Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3133382e3138362e3234392e302f32342d3234203d3e203237373733.roa
File:                     3133382e3138362e3234392e302f32342d3234203d3e203237373733.roa (raw, json)
Hash identifier:          M55pB/GaSoxgE/xlWP8shApdcIqttpk2pcNNK0kXguw=
Subject key identifier:   C2:98:9E:02:E0:1D:89:D4:6C:87:CC:65:BC:2E:6C:6F:3D:3A:2C:28
Certificate issuer:       /CN=9BCCBD68EB22C37B886D81BDFC8BA77CD7312208
Certificate serial:       3DA868B81B6CEA9A6E6CD23D3BE5280F40CF6BF2
Authority key identifier: 9B:CC:BD:68:EB:22:C3:7B:88:6D:81:BD:FC:8B:A7:7C:D7:31:22:08
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3133382e3138362e3234392e302f32342d3234203d3e203237373733.roa
Signing time:             Tue 05 Mar 2024 18:10:21 +0000
ROA not before:           Tue 05 Mar 2024 18:05:21 +0000
ROA not after:            Tue 04 Mar 2025 18:10:21 +0000
asID:                     27773
IP address blocks:        138.186.249.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 22:17:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:a8:68:b8:1b:6c:ea:9a:6e:6c:d2:3d:3b:e5:28:0f:40:cf:6b:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9BCCBD68EB22C37B886D81BDFC8BA77CD7312208
        Validity
            Not Before: Mar  5 18:05:21 2024 GMT
            Not After : Mar  4 18:10:21 2025 GMT
        Subject: CN=C2989E02E01D89D46C87CC65BC2E6C6F3D3A2C28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:09:80:d6:52:72:6d:cf:9d:f0:d6:32:a0:22:
                    b7:72:84:b8:13:6c:6c:3c:b2:2c:78:c9:f2:7b:d6:
                    d1:5d:87:88:d1:b7:8d:c8:a7:ba:b9:93:6b:42:41:
                    e7:02:ed:ff:09:27:20:7b:89:1a:90:13:87:37:16:
                    be:08:59:64:5a:d7:5c:fb:fe:24:07:e8:cb:e1:3a:
                    bd:cb:23:58:35:4b:a2:97:4a:4f:b7:a2:bc:2e:94:
                    59:a6:e6:d4:03:ec:c4:20:1a:9c:0e:22:a6:d8:70:
                    7c:8c:ce:fb:db:0a:1c:06:b9:9b:76:85:a5:2b:65:
                    81:c0:22:16:77:4a:58:45:21:c6:94:a7:06:1e:3e:
                    6e:b7:be:05:ae:b2:3f:56:24:9e:80:68:4c:94:e9:
                    d5:a8:0b:d3:d7:c9:b8:83:ee:45:25:d8:ff:bd:01:
                    d0:3f:aa:09:22:99:ee:d0:90:e4:ea:22:ab:dc:1b:
                    d4:2b:2a:9b:04:39:19:3c:c2:8b:fb:aa:e0:c3:2b:
                    77:f5:06:07:4e:7c:72:b0:ab:5a:de:12:b4:24:f7:
                    f6:7c:8b:dc:70:a7:b4:02:98:b9:fb:99:2a:ba:b5:
                    8d:7e:5c:16:d4:7b:04:b8:11:86:24:26:bb:84:ae:
                    70:55:0f:ab:84:0a:ec:4e:84:83:79:e0:ff:91:ea:
                    61:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:98:9E:02:E0:1D:89:D4:6C:87:CC:65:BC:2E:6C:6F:3D:3A:2C:28
            X509v3 Authority Key Identifier:
                keyid:9B:CC:BD:68:EB:22:C3:7B:88:6D:81:BD:FC:8B:A7:7C:D7:31:22:08

