Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138352e3230362e302f32342d3234203d3e20323636383731.roa
File:                     3139302e3138352e3230362e302f32342d3234203d3e20323636383731.roa (raw, json)
Hash identifier:          TM7UXCNzMtif9pUCEPeHrfc4vuvZzMMqj812BvmIc2c=
Subject key identifier:   22:A4:76:55:95:F0:AF:40:FF:A3:66:DF:49:6B:B6:6A:23:26:C3:5B
Certificate issuer:       /CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
Certificate serial:       21C3177A881D4FA4810D825729794E1206DBEDDD
Authority key identifier: F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138352e3230362e302f32342d3234203d3e20323636383731.roa
Signing time:             Tue 05 Mar 2024 17:47:47 +0000
ROA not before:           Tue 05 Mar 2024 17:42:47 +0000
ROA not after:            Tue 04 Mar 2025 17:47:47 +0000
asID:                     266871
IP address blocks:        190.185.206.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:c3:17:7a:88:1d:4f:a4:81:0d:82:57:29:79:4e:12:06:db:ed:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
        Validity
            Not Before: Mar  5 17:42:47 2024 GMT
            Not After : Mar  4 17:47:47 2025 GMT
        Subject: CN=22A4765595F0AF40FFA366DF496BB66A2326C35B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:c4:41:1a:94:2f:ab:1b:63:04:49:2d:a5:ff:
                    12:e2:56:ca:a5:3f:63:43:b6:e8:bd:e0:3c:1c:10:
                    f3:d6:f0:76:1c:26:09:70:e7:2c:6f:4f:0d:43:21:
                    44:72:1f:41:9e:96:13:8a:e1:42:f5:c5:24:c0:ee:
                    90:0b:48:63:30:94:31:42:c5:84:3c:12:85:63:71:
                    3a:b5:c2:42:9a:3f:1e:d9:5f:29:9c:20:80:b3:1d:
                    95:9e:5e:f6:27:ce:89:f0:1d:90:0f:68:5f:4a:85:
                    f6:63:fe:53:3a:15:be:3f:dd:0d:98:81:09:67:ab:
                    ef:91:8c:9f:ac:fa:87:db:37:ca:f2:b6:b5:f9:91:
                    40:50:1e:50:e4:90:00:8e:b4:4d:4f:46:c9:2e:5e:
                    71:e7:55:62:0c:bf:ee:2e:30:0d:ff:17:dd:43:b2:
                    0c:41:45:86:d3:33:e1:14:38:46:1e:43:77:24:81:
                    35:76:11:68:14:b0:8a:a8:a1:88:46:ea:02:46:3d:
                    da:46:67:8e:20:5e:8f:c0:d1:bd:40:fd:b1:ec:39:
                    2c:e0:af:5d:4c:9e:7b:24:31:54:e0:77:eb:2e:f4:
                    e0:e1:c1:94:21:cc:b8:bf:6e:07:f8:f6:90:ca:3f:
                    28:59:87:a1:d3:30:f9:15:c9:b4:76:4b:c9:83:c5:
                    4c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:A4:76:55:95:F0:AF:40:FF:A3:66:DF:49:6B:B6:6A:23:26:C3:5B
            X509v3 Authority Key Identifier:
                keyid:F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138352e3230362e302f32342d3234203d3e20323636383731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.185.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:1b:7f:1c:d7:fb:3b:e5:bb:a1:20:7e:57:04:20:e4:c9:a8:
