Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/492C9AD07ED863FE3714CD242F151AF80FED91B1C83F27EFFF635EEE3FD9F327/0/3139302e3132312e3231312e302f32342d3234203d3e203432373038.roa
File:                     3139302e3132312e3231312e302f32342d3234203d3e203432373038.roa (raw, json)
Hash identifier:          ejIENsvmhwAMJGfLDju8A5aLGBPe3fbVMkQagAixqME=
Subject key identifier:   14:A7:BB:97:3F:02:E7:E8:C1:BA:FE:E9:F9:D5:28:4B:12:A1:11:98
Certificate issuer:       /CN=305D06C24AF1C29D223292689F4201FDBCC0C091
Certificate serial:       4CDB16A8971D2871A7B180CF670F0DFD04DCA6DB
Authority key identifier: 30:5D:06:C2:4A:F1:C2:9D:22:32:92:68:9F:42:01:FD:BC:C0:C0:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/305D06C24AF1C29D223292689F4201FDBCC0C091.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/492C9AD07ED863FE3714CD242F151AF80FED91B1C83F27EFFF635EEE3FD9F327/0/3139302e3132312e3231312e302f32342d3234203d3e203432373038.roa
Signing time:             Tue 05 Mar 2024 18:04:21 +0000
ROA not before:           Tue 05 Mar 2024 17:59:21 +0000
ROA not after:            Tue 04 Mar 2025 18:04:21 +0000
asID:                     42708
IP address blocks:        190.121.211.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/492C9AD07ED863FE3714CD242F151AF80FED91B1C83F27EFFF635EEE3FD9F327/0/305D06C24AF1C29D223292689F4201FDBCC0C091.crl
                          rsync://repository.lacnic.net/rpki/lacnic/492C9AD07ED863FE3714CD242F151AF80FED91B1C83F27EFFF635EEE3FD9F327/0/305D06C24AF1C29D223292689F4201FDBCC0C091.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/305D06C24AF1C29D223292689F4201FDBCC0C091.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 26 Nov 2024 22:33:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:db:16:a8:97:1d:28:71:a7:b1:80:cf:67:0f:0d:fd:04:dc:a6:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=305D06C24AF1C29D223292689F4201FDBCC0C091
        Validity
            Not Before: Mar  5 17:59:21 2024 GMT
            Not After : Mar  4 18:04:21 2025 GMT
        Subject: CN=14A7BB973F02E7E8C1BAFEE9F9D5284B12A11198
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:81:01:2f:8e:13:22:10:93:9e:44:fe:f8:08:
                    0d:a1:70:15:07:9f:19:25:a9:c6:e3:d1:63:f9:73:
                    bd:16:02:9f:8e:81:8a:f6:9a:6b:26:79:4b:e5:62:
                    50:c5:1e:27:8c:e7:94:32:71:c2:b3:7c:68:4e:09:
                    36:b0:b2:5d:f9:ee:bd:56:8b:b4:05:38:a7:9f:f0:
                    ab:70:96:4c:09:3f:f8:b4:4d:85:d6:59:0d:6b:62:
                    7c:91:38:34:5d:cc:3c:88:c2:aa:39:69:b1:3d:ae:
                    ed:56:eb:d9:ae:c9:35:09:72:06:b1:d3:e2:dc:00:
                    73:40:5b:27:e8:bd:60:23:d4:d7:64:14:e7:b5:14:
                    cc:52:67:7c:23:b0:42:c4:bb:96:de:06:79:43:66:
                    dd:b8:e9:14:39:ed:ed:d0:1c:4e:57:7b:a2:76:19:
                    3d:2e:bb:de:a0:e6:8a:e1:63:8f:bd:5e:24:39:7f:
                    1d:4e:a6:a7:d1:ae:31:59:39:3c:93:48:d5:61:57:
                    7b:59:c3:5e:b1:80:e2:06:14:1c:9e:fa:e0:7b:db:
                    37:8c:72:67:0f:c2:68:8a:78:1f:8d:fa:1b:57:14:
                    12:4d:8e:06:13:d4:67:42:63:48:81:a9:ea:b8:41:
                    dc:a0:d5:50:a6:d0:b2:25:59:1a:74:2d:24:31:ed:
                    06:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:A7:BB:97:3F:02:E7:E8:C1:BA:FE:E9:F9:D5:28:4B:12:A1:11:98
            X509v3 Authority Key Identifier:
