Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139302e3132372e3230382e302f32302d3231203d3e203236363131.roa
File:                     3139302e3132372e3230382e302f32302d3231203d3e203236363131.roa (raw, json)
Hash identifier:          PRC/sx3GWEgof3HyCsQ+0QwIl4xpL6rBxygzUiWXdz8=
Subject key identifier:   8B:71:1A:CC:0C:5B:0B:2F:A6:29:A1:7A:FC:D8:28:64:85:51:EF:94
Certificate issuer:       /CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
Certificate serial:       328FA1062A1D8BCA49FE0074D67E75CEE88D23EF
Authority key identifier: 43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139302e3132372e3230382e302f32302d3231203d3e203236363131.roa
Signing time:             Tue 05 Mar 2024 18:00:59 +0000
ROA not before:           Tue 05 Mar 2024 17:55:59 +0000
ROA not after:            Tue 04 Mar 2025 18:00:59 +0000
asID:                     26611
IP address blocks:        190.127.208.0/20 maxlen: 21

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:8f:a1:06:2a:1d:8b:ca:49:fe:00:74:d6:7e:75:ce:e8:8d:23:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
        Validity
            Not Before: Mar  5 17:55:59 2024 GMT
            Not After : Mar  4 18:00:59 2025 GMT
        Subject: CN=8B711ACC0C5B0B2FA629A17AFCD828648551EF94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:25:29:ea:c6:02:5c:9d:11:5a:f1:8f:41:20:
                    25:eb:1d:16:51:5c:39:75:c9:12:cc:39:ce:fd:2a:
                    7e:1d:91:21:0a:91:ad:97:a7:ea:3c:e0:67:89:19:
                    d1:07:1d:b7:15:18:ec:2b:ab:34:55:7d:c8:32:99:
                    5b:51:25:3a:c1:25:01:13:07:ed:4d:fd:22:65:85:
                    82:9e:51:53:47:e6:2c:7d:8c:9f:39:02:5f:54:34:
                    a3:c9:42:42:bc:57:02:25:4b:ac:32:48:66:2c:be:
                    4b:10:5b:30:71:3d:4c:f8:47:ff:22:e8:b7:86:8a:
                    71:e9:01:d4:80:8f:21:73:74:4d:9c:18:3f:fe:a0:
                    88:77:80:09:ef:7b:da:e9:4f:8f:c2:05:a8:9c:01:
                    7b:4b:8f:f6:c6:8f:f8:cc:90:5a:5a:36:4c:d5:27:
                    f4:7c:97:97:54:4d:9a:6e:07:20:50:13:a2:0c:27:
                    f0:e1:88:c7:7f:b0:1c:6d:93:bd:bd:6a:bc:f4:1f:
                    e4:a4:1a:d2:0b:06:43:59:00:55:92:04:6c:7f:bd:
                    65:b1:05:d5:eb:cc:1e:2c:fd:a3:09:db:9c:f4:36:
                    8c:f3:e7:95:61:f7:ec:e2:66:da:e3:96:26:5e:d6:
                    ec:3a:a8:3e:ad:1f:f1:d5:53:2d:4e:31:84:76:3d:
                    a3:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:71:1A:CC:0C:5B:0B:2F:A6:29:A1:7A:FC:D8:28:64:85:51:EF:94
            X509v3 Authority Key Identifier:
                keyid:43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139302e3132372e3230382e302f32302d3231203d3e203236363131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.127.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         4c:ca:f0:6e:e8:bd:12:6d:7b:41:3d:e5:a8:0e:a9:76:30:48:
         05:86:25:21:2d:76:2b:ca:c0:bc:b3:97:d0:98:af:a0:0c:e6:
         21:4b:c1:21:16:1c:86:63:3e:00:2e:ca:6e:06:c8:80:a5:c7:
         32:28:d3:e1:0b:a4:b2:4d:f3:7d:43:4c:b2:b2:5a:76:06:a1:
         40:f1:28:39:85:bf:d1:e0:ed:ba:dd:08:2d:90:4e:e0:f5:4e:
         2b:ac:18:42:9f:d7:60:c6:99:76:b5:76:1e:6f:d3:10:72:03:
         11:b8:48:2f:02:2c:40:03:95:db:19:f4:fb:50:66:91:de:68:
         29:7d:60:88:3e:f5:9c:2a:0d:33:13:80:e7:94:c4:5f:e0:59:
         90:d9:33:39:f0:a8:2a:46:6f:78:55:a4:7b:7b:d0:15:5b:67:
         b9:88:7c:b6:85:d3:6d:6a:57:51:d1:9f:10:da:ff:2d:71:45:
         85:51:86:89:4c:32:25:c5:a6:fe:c0:be:85:a1:7e:9e:08:be:
         cc:45:37:38:7c:ed:b3:69:9d:f6:6b:01:f8:6f:e0:0a:e6:77:
         c5:24:30:e6:87:a2:85:c4:ee:4d:be:34:94:39:1b:e3:e5:5a:
         1d:37:f2:75:97:36:d7:5e:71:fe:ae:19:25:35:49:42:a5:b5:
         c3:59:08:29
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUMo+hBiodi8pJ/gB01n51zuiNI+8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGRjFDOEFFMEI0NzU3RTY4RUREMDhBRTFBRUIyQURB
RDg2NTNENTAeFw0yNDAzMDUxNzU1NTlaFw0yNTAzMDQxODAwNTlaMDMxMTAvBgNV
BAMTKDhCNzExQUNDMEM1QjBCMkZBNjI5QTE3QUZDRDgyODY0ODU1MUVGOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDJSnqxgJcnRFa8Y9BICXrHRZR
XDl1yRLMOc79Kn4dkSEKka2Xp+o84GeJGdEHHbcVGOwrqzRVfcgymVtRJTrBJQET
B+1N/SJlhYKeUVNH5ix9jJ85Al9UNKPJQkK8VwIlS6wySGYsvksQWzBxPUz4R/8i
6LeGinHpAdSAjyFzdE2cGD/+oIh3gAnve9rpT4/CBaicAXtLj/bGj/jMkFpaNkzV
J/R8l5dUTZpuByBQE6IMJ/DhiMd/sBxtk729arz0H+SkGtILBkNZAFWSBGx/vWWx
BdXrzB4s/aMJ25z0Nozz55Vh9+ziZtrjliZe1uw6qD6tH/HVUy1OMYR2PaPFAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUi3EazAxbCy+mKaF6/NgoZIVR75QwHwYDVR0j
BBgwFoAUQ/8ciuC0dX5o7dCK4a6yra2GU9UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MTI0MEU3OTYyQjkzODBBM0U2MjdDOTQ0NDFFQTZCQjJD
Q0EzREIxRDIyRTkzNEI2Q0M5REM1QjYzNUVGNDkxLzAvNDNGRjFDOEFFMEI0NzU3
RTY4RUREMDhBRTFBRUIyQURBRDg2NTNENS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80M0ZGMUM4QUUwQjQ3NTdFNjhF
REQwOEFFMUFFQjJBREFEODY1M0Q1LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTEyNDBFNzk2MkI5MzgwQTNFNjI3Qzk0NDQxRUE2QkIyQ0NBM0RCMUQy
MkU5MzRCNkNDOURDNUI2MzVFRjQ5MS8wLzMxMzkzMDJlMzEzMjM3MmUzMjMwMzgy
ZTMwMmYzMjMwMmQzMjMxMjAzZDNlMjAzMjM2MzYzMTMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEvn/Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBMyvBu6L0SbXtBPeWoDql2MEgFhiUhLXYrysC8
s5fQmK+gDOYhS8EhFhyGYz4ALspuBsiApccyKNPhC6SyTfN9Q0yyslp2BqFA8Sg5
hb/R4O263QgtkE7g9U4rrBhCn9dgxpl2tXYeb9MQcgMRuEgvAixAA5XbGfT7UGaR
3mgpfWCIPvWcKg0zE4DnlMRf4FmQ2TM58KgqRm94VaR7e9AVW2e5iHy2hdNtaldR
0Z8Q2v8tcUWFUYaJTDIlxab+wL6FoX6eCL7MRTc4fO2zaZ32awH4b+AK5nfFJDDm
h6KFxO5NvjSUORvj5VodN/J1lzbXXnH+rhklNUlCpbXDWQgp
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:38:02 2024 by rpki-client on console-ams.rpki-client.org