Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4A3C65E01138A797CC1CD88B7B32A80F15642316087C29513D3DAC2B1117A368/0/3139302e3131332e33332e302f32342d3234203d3e20323731383634.roa
File:                     3139302e3131332e33332e302f32342d3234203d3e20323731383634.roa (raw, json)
Hash identifier:          8ME74m/putP+SD9+qEup3DjoqDRacwC0L/JlBHOYUZQ=
Subject key identifier:   1C:D9:22:3C:1A:A3:18:0C:F6:EE:AC:EA:58:30:A2:1E:D5:B8:7C:5D
Certificate issuer:       /CN=EA517D4BAAB85D3C8F5008F40BC48B21CBEA72B8
Certificate serial:       7F59B94FCE37D1B0D88491D0D41B27E277EF37D3
Authority key identifier: EA:51:7D:4B:AA:B8:5D:3C:8F:50:08:F4:0B:C4:8B:21:CB:EA:72:B8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EA517D4BAAB85D3C8F5008F40BC48B21CBEA72B8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4A3C65E01138A797CC1CD88B7B32A80F15642316087C29513D3DAC2B1117A368/0/3139302e3131332e33332e302f32342d3234203d3e20323731383634.roa
Signing time:             Tue 05 Mar 2024 18:10:33 +0000
ROA not before:           Tue 05 Mar 2024 18:05:33 +0000
ROA not after:            Tue 04 Mar 2025 18:10:33 +0000
asID:                     271864
IP address blocks:        190.113.33.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4A3C65E01138A797CC1CD88B7B32A80F15642316087C29513D3DAC2B1117A368/0/EA517D4BAAB85D3C8F5008F40BC48B21CBEA72B8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4A3C65E01138A797CC1CD88B7B32A80F15642316087C29513D3DAC2B1117A368/0/EA517D4BAAB85D3C8F5008F40BC48B21CBEA72B8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EA517D4BAAB85D3C8F5008F40BC48B21CBEA72B8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:59:b9:4f:ce:37:d1:b0:d8:84:91:d0:d4:1b:27:e2:77:ef:37:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EA517D4BAAB85D3C8F5008F40BC48B21CBEA72B8
        Validity
            Not Before: Mar  5 18:05:33 2024 GMT
            Not After : Mar  4 18:10:33 2025 GMT
        Subject: CN=1CD9223C1AA3180CF6EEACEA5830A21ED5B87C5D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e9:2a:0d:59:80:25:49:3a:ff:df:80:01:22:
                    3c:33:33:c0:aa:2a:1b:24:4c:8d:23:ec:e8:f0:ba:
                    30:05:9b:03:97:6c:29:09:83:de:ec:02:1a:15:a1:
                    0a:6a:2c:b3:f8:49:90:47:56:cc:07:40:8b:54:4c:
                    99:d3:36:68:6d:57:2e:b6:10:60:4d:01:c8:af:96:
                    a9:fa:c3:bf:ac:b1:1e:aa:3f:2f:d1:a8:ba:3e:e3:
                    05:1d:a5:e2:0f:0a:ce:c1:01:8e:a8:a9:de:c1:08:
                    ee:eb:3d:c7:2a:06:13:41:41:fb:c0:cd:ca:49:50:
                    f8:4f:94:65:f7:b1:3f:66:82:d3:7a:65:dd:91:a8:
                    90:6e:b1:6e:63:2b:87:88:a2:cd:04:fa:65:e0:2f:
                    4f:c2:c4:8f:0b:b4:ab:75:c5:a5:60:3c:ec:ab:ee:
                    e8:d2:d3:e7:1a:e7:1c:b2:59:2a:fc:a6:e3:5c:87:
                    3a:28:3d:c4:01:ea:8f:c4:9d:99:35:a9:c3:3e:19:
                    b6:e1:d9:2d:8b:d2:37:97:99:5c:88:fb:f9:d4:4f:
                    83:5e:c4:05:9f:53:08:3a:1d:db:15:14:c6:55:ba:
                    a5:97:cf:19:5f:ae:a0:30:8c:5f:08:10:5f:5e:1d:
                    b3:07:22:9b:69:10:c9:bc:38:be:69:84:dc:0d:30:
                    88:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:D9:22:3C:1A:A3:18:0C:F6:EE:AC:EA:58:30:A2:1E:D5:B8:7C:5D
            X509v3 Authority Key Identifier:
                keyid:EA:51:7D:4B:AA:B8:5D:3C:8F:50:08:F4:0B:C4:8B:21:CB:EA:72:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4A3C65E01138A797CC1CD88B7B32A80F15642316087C29513D3DAC2B1117A368/0/EA517D4BAAB85D3C8F5008F40BC48B21CBEA72B8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EA517D4BAAB85D3C8F5008F40BC48B21CBEA72B8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4A3C65E01138A797CC1CD88B7B32A80F15642316087C29513D3DAC2B1117A368/0/3139302e3131332e33332e302f32342d3234203d3e20323731383634.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.113.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:23:6b:ba:be:d4:61:48:cf:55:c7:15:f3:06:ba:d7:87:43:
         3e:dd:00:65:20:37:ff:fd:85:cb:ad:c9:c0:14:4f:54:ae:0b:
         3c:d1:c8:5d:b1:e0:13:b5:74:5c:84:f2:0d:6a:55:c2:0e:b3:
         0a:6d:6b:d9:30:9a:9b:ad:13:8a:2c:46:a5:d5:68:58:87:0c:
         7d:be:ac:04:c6:ac:61:da:c9:87:71:83:bb:56:1d:05:b5:5a:
         37:79:74:95:45:c7:40:03:53:64:9d:e6:7e:ef:cf:14:c7:70:
         4d:93:0d:01:ce:af:b2:1b:ec:fc:0f:2c:23:2e:33:9c:85:83:
         88:19:f1:68:3c:f2:35:42:6e:7a:b5:38:7b:2e:f0:44:c0:5a:
         9d:52:d7:aa:4c:bb:5f:58:8b:77:9e:55:48:f3:54:c5:22:21:
         94:be:7a:d7:13:86:d8:48:66:b8:25:44:c5:b6:7b:92:b9:7e:
         66:16:7a:ec:67:65:e0:23:47:7f:52:87:a3:6d:b2:e0:a1:4f:
         a5:95:49:8a:ee:82:91:25:ee:1d:9d:2d:b6:d3:39:62:76:93:
         51:51:5a:59:ec:dc:a8:24:3a:6a:2d:df:c3:d8:ab:72:2c:19:
         8a:20:4a:32:51:6f:f3:3d:a5:45:92:8d:e8:65:74:bb:94:45:
         1b:e1:62:ad
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUf1m5T8430bDYhJHQ1Bsn4nfvN9MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUE1MTdENEJBQUI4NUQzQzhGNTAwOEY0MEJDNDhCMjFD
QkVBNzJCODAeFw0yNDAzMDUxODA1MzNaFw0yNTAzMDQxODEwMzNaMDMxMTAvBgNV
BAMTKDFDRDkyMjNDMUFBMzE4MENGNkVFQUNFQTU4MzBBMjFFRDVCODdDNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC26SoNWYAlSTr/34ABIjwzM8Cq
KhskTI0j7OjwujAFmwOXbCkJg97sAhoVoQpqLLP4SZBHVswHQItUTJnTNmhtVy62
EGBNAcivlqn6w7+ssR6qPy/RqLo+4wUdpeIPCs7BAY6oqd7BCO7rPccqBhNBQfvA
zcpJUPhPlGX3sT9mgtN6Zd2RqJBusW5jK4eIos0E+mXgL0/CxI8LtKt1xaVgPOyr
7ujS0+ca5xyyWSr8puNchzooPcQB6o/EnZk1qcM+Gbbh2S2L0jeXmVyI+/nUT4Ne
xAWfUwg6HdsVFMZVuqWXzxlfrqAwjF8IEF9eHbMHIptpEMm8OL5phNwNMIhpAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUHNkiPBqjGAz27qzqWDCiHtW4fF0wHwYDVR0j
BBgwFoAU6lF9S6q4XTyPUAj0C8SLIcvqcrgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80QTNDNjVFMDExMzhBNzk3Q0MxQ0Q4OEI3QjMyQTgwRjE1
NjQyMzE2MDg3QzI5NTEzRDNEQUMyQjExMTdBMzY4LzAvRUE1MTdENEJBQUI4NUQz
QzhGNTAwOEY0MEJDNDhCMjFDQkVBNzJCOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FQTUxN0Q0QkFBQjg1RDNDOEY1
MDA4RjQwQkM0OEIyMUNCRUE3MkI4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNEEzQzY1RTAxMTM4QTc5N0NDMUNEODhCN0IzMkE4MEYxNTY0MjMxNjA4
N0MyOTUxM0QzREFDMkIxMTE3QTM2OC8wLzMxMzkzMDJlMzEzMTMzMmUzMzMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzMxMzgzNjM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvnEh
MA0GCSqGSIb3DQEBCwUAA4IBAQB5I2u6vtRhSM9VxxXzBrrXh0M+3QBlIDf//YXL
rcnAFE9Urgs80chdseATtXRchPINalXCDrMKbWvZMJqbrROKLEal1WhYhwx9vqwE
xqxh2smHcYO7Vh0FtVo3eXSVRcdAA1NkneZ+788Ux3BNkw0Bzq+yG+z8DywjLjOc
hYOIGfFoPPI1Qm56tTh7LvBEwFqdUteqTLtfWIt3nlVI81TFIiGUvnrXE4bYSGa4
JUTFtnuSuX5mFnrsZ2XgI0d/UoejbbLgoU+llUmK7oKRJe4dnS220zlidpNRUVpZ
7NyoJDpqLd/D2KtyLBmKIEoyUW/zPaVFko3oZXS7lEUb4WKt
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:03:07 2024 by rpki-client on console-fra.rpki-client.org