                keyid:30:5D:06:C2:4A:F1:C2:9D:22:32:92:68:9F:42:01:FD:BC:C0:C0:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/492C9AD07ED863FE3714CD242F151AF80FED91B1C83F27EFFF635EEE3FD9F327/0/305D06C24AF1C29D223292689F4201FDBCC0C091.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/305D06C24AF1C29D223292689F4201FDBCC0C091.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/492C9AD07ED863FE3714CD242F151AF80FED91B1C83F27EFFF635EEE3FD9F327/0/3139302e3132312e3231312e302f32342d3234203d3e203432373038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.121.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:f5:f0:3e:ed:a0:b8:c5:fd:1c:54:2a:91:3e:44:1e:b3:0d:
         23:70:6f:93:1d:c6:af:46:ed:34:a6:55:ad:45:4c:27:4c:7d:
         a7:f2:33:c1:fc:76:cb:3a:a0:5e:e7:fe:47:01:b1:9c:42:61:
         b3:31:67:97:6b:f1:99:b6:90:ca:ad:38:af:3c:ab:50:83:d7:
         d9:57:63:65:e9:83:51:7e:46:75:87:9a:3f:4c:af:3d:f3:04:
         a1:a5:cc:60:0b:63:a3:6a:06:87:29:bf:31:50:88:0c:55:57:
         b7:80:61:a3:d6:89:f7:48:f3:ec:48:e8:5e:de:70:90:62:b2:
         22:10:64:35:d1:68:4b:47:02:e7:87:d9:6b:7d:0f:bc:8b:fa:
         f4:fd:de:d9:55:af:3d:34:79:fd:97:a6:1a:40:e7:ca:8a:6b:
         23:5b:d4:a6:d8:a1:56:22:6b:80:96:f8:c5:36:12:58:ae:73:
         e2:3f:9e:10:4d:1e:ce:a1:ba:33:17:3e:53:e9:31:83:8f:d1:
         a0:06:ea:38:c7:f0:1e:e7:e6:40:56:ef:6e:1a:bb:b3:0c:07:
         ec:80:70:eb:31:a6:1d:bb:38:91:2e:fd:07:e8:24:99:be:9a:
         2e:1a:73:c0:6d:f5:b7:15:66:71:a7:1f:22:a3:ac:bf:01:0b:
         68:f4:80:ab
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUTNsWqJcdKHGnsYDPZw8N/QTcptswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzA1RDA2QzI0QUYxQzI5RDIyMzI5MjY4OUY0MjAxRkRC
Q0MwQzA5MTAeFw0yNDAzMDUxNzU5MjFaFw0yNTAzMDQxODA0MjFaMDMxMTAvBgNV
BAMTKDE0QTdCQjk3M0YwMkU3RThDMUJBRkVFOUY5RDUyODRCMTJBMTExOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNgQEvjhMiEJOeRP74CA2hcBUH
nxklqcbj0WP5c70WAp+OgYr2mmsmeUvlYlDFHieM55QyccKzfGhOCTawsl357r1W
i7QFOKef8KtwlkwJP/i0TYXWWQ1rYnyRODRdzDyIwqo5abE9ru1W69muyTUJcgax
0+LcAHNAWyfovWAj1NdkFOe1FMxSZ3wjsELEu5beBnlDZt246RQ57e3QHE5Xe6J2
GT0uu96g5orhY4+9XiQ5fx1OpqfRrjFZOTyTSNVhV3tZw16xgOIGFBye+uB72zeM
cmcPwmiKeB+N+htXFBJNjgYT1GdCY0iBqeq4Qdyg1VCm0LIlWRp0LSQx7Qa/AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUFKe7lz8C5+jBuv7p+dUoSxKhEZgwHwYDVR0j
BBgwFoAUMF0Gwkrxwp0iMpJon0IB/bzAwJEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80OTJDOUFEMDdFRDg2M0ZFMzcxNENEMjQyRjE1MUFGODBG
RUQ5MUIxQzgzRjI3RUZGRjYzNUVFRTNGRDlGMzI3LzAvMzA1RDA2QzI0QUYxQzI5
RDIyMzI5MjY4OUY0MjAxRkRCQ0MwQzA5MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zMDVEMDZDMjRBRjFDMjlEMjIz
MjkyNjg5RjQyMDFGREJDQzBDMDkxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDkyQzlBRDA3RUQ4NjNGRTM3MTRDRDI0MkYxNTFBRjgwRkVEOTFCMUM4
M0YyN0VGRkY2MzVFRUUzRkQ5RjMyNy8wLzMxMzkzMDJlMzEzMjMxMmUzMjMxMzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzczMDM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvnnT
MA0GCSqGSIb3DQEBCwUAA4IBAQAb9fA+7aC4xf0cVCqRPkQesw0jcG+THcavRu00
plWtRUwnTH2n8jPB/HbLOqBe5/5HAbGcQmGzMWeXa/GZtpDKrTivPKtQg9fZV2Nl
6YNRfkZ1h5o/TK898wShpcxgC2OjagaHKb8xUIgMVVe3gGGj1on3SPPsSOhe3nCQ
YrIiEGQ10WhLRwLnh9lrfQ+8i/r0/d7ZVa89NHn9l6YaQOfKimsjW9Sm2KFWImuA
lvjFNhJYrnPiP54QTR7OobozFz5T6TGDj9GgBuo4x/Ae5+ZAVu9uGruzDAfsgHDr
MaYduziRLv0H6CSZvpouGnPAbfW3FWZxpx8io6y/AQto9ICr
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:31:45 2024 by rpki-client on console-fra.rpki-client.org