Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/454A6027DDD5263133FA9344DFA716AB489C8DA8889090E0FB35F36867C912EC/0/3137302e3233332e37312e302f32342d3234203d3e203238313131.roa
File:                     3137302e3233332e37312e302f32342d3234203d3e203238313131.roa (raw, json)
Hash identifier:          U1tyMbX1YHKBuUeLrJ8PqrmD0tJHcydFxkx7VjatLm0=
Subject key identifier:   B6:43:0C:8C:D2:AF:A4:11:DF:7B:3B:3C:07:6A:3A:B6:48:C3:0A:40
Certificate issuer:       /CN=1F4C8E2A50993D70AF79E87C7E1B8660979E2614
Certificate serial:       58B310C570DB11A8EC5E7AD84E01AC041DBC6D85
Authority key identifier: 1F:4C:8E:2A:50:99:3D:70:AF:79:E8:7C:7E:1B:86:60:97:9E:26:14
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F4C8E2A50993D70AF79E87C7E1B8660979E2614.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/454A6027DDD5263133FA9344DFA716AB489C8DA8889090E0FB35F36867C912EC/0/3137302e3233332e37312e302f32342d3234203d3e203238313131.roa
Signing time:             Wed 04 Sep 2024 17:50:00 +0000
ROA not before:           Wed 04 Sep 2024 17:45:00 +0000
ROA not after:            Wed 03 Sep 2025 17:50:00 +0000
asID:                     28111
IP address blocks:        170.233.71.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/454A6027DDD5263133FA9344DFA716AB489C8DA8889090E0FB35F36867C912EC/0/1F4C8E2A50993D70AF79E87C7E1B8660979E2614.crl
                          rsync://repository.lacnic.net/rpki/lacnic/454A6027DDD5263133FA9344DFA716AB489C8DA8889090E0FB35F36867C912EC/0/1F4C8E2A50993D70AF79E87C7E1B8660979E2614.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F4C8E2A50993D70AF79E87C7E1B8660979E2614.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 31 Oct 2024 16:16:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:b3:10:c5:70:db:11:a8:ec:5e:7a:d8:4e:01:ac:04:1d:bc:6d:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1F4C8E2A50993D70AF79E87C7E1B8660979E2614
        Validity
            Not Before: Sep  4 17:45:00 2024 GMT
            Not After : Sep  3 17:50:00 2025 GMT
        Subject: CN=B6430C8CD2AFA411DF7B3B3C076A3AB648C30A40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:57:c4:18:30:a9:e9:c6:c3:4b:52:94:e1:93:
                    d7:16:d0:04:3b:d0:79:ae:7a:5b:23:ce:01:d4:33:
                    80:94:07:b7:9e:99:86:46:68:4b:cf:e1:25:6e:9e:
                    fe:61:db:65:3b:44:6e:a8:75:0c:1c:3d:dd:d4:01:
                    49:4c:54:7c:7a:eb:d2:0b:8c:06:e0:79:2b:6a:40:
                    d7:ff:19:88:1a:bb:da:fa:e5:ad:48:75:65:ce:f8:
                    0f:4f:46:2a:aa:6e:1f:61:d2:ee:21:42:42:2a:7a:
                    b6:05:f0:6c:cb:70:0f:6f:ac:93:c7:b4:08:f6:3e:
                    cf:fb:61:6b:28:67:33:95:bc:f4:a2:af:9f:3d:59:
                    f7:8d:e6:9a:88:43:95:5d:61:ef:cd:54:cc:ea:67:
                    f9:4a:53:22:7b:bc:ae:88:0b:55:f2:69:2f:d3:b0:
                    a1:94:b3:11:b6:56:b4:87:e8:bb:26:b6:8d:ca:9e:
                    5e:ac:f7:34:33:32:bc:1a:93:a7:20:2c:93:db:c8:
                    e2:33:2e:19:d6:55:1b:17:76:9b:8b:5c:e7:4c:65:
                    ce:3d:87:74:06:4c:35:00:ba:2e:34:da:26:b5:2b:
                    64:2f:bf:be:97:10:3d:68:23:f2:32:16:e3:d0:31:
                    8b:7c:39:e2:a8:a4:bf:41:af:fa:68:d0:47:4a:1b:
                    30:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:43:0C:8C:D2:AF:A4:11:DF:7B:3B:3C:07:6A:3A:B6:48:C3:0A:40
            X509v3 Authority Key Identifier:
                keyid:1F:4C:8E:2A:50:99:3D:70:AF:79:E8:7C:7E:1B:86:60:97:9E:26:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/454A6027DDD5263133FA9344DFA716AB489C8DA8889090E0FB35F36867C912EC/0/1F4C8E2A50993D70AF79E87C7E1B8660979E2614.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F4C8E2A50993D70AF79E87C7E1B8660979E2614.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/454A6027DDD5263133FA9344DFA716AB489C8DA8889090E0FB35F36867C912EC/0/3137302e3233332e37312e302f32342d3234203d3e203238313131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.233.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:cf:be:09:34:0d:b1:ee:9b:6d:ae:7d:fb:0f:b0:cd:59:20:
         9a:61:27:db:49:8c:92:c1:ed:7f:11:1a:c6:da:06:f5:d2:a8:
         b2:6d:7d:c7:37:31:ae:5c:67:ca:6e:fe:93:ec:99:14:d3:7b:
         7c:de:10:07:90:d9:a5:b3:a2:8d:35:a2:4b:41:b9:dc:4f:fb:
         dc:da:c2:a3:23:3c:d6:65:a3:2e:81:ae:c7:6d:fc:f6:ab:04:
         4a:3a:fd:d2:91:fd:e8:92:cd:cf:b9:95:ed:2d:98:26:ef:2a:
         1a:6c:9d:b1:e6:06:6c:78:8f:b4:bf:38:8b:33:38:78:65:f0:
         6e:96:05:6a:b6:f2:fc:95:9a:31:41:fa:88:6e:d4:db:fc:b7:
         31:72:8e:23:91:9b:76:65:16:17:84:a0:15:3b:c9:ed:10:6c:
         c9:6e:fd:7c:94:60:24:d1:54:14:c6:42:30:5e:87:f7:12:bf:
         c0:81:20:b1:54:24:c5:2d:09:df:c6:1e:74:25:bf:4f:d8:ab:
         96:1e:22:5e:f7:62:ba:8a:d5:db:0e:05:e5:38:75:f6:87:ba:
         61:fb:0c:05:11:20:76:3f:02:f5:29:2f:4f:07:8f:78:9a:b4:
         47:5e:3b:15:57:11:a5:d7:45:dd:0b:a7:78:f9:6a:35:e0:25:
         65:6b:d3:f5
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUWLMQxXDbEajsXnrYTgGsBB28bYUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUY0QzhFMkE1MDk5M0Q3MEFGNzlFODdDN0UxQjg2NjA5
NzlFMjYxNDAeFw0yNDA5MDQxNzQ1MDBaFw0yNTA5MDMxNzUwMDBaMDMxMTAvBgNV
BAMTKEI2NDMwQzhDRDJBRkE0MTFERjdCM0IzQzA3NkEzQUI2NDhDMzBBNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsV8QYMKnpxsNLUpThk9cW0AQ7
0HmuelsjzgHUM4CUB7eemYZGaEvP4SVunv5h22U7RG6odQwcPd3UAUlMVHx669IL
jAbgeStqQNf/GYgau9r65a1IdWXO+A9PRiqqbh9h0u4hQkIqerYF8GzLcA9vrJPH
tAj2Ps/7YWsoZzOVvPSir589WfeN5pqIQ5VdYe/NVMzqZ/lKUyJ7vK6IC1XyaS/T
sKGUsxG2VrSH6Lsmto3Knl6s9zQzMrwak6cgLJPbyOIzLhnWVRsXdpuLXOdMZc49
h3QGTDUAui402ia1K2Qvv76XED1oI/IyFuPQMYt8OeKopL9Br/po0EdKGzDBAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUtkMMjNKvpBHfezs8B2o6tkjDCkAwHwYDVR0j
BBgwFoAUH0yOKlCZPXCveeh8fhuGYJeeJhQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NTRBNjAyN0RERDUyNjMxMzNGQTkzNDRERkE3MTZBQjQ4
OUM4REE4ODg5MDkwRTBGQjM1RjM2ODY3QzkxMkVDLzAvMUY0QzhFMkE1MDk5M0Q3
MEFGNzlFODdDN0UxQjg2NjA5NzlFMjYxNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRjRDOEUyQTUwOTkzRDcwQUY3
OUU4N0M3RTFCODY2MDk3OUUyNjE0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDU0QTYwMjdEREQ1MjYzMTMzRkE5MzQ0REZBNzE2QUI0ODlDOERBODg4
OTA5MEUwRkIzNUYzNjg2N0M5MTJFQy8wLzMxMzczMDJlMzIzMzMzMmUzNzMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODMxMzEzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKrpRzAN
BgkqhkiG9w0BAQsFAAOCAQEAis++CTQNse6bba59+w+wzVkgmmEn20mMksHtfxEa
xtoG9dKosm19xzcxrlxnym7+k+yZFNN7fN4QB5DZpbOijTWiS0G53E/73NrCoyM8
1mWjLoGux2389qsESjr90pH96JLNz7mV7S2YJu8qGmydseYGbHiPtL84izM4eGXw
bpYFarby/JWaMUH6iG7U2/y3MXKOI5GbdmUWF4SgFTvJ7RBsyW79fJRgJNFUFMZC
MF6H9xK/wIEgsVQkxS0J38YedCW/T9irlh4iXvdiuorV2w4F5Th19oe6YfsMBREg
dj8C9SkvTwePeJq0R147FVcRpddF3QunePlqNeAlZWvT9Q==
-----END CERTIFICATE-----
Generated at Mon Oct 28 06:53:46 2024 by rpki-client on console-ams.rpki-client.org