Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138352e3232372e302f32342d3234203d3e20323637383736.roa
File:                     3139302e3138352e3232372e302f32342d3234203d3e20323637383736.roa (raw, json)
Hash identifier:          ePMUbvjlUaGmx/jLgoC/2R8LF6DQ/CjjbazJENUIhpc=
Subject key identifier:   DD:03:56:D6:E9:6C:84:D5:AF:27:A0:D9:F7:88:94:69:E8:A3:89:39
Certificate issuer:       /CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
Certificate serial:       021A6AC9EA6CCCE45A581A2F08353C9C5CE5DAC6
Authority key identifier: F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138352e3232372e302f32342d3234203d3e20323637383736.roa
Signing time:             Tue 05 Mar 2024 17:47:39 +0000
ROA not before:           Tue 05 Mar 2024 17:42:39 +0000
ROA not after:            Tue 04 Mar 2025 17:47:39 +0000
asID:                     267876
IP address blocks:        190.185.227.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:1a:6a:c9:ea:6c:cc:e4:5a:58:1a:2f:08:35:3c:9c:5c:e5:da:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
        Validity
            Not Before: Mar  5 17:42:39 2024 GMT
            Not After : Mar  4 17:47:39 2025 GMT
        Subject: CN=DD0356D6E96C84D5AF27A0D9F7889469E8A38939
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:8e:93:d0:d2:e4:5f:99:cb:28:13:ad:bb:e0:
                    70:27:e4:55:28:fd:6a:17:ab:90:00:7c:c5:77:e9:
                    76:0f:b7:41:5a:00:05:26:89:67:86:af:cc:57:7c:
                    97:de:6e:38:04:e0:3d:50:db:f8:7d:2c:e8:35:c5:
                    14:fe:00:aa:5d:1d:f5:56:94:80:aa:a8:9f:03:ca:
                    3e:3c:a6:7c:0c:c7:15:5d:f4:c7:d5:6c:61:5e:19:
                    38:51:8b:e2:d4:0b:0b:17:b8:be:76:e9:d3:b4:d1:
                    1d:41:34:1c:e6:9f:1d:c1:42:65:5a:22:86:d3:da:
                    c1:99:7c:2b:ff:08:1d:22:c4:75:78:27:36:ce:09:
                    ad:7e:03:cb:bf:2b:da:b2:9b:23:21:a6:55:b9:01:
                    5d:b9:56:c6:42:f3:1b:f8:9c:ad:69:af:17:c8:67:
                    72:78:80:d5:07:05:a9:9b:10:e5:9d:9d:c9:06:0f:
                    bc:ca:08:88:ea:4c:7b:d4:c6:1f:ec:63:73:5f:73:
                    d1:27:89:cb:6e:da:de:8d:f1:29:c8:e8:9b:b6:e6:
                    7c:64:a6:26:73:26:00:32:96:b8:b9:55:f7:f8:9c:
                    b8:25:42:04:c7:52:71:08:29:3a:e2:a4:86:a3:d6:
                    21:6e:3e:81:a8:e9:91:41:f6:9b:b4:3d:be:33:b3:
                    14:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:03:56:D6:E9:6C:84:D5:AF:27:A0:D9:F7:88:94:69:E8:A3:89:39
            X509v3 Authority Key Identifier:
                keyid:F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138352e3232372e302f32342d3234203d3e20323637383736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.185.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:21:93:b6:79:9d:23:1e:c7:75:49:60:1c:b0:c7:e3:b9:12:
