Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/406B1063718A61AE561DB18A870F583D14D6513C99E94DC14F47D6DBFBBC0A2C/0/3139312e35322e3230382e302f32322d3234203d3e20323730303232.roa
File:                     3139312e35322e3230382e302f32322d3234203d3e20323730303232.roa (raw, json)
Hash identifier:          R//WMvYvPJT4jnxtv7xkS4EAUUYh0i+YbZtIB5UYUOY=
Subject key identifier:   92:47:9F:66:A4:47:A8:8C:61:00:C3:DB:1E:B1:4D:F0:8A:C6:FE:CA
Certificate issuer:       /CN=BFFF9ED422983457E784A1C5DF441797B00B1886
Certificate serial:       38B8F40219721F1B1CFC19C99F59B586BD3D08CE
Authority key identifier: BF:FF:9E:D4:22:98:34:57:E7:84:A1:C5:DF:44:17:97:B0:0B:18:86
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BFFF9ED422983457E784A1C5DF441797B00B1886.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/406B1063718A61AE561DB18A870F583D14D6513C99E94DC14F47D6DBFBBC0A2C/0/3139312e35322e3230382e302f32322d3234203d3e20323730303232.roa
Signing time:             Wed 07 Aug 2024 17:05:00 +0000
ROA not before:           Wed 07 Aug 2024 17:00:00 +0000
ROA not after:            Wed 06 Aug 2025 17:05:00 +0000
asID:                     270022
IP address blocks:        191.52.208.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/406B1063718A61AE561DB18A870F583D14D6513C99E94DC14F47D6DBFBBC0A2C/0/BFFF9ED422983457E784A1C5DF441797B00B1886.crl
                          rsync://repository.lacnic.net/rpki/lacnic/406B1063718A61AE561DB18A870F583D14D6513C99E94DC14F47D6DBFBBC0A2C/0/BFFF9ED422983457E784A1C5DF441797B00B1886.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BFFF9ED422983457E784A1C5DF441797B00B1886.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 12 Oct 2024 17:15:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:b8:f4:02:19:72:1f:1b:1c:fc:19:c9:9f:59:b5:86:bd:3d:08:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BFFF9ED422983457E784A1C5DF441797B00B1886
        Validity
            Not Before: Aug  7 17:00:00 2024 GMT
            Not After : Aug  6 17:05:00 2025 GMT
        Subject: CN=92479F66A447A88C6100C3DB1EB14DF08AC6FECA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:fd:12:30:b1:14:a6:a9:83:16:17:39:75:7b:
                    f3:88:49:60:e7:83:28:b2:75:c9:3d:f1:83:7d:db:
                    34:0f:5b:a3:7d:06:69:d1:c7:e5:35:02:23:82:76:
                    63:be:9e:a1:b0:8b:1d:f3:ca:61:71:57:ff:df:ad:
                    34:83:98:c4:67:7e:26:b4:ca:87:b2:9a:f0:45:5b:
                    be:94:2d:8c:0d:5e:ff:11:20:d6:57:b5:4e:0f:57:
                    af:db:8f:6c:13:9b:16:bb:ce:e9:52:f6:d8:35:2e:
                    0d:67:3d:db:b8:19:43:3b:11:45:f9:33:14:7e:a1:
                    5b:fa:a2:42:db:e3:01:81:77:07:b9:71:b0:6f:9f:
                    c1:61:ab:a6:6e:18:28:39:29:fd:9a:9c:5e:0a:5f:
                    cd:39:a0:46:7b:9c:4a:73:7f:af:85:76:f7:3f:d4:
                    5f:59:1d:9c:15:c4:40:52:9e:cf:95:90:ec:e8:4d:
                    c2:78:fb:f0:7a:0a:ba:0f:71:a9:ad:2d:90:4e:c6:
                    0f:06:71:d9:a2:a1:a1:4c:15:17:1e:ff:f1:de:e1:
                    82:9a:55:df:32:f3:f1:07:da:6f:33:82:e3:15:e2:
                    8c:60:0e:5c:69:2e:7b:ec:46:00:01:07:4f:36:75:
                    66:1e:9e:86:41:5d:9f:09:b4:12:00:b3:e7:8a:63:
                    26:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:47:9F:66:A4:47:A8:8C:61:00:C3:DB:1E:B1:4D:F0:8A:C6:FE:CA
            X509v3 Authority Key Identifier:
                keyid:BF:FF:9E:D4:22:98:34:57:E7:84:A1:C5:DF:44:17:97:B0:0B:18:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/406B1063718A61AE561DB18A870F583D14D6513C99E94DC14F47D6DBFBBC0A2C/0/BFFF9ED422983457E784A1C5DF441797B00B1886.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BFFF9ED422983457E784A1C5DF441797B00B1886.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/406B1063718A61AE561DB18A870F583D14D6513C99E94DC14F47D6DBFBBC0A2C/0/3139312e35322e3230382e302f32322d3234203d3e20323730303232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.52.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2f:1b:e0:0a:67:7e:6f:4f:8d:bb:f7:19:fa:f6:4a:df:99:15:
         3c:25:ac:95:4d:f0:06:8f:0d:39:32:13:29:6f:e1:35:e6:6a:
         fa:74:52:22:e7:3e:cb:96:61:fd:70:d7:84:7f:55:77:00:74:
         d6:bb:e5:d8:52:da:e5:8e:6b:30:b6:92:9e:ce:2c:39:57:30:
         8c:65:25:56:c1:d0:e2:22:02:1d:33:88:a7:27:35:ef:9b:45:
         d5:76:71:55:98:ae:df:c0:11:9c:7d:2e:ea:95:fd:be:e0:37:
         c6:20:df:02:cf:c4:65:c3:2b:0a:c1:50:4f:d9:29:62:02:52:
         5f:ae:a8:ab:03:d4:3e:07:dd:bd:15:3b:77:86:84:0c:25:f8:
         0d:d7:7b:7b:bb:f6:64:c9:e7:31:54:4a:90:99:18:a5:b3:1e:
         0e:59:69:9f:cd:73:0e:a6:5f:bd:03:20:2f:fa:37:68:21:bc:
         39:a7:fe:38:84:56:1a:f5:1a:cf:a9:10:15:24:87:e6:ac:c0:
         2a:e0:a0:6f:0a:1b:de:a6:5b:86:cc:c2:c2:87:68:87:f1:01:
         79:94:36:28:aa:1d:a5:2a:ce:05:5e:c6:fb:4f:65:a0:40:14:
         38:84:ba:e2:14:8f:b0:1b:7c:4d:db:6e:b7:13:e9:79:88:5c:
         d5:ec:54:c1
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUOLj0AhlyHxsc/BnJn1m1hr09CM4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkZGRjlFRDQyMjk4MzQ1N0U3ODRBMUM1REY0NDE3OTdC
MDBCMTg4NjAeFw0yNDA4MDcxNzAwMDBaFw0yNTA4MDYxNzA1MDBaMDMxMTAvBgNV
BAMTKDkyNDc5RjY2QTQ0N0E4OEM2MTAwQzNEQjFFQjE0REYwOEFDNkZFQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu/RIwsRSmqYMWFzl1e/OISWDn
gyiydck98YN92zQPW6N9BmnRx+U1AiOCdmO+nqGwix3zymFxV//frTSDmMRnfia0
yoeymvBFW76ULYwNXv8RINZXtU4PV6/bj2wTmxa7zulS9tg1Lg1nPdu4GUM7EUX5
MxR+oVv6okLb4wGBdwe5cbBvn8Fhq6ZuGCg5Kf2anF4KX805oEZ7nEpzf6+Fdvc/
1F9ZHZwVxEBSns+VkOzoTcJ4+/B6CroPcamtLZBOxg8GcdmioaFMFRce//He4YKa
Vd8y8/EH2m8zguMV4oxgDlxpLnvsRgABB082dWYenoZBXZ8JtBIAs+eKYyYbAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUkkefZqRHqIxhAMPbHrFN8IrG/sowHwYDVR0j
BBgwFoAUv/+e1CKYNFfnhKHF30QXl7ALGIYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80MDZCMTA2MzcxOEE2MUFFNTYxREIxOEE4NzBGNTgzRDE0
RDY1MTNDOTlFOTREQzE0RjQ3RDZEQkZCQkMwQTJDLzAvQkZGRjlFRDQyMjk4MzQ1
N0U3ODRBMUM1REY0NDE3OTdCMDBCMTg4Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CRkZGOUVENDIyOTgzNDU3RTc4
NEExQzVERjQ0MTc5N0IwMEIxODg2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDA2QjEwNjM3MThBNjFBRTU2MURCMThBODcwRjU4M0QxNEQ2NTEzQzk5
RTk0REMxNEY0N0Q2REJGQkJDMEEyQy8wLzMxMzkzMTJlMzUzMjJlMzIzMDM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzMwMzAzMjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvzTQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAvG+AKZ35vT4279xn69krfmRU8JayVTfAGjw05
MhMpb+E15mr6dFIi5z7LlmH9cNeEf1V3AHTWu+XYUtrljmswtpKeziw5VzCMZSVW
wdDiIgIdM4inJzXvm0XVdnFVmK7fwBGcfS7qlf2+4DfGIN8Cz8RlwysKwVBP2Sli
AlJfrqirA9Q+B929FTt3hoQMJfgN13t7u/ZkyecxVEqQmRilsx4OWWmfzXMOpl+9
AyAv+jdoIbw5p/44hFYa9RrPqRAVJIfmrMAq4KBvChvepluGzMLCh2iH8QF5lDYo
qh2lKs4FXsb7T2WgQBQ4hLriFI+wG3xN2263E+l5iFzV7FTB
-----END CERTIFICATE-----
Generated at Tue Oct 8 00:26:16 2024 by rpki-client on console-ams.rpki-client.org