         4e:c7:ef:7b:f1:8b:5e:8f:cd:88:64:62:e1:b9:f8:53:d6:a6:
         df:38:b4:20:d5:d3:e3:59:7c:7d:c6:33:23:3f:c6:d8:c2:5d:
         9b:3e:89:58:ef:a7:ac:61:83:95:0c:d2:35:a6:1c:e6:1e:26:
         31:7d:4e:e2:6f:2b:0d:e3:5d:c3:cf:e2:85:14:c7:5c:91:b6:
         c7:fe:6a:76:18:02:fb:e1:5e:37:31:3b:db:cf:e2:54:8e:32:
         47:f1:c9:f5:82:8d:12:4b:a2:a2:17:ec:52:6e:b8:32:1e:e5:
         14:32:68:57:98:7c:00:6e:be:1f:49:25:c0:49:53:1f:fc:f1:
         c5:ef:63:66:70:b3:bb:cc:2f:12:19:86:1e:d1:50:86:c5:a7:
         4d:f6:79:f9:66:d6:21:58:94:d8:cc:29:f2:03:17:34:18:a7:
         66:68:2b:cb:23:eb:21:a0:79:14:24:a4:f1:da:80:7e:52:a8:
         cf:42:40:e7:ff:f1:68:5e:ec:a4:8b:98:9d:9c:e1:f1:0a:30:
         0b:2c:81:dd:1c:92:0d:5a:58:0b:a1:22:34:e8:ad:42:7f:c0:
         ef:fa:a1:f5:a8:79:1c:d5:1a:8c:36:cd:5e:a4:07:51:38:c2:
         fa:a9:25:6c
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUIcMXeogdT6SBDYJXKXlOEgbb7d0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjFDMzVCOUNGNDVCRERBQkU4MjlBOUY3OEJDMjREQzU4
QUZEN0VDQTAeFw0yNDAzMDUxNzQyNDdaFw0yNTAzMDQxNzQ3NDdaMDMxMTAvBgNV
BAMTKDIyQTQ3NjU1OTVGMEFGNDBGRkEzNjZERjQ5NkJCNjZBMjMyNkMzNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYxEEalC+rG2MESS2l/xLiVsql
P2NDtui94DwcEPPW8HYcJglw5yxvTw1DIURyH0GelhOK4UL1xSTA7pALSGMwlDFC
xYQ8EoVjcTq1wkKaPx7ZXymcIICzHZWeXvYnzonwHZAPaF9KhfZj/lM6Fb4/3Q2Y
gQlnq++RjJ+s+ofbN8rytrX5kUBQHlDkkACOtE1PRskuXnHnVWIMv+4uMA3/F91D
sgxBRYbTM+EUOEYeQ3ckgTV2EWgUsIqooYhG6gJGPdpGZ44gXo/A0b1A/bHsOSzg
r11MnnskMVTgd+su9ODhwZQhzLi/bgf49pDKPyhZh6HTMPkVybR2S8mDxUzNAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUIqR2VZXwr0D/o2bfSWu2aiMmw1swHwYDVR0j
BBgwFoAU8cNbnPRb3avoKan3i8JNxYr9fsowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQThEMzJEREVCNDcyN0EzNEQ3ODFFNDJGODFFMzA4NDY5
MkU5QTMyQ0EwMkM2QzUyQTVCQTQxMENFMTkwRjRCLzAvRjFDMzVCOUNGNDVCRERB
QkU4MjlBOUY3OEJDMjREQzU4QUZEN0VDQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMUMzNUI5Q0Y0NUJEREFCRTgy
OUE5Rjc4QkMyNERDNThBRkQ3RUNBLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E4RDMyRERFQjQ3MjdBMzRENzgxRTQyRjgxRTMwODQ2OTJFOUEzMkNB
MDJDNkM1MkE1QkE0MTBDRTE5MEY0Qi8wLzMxMzkzMDJlMzEzODM1MmUzMjMwMzYy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzYzODM3MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC+
uc4wDQYJKoZIhvcNAQELBQADggEBAKcbfxzX+zvlu6EgflcEIOTJqE7H73vxi16P
zYhkYuG5+FPWpt84tCDV0+NZfH3GMyM/xtjCXZs+iVjvp6xhg5UM0jWmHOYeJjF9
TuJvKw3jXcPP4oUUx1yRtsf+anYYAvvhXjcxO9vP4lSOMkfxyfWCjRJLoqIX7FJu
uDIe5RQyaFeYfABuvh9JJcBJUx/88cXvY2Zws7vMLxIZhh7RUIbFp032eflm1iFY
lNjMKfIDFzQYp2ZoK8sj6yGgeRQkpPHagH5SqM9CQOf/8Whe7KSLmJ2c4fEKMAss
gd0ckg1aWAuhIjTorUJ/wO/6ofWoeRzVGow2zV6kB1E4wvqpJWw=
-----END CERTIFICATE-----
Generated at Tue Nov 19 16:11:45 2024 by rpki-client on console-fra.rpki-client.org