Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138322e3235322e302f32322d3234203d3e20323637383736.roa
File:                     3139302e3138322e3235322e302f32322d3234203d3e20323637383736.roa (raw, json)
Hash identifier:          7vM65qPK+Lnm9t7KlRtE7cFtor6Qt6gxmZt0such1LY=
Subject key identifier:   34:E1:EE:84:E4:87:84:42:9A:0E:24:8F:8C:40:79:77:E1:D3:80:82
Certificate issuer:       /CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
Certificate serial:       0DAFE34C7489C1329D9186F66C2FD84CE2DEB0CD
Authority key identifier: F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138322e3235322e302f32322d3234203d3e20323637383736.roa
Signing time:             Tue 05 Mar 2024 17:47:43 +0000
ROA not before:           Tue 05 Mar 2024 17:42:43 +0000
ROA not after:            Tue 04 Mar 2025 17:47:43 +0000
asID:                     267876
IP address blocks:        190.182.252.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:af:e3:4c:74:89:c1:32:9d:91:86:f6:6c:2f:d8:4c:e2:de:b0:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
        Validity
            Not Before: Mar  5 17:42:43 2024 GMT
            Not After : Mar  4 17:47:43 2025 GMT
        Subject: CN=34E1EE84E48784429A0E248F8C407977E1D38082
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:3c:54:02:f3:52:de:a6:43:86:28:d4:54:7a:
                    50:31:38:39:68:b6:6c:96:fa:57:f4:7e:ad:c6:f6:
                    10:e9:1f:01:5e:fd:85:d5:54:25:68:96:ce:d8:3d:
                    30:82:b1:18:89:55:1e:37:4e:c1:fd:36:ca:94:9e:
                    36:43:cf:2a:a3:4a:c8:87:15:dc:e2:27:03:c2:58:
                    76:48:63:7a:03:81:cd:05:8b:46:89:65:c7:12:95:
                    a0:6d:b0:e4:78:e4:44:89:3d:1a:b1:76:83:ab:89:
                    c7:60:19:db:ea:0a:79:9c:1c:bc:01:9a:51:72:2c:
                    42:52:52:17:60:56:36:f0:ee:3a:24:9b:43:01:e9:
                    9e:0f:f5:4f:89:fe:13:6c:08:f3:f6:e3:11:62:6e:
                    5b:85:f4:f8:b2:8a:61:96:7c:1a:44:0a:bd:7d:82:
                    59:36:44:2d:5a:18:32:66:da:b0:53:69:12:1b:e9:
                    97:8c:a6:a1:02:ab:4f:05:82:bc:a3:46:50:42:0d:
                    26:38:63:a8:b5:cf:ec:8b:68:f5:9c:74:06:9f:7e:
                    c6:78:5a:c9:ba:56:33:5c:c3:10:81:6d:68:aa:f0:
                    97:6f:16:80:74:af:8c:65:9b:3d:e5:e3:a8:5c:5b:
                    3c:9e:6a:d1:33:e5:56:3e:1b:75:7b:b0:37:37:b1:
                    6f:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:E1:EE:84:E4:87:84:42:9A:0E:24:8F:8C:40:79:77:E1:D3:80:82
            X509v3 Authority Key Identifier:
                keyid:F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138322e3235322e302f32322d3234203d3e20323637383736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.182.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1b:c9:19:b3:64:a1:42:76:c3:6f:5b:df:21:06:3c:3a:10:0e:
         65:3e:d3:56:4e:bf:c5:ce:c6:66:ec:13:e5:5c:c7:76:c5:87:
         0d:2e:a8:97:4b:15:2d:7d:41:f4:41:e6:0a:1f:17:9f:65:2b:
         b9:45:51:21:6f:1a:f6:0d:2a:7f:ac:24:2e:8f:f4:2a:e2:7f:
         10:f9:23:f0:e1:37:78:b6:33:c6:06:7e:cd:1d:ce:37:29:89:
         c0:cf:18:04:bb:1a:99:b2:0f:ec:a8:df:4b:4d:51:a4:91:fb:
         83:2f:58:cd:0f:16:56:b5:07:3c:af:b0:d6:61:c9:08:cf:98:
         96:f2:1b:41:b5:97:a0:e7:7d:69:ab:0a:bf:fe:02:2d:fa:48:
         15:f1:24:95:10:8d:61:3d:6d:86:f8:85:e3:ea:79:93:17:ee:
         c2:d9:99:a0:63:b0:06:e7:02:34:93:1d:a0:ab:59:50:ba:0f:
         0e:b9:58:7b:0e:2c:fd:15:41:f9:86:95:30:ed:ba:7d:56:76:
         ef:2e:93:2f:e6:ff:59:73:1c:1d:fb:3b:b8:2e:c2:7c:fa:07:
         d3:b2:e5:4b:e7:ee:0c:88:3d:70:e8:36:85:5d:ff:0b:db:63:
         d2:ad:a2:be:53:b0:4f:9b:ae:d1:6c:e3:d1:92:bc:b4:c6:22:
         c3:e2:17:09
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUDa/jTHSJwTKdkYb2bC/YTOLesM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjFDMzVCOUNGNDVCRERBQkU4MjlBOUY3OEJDMjREQzU4
QUZEN0VDQTAeFw0yNDAzMDUxNzQyNDNaFw0yNTAzMDQxNzQ3NDNaMDMxMTAvBgNV
BAMTKDM0RTFFRTg0RTQ4Nzg0NDI5QTBFMjQ4RjhDNDA3OTc3RTFEMzgwODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMPFQC81LepkOGKNRUelAxODlo
tmyW+lf0fq3G9hDpHwFe/YXVVCVols7YPTCCsRiJVR43TsH9NsqUnjZDzyqjSsiH
FdziJwPCWHZIY3oDgc0Fi0aJZccSlaBtsOR45ESJPRqxdoOricdgGdvqCnmcHLwB
mlFyLEJSUhdgVjbw7jokm0MB6Z4P9U+J/hNsCPP24xFibluF9PiyimGWfBpECr19
glk2RC1aGDJm2rBTaRIb6ZeMpqECq08FgryjRlBCDSY4Y6i1z+yLaPWcdAaffsZ4
Wsm6VjNcwxCBbWiq8JdvFoB0r4xlmz3l46hcWzyeatEz5VY+G3V7sDc3sW+rAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUNOHuhOSHhEKaDiSPjEB5d+HTgIIwHwYDVR0j
BBgwFoAU8cNbnPRb3avoKan3i8JNxYr9fsowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQThEMzJEREVCNDcyN0EzNEQ3ODFFNDJGODFFMzA4NDY5
MkU5QTMyQ0EwMkM2QzUyQTVCQTQxMENFMTkwRjRCLzAvRjFDMzVCOUNGNDVCRERB
QkU4MjlBOUY3OEJDMjREQzU4QUZEN0VDQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMUMzNUI5Q0Y0NUJEREFCRTgy
OUE5Rjc4QkMyNERDNThBRkQ3RUNBLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E4RDMyRERFQjQ3MjdBMzRENzgxRTQyRjgxRTMwODQ2OTJFOUEzMkNB
MDJDNkM1MkE1QkE0MTBDRTE5MEY0Qi8wLzMxMzkzMDJlMzEzODMyMmUzMjM1MzIy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzczODM3MzYucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK+
tvwwDQYJKoZIhvcNAQELBQADggEBABvJGbNkoUJ2w29b3yEGPDoQDmU+01ZOv8XO
xmbsE+Vcx3bFhw0uqJdLFS19QfRB5gofF59lK7lFUSFvGvYNKn+sJC6P9CrifxD5
I/DhN3i2M8YGfs0dzjcpicDPGAS7GpmyD+yo30tNUaSR+4MvWM0PFla1BzyvsNZh
yQjPmJbyG0G1l6DnfWmrCr/+Ai36SBXxJJUQjWE9bYb4hePqeZMX7sLZmaBjsAbn
AjSTHaCrWVC6Dw65WHsOLP0VQfmGlTDtun1Wdu8uky/m/1lzHB37O7guwnz6B9Oy
5Uvn7gyIPXDoNoVd/wvbY9Ktor5TsE+brtFs49GSvLTGIsPiFwk=
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:30:33 2024 by rpki-client on console-ams.rpki-client.org