Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/49103830332AC6B62BE5F050A24A7698B457D89966AC49F9D2D0D53B614ACD3F/0/3139322e3138382e35392e302f32342d3234203d3e203237393437.roa
File:                     3139322e3138382e35392e302f32342d3234203d3e203237393437.roa (raw, json)
Hash identifier:          6t33aRqLdTfNSZshsJkYafZjsaquiBoi/N71dvpRTPA=
Subject key identifier:   7E:E1:09:2D:CC:E5:C1:4F:E7:59:C7:52:D0:A9:B8:C5:02:1A:0D:6C
Certificate issuer:       /CN=5094E25430BCD5E2E482E64388ADB10B84687666
Certificate serial:       1C33181A08E1A5E0667835E403A2DBA8AE41E169
Authority key identifier: 50:94:E2:54:30:BC:D5:E2:E4:82:E6:43:88:AD:B1:0B:84:68:76:66
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5094E25430BCD5E2E482E64388ADB10B84687666.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/49103830332AC6B62BE5F050A24A7698B457D89966AC49F9D2D0D53B614ACD3F/0/3139322e3138382e35392e302f32342d3234203d3e203237393437.roa
Signing time:             Tue 02 Apr 2024 19:25:01 +0000
ROA not before:           Tue 02 Apr 2024 19:20:01 +0000
ROA not after:            Tue 01 Apr 2025 19:25:01 +0000
asID:                     27947
IP address blocks:        192.188.59.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/49103830332AC6B62BE5F050A24A7698B457D89966AC49F9D2D0D53B614ACD3F/0/5094E25430BCD5E2E482E64388ADB10B84687666.crl
                          rsync://repository.lacnic.net/rpki/lacnic/49103830332AC6B62BE5F050A24A7698B457D89966AC49F9D2D0D53B614ACD3F/0/5094E25430BCD5E2E482E64388ADB10B84687666.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5094E25430BCD5E2E482E64388ADB10B84687666.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:33:18:1a:08:e1:a5:e0:66:78:35:e4:03:a2:db:a8:ae:41:e1:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5094E25430BCD5E2E482E64388ADB10B84687666
        Validity
            Not Before: Apr  2 19:20:01 2024 GMT
            Not After : Apr  1 19:25:01 2025 GMT
        Subject: CN=7EE1092DCCE5C14FE759C752D0A9B8C5021A0D6C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:70:53:f9:97:c8:42:e9:86:11:27:d6:62:f9:
                    d0:87:d5:09:4f:4d:dc:9a:b5:a7:76:93:00:af:6a:
                    7b:11:80:29:76:26:fd:3e:28:c0:53:52:5b:ff:9d:
                    51:d5:28:da:6e:eb:ea:2c:44:49:bd:ef:e8:c2:8a:
                    3d:26:7a:4b:8a:cc:46:22:a0:70:25:2c:2c:35:61:
                    bd:42:4a:52:c4:f1:0a:26:ec:7c:6e:6d:c8:7d:bf:
                    b8:0c:71:b7:9a:45:05:e1:96:cd:36:d8:e5:a6:04:
                    76:24:4e:ec:29:e7:e0:f5:fe:58:f2:d4:ef:de:90:
                    60:3c:6b:69:7e:f9:ed:52:e1:f8:1b:ae:69:91:64:
                    41:59:2c:2b:90:a0:2f:6f:12:9c:ff:2d:22:c7:76:
                    06:4e:40:0a:9e:64:35:c7:ad:46:13:9d:3c:51:81:
                    26:f5:c7:b9:c1:34:33:75:14:b3:d9:af:14:0a:56:
                    34:29:ac:0d:0d:68:38:92:e1:e0:d2:6e:e2:53:fc:
                    82:23:3c:6f:94:19:b5:6c:c8:e1:1b:a4:45:af:87:
                    b8:52:50:de:c9:77:58:51:0a:de:e4:09:7d:d3:4c:
                    d8:21:0a:ec:cf:e7:fb:8c:57:3a:b8:47:71:21:81:
                    50:a9:4a:b3:0a:4b:f2:b1:7d:1b:d6:61:48:d2:c1:
                    c5:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:E1:09:2D:CC:E5:C1:4F:E7:59:C7:52:D0:A9:B8:C5:02:1A:0D:6C
            X509v3 Authority Key Identifier:
