Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A511D681E72F9D814F7BD8FC39D1FED7EA3F94AB704F688C8C38F1A51732BDC/0/3136302e3233382e3138362e302f32332d3233203d3e20323635373238.roa
File:                     3136302e3233382e3138362e302f32332d3233203d3e20323635373238.roa (raw, json)
Hash identifier:          1+5zm4bh5wypN8J6N7HroOqSW4qM0zx/XsGY34NWri4=
Subject key identifier:   A8:FE:EC:2A:17:06:DD:C7:0A:F2:89:FB:87:23:EC:49:A8:CE:78:17
Certificate issuer:       /CN=B7E1ABEC010ABB9AF463BF22B16C561B5C2C4444
Certificate serial:       352618D8322BD3C1ECBDB71D2CE39C0727CDE0AE
Authority key identifier: B7:E1:AB:EC:01:0A:BB:9A:F4:63:BF:22:B1:6C:56:1B:5C:2C:44:44
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B7E1ABEC010ABB9AF463BF22B16C561B5C2C4444.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A511D681E72F9D814F7BD8FC39D1FED7EA3F94AB704F688C8C38F1A51732BDC/0/3136302e3233382e3138362e302f32332d3233203d3e20323635373238.roa
Signing time:             Fri 31 May 2024 20:45:02 +0000
ROA not before:           Fri 31 May 2024 20:40:02 +0000
ROA not after:            Fri 30 May 2025 20:45:02 +0000
asID:                     265728
IP address blocks:        160.238.186.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3A511D681E72F9D814F7BD8FC39D1FED7EA3F94AB704F688C8C38F1A51732BDC/0/B7E1ABEC010ABB9AF463BF22B16C561B5C2C4444.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3A511D681E72F9D814F7BD8FC39D1FED7EA3F94AB704F688C8C38F1A51732BDC/0/B7E1ABEC010ABB9AF463BF22B16C561B5C2C4444.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B7E1ABEC010ABB9AF463BF22B16C561B5C2C4444.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:26:18:d8:32:2b:d3:c1:ec:bd:b7:1d:2c:e3:9c:07:27:cd:e0:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B7E1ABEC010ABB9AF463BF22B16C561B5C2C4444
        Validity
            Not Before: May 31 20:40:02 2024 GMT
            Not After : May 30 20:45:02 2025 GMT
        Subject: CN=A8FEEC2A1706DDC70AF289FB8723EC49A8CE7817
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:7f:29:31:db:17:d0:db:67:81:c6:3d:b0:39:
                    a4:31:02:aa:0d:3c:d1:e1:00:1d:e1:29:23:65:27:
                    d6:36:df:e4:de:73:a6:ba:8d:2e:15:2a:8c:4c:72:
                    2b:26:ce:41:6a:10:a4:07:db:c4:b3:fd:75:a5:8c:
                    dd:d7:85:98:27:dd:25:38:ce:b0:71:7c:52:fd:ac:
                    04:fb:46:69:e3:27:1e:70:48:55:88:d4:0d:83:da:
                    c5:6c:23:87:6e:00:c3:9e:71:fb:fa:82:a4:d6:09:
                    89:7a:02:30:90:aa:88:c6:56:95:f5:a8:20:ef:79:
                    8f:99:4b:eb:29:80:c7:47:08:29:66:6d:00:17:7c:
                    f4:9e:07:e4:b9:26:da:a8:c2:59:0c:79:46:ac:ce:
                    fb:75:65:4f:a9:dc:ff:63:15:38:f1:c5:6e:24:8e:
                    e0:ec:95:72:4a:c3:a4:4d:68:29:8b:b1:8b:44:ea:
                    25:f5:92:8a:ce:2b:e5:0a:04:66:48:5f:b5:73:0e:
                    b5:f0:da:5d:99:55:9e:30:f4:6d:03:9d:ad:95:48:
                    15:a8:61:92:fc:83:14:c9:88:20:d9:cc:05:11:f6:
                    fc:5d:d3:16:24:2b:6c:db:11:f7:2c:ca:28:20:97:
                    0f:3e:cb:c7:f0:fb:d9:82:a9:a5:1d:c8:b7:27:5c:
                    57:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:FE:EC:2A:17:06:DD:C7:0A:F2:89:FB:87:23:EC:49:A8:CE:78:17
            X509v3 Authority Key Identifier:
                keyid:B7:E1:AB:EC:01:0A:BB:9A:F4:63:BF:22:B1:6C:56:1B:5C:2C:44:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A511D681E72F9D814F7BD8FC39D1FED7EA3F94AB704F688C8C38F1A51732BDC/0/B7E1ABEC010ABB9AF463BF22B16C561B5C2C4444.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B7E1ABEC010ABB9AF463BF22B16C561B5C2C4444.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A511D681E72F9D814F7BD8FC39D1FED7EA3F94AB704F688C8C38F1A51732BDC/0/3136302e3233382e3138362e302f32332d3233203d3e20323635373238.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.238.186.0/23

    Signature Algorithm: sha256WithRSAEncryption
         00:04:81:d8:77:c3:14:01:93:a0:78:8c:d0:27:12:c1:c9:0a:
         b2:1c:59:ef:1e:a1:aa:ad:3a:1d:7e:fc:71:df:04:03:f6:6a:
         89:81:7a:37:43:6d:21:00:a3:56:c0:10:93:74:15:c6:ce:d5:
         3f:b0:54:34:8e:c3:81:d2:13:04:57:77:e4:89:b1:01:c8:14:
         8b:57:aa:66:8a:4b:b5:22:63:a5:8c:6d:ef:95:f3:ce:b5:35:
         2e:71:d2:47:b9:9f:c9:fc:ea:ff:e1:ce:d7:a5:f3:20:c5:6b:
         e3:43:e2:76:bb:cf:61:4c:80:fc:eb:89:df:25:8f:ef:6b:6f:
         8e:b4:6e:47:12:80:e0:75:fd:88:01:e9:b8:b2:13:61:af:a6:
         38:d0:93:ac:dd:fe:46:2e:ea:17:b9:ec:68:90:06:dd:d3:96:
         46:5f:0a:e9:44:31:87:52:f8:28:e8:9f:77:21:98:51:03:ab:
         62:80:31:3b:3d:05:b1:24:d9:6f:91:43:9e:b0:41:d8:55:b5:
         22:bf:58:7e:14:d7:31:b2:db:2d:be:1d:95:05:0a:04:1e:45:
         d4:ed:b9:93:fb:77:b3:a9:a1:b5:3e:11:b8:47:ae:99:09:61:
         27:fc:95:0e:4f:2b:f4:a6:8b:0e:0b:88:ea:39:f4:cb:a1:63:
         50:3f:6c:ee
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUNSYY2DIr08HsvbcdLOOcByfN4K4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjdFMUFCRUMwMTBBQkI5QUY0NjNCRjIyQjE2QzU2MUI1
QzJDNDQ0NDAeFw0yNDA1MzEyMDQwMDJaFw0yNTA1MzAyMDQ1MDJaMDMxMTAvBgNV
BAMTKEE4RkVFQzJBMTcwNkREQzcwQUYyODlGQjg3MjNFQzQ5QThDRTc4MTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzfykx2xfQ22eBxj2wOaQxAqoN
PNHhAB3hKSNlJ9Y23+Tec6a6jS4VKoxMcismzkFqEKQH28Sz/XWljN3XhZgn3SU4
zrBxfFL9rAT7RmnjJx5wSFWI1A2D2sVsI4duAMOecfv6gqTWCYl6AjCQqojGVpX1
qCDveY+ZS+spgMdHCClmbQAXfPSeB+S5JtqowlkMeUaszvt1ZU+p3P9jFTjxxW4k
juDslXJKw6RNaCmLsYtE6iX1korOK+UKBGZIX7VzDrXw2l2ZVZ4w9G0Dna2VSBWo
YZL8gxTJiCDZzAUR9vxd0xYkK2zbEfcsyigglw8+y8fw+9mCqaUdyLcnXFdlAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUqP7sKhcG3ccK8on7hyPsSajOeBcwHwYDVR0j
BBgwFoAUt+Gr7AEKu5r0Y78isWxWG1wsREQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQTUxMUQ2ODFFNzJGOUQ4MTRGN0JEOEZDMzlEMUZFRDdF
QTNGOTRBQjcwNEY2ODhDOEMzOEYxQTUxNzMyQkRDLzAvQjdFMUFCRUMwMTBBQkI5
QUY0NjNCRjIyQjE2QzU2MUI1QzJDNDQ0NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CN0UxQUJFQzAxMEFCQjlBRjQ2
M0JGMjJCMTZDNTYxQjVDMkM0NDQ0LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E1MTFENjgxRTcyRjlEODE0RjdCRDhGQzM5RDFGRUQ3RUEzRjk0QUI3
MDRGNjg4QzhDMzhGMUE1MTczMkJEQy8wLzMxMzYzMDJlMzIzMzM4MmUzMTM4MzYy
ZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjM2MzUzNzMyMzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGg
7rowDQYJKoZIhvcNAQELBQADggEBAAAEgdh3wxQBk6B4jNAnEsHJCrIcWe8eoaqt
Oh1+/HHfBAP2aomBejdDbSEAo1bAEJN0FcbO1T+wVDSOw4HSEwRXd+SJsQHIFItX
qmaKS7UiY6WMbe+V8861NS5x0ke5n8n86v/hztel8yDFa+ND4na7z2FMgPzrid8l
j+9rb460bkcSgOB1/YgB6biyE2GvpjjQk6zd/kYu6he57GiQBt3TlkZfCulEMYdS
+Cjon3chmFEDq2KAMTs9BbEk2W+RQ56wQdhVtSK/WH4U1zGy2y2+HZUFCgQeRdTt
uZP7d7OpobU+EbhHrpkJYSf8lQ5PK/Smiw4LiOo59MuhY1A/bO4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:33:07 2024 by rpki-client on console-fra.rpki-client.org