Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138352e3132382e302f31372d3234203d3e203237393833.roa
File:                     3139302e3138352e3132382e302f31372d3234203d3e203237393833.roa (raw, json)
Hash identifier:          NCl+xI4B8KL3S/e6VR2uchpmsRsGOsOt/h/C4sCXvBY=
Subject key identifier:   59:D3:CE:B0:F8:8D:89:4E:18:39:11:7C:1B:BF:EA:E9:CD:80:5C:DA
Certificate issuer:       /CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
Certificate serial:       325ED968D59831A60337F88E0763294E71FE28DC
Authority key identifier: F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138352e3132382e302f31372d3234203d3e203237393833.roa
Signing time:             Tue 05 Mar 2024 17:47:41 +0000
ROA not before:           Tue 05 Mar 2024 17:42:41 +0000
ROA not after:            Tue 04 Mar 2025 17:47:41 +0000
asID:                     27983
IP address blocks:        190.185.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 12 Oct 2024 17:15:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:5e:d9:68:d5:98:31:a6:03:37:f8:8e:07:63:29:4e:71:fe:28:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
        Validity
            Not Before: Mar  5 17:42:41 2024 GMT
            Not After : Mar  4 17:47:41 2025 GMT
        Subject: CN=59D3CEB0F88D894E1839117C1BBFEAE9CD805CDA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e0:9b:1b:a2:ff:92:92:29:90:27:1b:27:ac:
                    74:bb:f5:fc:95:42:9e:bf:21:89:63:92:6f:08:6a:
                    42:be:28:a1:c4:6a:78:be:83:6b:7d:34:22:53:ab:
                    8d:a7:d0:b9:69:75:c2:78:be:d1:de:51:df:be:5c:
                    32:ad:f6:c9:73:ff:fc:04:ea:46:65:c3:32:b3:75:
                    95:c6:62:66:90:d2:ae:5b:15:75:0d:52:b3:b1:b1:
                    2b:0f:1f:73:09:c0:92:e1:1e:34:c5:d4:40:f1:67:
                    29:88:61:24:1a:04:d8:57:f3:72:b3:6f:6c:09:33:
                    65:b4:68:3f:8b:cc:1e:4a:24:27:79:8c:08:da:a7:
                    06:87:ea:74:f8:98:5f:4c:57:0d:88:06:db:85:86:
                    f0:ff:05:4e:db:b5:eb:37:0e:f5:c1:53:2f:c8:a8:
                    4a:ad:51:1f:c9:eb:2f:d3:cf:ae:b7:41:8c:3a:ff:
                    c6:b1:87:e4:6e:a3:b9:55:8d:3c:ae:22:c3:c8:41:
                    20:06:2d:4f:f3:b7:1d:7d:b6:13:86:d5:ef:35:c8:
                    6b:46:e0:0b:26:c7:be:be:35:0e:ce:1b:93:7e:f7:
                    eb:0c:03:6d:7c:e6:29:e0:8d:71:35:2a:4b:cc:76:
                    0e:7c:a7:62:e9:e7:6a:be:03:5d:76:22:98:56:67:
                    aa:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:D3:CE:B0:F8:8D:89:4E:18:39:11:7C:1B:BF:EA:E9:CD:80:5C:DA
            X509v3 Authority Key Identifier:
                keyid:F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138352e3132382e302f31372d3234203d3e203237393833.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.185.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         00:f8:d0:d5:f2:2b:7a:bb:cb:d9:10:c2:2c:85:10:fe:b2:fe:
         c9:4c:1d:75:4b:18:ba:f9:54:87:60:f0:1d:cf:22:19:cc:96:
         dc:01:86:f5:06:b4:46:f4:47:e2:5c:0e:28:f4:86:d7:30:c8:
         41:eb:9e:44:6b:1a:a0:40:a3:c3:b9:bd:13:51:c9:ce:cd:79:
         b3:61:a2:c1:53:38:f9:62:ad:b6:b0:a6:ca:d8:b5:bb:54:32:
         ab:33:bb:20:d8:5d:d8:b3:a0:ed:91:07:a1:42:a1:36:55:48:
         5a:87:00:6b:52:cf:68:aa:b7:02:1c:a2:4f:87:83:99:e7:8f:
         04:7e:40:ba:46:06:3f:bc:3a:0c:e2:93:b5:1c:cf:c8:ed:ac:
         bb:d2:b2:b4:e6:b5:a3:e9:7f:be:02:4d:12:9d:3c:45:ef:34:
         a1:55:bf:22:a0:4f:c3:5f:98:db:59:22:a7:70:79:f3:56:15:
         73:ec:14:b0:1b:8a:ae:93:bb:8c:e4:36:5f:33:52:cc:54:ab:
         80:10:77:8b:bc:cc:a6:cb:54:7e:79:5b:96:c3:6c:33:b3:90:
         ab:b1:83:da:11:e3:d8:df:d0:34:d4:c1:3b:d9:c7:4f:55:cc:
         a7:19:23:8f:50:cd:e6:0a:26:cc:1d:b1:92:23:97:42:af:f5:
         60:d4:40:a0
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUMl7ZaNWYMaYDN/iOB2MpTnH+KNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjFDMzVCOUNGNDVCRERBQkU4MjlBOUY3OEJDMjREQzU4
QUZEN0VDQTAeFw0yNDAzMDUxNzQyNDFaFw0yNTAzMDQxNzQ3NDFaMDMxMTAvBgNV
BAMTKDU5RDNDRUIwRjg4RDg5NEUxODM5MTE3QzFCQkZFQUU5Q0Q4MDVDREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy4Jsbov+SkimQJxsnrHS79fyV
Qp6/IYljkm8IakK+KKHEani+g2t9NCJTq42n0LlpdcJ4vtHeUd++XDKt9slz//wE
6kZlwzKzdZXGYmaQ0q5bFXUNUrOxsSsPH3MJwJLhHjTF1EDxZymIYSQaBNhX83Kz
b2wJM2W0aD+LzB5KJCd5jAjapwaH6nT4mF9MVw2IBtuFhvD/BU7btes3DvXBUy/I
qEqtUR/J6y/Tz663QYw6/8axh+Ruo7lVjTyuIsPIQSAGLU/ztx19thOG1e81yGtG
4Asmx76+NQ7OG5N+9+sMA2185ingjXE1KkvMdg58p2Lp52q+A112IphWZ6qjAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUWdPOsPiNiU4YORF8G7/q6c2AXNowHwYDVR0j
BBgwFoAU8cNbnPRb3avoKan3i8JNxYr9fsowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQThEMzJEREVCNDcyN0EzNEQ3ODFFNDJGODFFMzA4NDY5
MkU5QTMyQ0EwMkM2QzUyQTVCQTQxMENFMTkwRjRCLzAvRjFDMzVCOUNGNDVCRERB
QkU4MjlBOUY3OEJDMjREQzU4QUZEN0VDQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMUMzNUI5Q0Y0NUJEREFCRTgy
OUE5Rjc4QkMyNERDNThBRkQ3RUNBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E4RDMyRERFQjQ3MjdBMzRENzgxRTQyRjgxRTMwODQ2OTJFOUEzMkNB
MDJDNkM1MkE1QkE0MTBDRTE5MEY0Qi8wLzMxMzkzMDJlMzEzODM1MmUzMTMyMzgy
ZTMwMmYzMTM3MmQzMjM0MjAzZDNlMjAzMjM3MzkzODMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHvrmA
MA0GCSqGSIb3DQEBCwUAA4IBAQAA+NDV8it6u8vZEMIshRD+sv7JTB11Sxi6+VSH
YPAdzyIZzJbcAYb1BrRG9EfiXA4o9IbXMMhB655EaxqgQKPDub0TUcnOzXmzYaLB
Uzj5Yq22sKbK2LW7VDKrM7sg2F3Ys6DtkQehQqE2VUhahwBrUs9oqrcCHKJPh4OZ
548EfkC6RgY/vDoM4pO1HM/I7ay70rK05rWj6X++Ak0SnTxF7zShVb8ioE/DX5jb
WSKncHnzVhVz7BSwG4quk7uM5DZfM1LMVKuAEHeLvMymy1R+eVuWw2wzs5CrsYPa
EePY39A01ME72cdPVcynGSOPUM3mCibMHbGSI5dCr/Vg1ECg
-----END CERTIFICATE-----
Generated at Tue Oct 8 11:11:47 2024 by rpki-client on console-fra.rpki-client.org