                keyid:50:94:E2:54:30:BC:D5:E2:E4:82:E6:43:88:AD:B1:0B:84:68:76:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/49103830332AC6B62BE5F050A24A7698B457D89966AC49F9D2D0D53B614ACD3F/0/5094E25430BCD5E2E482E64388ADB10B84687666.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5094E25430BCD5E2E482E64388ADB10B84687666.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/49103830332AC6B62BE5F050A24A7698B457D89966AC49F9D2D0D53B614ACD3F/0/3139322e3138382e35392e302f32342d3234203d3e203237393437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.188.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:71:d1:c2:ab:0f:84:b0:fb:6f:8d:97:61:f4:d4:cd:d0:b6:
         d0:cf:4d:33:33:05:51:f8:f4:6e:e3:66:88:b5:9a:77:f4:8e:
         b7:44:a0:f6:b8:f8:2d:e5:6c:50:76:88:a5:c1:df:bb:c3:f4:
         c1:ec:c9:c5:ba:cd:2b:b6:3a:55:cd:e9:30:26:06:6e:df:fb:
         e3:cf:b8:55:8d:a7:f0:b4:31:c1:67:70:4a:d5:77:16:64:d1:
         70:0d:b1:f3:3d:7f:e0:67:84:58:e6:4f:ff:ba:6b:b4:8f:e2:
         6a:46:69:06:7a:de:85:89:84:23:1f:16:30:bf:d0:88:bf:25:
         d0:a5:de:17:1e:95:48:79:1e:d9:07:cc:ab:f6:30:4d:65:f3:
         f0:0d:60:91:45:56:6c:d6:1a:54:2e:76:35:f2:2a:25:89:f3:
         6b:f0:55:7e:00:b3:97:63:df:7a:41:cc:eb:4a:c3:02:8c:8a:
         ab:b5:5d:52:fd:2e:eb:cb:01:2a:8b:97:b6:93:2a:d3:74:c9:
         4d:e3:d1:8b:55:ed:1a:a1:aa:c2:5d:25:84:9d:71:c5:77:0f:
         d4:aa:bf:9e:e5:37:e9:1f:92:53:7b:96:10:1d:ed:f5:9d:1a:
         fd:71:45:b6:b1:d3:98:f2:1b:41:09:82:f1:5b:ef:4e:8a:ac:
         3b:ac:cd:db
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUHDMYGgjhpeBmeDXkA6LbqK5B4WkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTA5NEUyNTQzMEJDRDVFMkU0ODJFNjQzODhBREIxMEI4
NDY4NzY2NjAeFw0yNDA0MDIxOTIwMDFaFw0yNTA0MDExOTI1MDFaMDMxMTAvBgNV
BAMTKDdFRTEwOTJEQ0NFNUMxNEZFNzU5Qzc1MkQwQTlCOEM1MDIxQTBENkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvcFP5l8hC6YYRJ9Zi+dCH1QlP
Tdyatad2kwCvansRgCl2Jv0+KMBTUlv/nVHVKNpu6+osREm97+jCij0mekuKzEYi
oHAlLCw1Yb1CSlLE8Qom7Hxubch9v7gMcbeaRQXhls022OWmBHYkTuwp5+D1/ljy
1O/ekGA8a2l++e1S4fgbrmmRZEFZLCuQoC9vEpz/LSLHdgZOQAqeZDXHrUYTnTxR
gSb1x7nBNDN1FLPZrxQKVjQprA0NaDiS4eDSbuJT/IIjPG+UGbVsyOEbpEWvh7hS
UN7Jd1hRCt7kCX3TTNghCuzP5/uMVzq4R3EhgVCpSrMKS/KxfRvWYUjSwcV5AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUfuEJLczlwU/nWcdS0Km4xQIaDWwwHwYDVR0j
BBgwFoAUUJTiVDC81eLkguZDiK2xC4RodmYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80OTEwMzgzMDMzMkFDNkI2MkJFNUYwNTBBMjRBNzY5OEI0
NTdEODk5NjZBQzQ5RjlEMkQwRDUzQjYxNEFDRDNGLzAvNTA5NEUyNTQzMEJDRDVF
MkU0ODJFNjQzODhBREIxMEI4NDY4NzY2Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81MDk0RTI1NDMwQkNENUUyRTQ4
MkU2NDM4OEFEQjEwQjg0Njg3NjY2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDkxMDM4MzAzMzJBQzZCNjJCRTVGMDUwQTI0QTc2OThCNDU3RDg5OTY2
QUM0OUY5RDJEMEQ1M0I2MTRBQ0QzRi8wLzMxMzkzMjJlMzEzODM4MmUzNTM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM5MzQzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMC8OzAN
BgkqhkiG9w0BAQsFAAOCAQEAgHHRwqsPhLD7b42XYfTUzdC20M9NMzMFUfj0buNm
iLWad/SOt0Sg9rj4LeVsUHaIpcHfu8P0wezJxbrNK7Y6Vc3pMCYGbt/748+4VY2n
8LQxwWdwStV3FmTRcA2x8z1/4GeEWOZP/7prtI/iakZpBnrehYmEIx8WML/QiL8l
0KXeFx6VSHke2QfMq/YwTWXz8A1gkUVWbNYaVC52NfIqJYnza/BVfgCzl2PfekHM
60rDAoyKq7VdUv0u68sBKouXtpMq03TJTePRi1XtGqGqwl0lhJ1xxXcP1Kq/nuU3
6R+SU3uWEB3t9Z0a/XFFtrHTmPIbQQmC8VvvToqsO6zN2w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:07:23 2024 by rpki-client on console-ams.rpki-client.org