Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44B42A6E76A0FA6E5C6B32A40E4650F45997D445CBE32D80F19D47E8F4060500/0/3136382e3139362e39362e302f32322d3234203d3e20323733303736.roa
File:                     3136382e3139362e39362e302f32322d3234203d3e20323733303736.roa (raw, json)
Hash identifier:          RaSY0IukFl6tmlzUTwzjvUPpZu2rPcRaOIIhGFRyl/E=
Subject key identifier:   BB:C0:E0:09:B0:CF:F0:D5:86:6A:D5:77:F0:4E:45:BF:EB:EE:15:79
Certificate issuer:       /CN=EFDD44A2C82FE99A65FB11ADF256599AFD91056F
Certificate serial:       1A7729FE86421658205B14E801794EE3D0D7EE27
Authority key identifier: EF:DD:44:A2:C8:2F:E9:9A:65:FB:11:AD:F2:56:59:9A:FD:91:05:6F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EFDD44A2C82FE99A65FB11ADF256599AFD91056F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44B42A6E76A0FA6E5C6B32A40E4650F45997D445CBE32D80F19D47E8F4060500/0/3136382e3139362e39362e302f32322d3234203d3e20323733303736.roa
Signing time:             Tue 05 Mar 2024 18:07:30 +0000
ROA not before:           Tue 05 Mar 2024 18:02:30 +0000
ROA not after:            Tue 04 Mar 2025 18:07:30 +0000
asID:                     273076
IP address blocks:        168.196.96.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44B42A6E76A0FA6E5C6B32A40E4650F45997D445CBE32D80F19D47E8F4060500/0/EFDD44A2C82FE99A65FB11ADF256599AFD91056F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44B42A6E76A0FA6E5C6B32A40E4650F45997D445CBE32D80F19D47E8F4060500/0/EFDD44A2C82FE99A65FB11ADF256599AFD91056F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EFDD44A2C82FE99A65FB11ADF256599AFD91056F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:77:29:fe:86:42:16:58:20:5b:14:e8:01:79:4e:e3:d0:d7:ee:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EFDD44A2C82FE99A65FB11ADF256599AFD91056F
        Validity
            Not Before: Mar  5 18:02:30 2024 GMT
            Not After : Mar  4 18:07:30 2025 GMT
        Subject: CN=BBC0E009B0CFF0D5866AD577F04E45BFEBEE1579
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:8a:17:0b:ab:bf:5a:0a:f9:84:ef:f3:d6:cf:
                    fd:1e:d9:42:c7:07:a2:37:fa:4d:96:37:a3:d7:fc:
                    f4:da:7b:39:59:e7:c3:e9:bf:20:50:08:0c:57:62:
                    a2:08:97:8c:25:bd:ec:67:c6:69:f5:c1:1e:90:07:
                    a1:05:fd:0d:62:c0:09:30:43:8a:f2:46:b8:64:42:
                    7a:a9:6d:c2:86:00:f2:2a:66:c3:c7:98:70:43:b6:
                    18:53:68:b6:d8:71:4b:bc:3f:5a:68:06:93:fd:3e:
                    f0:29:b5:ab:0f:ec:a8:ef:0a:fb:fe:f8:8f:36:db:
                    89:c5:2d:db:e8:08:47:17:f7:df:f6:a9:b2:b3:44:
                    f0:ad:f7:06:87:1d:bf:e3:c4:a0:6d:53:bf:3a:2e:
                    89:90:3c:ed:60:b3:1d:2c:f8:8a:55:65:ab:97:48:
                    1c:52:7d:63:c9:aa:3c:9b:c2:3f:de:76:ee:62:c7:
                    30:0c:b6:b0:d7:5a:2e:c6:c8:d9:9e:7f:4a:ac:fc:
                    88:7f:aa:e4:aa:a9:83:a7:4b:6a:87:29:f8:1d:a5:
                    4e:fc:9f:5b:54:a3:b2:c6:34:8f:d2:d3:4f:d6:70:
                    ad:f3:91:50:34:18:dd:0e:14:13:39:ae:43:d1:26:
                    32:4e:ba:1e:c3:ae:04:29:5d:c9:49:dd:c8:8d:7b:
                    a4:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:C0:E0:09:B0:CF:F0:D5:86:6A:D5:77:F0:4E:45:BF:EB:EE:15:79
            X509v3 Authority Key Identifier:
                keyid:EF:DD:44:A2:C8:2F:E9:9A:65:FB:11:AD:F2:56:59:9A:FD:91:05:6F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44B42A6E76A0FA6E5C6B32A40E4650F45997D445CBE32D80F19D47E8F4060500/0/EFDD44A2C82FE99A65FB11ADF256599AFD91056F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EFDD44A2C82FE99A65FB11ADF256599AFD91056F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44B42A6E76A0FA6E5C6B32A40E4650F45997D445CBE32D80F19D47E8F4060500/0/3136382e3139362e39362e302f32322d3234203d3e20323733303736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.196.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:df:78:36:6a:97:1a:02:35:3b:54:e5:74:c5:a0:fe:28:60:
         cc:ae:a0:8c:c5:de:ed:9e:8b:17:58:46:e4:12:8a:81:3a:fb:
         36:7f:3d:4e:28:76:30:73:b4:44:be:c5:40:69:22:43:05:df:
         e1:53:00:41:87:51:37:9f:7d:b0:22:26:44:36:c6:4d:cb:fc:
         bd:15:59:bd:cf:d9:49:b1:86:ed:a5:6d:d2:0f:f3:62:61:f1:
         f4:e0:d8:dc:bf:86:56:d5:bb:3f:64:a7:c4:89:bf:1a:3e:08:
         31:ac:00:8e:f8:fb:b1:cc:a5:b1:8f:fe:95:ae:fa:7a:f4:06:
         b5:9b:36:ae:bf:3a:e5:28:3d:e0:25:b7:62:fc:f4:84:be:99:
         c7:92:6a:6b:58:8d:9c:43:75:db:a4:5c:db:e4:ec:c8:f5:86:
         57:bd:d0:7b:ce:74:e7:0a:2b:08:ad:cf:2a:08:c4:51:74:3b:
         a5:17:4d:a1:2b:5c:a7:27:90:00:d0:fa:08:5f:84:13:c7:32:
         64:4a:c5:5f:4d:b7:0f:6e:58:5b:34:0d:7a:77:43:4f:c8:57:
         b1:36:a8:b6:60:36:56:53:0f:a9:7b:07:f0:a9:7c:ab:41:34:
         d5:53:4f:04:65:69:5e:9a:ca:ac:89:a3:f8:a3:37:27:37:29:
         23:e2:31:27
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUGncp/oZCFlggWxToAXlO49DX7icwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUZERDQ0QTJDODJGRTk5QTY1RkIxMUFERjI1NjU5OUFG
RDkxMDU2RjAeFw0yNDAzMDUxODAyMzBaFw0yNTAzMDQxODA3MzBaMDMxMTAvBgNV
BAMTKEJCQzBFMDA5QjBDRkYwRDU4NjZBRDU3N0YwNEU0NUJGRUJFRTE1NzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdihcLq79aCvmE7/PWz/0e2ULH
B6I3+k2WN6PX/PTaezlZ58PpvyBQCAxXYqIIl4wlvexnxmn1wR6QB6EF/Q1iwAkw
Q4ryRrhkQnqpbcKGAPIqZsPHmHBDthhTaLbYcUu8P1poBpP9PvAptasP7KjvCvv+
+I8224nFLdvoCEcX99/2qbKzRPCt9waHHb/jxKBtU786LomQPO1gsx0s+IpVZauX
SBxSfWPJqjybwj/edu5ixzAMtrDXWi7GyNmef0qs/Ih/quSqqYOnS2qHKfgdpU78
n1tUo7LGNI/S00/WcK3zkVA0GN0OFBM5rkPRJjJOuh7DrgQpXclJ3ciNe6RbAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUu8DgCbDP8NWGatV38E5Fv+vuFXkwHwYDVR0j
BBgwFoAU791Eosgv6Zpl+xGt8lZZmv2RBW8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEI0MkE2RTc2QTBGQTZFNUM2QjMyQTQwRTQ2NTBGNDU5
OTdENDQ1Q0JFMzJEODBGMTlENDdFOEY0MDYwNTAwLzAvRUZERDQ0QTJDODJGRTk5
QTY1RkIxMUFERjI1NjU5OUFGRDkxMDU2Ri5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FRkRENDRBMkM4MkZFOTlBNjVG
QjExQURGMjU2NTk5QUZEOTEwNTZGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRCNDJBNkU3NkEwRkE2RTVDNkIzMkE0MEU0NjUwRjQ1OTk3RDQ0NUNC
RTMyRDgwRjE5RDQ3RThGNDA2MDUwMC8wLzMxMzYzODJlMzEzOTM2MmUzOTM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzMzMzAzNzM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqMRg
MA0GCSqGSIb3DQEBCwUAA4IBAQBX33g2apcaAjU7VOV0xaD+KGDMrqCMxd7tnosX
WEbkEoqBOvs2fz1OKHYwc7REvsVAaSJDBd/hUwBBh1E3n32wIiZENsZNy/y9FVm9
z9lJsYbtpW3SD/NiYfH04Njcv4ZW1bs/ZKfEib8aPggxrACO+PuxzKWxj/6Vrvp6
9Aa1mzauvzrlKD3gJbdi/PSEvpnHkmprWI2cQ3XbpFzb5OzI9YZXvdB7znTnCisI
rc8qCMRRdDulF02hK1ynJ5AA0PoIX4QTxzJkSsVfTbcPblhbNA16d0NPyFexNqi2
YDZWUw+pewfwqXyrQTTVU08EZWlemsqsiaP4ozcnNykj4jEn
-----END CERTIFICATE-----
Generated at Thu Nov 21 08:04:21 2024 by rpki-client on console-fra.rpki-client.org