         25:d7:cc:e3:50:6b:31:10:96:08:1b:4a:f4:d7:c5:3b:ea:16:
         f9:b7:30:9b:ca:f9:af:cd:b6:3f:bd:fe:34:9a:8b:d5:af:10:
         95:23:55:5b:ab:42:4a:73:5b:e3:f6:a7:b1:2e:26:91:11:3f:
         23:e0:8b:fd:4d:de:5d:4d:b6:20:40:0f:84:63:02:92:ae:f9:
         34:86:20:a6:58:04:4a:25:4d:16:0f:16:2f:d1:a6:c3:f3:2b:
         8d:a1:10:a4:7f:f9:06:c7:78:69:2d:25:8a:8b:34:9c:09:6f:
         49:17:58:33:6a:62:4c:b7:92:81:02:c3:0c:e2:97:ea:6a:5d:
         b7:02:dd:c4:c4:c6:51:21:27:a6:8a:55:c8:74:45:c2:d8:77:
         83:2c:36:35:c6:07:14:c7:bf:3a:b7:77:6b:f1:9f:c8:73:36:
         2c:7e:31:58:0b:3f:23:61:29:1e:32:41:09:dc:5e:19:55:be:
         6d:c9:06:ed:ae:0f:42:0b:27:a0:cf:13:06:95:79:e5:20:ae:
         9c:12:bd:3f:53:02:83:48:8c:8d:ba:b1:ac:2a:8c:27:d6:53:
         19:a9:0c:d6:01:d2:92:88:9b:a7:e7:69:85:0b:4a:95:4c:6d:
         da:d5:81:47
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUAhpqyepszORaWBovCDU8nFzl2sYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjFDMzVCOUNGNDVCRERBQkU4MjlBOUY3OEJDMjREQzU4
QUZEN0VDQTAeFw0yNDAzMDUxNzQyMzlaFw0yNTAzMDQxNzQ3MzlaMDMxMTAvBgNV
BAMTKEREMDM1NkQ2RTk2Qzg0RDVBRjI3QTBEOUY3ODg5NDY5RThBMzg5MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDejpPQ0uRfmcsoE6274HAn5FUo
/WoXq5AAfMV36XYPt0FaAAUmiWeGr8xXfJfebjgE4D1Q2/h9LOg1xRT+AKpdHfVW
lICqqJ8Dyj48pnwMxxVd9MfVbGFeGThRi+LUCwsXuL526dO00R1BNBzmnx3BQmVa
IobT2sGZfCv/CB0ixHV4JzbOCa1+A8u/K9qymyMhplW5AV25VsZC8xv4nK1prxfI
Z3J4gNUHBambEOWdnckGD7zKCIjqTHvUxh/sY3Nfc9Enictu2t6N8SnI6Ju25nxk
piZzJgAylri5Vff4nLglQgTHUnEIKTripIaj1iFuPoGo6ZFB9pu0Pb4zsxQfAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU3QNW1ulshNWvJ6DZ94iUaeijiTkwHwYDVR0j
BBgwFoAU8cNbnPRb3avoKan3i8JNxYr9fsowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQThEMzJEREVCNDcyN0EzNEQ3ODFFNDJGODFFMzA4NDY5
MkU5QTMyQ0EwMkM2QzUyQTVCQTQxMENFMTkwRjRCLzAvRjFDMzVCOUNGNDVCRERB
QkU4MjlBOUY3OEJDMjREQzU4QUZEN0VDQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMUMzNUI5Q0Y0NUJEREFCRTgy
OUE5Rjc4QkMyNERDNThBRkQ3RUNBLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E4RDMyRERFQjQ3MjdBMzRENzgxRTQyRjgxRTMwODQ2OTJFOUEzMkNB
MDJDNkM1MkE1QkE0MTBDRTE5MEY0Qi8wLzMxMzkzMDJlMzEzODM1MmUzMjMyMzcy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzczODM3MzYucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC+
ueMwDQYJKoZIhvcNAQELBQADggEBAHkhk7Z5nSMex3VJYBywx+O5EiXXzONQazEQ
lggbSvTXxTvqFvm3MJvK+a/Ntj+9/jSai9WvEJUjVVurQkpzW+P2p7EuJpERPyPg
i/1N3l1NtiBAD4RjApKu+TSGIKZYBEolTRYPFi/RpsPzK42hEKR/+QbHeGktJYqL
NJwJb0kXWDNqYky3koECwwzil+pqXbcC3cTExlEhJ6aKVch0RcLYd4MsNjXGBxTH
vzq3d2vxn8hzNix+MVgLPyNhKR4yQQncXhlVvm3JBu2uD0ILJ6DPEwaVeeUgrpwS
vT9TAoNIjI26sawqjCfWUxmpDNYB0pKIm6fnaYULSpVMbdrVgUc=
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:30:33 2024 by rpki-client on console-ams.rpki-client.org