Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138322e3132382e302f31372d3234203d3e203237393833.roa
File:                     3139302e3138322e3132382e302f31372d3234203d3e203237393833.roa (raw, json)
Hash identifier:          5KjHbX9dY96u8ag4b2JA11GzU3J3Yl20PLxlu067cr0=
Subject key identifier:   11:34:2E:DF:41:D3:05:E8:36:16:02:BE:13:08:5C:9A:D5:5A:35:13
Certificate issuer:       /CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
Certificate serial:       67B08EAE83596A4E8C6A1AD66DD841171349EB14
Authority key identifier: F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138322e3132382e302f31372d3234203d3e203237393833.roa
Signing time:             Tue 05 Mar 2024 17:47:44 +0000
ROA not before:           Tue 05 Mar 2024 17:42:44 +0000
ROA not after:            Tue 04 Mar 2025 17:47:44 +0000
asID:                     27983
IP address blocks:        190.182.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 12 Oct 2024 17:15:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:b0:8e:ae:83:59:6a:4e:8c:6a:1a:d6:6d:d8:41:17:13:49:eb:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
        Validity
            Not Before: Mar  5 17:42:44 2024 GMT
            Not After : Mar  4 17:47:44 2025 GMT
        Subject: CN=11342EDF41D305E8361602BE13085C9AD55A3513
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:bd:66:aa:52:0a:30:87:e0:33:e7:d8:69:01:
                    94:26:ef:36:ea:40:80:b0:01:8b:0d:ad:2f:c6:26:
                    44:ba:5b:a9:ab:64:de:5a:d8:6f:e7:48:c5:97:f9:
                    48:13:95:f0:f9:5f:60:69:8e:d4:f9:d3:a4:b2:40:
                    be:ff:d7:60:b6:4e:e5:7c:45:15:47:a9:b8:38:01:
                    37:26:ff:fd:8d:b1:eb:8c:78:c0:8e:78:58:56:bd:
                    a9:bd:e3:b0:7d:96:76:ba:78:09:cf:85:c3:26:a3:
                    b0:66:69:b0:aa:be:81:53:99:72:e2:9b:31:bf:0d:
                    1f:07:8a:61:ab:87:60:26:8c:6b:f7:0f:81:f8:c2:
                    8d:17:fd:8c:ae:31:48:d9:ce:55:b6:46:c8:51:5e:
                    84:85:73:c2:f5:b7:f2:32:52:29:cc:f7:01:04:0d:
                    67:89:b8:c7:c0:41:c2:c5:4e:6e:ab:22:32:0b:86:
                    47:06:07:7c:3a:51:97:5e:c5:61:0f:22:4f:8b:32:
                    c9:67:30:91:c4:58:41:bf:c5:c8:20:4c:63:4f:f6:
                    a1:59:09:1a:77:9c:bd:02:aa:59:c3:4e:fc:be:6b:
                    a5:45:05:d7:24:00:d6:89:af:3f:2c:18:1b:2c:2e:
                    f7:5e:f5:3e:ef:fc:7a:d6:b8:4c:ae:b7:6d:67:1b:
                    33:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:34:2E:DF:41:D3:05:E8:36:16:02:BE:13:08:5C:9A:D5:5A:35:13
            X509v3 Authority Key Identifier:
                keyid:F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138322e3132382e302f31372d3234203d3e203237393833.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.182.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         a9:e4:de:06:69:6b:82:10:e3:c4:05:3f:2b:d4:1d:2a:6a:bc:
         42:77:2b:a8:3e:b6:ef:1d:71:34:1f:52:c9:49:a6:a8:2c:ed:
         cd:3e:38:ec:da:78:40:23:f5:49:da:cc:e6:8f:a1:7e:aa:2a:
         dd:78:d3:b8:6b:2f:4e:80:dd:21:2d:a0:47:b2:6d:c6:38:8f:
         14:04:9e:18:32:bb:c9:91:42:c3:e2:08:e0:c5:ed:ff:3f:6b:
         28:84:e0:32:bc:7e:37:3c:93:99:03:66:5f:cd:9f:90:d3:08:
         22:93:87:1a:b1:ab:d0:71:22:93:a8:83:b4:be:9c:16:43:90:
         13:3a:90:1f:fe:c8:97:dc:04:76:38:56:3b:09:ae:62:52:b2:
         49:0b:73:ec:f6:70:83:bb:5f:f6:e1:3b:a4:ee:83:8a:e7:03:
         82:d3:13:18:d9:86:94:82:0e:ea:93:77:41:a9:80:a4:d7:e1:
         ad:d8:f6:48:50:99:52:4b:a0:8a:d2:d7:ee:2d:fa:c0:cb:4d:
         67:41:1a:19:84:73:c0:65:7c:96:77:22:6f:67:0c:13:f6:06:
         f2:9e:a0:98:04:23:ef:40:10:6c:3c:58:00:19:83:60:eb:f1:
         a2:8d:34:38:6d:9a:4a:c5:59:43:91:75:be:fd:1d:db:4a:14:
         31:91:eb:2d
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUZ7COroNZak6MahrWbdhBFxNJ6xQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjFDMzVCOUNGNDVCRERBQkU4MjlBOUY3OEJDMjREQzU4
QUZEN0VDQTAeFw0yNDAzMDUxNzQyNDRaFw0yNTAzMDQxNzQ3NDRaMDMxMTAvBgNV
BAMTKDExMzQyRURGNDFEMzA1RTgzNjE2MDJCRTEzMDg1QzlBRDU1QTM1MTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbvWaqUgowh+Az59hpAZQm7zbq
QICwAYsNrS/GJkS6W6mrZN5a2G/nSMWX+UgTlfD5X2BpjtT506SyQL7/12C2TuV8
RRVHqbg4ATcm//2NseuMeMCOeFhWvam947B9lna6eAnPhcMmo7BmabCqvoFTmXLi
mzG/DR8HimGrh2AmjGv3D4H4wo0X/YyuMUjZzlW2RshRXoSFc8L1t/IyUinM9wEE
DWeJuMfAQcLFTm6rIjILhkcGB3w6UZdexWEPIk+LMslnMJHEWEG/xcggTGNP9qFZ
CRp3nL0CqlnDTvy+a6VFBdckANaJrz8sGBssLvde9T7v/HrWuEyut21nGzNrAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUETQu30HTBeg2FgK+EwhcmtVaNRMwHwYDVR0j
BBgwFoAU8cNbnPRb3avoKan3i8JNxYr9fsowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQThEMzJEREVCNDcyN0EzNEQ3ODFFNDJGODFFMzA4NDY5
MkU5QTMyQ0EwMkM2QzUyQTVCQTQxMENFMTkwRjRCLzAvRjFDMzVCOUNGNDVCRERB
QkU4MjlBOUY3OEJDMjREQzU4QUZEN0VDQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMUMzNUI5Q0Y0NUJEREFCRTgy
OUE5Rjc4QkMyNERDNThBRkQ3RUNBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E4RDMyRERFQjQ3MjdBMzRENzgxRTQyRjgxRTMwODQ2OTJFOUEzMkNB
MDJDNkM1MkE1QkE0MTBDRTE5MEY0Qi8wLzMxMzkzMDJlMzEzODMyMmUzMTMyMzgy
ZTMwMmYzMTM3MmQzMjM0MjAzZDNlMjAzMjM3MzkzODMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHvraA
MA0GCSqGSIb3DQEBCwUAA4IBAQCp5N4GaWuCEOPEBT8r1B0qarxCdyuoPrbvHXE0
H1LJSaaoLO3NPjjs2nhAI/VJ2szmj6F+qirdeNO4ay9OgN0hLaBHsm3GOI8UBJ4Y
MrvJkULD4gjgxe3/P2sohOAyvH43PJOZA2ZfzZ+Q0wgik4casavQcSKTqIO0vpwW
Q5ATOpAf/siX3AR2OFY7Ca5iUrJJC3Ps9nCDu1/24Tuk7oOK5wOC0xMY2YaUgg7q
k3dBqYCk1+Gt2PZIUJlSS6CK0tfuLfrAy01nQRoZhHPAZXyWdyJvZwwT9gbynqCY
BCPvQBBsPFgAGYNg6/GijTQ4bZpKxVlDkXW+/R3bShQxkest
-----END CERTIFICATE-----
Generated at Tue Oct 8 11:16:56 2024 by rpki-client on console-ams.rpki-client.org