Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139302e3132362e302e302f31352d3234203d3e203134303830.roa
File:                     3139302e3132362e302e302f31352d3234203d3e203134303830.roa (raw, json)
Hash identifier:          fiPjv4sOiCispWaar2IwWB3xbsSfmoZvaMctVDmWU20=
Subject key identifier:   4D:65:6E:E3:D1:85:B5:99:5A:76:15:A1:FD:82:F5:0D:5A:1C:14:DB
Certificate issuer:       /CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
Certificate serial:       72DF368A91830FCCAD720675D55EB7316C4EF4E3
Authority key identifier: 43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139302e3132362e302e302f31352d3234203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 18:00:55 +0000
ROA not before:           Tue 05 Mar 2024 17:55:55 +0000
ROA not after:            Tue 04 Mar 2025 18:00:55 +0000
asID:                     14080
IP address blocks:        190.126.0.0/15 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 10:27:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:df:36:8a:91:83:0f:cc:ad:72:06:75:d5:5e:b7:31:6c:4e:f4:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
        Validity
            Not Before: Mar  5 17:55:55 2024 GMT
            Not After : Mar  4 18:00:55 2025 GMT
        Subject: CN=4D656EE3D185B5995A7615A1FD82F50D5A1C14DB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f6:b4:b8:26:94:f8:2d:5e:98:42:f0:ce:8f:
                    ee:be:19:63:9f:52:88:ba:f6:8d:00:25:1e:15:e0:
                    6a:5c:5e:09:3b:f2:d4:99:a4:26:49:3a:9d:6d:87:
                    00:af:9e:08:cc:ab:f6:5e:4b:f5:58:53:46:8a:2d:
                    5f:cb:3d:cc:9b:73:bc:93:71:49:31:26:be:0d:ea:
                    dd:74:32:44:b7:cc:07:f8:d7:cb:b8:fa:4e:bb:fd:
                    f5:80:fa:2e:52:18:53:5d:a5:d6:a7:c1:95:19:48:
                    40:ea:c0:72:a9:66:c0:72:10:fb:a7:e3:cc:9f:08:
                    49:54:af:7f:51:53:ff:28:8a:25:7b:56:03:5a:db:
                    17:25:81:e3:ec:12:62:b7:19:db:1d:47:50:cb:5e:
                    9c:1b:f6:e0:ae:1b:65:99:95:fd:2d:40:0e:b8:2b:
                    b1:2a:52:2c:b7:41:d9:0c:4e:fc:8c:ea:25:57:3d:
                    27:a9:7f:d0:d6:01:20:52:a8:67:b4:03:4b:f0:8b:
                    3d:29:b2:8f:8f:59:38:30:63:83:3f:e7:64:1e:26:
                    2a:cc:17:99:0e:c1:fe:3d:7c:9f:0f:5e:fe:bb:be:
                    23:70:fb:bf:ab:56:19:c3:16:fc:d8:4d:33:d4:50:
                    9a:93:3c:93:79:e4:80:d8:11:5c:f2:90:5d:c4:6e:
                    87:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:65:6E:E3:D1:85:B5:99:5A:76:15:A1:FD:82:F5:0D:5A:1C:14:DB
            X509v3 Authority Key Identifier:
                keyid:43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139302e3132362e302e302f31352d3234203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.126.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         a9:b2:a7:7c:53:3d:e7:0e:36:0d:09:df:a1:40:c7:89:f6:d9:
