Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/410933603B2F3DC78166B98B0AF7F3C47AE988CED561C3F2A0AA6430652553B5/0/3137302e3234372e3230362e302f32332d3233203d3e20323634383237.roa
File:                     3137302e3234372e3230362e302f32332d3233203d3e20323634383237.roa (raw, json)
Hash identifier:          ZGg1zO9KcBE77o5yTL5msmfQKX8MFkYEXDthiL0ydyM=
Subject key identifier:   86:C1:6F:99:69:B4:56:44:DE:EC:04:4A:BB:DE:32:79:F9:0E:B4:04
Certificate issuer:       /CN=1BF2779400E0A85789A6D60B10CC1B8DEC0E7ECA
Certificate serial:       32D236A020EB66A69CB59AA72227101ACA1B192B
Authority key identifier: 1B:F2:77:94:00:E0:A8:57:89:A6:D6:0B:10:CC:1B:8D:EC:0E:7E:CA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1BF2779400E0A85789A6D60B10CC1B8DEC0E7ECA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/410933603B2F3DC78166B98B0AF7F3C47AE988CED561C3F2A0AA6430652553B5/0/3137302e3234372e3230362e302f32332d3233203d3e20323634383237.roa
Signing time:             Tue 05 Mar 2024 18:09:55 +0000
ROA not before:           Tue 05 Mar 2024 18:04:55 +0000
ROA not after:            Tue 04 Mar 2025 18:09:55 +0000
asID:                     264827
IP address blocks:        170.247.206.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/410933603B2F3DC78166B98B0AF7F3C47AE988CED561C3F2A0AA6430652553B5/0/1BF2779400E0A85789A6D60B10CC1B8DEC0E7ECA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/410933603B2F3DC78166B98B0AF7F3C47AE988CED561C3F2A0AA6430652553B5/0/1BF2779400E0A85789A6D60B10CC1B8DEC0E7ECA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1BF2779400E0A85789A6D60B10CC1B8DEC0E7ECA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:d2:36:a0:20:eb:66:a6:9c:b5:9a:a7:22:27:10:1a:ca:1b:19:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1BF2779400E0A85789A6D60B10CC1B8DEC0E7ECA
        Validity
            Not Before: Mar  5 18:04:55 2024 GMT
            Not After : Mar  4 18:09:55 2025 GMT
        Subject: CN=86C16F9969B45644DEEC044ABBDE3279F90EB404
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:3c:4b:11:70:c3:da:77:de:00:8b:94:db:c5:
                    e4:db:a7:14:04:7d:77:87:6b:d1:88:03:7a:03:74:
                    65:6b:f3:61:95:db:6e:9f:6b:64:1a:c3:41:0b:62:
                    bb:bf:6b:dd:a0:b8:c2:fc:21:3a:f6:bc:ab:97:db:
                    26:4d:1d:44:95:8e:2d:33:15:01:16:1d:e7:2e:46:
                    4c:b0:e4:3f:66:dd:d0:20:d9:4e:06:f1:7b:d2:ca:
                    30:bd:28:03:eb:a0:83:7e:62:b0:08:12:ca:44:bf:
                    d4:90:25:cf:4b:d1:0c:d7:ea:f9:25:60:2a:0f:1f:
                    c5:5a:8c:ce:d5:d4:a6:21:41:70:3f:f1:50:29:e9:
                    cd:33:84:e7:10:ce:fd:96:3a:d7:81:e3:9d:d9:e4:
                    58:d9:b6:92:1b:f8:32:db:33:86:01:dd:58:ee:5a:
                    d1:35:92:fc:df:b2:9e:c3:1f:7d:1a:7c:1f:60:ef:
                    99:8e:31:17:71:d9:5c:a5:47:ef:2f:99:45:76:1d:
                    d2:75:91:88:91:67:11:f9:39:8b:83:4a:8e:c9:fc:
                    80:e0:8b:51:80:f2:31:c4:30:ef:b2:a4:d6:8e:f7:
                    49:59:29:7e:82:b9:c8:55:86:ab:2a:9f:dd:08:52:
                    96:86:02:0b:37:fa:cf:fc:85:4b:b2:5c:35:7a:d4:
                    43:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:C1:6F:99:69:B4:56:44:DE:EC:04:4A:BB:DE:32:79:F9:0E:B4:04
            X509v3 Authority Key Identifier:
                keyid:1B:F2:77:94:00:E0:A8:57:89:A6:D6:0B:10:CC:1B:8D:EC:0E:7E:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/410933603B2F3DC78166B98B0AF7F3C47AE988CED561C3F2A0AA6430652553B5/0/1BF2779400E0A85789A6D60B10CC1B8DEC0E7ECA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1BF2779400E0A85789A6D60B10CC1B8DEC0E7ECA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/410933603B2F3DC78166B98B0AF7F3C47AE988CED561C3F2A0AA6430652553B5/0/3137302e3234372e3230362e302f32332d3233203d3e20323634383237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.247.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:b6:3a:91:1f:a8:fd:2e:2b:61:47:f1:42:4f:de:30:c9:9b:
         99:a5:34:1b:0b:8b:63:d6:f1:d5:0f:3a:de:0b:aa:cf:e6:68:
         3a:49:95:e3:6d:0d:ba:e9:e5:71:ca:61:c6:1a:30:d7:ff:a4:
         eb:ff:c0:1c:52:ef:91:8e:b3:60:54:2d:55:ee:9f:56:5e:b1:
         00:4e:d6:f6:15:66:1b:7c:c0:03:c5:25:25:ff:0b:d4:0f:d6:
         5a:7f:80:26:8c:ac:19:38:bd:bb:f5:c8:d3:70:66:f9:7e:3e:
         f5:af:31:ef:a2:61:8d:7a:69:45:1a:d6:28:fb:cf:31:07:d1:
         6b:9b:82:88:2c:f3:55:2a:b5:83:bd:18:d8:f8:52:3b:d2:c3:
         60:45:74:b8:b7:36:b3:40:bc:04:b2:71:18:0b:a9:71:19:aa:
         ff:b5:4e:7a:df:27:17:d8:45:38:4c:c2:bb:26:8e:c3:ad:a9:
         17:bb:de:03:69:57:15:b7:05:64:e9:14:2b:45:97:9c:18:3d:
         30:e3:d9:27:9e:a1:13:1f:18:8e:7a:d0:aa:57:24:ac:11:65:
         b0:6c:e3:c3:d4:77:a0:20:7a:1c:e9:37:b9:ef:d8:59:df:3a:
         fb:d5:8d:ee:5c:28:c8:47:69:5e:94:51:14:36:4b:0c:ea:5f:
         10:36:3f:eb
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUMtI2oCDrZqactZqnIicQGsobGSswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUJGMjc3OTQwMEUwQTg1Nzg5QTZENjBCMTBDQzFCOERF
QzBFN0VDQTAeFw0yNDAzMDUxODA0NTVaFw0yNTAzMDQxODA5NTVaMDMxMTAvBgNV
BAMTKDg2QzE2Rjk5NjlCNDU2NDRERUVDMDQ0QUJCREUzMjc5RjkwRUI0MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLPEsRcMPad94Ai5TbxeTbpxQE
fXeHa9GIA3oDdGVr82GV226fa2Qaw0ELYru/a92guML8ITr2vKuX2yZNHUSVji0z
FQEWHecuRkyw5D9m3dAg2U4G8XvSyjC9KAProIN+YrAIEspEv9SQJc9L0QzX6vkl
YCoPH8VajM7V1KYhQXA/8VAp6c0zhOcQzv2WOteB453Z5FjZtpIb+DLbM4YB3Vju
WtE1kvzfsp7DH30afB9g75mOMRdx2VylR+8vmUV2HdJ1kYiRZxH5OYuDSo7J/IDg
i1GA8jHEMO+ypNaO90lZKX6CuchVhqsqn90IUpaGAgs3+s/8hUuyXDV61EOlAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUhsFvmWm0VkTe7ARKu94yefkOtAQwHwYDVR0j
BBgwFoAUG/J3lADgqFeJptYLEMwbjewOfsowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80MTA5MzM2MDNCMkYzREM3ODE2NkI5OEIwQUY3RjNDNDdB
RTk4OENFRDU2MUMzRjJBMEFBNjQzMDY1MjU1M0I1LzAvMUJGMjc3OTQwMEUwQTg1
Nzg5QTZENjBCMTBDQzFCOERFQzBFN0VDQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xQkYyNzc5NDAwRTBBODU3ODlB
NkQ2MEIxMENDMUI4REVDMEU3RUNBLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDEwOTMzNjAzQjJGM0RDNzgxNjZCOThCMEFGN0YzQzQ3QUU5ODhDRUQ1
NjFDM0YyQTBBQTY0MzA2NTI1NTNCNS8wLzMxMzczMDJlMzIzNDM3MmUzMjMwMzYy
ZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjM2MzQzODMyMzcucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGq
984wDQYJKoZIhvcNAQELBQADggEBAE22OpEfqP0uK2FH8UJP3jDJm5mlNBsLi2PW
8dUPOt4Lqs/maDpJleNtDbrp5XHKYcYaMNf/pOv/wBxS75GOs2BULVXun1ZesQBO
1vYVZht8wAPFJSX/C9QP1lp/gCaMrBk4vbv1yNNwZvl+PvWvMe+iYY16aUUa1ij7
zzEH0Wubgogs81UqtYO9GNj4UjvSw2BFdLi3NrNAvASycRgLqXEZqv+1TnrfJxfY
RThMwrsmjsOtqRe73gNpVxW3BWTpFCtFl5wYPTDj2SeeoRMfGI560KpXJKwRZbBs
48PUd6AgehzpN7nv2FnfOvvVje5cKMhHaV6UURQ2SwzqXxA2P+s=
-----END CERTIFICATE-----
Generated at Thu Nov 21 00:19:39 2024 by rpki-client on console-fra.rpki-client.org