFMjBGLzAvMEEwRDQ2MDFBOEYzQjNG
NkNDODJCNkQ4OUZCRkU3OEYyOEQwRERDNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wQTBENDYwMUE4RjNCM0Y2Q0M4
MkI2RDg5RkJGRTc4RjI4RDBEREM1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzdDRkY5NDNGM0QwRkIxMzg5QzkzQTlEQTc1N0REQURGM0NCMzM3OTA3
RjA1Qzc5MkNGMDQ1RURCMzBERTIwRi8wLzMxMzkzMDJlMzUzMjJlMzUzNjJlMzAy
ZjMyMzEyZDMyMzQyMDNkM2UyMDM1MzIzMzMyMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO+NDgwDQYJ
KoZIhvcNAQELBQADggEBAAto7jlws+ZoklhYcvu8PtROjbSNA1Up5VNxOOLIPjHU
tJso5fbufGfcLeHocd7YhOGhYeNb+RtgekCw7fD5L+jvc/Ii9diApg59OMGFSC0l
+7Y19vYXxsbwA3CcgP7vL2jFo3UlSASjKXOV8EmmpHW5GKqMZBSYoh0OjNtHPH4M
hN7n+IhvlDEKi8uGT/Zr9gaIVbcxr9ARXKvlMUmUF/NatzcIqvt1OgjJA1TpvHF8
0i5ynvt/+HyVFqqYudT6dpjeIhTDTMOfYjZRlaeMtYHs7ZSRMVubtJi0BJiOgHqC
qIbdYgN8jEkoFpI7HaeIhwyHbg2pw2InkR1PDjLqChs=
-----END CERTIFICATE-----
Generated at Tue Jul 16 01:34:50 2024 by rpki-client on console-ams.rpki-client.org