         74:3c:62:cf:9c:fb:6f:68:fe:7c:dc:6b:65:33:3c:91:98:76:
         fb:6b:d0:5a:93:95:ac:14:ba:88:3a:64:8b:4d:49:24:6b:92:
         08:e3:02:ff:30:a3:18:1b:90:90:9e:73:64:8b:35:ac:bf:db:
         db:f2:fd:2f:dd:aa:0c:07:bd:72:83:2d:03:bf:40:93:b2:c7:
         53:95:0b:84:13:aa:3b:40:79:4f:40:28:4b:81:c0:48:90:85:
         36:1a:fd:c3:97:e6:c8:a6:14:98:dc:1e:17:17:27:2f:da:b6:
         92:bc:e6:66:ae:5b:3b:87:ed:ae:f2:96:55:20:45:b9:21:07:
         ae:ed:fd:34:a5:a0:92:79:04:b8:aa:da:e8:56:55:6e:42:9e:
         cb:89:58:12:59:70:99:da:39:48:03:e3:13:eb:12:ae:60:bc:
         2a:1d:20:9b:4d:92:24:89:21:b3:24:47:8d:17:d4:85:7e:d2:
         69:87:9b:bf:81:99:ce:7c:4c:11:fc:81:d9:27:db:56:c0:59:
         5a:7c:19:ac:6e:f6:d1:29:da:f5:54:75:e1:3d:cf:1e:48:f9:
         c9:a2:34:65:a7:24:86:49:b0:fd:ac:75:7d:21:ed:14:d3:48:
         b2:75:c0:7e
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUct82ipGDD8ytcgZ11V63MWxO9OMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGRjFDOEFFMEI0NzU3RTY4RUREMDhBRTFBRUIyQURB
RDg2NTNENTAeFw0yNDAzMDUxNzU1NTVaFw0yNTAzMDQxODAwNTVaMDMxMTAvBgNV
BAMTKDRENjU2RUUzRDE4NUI1OTk1QTc2MTVBMUZEODJGNTBENUExQzE0REIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC69rS4JpT4LV6YQvDOj+6+GWOf
Uoi69o0AJR4V4GpcXgk78tSZpCZJOp1thwCvngjMq/ZeS/VYU0aKLV/LPcybc7yT
cUkxJr4N6t10MkS3zAf418u4+k67/fWA+i5SGFNdpdanwZUZSEDqwHKpZsByEPun
48yfCElUr39RU/8oiiV7VgNa2xclgePsEmK3GdsdR1DLXpwb9uCuG2WZlf0tQA64
K7EqUiy3QdkMTvyM6iVXPSepf9DWASBSqGe0A0vwiz0pso+PWTgwY4M/52QeJirM
F5kOwf49fJ8PXv67viNw+7+rVhnDFvzYTTPUUJqTPJN55IDYEVzykF3EbochAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUTWVu49GFtZladhWh/YL1DVocFNswHwYDVR0j
BBgwFoAUQ/8ciuC0dX5o7dCK4a6yra2GU9UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MTI0MEU3OTYyQjkzODBBM0U2MjdDOTQ0NDFFQTZCQjJD
Q0EzREIxRDIyRTkzNEI2Q0M5REM1QjYzNUVGNDkxLzAvNDNGRjFDOEFFMEI0NzU3
RTY4RUREMDhBRTFBRUIyQURBRDg2NTNENS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80M0ZGMUM4QUUwQjQ3NTdFNjhF
REQwOEFFMUFFQjJBREFEODY1M0Q1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTEyNDBFNzk2MkI5MzgwQTNFNjI3Qzk0NDQxRUE2QkIyQ0NBM0RCMUQy
MkU5MzRCNkNDOURDNUI2MzVFRjQ5MS8wLzMxMzkzMDJlMzEzMjM2MmUzMDJlMzAy
ZjMxMzUyZDMyMzQyMDNkM2UyMDMxMzQzMDM4MzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwG+fjANBgkq
hkiG9w0BAQsFAAOCAQEAqbKnfFM95w42DQnfoUDHifbZdDxiz5z7b2j+fNxrZTM8
kZh2+2vQWpOVrBS6iDpki01JJGuSCOMC/zCjGBuQkJ5zZIs1rL/b2/L9L92qDAe9
coMtA79Ak7LHU5ULhBOqO0B5T0AoS4HASJCFNhr9w5fmyKYUmNweFxcnL9q2krzm
Zq5bO4ftrvKWVSBFuSEHru39NKWgknkEuKra6FZVbkKey4lYEllwmdo5SAPjE+sS
rmC8Kh0gm02SJIkhsyRHjRfUhX7SaYebv4GZznxMEfyB2SfbVsBZWnwZrG720Sna
9VR14T3PHkj5yaI0Zackhkmw/ax1fSHtFNNIsnXAfg==
-----END CERTIFICATE-----
Generated at Sat Jun 22 21:55:36 2024 by rpki-client on console-ams.rpki-client.org