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3133382e3138362e3234392e302f32342d3234203d3e203237373733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.186.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:cb:d9:10:f6:4d:74:d9:1a:3a:f4:03:d1:29:26:40:de:a6:
         8f:d4:c4:51:82:ef:7a:54:54:f3:36:5b:e3:7c:63:83:d7:28:
         85:2c:15:20:2c:c7:e5:0e:e5:36:78:59:d4:20:93:06:aa:93:
         8a:f1:d4:b0:87:5c:5e:c4:4a:ee:c5:f8:8d:fd:7c:81:f5:30:
         9c:9f:0e:02:a4:a7:1f:83:23:7d:60:85:da:86:74:49:b1:6f:
         1c:a4:09:a9:10:68:8b:9f:65:03:d6:14:9c:e8:f4:7d:0e:28:
         bd:e8:5e:1b:5c:aa:81:5f:b6:94:63:4a:60:2d:81:85:33:c7:
         24:21:9c:d7:2a:28:4e:fa:10:66:b3:f2:cb:a0:8f:4f:6b:84:
         c3:6e:2b:54:b0:ac:84:26:35:4b:5d:b9:6e:bc:08:d4:42:22:
         0b:cd:35:20:e9:6e:42:ef:d3:c3:ee:87:fa:65:44:3d:0a:e4:
         bd:8d:57:da:8b:84:c2:e2:fe:3d:cb:2f:d4:c3:6e:55:c1:5a:
         34:e4:d9:39:3b:86:0f:2e:c7:e9:21:c6:4a:b9:f2:dc:32:6a:
         9f:8c:7a:30:f8:d5:72:52:df:b1:14:50:86:d8:21:76:c7:f8:
         9e:2d:da:6b:ab:17:3c:7f:1a:b0:ff:37:9a:fc:6f:70:7a:89:
         a8:cf:e3:1b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUPahouBts6ppubNI9O+UoD0DPa/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUJDQ0JENjhFQjIyQzM3Qjg4NkQ4MUJERkM4QkE3N0NE
NzMxMjIwODAeFw0yNDAzMDUxODA1MjFaFw0yNTAzMDQxODEwMjFaMDMxMTAvBgNV
BAMTKEMyOTg5RTAyRTAxRDg5RDQ2Qzg3Q0M2NUJDMkU2QzZGM0QzQTJDMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpCYDWUnJtz53w1jKgIrdyhLgT
bGw8six4yfJ71tFdh4jRt43Ip7q5k2tCQecC7f8JJyB7iRqQE4c3Fr4IWWRa11z7
/iQH6MvhOr3LI1g1S6KXSk+3orwulFmm5tQD7MQgGpwOIqbYcHyMzvvbChwGuZt2
haUrZYHAIhZ3SlhFIcaUpwYePm63vgWusj9WJJ6AaEyU6dWoC9PXybiD7kUl2P+9
AdA/qgkime7QkOTqIqvcG9QrKpsEORk8wov7quDDK3f1BgdOfHKwq1reErQk9/Z8
i9xwp7QCmLn7mSq6tY1+XBbUewS4EYYkJruErnBVD6uECuxOhIN54P+R6mHvAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUwpieAuAdidRsh8xlvC5sbz06LCgwHwYDVR0j
BBgwFoAUm8y9aOsiw3uIbYG9/IunfNcxIggwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQTVGMkY4N0QxMTc4NkZCM0ZDQURBQTA0MzQzMUVCMDEz
Q0RCQUQwMDI0N0VEQjdBNjUwMkJGRkQ4QjRDQzI0LzAvOUJDQ0JENjhFQjIyQzM3
Qjg4NkQ4MUJERkM4QkE3N0NENzMxMjIwOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85QkNDQkQ2OEVCMjJDMzdCODg2
RDgxQkRGQzhCQTc3Q0Q3MzEyMjA4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E1RjJGODdEMTE3ODZGQjNGQ0FEQUEwNDM0MzFFQjAxM0NEQkFEMDAy
NDdFREI3QTY1MDJCRkZEOEI0Q0MyNC8wLzMxMzMzODJlMzEzODM2MmUzMjM0Mzky
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzczNzMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAirr5
MA0GCSqGSIb3DQEBCwUAA4IBAQB2y9kQ9k102Ro69APRKSZA3qaP1MRRgu96VFTz
NlvjfGOD1yiFLBUgLMflDuU2eFnUIJMGqpOK8dSwh1xexEruxfiN/XyB9TCcnw4C
pKcfgyN9YIXahnRJsW8cpAmpEGiLn2UD1hSc6PR9Dii96F4bXKqBX7aUY0pgLYGF
M8ckIZzXKihO+hBms/LLoI9Pa4TDbitUsKyEJjVLXbluvAjUQiILzTUg6W5C79PD
7of6ZUQ9CuS9jVfai4TC4v49yy/Uw25VwVo05Nk5O4YPLsfpIcZKufLcMmqfjHow
+NVyUt+xFFCG2CF2x/ieLdprqxc8fxqw/zea/G9weomoz+Mb
-----END CERTIFICATE-----
Generated at Wed Oct 30 03:05:17 2024 by rpki-client on console-ams.rpki-client.org