Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4F2FFFB0B3834045F7C4282AEB4C645DD9461750CCD5338F8CC6FD65F5AE1CCA/0/3230312e3134382e302e302f31382d3234203d3e203138373334.roa
File:                     3230312e3134382e302e302f31382d3234203d3e203138373334.roa (raw, json)
Hash identifier:          kU29amHBr/qhCSqETVdHj+O7/HOSjsJMMdHTQimA2QI=
Subject key identifier:   D6:9B:62:DA:49:32:E4:69:74:70:01:F5:DE:DB:0B:44:FB:5F:02:3F
Certificate issuer:       /CN=7997A25836B429E9E6D15518DC739700B6C9C4FD
Certificate serial:       7FDA491A2694EB95BB2211C577DDCFB632FC9417
Authority key identifier: 79:97:A2:58:36:B4:29:E9:E6:D1:55:18:DC:73:97:00:B6:C9:C4:FD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7997A25836B429E9E6D15518DC739700B6C9C4FD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4F2FFFB0B3834045F7C4282AEB4C645DD9461750CCD5338F8CC6FD65F5AE1CCA/0/3230312e3134382e302e302f31382d3234203d3e203138373334.roa
Signing time:             Tue 05 Mar 2024 17:50:43 +0000
ROA not before:           Tue 05 Mar 2024 17:45:43 +0000
ROA not after:            Tue 04 Mar 2025 17:50:43 +0000
asID:                     18734
IP address blocks:        201.148.0.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4F2FFFB0B3834045F7C4282AEB4C645DD9461750CCD5338F8CC6FD65F5AE1CCA/0/7997A25836B429E9E6D15518DC739700B6C9C4FD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4F2FFFB0B3834045F7C4282AEB4C645DD9461750CCD5338F8CC6FD65F5AE1CCA/0/7997A25836B429E9E6D15518DC739700B6C9C4FD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7997A25836B429E9E6D15518DC739700B6C9C4FD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:da:49:1a:26:94:eb:95:bb:22:11:c5:77:dd:cf:b6:32:fc:94:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7997A25836B429E9E6D15518DC739700B6C9C4FD
        Validity
            Not Before: Mar  5 17:45:43 2024 GMT
            Not After : Mar  4 17:50:43 2025 GMT
        Subject: CN=D69B62DA4932E469747001F5DEDB0B44FB5F023F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:45:6a:29:55:42:55:68:47:1f:0f:07:c1:4d:
                    97:27:a8:7d:78:c7:3a:d2:27:0f:75:05:06:1e:57:
                    76:7f:4b:7c:07:61:f3:9b:7f:a2:eb:88:0d:b5:9e:
                    2f:5b:de:d5:6d:4f:c1:d0:32:c8:eb:76:73:56:c1:
                    fc:35:74:99:5b:1c:90:dd:9b:36:68:98:6f:85:64:
                    6e:c4:8b:0e:41:7e:50:2e:1f:b5:97:dc:0e:4d:2f:
                    d7:5a:b7:f3:50:8e:67:d2:d0:1f:79:d8:f3:7a:8d:
                    53:f6:88:af:a8:91:b6:e5:c1:64:11:0f:0a:b4:43:
                    5e:83:74:f9:88:ec:7a:fc:57:95:01:7e:7c:62:81:
                    44:35:4c:8b:27:92:c9:f9:e3:a5:0c:a0:45:e4:08:
                    a0:2b:6d:0d:e1:b1:40:66:47:13:d1:51:b0:27:f4:
                    be:64:84:2c:33:20:19:9e:0a:31:d8:86:a8:9f:94:
                    0e:c8:24:be:a9:fe:92:3c:03:e9:c6:29:2b:d2:85:
                    fb:3e:ec:dc:5e:1c:78:9e:de:4f:a7:37:05:a5:48:
                    9e:25:19:64:39:14:b5:cd:0c:85:eb:80:4f:d0:fb:
                    d3:e9:bb:ea:78:20:46:c2:f1:df:33:65:5b:71:b8:
                    75:79:0e:9c:ed:1e:c5:cc:cf:dd:e9:da:3b:b0:2a:
                    5c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:9B:62:DA:49:32:E4:69:74:70:01:F5:DE:DB:0B:44:FB:5F:02:3F
            X509v3 Authority Key Identifier:
                keyid:79:97:A2:58:36:B4:29:E9:E6:D1:55:18:DC:73:97:00:B6:C9:C4:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4F2FFFB0B3834045F7C4282AEB4C645DD9461750CCD5338F8CC6FD65F5AE1CCA/0/7997A25836B429E9E6D15518DC739700B6C9C4FD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7997A25836B429E9E6D15518DC739700B6C9C4FD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4F2FFFB0B3834045F7C4282AEB4C645DD9461750CCD5338F8CC6FD65F5AE1CCA/0/3230312e3134382e302e302f31382d3234203d3e203138373334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.148.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         11:3a:1e:5c:35:3b:5b:6d:18:1e:b4:df:ee:84:b6:cb:ae:2c:
         72:08:d3:dc:69:90:40:ba:e8:12:10:7d:ba:97:eb:2b:2b:40:
         42:57:97:8c:83:0d:9a:c5:8e:4e:ee:aa:e4:6e:5f:bd:cf:62:
         63:ef:5e:2c:76:12:d7:53:fb:03:41:45:49:0c:36:a7:7c:33:
         44:00:4f:55:d8:bc:92:08:b5:c5:ab:09:a6:28:2f:3e:65:0d:
         d5:ec:70:94:21:8a:cb:5b:d7:60:a4:ad:c9:3d:5a:21:e5:48:
         db:76:dc:59:67:20:e0:15:a2:5d:99:c2:c5:35:30:87:2b:a1:
         60:b1:b4:e7:d3:56:23:a5:83:66:3a:23:0b:ea:12:01:23:ee:
         f9:33:91:6c:e5:16:61:40:ce:44:bc:0c:f1:de:af:bc:0d:3f:
         c9:05:9d:3f:58:78:4c:a5:0f:47:94:44:84:9e:08:97:80:e3:
         d4:75:e9:4c:d6:ae:22:9e:3b:21:17:8d:a3:db:44:d1:4a:98:
         d5:9c:3a:6f:87:5b:65:f0:ba:2e:d2:fa:56:6e:ac:d3:e0:d1:
         c2:8b:ae:06:ec:72:d7:32:0e:b0:07:0e:c9:41:92:17:b9:90:
         1e:80:eb:52:a9:bc:d6:71:02:d3:e4:c0:13:b9:e0:8a:86:b2:
         da:41:e7:47
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUf9pJGiaU65W7IhHFd93PtjL8lBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5N0EyNTgzNkI0MjlFOUU2RDE1NTE4REM3Mzk3MDBC
NkM5QzRGRDAeFw0yNDAzMDUxNzQ1NDNaFw0yNTAzMDQxNzUwNDNaMDMxMTAvBgNV
BAMTKEQ2OUI2MkRBNDkzMkU0Njk3NDcwMDFGNURFREIwQjQ0RkI1RjAyM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDARWopVUJVaEcfDwfBTZcnqH14
xzrSJw91BQYeV3Z/S3wHYfObf6LriA21ni9b3tVtT8HQMsjrdnNWwfw1dJlbHJDd
mzZomG+FZG7Eiw5BflAuH7WX3A5NL9dat/NQjmfS0B952PN6jVP2iK+okbblwWQR
Dwq0Q16DdPmI7Hr8V5UBfnxigUQ1TIsnksn546UMoEXkCKArbQ3hsUBmRxPRUbAn
9L5khCwzIBmeCjHYhqiflA7IJL6p/pI8A+nGKSvShfs+7NxeHHie3k+nNwWlSJ4l
GWQ5FLXNDIXrgE/Q+9Ppu+p4IEbC8d8zZVtxuHV5DpztHsXMz93p2juwKlybAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU1pti2kky5Gl0cAH13tsLRPtfAj8wHwYDVR0j
BBgwFoAUeZeiWDa0Kenm0VUY3HOXALbJxP0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80RjJGRkZCMEIzODM0MDQ1RjdDNDI4MkFFQjRDNjQ1REQ5
NDYxNzUwQ0NENTMzOEY4Q0M2RkQ2NUY1QUUxQ0NBLzAvNzk5N0EyNTgzNkI0MjlF
OUU2RDE1NTE4REM3Mzk3MDBCNkM5QzRGRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83OTk3QTI1ODM2QjQyOUU5RTZE
MTU1MThEQzczOTcwMEI2QzlDNEZELmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNEYyRkZGQjBCMzgzNDA0NUY3QzQyODJBRUI0QzY0NUREOTQ2MTc1MEND
RDUzMzhGOENDNkZENjVGNUFFMUNDQS8wLzMyMzAzMTJlMzEzNDM4MmUzMDJlMzAy
ZjMxMzgyZDMyMzQyMDNkM2UyMDMxMzgzNzMzMzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbJlAAwDQYJ
KoZIhvcNAQELBQADggEBABE6Hlw1O1ttGB603+6EtsuuLHII09xpkEC66BIQfbqX
6ysrQEJXl4yDDZrFjk7uquRuX73PYmPvXix2EtdT+wNBRUkMNqd8M0QAT1XYvJII
tcWrCaYoLz5lDdXscJQhistb12Ckrck9WiHlSNt23FlnIOAVol2ZwsU1MIcroWCx
tOfTViOlg2Y6IwvqEgEj7vkzkWzlFmFAzkS8DPHer7wNP8kFnT9YeEylD0eURISe
CJeA49R16UzWriKeOyEXjaPbRNFKmNWcOm+HW2Xwui7S+lZurNPg0cKLrgbsctcy
DrAHDslBkhe5kB6A61KpvNZxAtPkwBO54IqGstpB50c=
-----END CERTIFICATE-----
Generated at Wed Nov 20 08:53:05 2024 by rpki-client on console-ams.rpki-client.org