Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/43CC570423FAF8163D86CC21F1BA03D89502AE9C124FEF89AF61F402EAEE8B83/0/3139302e37362e3230382e302f32302d3230203d3e203237383839.roa
File:                     3139302e37362e3230382e302f32302d3230203d3e203237383839.roa (raw, json)
Hash identifier:          dnvRsG4O/BIqbjHf+xlIeoKZ8V3JlZR4gTHnYo5ibuc=
Subject key identifier:   F0:AD:BE:FA:89:5D:EB:9B:48:74:B8:BA:E5:95:9C:7F:46:2B:8F:B7
Certificate issuer:       /CN=9F56FC23A8C5FC067B7D0BFD605C0F5A33D036B4
Certificate serial:       5519BBEAA2D8AD4BBD3998CC1F4AAB13F6F073A0
Authority key identifier: 9F:56:FC:23:A8:C5:FC:06:7B:7D:0B:FD:60:5C:0F:5A:33:D0:36:B4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9F56FC23A8C5FC067B7D0BFD605C0F5A33D036B4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/43CC570423FAF8163D86CC21F1BA03D89502AE9C124FEF89AF61F402EAEE8B83/0/3139302e37362e3230382e302f32302d3230203d3e203237383839.roa
Signing time:             Tue 05 Mar 2024 18:15:07 +0000
ROA not before:           Tue 05 Mar 2024 18:10:07 +0000
ROA not after:            Tue 04 Mar 2025 18:15:07 +0000
asID:                     27889
IP address blocks:        190.76.208.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/43CC570423FAF8163D86CC21F1BA03D89502AE9C124FEF89AF61F402EAEE8B83/0/9F56FC23A8C5FC067B7D0BFD605C0F5A33D036B4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/43CC570423FAF8163D86CC21F1BA03D89502AE9C124FEF89AF61F402EAEE8B83/0/9F56FC23A8C5FC067B7D0BFD605C0F5A33D036B4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9F56FC23A8C5FC067B7D0BFD605C0F5A33D036B4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:19:bb:ea:a2:d8:ad:4b:bd:39:98:cc:1f:4a:ab:13:f6:f0:73:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9F56FC23A8C5FC067B7D0BFD605C0F5A33D036B4
        Validity
            Not Before: Mar  5 18:10:07 2024 GMT
            Not After : Mar  4 18:15:07 2025 GMT
        Subject: CN=F0ADBEFA895DEB9B4874B8BAE5959C7F462B8FB7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:db:4f:da:81:7d:ed:69:b2:72:00:a3:59:9b:
                    6e:75:cd:6c:f5:57:12:42:50:c8:50:f4:7f:5e:39:
                    b6:fd:57:82:80:b2:6b:14:33:74:aa:d4:a9:49:24:
                    5e:69:f6:5c:05:36:b7:42:df:9e:2a:08:9d:9f:79:
                    b7:48:b8:6c:59:c4:f8:f0:84:0c:bf:d3:56:12:7f:
                    28:8b:09:ec:07:fd:e7:e9:d3:a6:91:61:f6:5f:1b:
                    22:f2:57:c0:98:a3:e6:12:a8:e2:8e:89:72:db:1f:
                    30:80:4b:d1:4f:1e:55:8c:c9:d9:20:b3:5e:10:9f:
                    9c:e0:32:d1:79:82:f3:4c:13:e6:93:f7:08:dd:17:
                    e6:d0:db:82:4b:fb:50:a0:6b:dd:d7:92:9d:14:b1:
                    80:4d:c8:cc:65:84:c9:5f:57:ff:3e:16:55:10:89:
                    8e:81:16:52:e7:00:5c:2a:bc:aa:d7:69:90:94:98:
                    cb:2f:2c:05:ea:50:d6:11:58:8c:3d:1d:2f:9b:d2:
                    3f:a6:91:26:9f:91:09:ce:0f:bf:f5:71:1c:2a:b9:
                    8e:a1:21:d9:f4:55:25:3f:df:79:16:0f:d4:87:aa:
                    06:6c:41:d7:ea:0f:6c:e4:93:72:ad:ce:24:94:b6:
                    ca:09:a3:09:ca:69:e9:e6:57:1c:16:1d:7e:37:db:
                    0a:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:AD:BE:FA:89:5D:EB:9B:48:74:B8:BA:E5:95:9C:7F:46:2B:8F:B7
            X509v3 Authority Key Identifier:
