Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A3D4CF1C0BF2F5C7DBD49B6B076EA5439A612D757262EAB9EEEF4301695074C/0/3230312e3134382e3233322e302f32322d3234203d3e20323636383832.roa
File:                     3230312e3134382e3233322e302f32322d3234203d3e20323636383832.roa (raw, json)
Hash identifier:          kUmvnCk2QB6/00O3+uxwqwEXxM3I4vkiT1g6C2SQF1c=
Subject key identifier:   50:18:F4:5B:3F:1B:1A:D7:C0:8F:4A:96:3F:87:4B:B3:30:09:0C:0B
Certificate issuer:       /CN=DA31E8AD07ACB0D12007DCE39E0F54D13D470890
Certificate serial:       1AC37A8A093142B2B0758831672C5FC07E355702
Authority key identifier: DA:31:E8:AD:07:AC:B0:D1:20:07:DC:E3:9E:0F:54:D1:3D:47:08:90
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA31E8AD07ACB0D12007DCE39E0F54D13D470890.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A3D4CF1C0BF2F5C7DBD49B6B076EA5439A612D757262EAB9EEEF4301695074C/0/3230312e3134382e3233322e302f32322d3234203d3e20323636383832.roa
Signing time:             Tue 05 Mar 2024 17:56:25 +0000
ROA not before:           Tue 05 Mar 2024 17:51:25 +0000
ROA not after:            Tue 04 Mar 2025 17:56:25 +0000
asID:                     266882
IP address blocks:        201.148.232.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3A3D4CF1C0BF2F5C7DBD49B6B076EA5439A612D757262EAB9EEEF4301695074C/0/DA31E8AD07ACB0D12007DCE39E0F54D13D470890.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3A3D4CF1C0BF2F5C7DBD49B6B076EA5439A612D757262EAB9EEEF4301695074C/0/DA31E8AD07ACB0D12007DCE39E0F54D13D470890.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA31E8AD07ACB0D12007DCE39E0F54D13D470890.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 28 Nov 2024 18:28:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:c3:7a:8a:09:31:42:b2:b0:75:88:31:67:2c:5f:c0:7e:35:57:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA31E8AD07ACB0D12007DCE39E0F54D13D470890
        Validity
            Not Before: Mar  5 17:51:25 2024 GMT
            Not After : Mar  4 17:56:25 2025 GMT
        Subject: CN=5018F45B3F1B1AD7C08F4A963F874BB330090C0B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:0c:71:f8:a1:a3:16:f1:21:66:a0:78:b5:96:
                    39:0f:bb:39:dd:4c:bc:e5:bc:d1:6a:a6:d3:7d:64:
                    9b:4d:3a:f6:41:15:e6:bf:17:0a:55:5b:41:a1:30:
                    47:f0:2a:66:fe:04:47:1e:c5:17:d3:fe:8b:ce:2e:
                    ad:f2:c5:d0:56:fa:14:e8:2a:59:af:3f:02:0e:54:
                    37:07:48:96:0e:26:1b:be:a7:43:0c:bf:6f:ff:f7:
                    de:02:e2:40:5c:4c:20:21:27:b2:92:ea:12:e4:24:
                    43:1b:ca:98:20:a2:f8:e8:04:76:f3:39:af:ea:f3:
                    f5:4f:60:9b:6a:1b:d0:18:e7:02:49:13:59:2e:4a:
                    c3:de:7b:e9:38:c3:03:a7:b6:cb:06:7c:07:86:38:
                    12:38:67:21:64:11:35:50:19:4f:41:75:9b:81:d1:
                    e0:48:4f:85:1d:4a:c9:86:95:73:1a:95:2e:47:fb:
                    e5:06:36:fc:73:75:83:ef:30:19:f1:06:44:49:84:
                    26:2e:68:61:37:35:d9:89:89:03:25:39:3d:9b:36:
                    47:16:f7:30:81:a9:30:86:07:01:59:15:a8:8e:fc:
                    7c:66:7b:06:a6:64:25:b4:1e:44:46:d5:8e:30:fd:
                    cd:01:12:37:41:04:db:94:13:49:0f:02:25:f1:af:
                    c1:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:18:F4:5B:3F:1B:1A:D7:C0:8F:4A:96:3F:87:4B:B3:30:09:0C:0B
            X509v3 Authority Key Identifier:
