Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3139302e39392e32342e302f32312d3234203d3e203237373733.roa
File:                     3139302e39392e32342e302f32312d3234203d3e203237373733.roa (raw, json)
Hash identifier:          6vOL74ewpnJcWi0PNfMhfYKqzZ+Rnc4CwilKJSIT5U8=
Subject key identifier:   AE:08:FB:E6:E9:2E:2A:9B:2F:9D:64:D7:86:C7:58:53:FA:9F:35:BA
Certificate issuer:       /CN=9BCCBD68EB22C37B886D81BDFC8BA77CD7312208
Certificate serial:       7EC77ED2B8F6A225C02FCE9D83E8E05EE337DA2F
Authority key identifier: 9B:CC:BD:68:EB:22:C3:7B:88:6D:81:BD:FC:8B:A7:7C:D7:31:22:08
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3139302e39392e32342e302f32312d3234203d3e203237373733.roa
Signing time:             Tue 05 Mar 2024 18:10:26 +0000
ROA not before:           Tue 05 Mar 2024 18:05:26 +0000
ROA not after:            Tue 04 Mar 2025 18:10:26 +0000
asID:                     27773
IP address blocks:        190.99.24.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:c7:7e:d2:b8:f6:a2:25:c0:2f:ce:9d:83:e8:e0:5e:e3:37:da:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9BCCBD68EB22C37B886D81BDFC8BA77CD7312208
        Validity
            Not Before: Mar  5 18:05:26 2024 GMT
            Not After : Mar  4 18:10:26 2025 GMT
        Subject: CN=AE08FBE6E92E2A9B2F9D64D786C75853FA9F35BA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:21:08:11:61:39:a2:2f:b7:0d:cd:7a:30:bd:
                    de:e1:e7:68:dc:f3:6f:ca:86:f6:65:53:d4:09:d6:
                    e9:d8:45:12:08:b9:e5:6d:48:91:87:31:65:8f:1f:
                    98:98:53:58:0c:a6:b7:7c:f9:c2:93:2f:8a:46:ac:
                    fe:a5:ee:a5:75:b2:ed:92:e4:0e:73:61:d4:7c:a9:
                    4c:e4:f6:7c:49:9a:33:b4:20:e5:4f:7e:5a:d6:22:
                    8e:4a:aa:5d:69:d9:a2:dc:09:95:54:26:3c:0b:81:
                    71:b0:5d:4e:c1:17:1f:56:89:f0:9b:6d:4f:13:d5:
                    5e:e1:f5:de:0b:de:c8:43:cc:11:d2:38:7d:65:66:
                    87:25:7a:22:c2:ba:c1:92:c1:28:ce:3c:ef:13:b4:
                    09:a8:25:4a:bd:d2:e3:d7:a3:20:f5:fe:09:09:7f:
                    bb:61:69:1d:a7:a5:2d:32:9f:33:43:3f:b7:45:5b:
                    6e:33:07:a5:2b:26:99:de:a6:60:9c:61:a7:ee:5e:
                    ce:10:eb:ae:43:95:b7:91:72:04:63:41:68:14:9e:
                    2b:28:12:13:3a:4d:b2:0f:91:b2:4e:57:8a:a7:09:
                    18:a3:0a:47:78:fc:27:45:7c:1a:8c:ff:73:c6:fe:
                    28:c1:38:ad:87:cd:69:4d:f9:fc:18:6b:66:2f:db:
                    1a:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:08:FB:E6:E9:2E:2A:9B:2F:9D:64:D7:86:C7:58:53:FA:9F:35:BA
            X509v3 Authority Key Identifier:
                keyid:9B:CC:BD:68:EB:22:C3:7B:88:6D:81:BD:FC:8B:A7:7C:D7:31:22:08

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3139302e39392e32342e302f32312d3234203d3e203237373733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.99.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         63:ef:33:5f:95:84:26:6f:67:c9:d6:28:c7:76:89:1b:c9:bd:
         5a:3e:0e:03:34:6d:68:62:18:ea:ec:46:1e:4a:89:9b:b8:46:
         32:88:1b:f9:26:cd:91:3d:c2:c4:48:d4:98:0c:d7:5f:49:81:
         a7:28:2a:ff:0c:cd:67:ed:89:7c:d4:28:ab:f6:79:12:1a:7a:
         99:59:10:36:b5:22:73:1a:a6:04:d7:f4:fe:8f:45:41:d1:1f:
         2c:94:00:43:52:a5:34:2d:d1:90:ea:62:a2:b1:c9:aa:b0:87:
         ec:82:8d:3b:7f:f3:31:12:75:89:29:b0:9b:5f:e6:5d:44:d2:
         c5:20:e5:83:f5:8a:ac:84:ee:f2:f3:5c:6c:e1:df:0d:3c:92:
         15:8e:9e:b7:37:7e:c5:f1:19:4d:51:90:a1:b7:3b:6f:ca:ae:
         70:5d:2e:e6:6d:fa:36:66:83:bc:33:fa:b3:ac:47:06:a5:34:
         97:84:c7:0e:a5:39:3e:6b:11:80:5f:69:6c:8f:ce:0c:a2:1e:
         84:77:3d:27:a6:2b:63:62:4b:aa:02:24:a8:d6:7f:74:40:c7:
         7f:09:87:0a:3c:13:3d:b8:1a:01:61:92:1f:51:46:49:f4:b9:
         bc:98:e1:a3:a1:8e:6f:89:37:a6:c1:34:37:01:43:ed:c8:0b:
         a6:77:77:c0
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUfsd+0rj2oiXAL86dg+jgXuM32i8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUJDQ0JENjhFQjIyQzM3Qjg4NkQ4MUJERkM4QkE3N0NE
NzMxMjIwODAeFw0yNDAzMDUxODA1MjZaFw0yNTAzMDQxODEwMjZaMDMxMTAvBgNV
BAMTKEFFMDhGQkU2RTkyRTJBOUIyRjlENjRENzg2Qzc1ODUzRkE5RjM1QkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZIQgRYTmiL7cNzXowvd7h52jc
82/KhvZlU9QJ1unYRRIIueVtSJGHMWWPH5iYU1gMprd8+cKTL4pGrP6l7qV1su2S
5A5zYdR8qUzk9nxJmjO0IOVPflrWIo5Kql1p2aLcCZVUJjwLgXGwXU7BFx9WifCb
bU8T1V7h9d4L3shDzBHSOH1lZocleiLCusGSwSjOPO8TtAmoJUq90uPXoyD1/gkJ
f7thaR2npS0ynzNDP7dFW24zB6UrJpnepmCcYafuXs4Q665DlbeRcgRjQWgUniso
EhM6TbIPkbJOV4qnCRijCkd4/CdFfBqM/3PG/ijBOK2HzWlN+fwYa2Yv2xrLAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUrgj75ukuKpsvnWTXhsdYU/qfNbowHwYDVR0j
BBgwFoAUm8y9aOsiw3uIbYG9/IunfNcxIggwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQTVGMkY4N0QxMTc4NkZCM0ZDQURBQTA0MzQzMUVCMDEz
Q0RCQUQwMDI0N0VEQjdBNjUwMkJGRkQ4QjRDQzI0LzAvOUJDQ0JENjhFQjIyQzM3
Qjg4NkQ4MUJERkM4QkE3N0NENzMxMjIwOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85QkNDQkQ2OEVCMjJDMzdCODg2
RDgxQkRGQzhCQTc3Q0Q3MzEyMjA4LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E1RjJGODdEMTE3ODZGQjNGQ0FEQUEwNDM0MzFFQjAxM0NEQkFEMDAy
NDdFREI3QTY1MDJCRkZEOEI0Q0MyNC8wLzMxMzkzMDJlMzkzOTJlMzIzNDJlMzAy
ZjMyMzEyZDMyMzQyMDNkM2UyMDMyMzczNzM3MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO+YxgwDQYJ
KoZIhvcNAQELBQADggEBAGPvM1+VhCZvZ8nWKMd2iRvJvVo+DgM0bWhiGOrsRh5K
iZu4RjKIG/kmzZE9wsRI1JgM119JgacoKv8MzWftiXzUKKv2eRIaeplZEDa1InMa
pgTX9P6PRUHRHyyUAENSpTQt0ZDqYqKxyaqwh+yCjTt/8zESdYkpsJtf5l1E0sUg
5YP1iqyE7vLzXGzh3w08khWOnrc3fsXxGU1RkKG3O2/KrnBdLuZt+jZmg7wz+rOs
RwalNJeExw6lOT5rEYBfaWyPzgyiHoR3PSemK2NiS6oCJKjWf3RAx38Jhwo8Ez24
GgFhkh9RRkn0ubyY4aOhjm+JN6bBNDcBQ+3IC6Z3d8A=
-----END CERTIFICATE-----
Generated at Thu Nov 21 17:25:50 2024 by rpki-client on console-fra.rpki-client.org