                keyid:9F:56:FC:23:A8:C5:FC:06:7B:7D:0B:FD:60:5C:0F:5A:33:D0:36:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/43CC570423FAF8163D86CC21F1BA03D89502AE9C124FEF89AF61F402EAEE8B83/0/9F56FC23A8C5FC067B7D0BFD605C0F5A33D036B4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9F56FC23A8C5FC067B7D0BFD605C0F5A33D036B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/43CC570423FAF8163D86CC21F1BA03D89502AE9C124FEF89AF61F402EAEE8B83/0/3139302e37362e3230382e302f32302d3230203d3e203237383839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.76.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         04:56:28:c0:4c:e2:a5:84:d0:27:77:e6:51:ff:10:32:a3:29:
         27:02:82:16:8d:ce:7d:b1:e3:dc:8f:55:af:ce:14:7e:0e:b3:
         e6:e3:30:dc:1d:af:cd:75:56:e0:a6:fb:50:0a:8d:02:08:8a:
         a6:a6:82:e4:79:cd:9c:48:03:e0:b7:af:d3:f1:e5:bc:49:7a:
         94:4a:ce:21:f4:94:26:99:11:14:8b:aa:86:58:39:ab:9f:be:
         d2:be:f4:94:9e:29:d8:5c:33:f1:73:fe:06:fc:ed:bf:4e:3d:
         36:3c:65:20:2b:cd:bb:90:bf:63:25:26:0e:f4:41:24:0a:8c:
         4d:ce:1b:8f:3c:f7:aa:3a:28:67:63:a3:04:a3:9f:20:e2:95:
         dd:3c:ea:ae:a3:86:e8:dc:1e:fe:b0:fa:31:c2:36:6a:36:d3:
         c6:02:88:c5:3e:6c:b5:d6:9d:29:17:07:76:a5:16:49:02:ba:
         03:47:b0:05:3d:f4:e7:bc:2b:74:43:88:fa:84:b3:17:2b:2d:
         38:db:f7:d5:53:99:27:48:52:64:be:77:c9:50:15:9c:76:10:
         f8:83:fe:c8:79:9c:c2:1e:4f:3c:50:24:61:12:b5:78:31:ce:
         30:fa:de:60:fd:5a:53:07:8c:d5:d9:bb:8d:b9:59:31:f5:94:
         97:5f:01:18
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUVRm76qLYrUu9OZjMH0qrE/bwc6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUY1NkZDMjNBOEM1RkMwNjdCN0QwQkZENjA1QzBGNUEz
M0QwMzZCNDAeFw0yNDAzMDUxODEwMDdaFw0yNTAzMDQxODE1MDdaMDMxMTAvBgNV
BAMTKEYwQURCRUZBODk1REVCOUI0ODc0QjhCQUU1OTU5QzdGNDYyQjhGQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC020/agX3tabJyAKNZm251zWz1
VxJCUMhQ9H9eObb9V4KAsmsUM3Sq1KlJJF5p9lwFNrdC354qCJ2febdIuGxZxPjw
hAy/01YSfyiLCewH/efp06aRYfZfGyLyV8CYo+YSqOKOiXLbHzCAS9FPHlWMydkg
s14Qn5zgMtF5gvNME+aT9wjdF+bQ24JL+1Cga93Xkp0UsYBNyMxlhMlfV/8+FlUQ
iY6BFlLnAFwqvKrXaZCUmMsvLAXqUNYRWIw9HS+b0j+mkSafkQnOD7/1cRwquY6h
Idn0VSU/33kWD9SHqgZsQdfqD2zkk3KtziSUtsoJownKaenmVxwWHX432wqNAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU8K2++old65tIdLi65ZWcf0Yrj7cwHwYDVR0j
BBgwFoAUn1b8I6jF/AZ7fQv9YFwPWjPQNrQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80M0NDNTcwNDIzRkFGODE2M0Q4NkNDMjFGMUJBMDNEODk1
MDJBRTlDMTI0RkVGODlBRjYxRjQwMkVBRUU4QjgzLzAvOUY1NkZDMjNBOEM1RkMw
NjdCN0QwQkZENjA1QzBGNUEzM0QwMzZCNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85RjU2RkMyM0E4QzVGQzA2N0I3
RDBCRkQ2MDVDMEY1QTMzRDAzNkI0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDNDQzU3MDQyM0ZBRjgxNjNEODZDQzIxRjFCQTAzRDg5NTAyQUU5QzEy
NEZFRjg5QUY2MUY0MDJFQUVFOEI4My8wLzMxMzkzMDJlMzczNjJlMzIzMDM4MmUz
MDJmMzIzMDJkMzIzMDIwM2QzZTIwMzIzNzM4MzgzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBL5M0DAN
BgkqhkiG9w0BAQsFAAOCAQEABFYowEzipYTQJ3fmUf8QMqMpJwKCFo3OfbHj3I9V
r84Ufg6z5uMw3B2vzXVW4Kb7UAqNAgiKpqaC5HnNnEgD4Lev0/HlvEl6lErOIfSU
JpkRFIuqhlg5q5++0r70lJ4p2Fwz8XP+Bvztv049NjxlICvNu5C/YyUmDvRBJAqM
Tc4bjzz3qjooZ2OjBKOfIOKV3TzqrqOG6Nwe/rD6McI2ajbTxgKIxT5stdadKRcH
dqUWSQK6A0ewBT3057wrdEOI+oSzFystONv31VOZJ0hSZL53yVAVnHYQ+IP+yHmc
wh5PPFAkYRK1eDHOMPreYP1aUweM1dm7jblZMfWUl18BGA==
-----END CERTIFICATE-----
Generated at Wed Nov 20 13:43:35 2024 by rpki-client on console-ams.rpki-client.org