                keyid:DA:31:E8:AD:07:AC:B0:D1:20:07:DC:E3:9E:0F:54:D1:3D:47:08:90

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A3D4CF1C0BF2F5C7DBD49B6B076EA5439A612D757262EAB9EEEF4301695074C/0/DA31E8AD07ACB0D12007DCE39E0F54D13D470890.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA31E8AD07ACB0D12007DCE39E0F54D13D470890.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A3D4CF1C0BF2F5C7DBD49B6B076EA5439A612D757262EAB9EEEF4301695074C/0/3230312e3134382e3233322e302f32322d3234203d3e20323636383832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.148.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         bc:8c:98:29:7e:c8:cd:c7:f7:bf:03:b5:b3:9c:77:8a:a9:35:
         4b:43:1c:05:d6:a2:e2:0f:14:74:64:a7:a7:8f:4d:9f:a9:6d:
         86:55:b8:33:15:9e:68:84:ae:40:af:0f:e5:2e:e4:6d:66:d4:
         c0:c3:8f:8a:0a:dc:33:51:41:c0:85:77:87:be:82:71:f8:4a:
         ad:63:fe:3c:d7:7a:81:3c:a5:9b:3a:05:04:ef:18:71:48:d0:
         52:30:47:0d:ad:4a:66:b6:25:9f:65:45:f4:5d:ca:28:43:f6:
         d1:f8:ae:fb:93:30:4d:0c:2f:4a:41:6c:5c:1c:de:2d:18:2f:
         f0:46:44:a9:c7:21:af:f7:8e:d4:c8:dc:d4:85:8f:8b:3f:1d:
         bf:e4:42:07:a8:0d:5e:b4:ec:7d:5e:dd:56:ae:d1:21:9a:42:
         19:56:ff:cf:c9:8d:2a:80:de:25:4d:95:4f:06:a8:39:d4:38:
         b1:bd:74:e9:d7:3b:e7:a8:0e:41:4a:9e:ac:5f:a7:72:e2:0e:
         b0:a0:0d:1d:6c:d4:b2:29:82:d0:03:83:ad:2c:fe:4b:27:0d:
         f0:d1:bf:ac:49:0b:49:82:2a:c7:83:1d:83:18:59:75:a9:7e:
         1f:fb:5f:00:6b:50:52:68:76:09:b4:85:c6:b4:a8:13:8b:f4:
         4b:72:b6:eb
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUGsN6igkxQrKwdYgxZyxfwH41VwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREEzMUU4QUQwN0FDQjBEMTIwMDdEQ0UzOUUwRjU0RDEz
RDQ3MDg5MDAeFw0yNDAzMDUxNzUxMjVaFw0yNTAzMDQxNzU2MjVaMDMxMTAvBgNV
BAMTKDUwMThGNDVCM0YxQjFBRDdDMDhGNEE5NjNGODc0QkIzMzAwOTBDMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1DHH4oaMW8SFmoHi1ljkPuznd
TLzlvNFqptN9ZJtNOvZBFea/FwpVW0GhMEfwKmb+BEcexRfT/ovOLq3yxdBW+hTo
KlmvPwIOVDcHSJYOJhu+p0MMv2//994C4kBcTCAhJ7KS6hLkJEMbypggovjoBHbz
Oa/q8/VPYJtqG9AY5wJJE1kuSsPee+k4wwOntssGfAeGOBI4ZyFkETVQGU9BdZuB
0eBIT4UdSsmGlXMalS5H++UGNvxzdYPvMBnxBkRJhCYuaGE3NdmJiQMlOT2bNkcW
9zCBqTCGBwFZFaiO/HxmewamZCW0HkRG1Y4w/c0BEjdBBNuUE0kPAiXxr8EvAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUUBj0Wz8bGtfAj0qWP4dLszAJDAswHwYDVR0j
BBgwFoAU2jHorQessNEgB9zjng9U0T1HCJAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQTNENENGMUMwQkYyRjVDN0RCRDQ5QjZCMDc2RUE1NDM5
QTYxMkQ3NTcyNjJFQUI5RUVFRjQzMDE2OTUwNzRDLzAvREEzMUU4QUQwN0FDQjBE
MTIwMDdEQ0UzOUUwRjU0RDEzRDQ3MDg5MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQTMxRThBRDA3QUNCMEQxMjAw
N0RDRTM5RTBGNTREMTNENDcwODkwLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0EzRDRDRjFDMEJGMkY1QzdEQkQ0OUI2QjA3NkVBNTQzOUE2MTJENzU3
MjYyRUFCOUVFRUY0MzAxNjk1MDc0Qy8wLzMyMzAzMTJlMzEzNDM4MmUzMjMzMzIy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzYzODM4MzIucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALJ
lOgwDQYJKoZIhvcNAQELBQADggEBALyMmCl+yM3H978DtbOcd4qpNUtDHAXWouIP
FHRkp6ePTZ+pbYZVuDMVnmiErkCvD+Uu5G1m1MDDj4oK3DNRQcCFd4e+gnH4Sq1j
/jzXeoE8pZs6BQTvGHFI0FIwRw2tSma2JZ9lRfRdyihD9tH4rvuTME0ML0pBbFwc
3i0YL/BGRKnHIa/3jtTI3NSFj4s/Hb/kQgeoDV607H1e3Vau0SGaQhlW/8/JjSqA
3iVNlU8GqDnUOLG9dOnXO+eoDkFKnqxfp3LiDrCgDR1s1LIpgtADg60s/ksnDfDR
v6xJC0mCKseDHYMYWXWpfh/7XwBrUFJodgm0hca0qBOL9Etytus=
-----END CERTIFICATE-----
Generated at Sun Nov 24 11:23:26 2024 by rpki-client on console-ams.rpki-client.org