Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139302e3132372e3234312e302f32342d3234203d3e203236363131.roa
File:                     3139302e3132372e3234312e302f32342d3234203d3e203236363131.roa (raw, json)
Hash identifier:          e7yC4fawcwi0go67no4scg0iazWYzNj3TQuxmhCx2sY=
Subject key identifier:   33:04:16:44:05:48:93:0E:CF:97:F5:5B:B4:43:03:7A:5A:05:CC:91
Certificate issuer:       /CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
Certificate serial:       7EBEE1CBDFE4E3D6B39F17EA0AA3AC8C4B232CFD
Authority key identifier: 43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139302e3132372e3234312e302f32342d3234203d3e203236363131.roa
Signing time:             Tue 05 Mar 2024 18:01:04 +0000
ROA not before:           Tue 05 Mar 2024 17:56:04 +0000
ROA not after:            Tue 04 Mar 2025 18:01:04 +0000
asID:                     26611
IP address blocks:        190.127.241.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:be:e1:cb:df:e4:e3:d6:b3:9f:17:ea:0a:a3:ac:8c:4b:23:2c:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
        Validity
            Not Before: Mar  5 17:56:04 2024 GMT
            Not After : Mar  4 18:01:04 2025 GMT
        Subject: CN=330416440548930ECF97F55BB443037A5A05CC91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:be:57:85:03:39:cf:de:fd:38:e4:af:cd:97:
                    36:66:bd:1f:c6:9e:ef:94:22:44:be:ad:f1:7b:6f:
                    5d:25:25:c7:e4:07:51:d2:4f:82:da:e6:94:7a:af:
                    d5:7b:fa:6d:91:35:8b:39:28:fe:37:49:71:f2:1d:
                    72:29:8f:8f:68:46:17:ed:fb:74:3e:68:67:0d:1d:
                    c4:8c:79:1d:3b:c5:0b:43:76:cc:99:5c:52:d1:d8:
                    47:7e:54:ee:38:88:bf:22:d5:05:59:c1:09:96:1b:
                    85:80:86:e2:e4:1f:d3:4a:63:6a:e8:30:ec:a7:75:
                    f9:99:2e:7a:7e:17:e6:61:7f:7e:eb:1d:ce:18:b4:
                    cc:c3:10:74:de:03:6e:e7:f9:ce:e6:f3:64:f9:8f:
                    8a:6a:60:5f:3e:b8:ff:c1:76:ef:79:8d:5a:a2:b7:
                    0c:af:fb:3b:5c:b6:49:6e:5f:8e:f1:8e:40:cf:7d:
                    fc:61:b4:04:5c:90:27:1d:78:0d:68:52:f8:fc:54:
                    57:b2:68:71:1b:1a:07:8f:2a:96:84:dd:32:99:6f:
                    27:5e:2e:b0:8c:40:a4:10:e2:c9:0e:c2:3f:89:55:
                    c7:0c:84:0d:f1:e9:e6:7a:3d:49:ed:e6:7f:32:7a:
                    c7:e7:b4:53:6c:9a:ec:e8:f9:66:cf:66:7b:93:e2:
                    56:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:04:16:44:05:48:93:0E:CF:97:F5:5B:B4:43:03:7A:5A:05:CC:91
            X509v3 Authority Key Identifier:
                keyid:43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139302e3132372e3234312e302f32342d3234203d3e203236363131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.127.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:8c:4b:88:88:87:50:ce:ba:0d:e2:c0:b0:c4:ef:cc:f0:cd:
         17:97:f3:7c:c0:ad:8f:24:d6:dd:4b:fe:c2:f7:09:c3:9e:04:
         73:fe:d7:a8:32:a6:7e:14:be:e9:8b:4b:61:44:6e:2b:b0:03:
         8d:ee:ab:a6:df:97:d7:2c:55:12:1e:db:fc:a9:52:06:11:03:
         51:e8:d4:ee:82:39:bf:95:de:5b:ab:be:db:0f:de:c0:3c:c9:
         08:47:dd:1a:3e:69:8a:14:45:81:1f:d8:e0:f8:67:50:ea:6e:
         84:22:7e:b3:74:b7:e5:de:18:04:ea:98:d9:50:f0:37:de:0e:
         2c:2e:4e:76:8f:c7:42:3d:6a:7e:46:58:7b:a8:7e:f3:e7:c2:
         74:a1:a7:22:05:17:8d:3a:ac:22:c1:4f:14:da:13:91:e3:1f:
         d4:e9:06:56:b2:1a:7e:37:37:b7:89:38:b9:e7:6a:ca:2a:4c:
         13:ee:a7:ff:b0:58:15:c5:31:fa:ec:8a:4f:0b:67:e4:c4:a0:
         11:a8:59:2e:98:fe:e2:db:16:63:ae:2c:6a:0f:f8:f8:b1:da:
         b5:1e:40:9c:71:7d:a3:9e:5c:b5:f0:c8:0b:6b:72:60:96:29:
         a6:73:04:a4:7a:d7:e9:4a:45:42:8b:63:79:33:0a:68:7f:d2:
         f5:7b:78:82
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUfr7hy9/k49aznxfqCqOsjEsjLP0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGRjFDOEFFMEI0NzU3RTY4RUREMDhBRTFBRUIyQURB
RDg2NTNENTAeFw0yNDAzMDUxNzU2MDRaFw0yNTAzMDQxODAxMDRaMDMxMTAvBgNV
BAMTKDMzMDQxNjQ0MDU0ODkzMEVDRjk3RjU1QkI0NDMwMzdBNUEwNUNDOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgvleFAznP3v045K/NlzZmvR/G
nu+UIkS+rfF7b10lJcfkB1HST4La5pR6r9V7+m2RNYs5KP43SXHyHXIpj49oRhft
+3Q+aGcNHcSMeR07xQtDdsyZXFLR2Ed+VO44iL8i1QVZwQmWG4WAhuLkH9NKY2ro
MOyndfmZLnp+F+Zhf37rHc4YtMzDEHTeA27n+c7m82T5j4pqYF8+uP/Bdu95jVqi
twyv+ztctkluX47xjkDPffxhtARckCcdeA1oUvj8VFeyaHEbGgePKpaE3TKZbyde
LrCMQKQQ4skOwj+JVccMhA3x6eZ6PUnt5n8yesfntFNsmuzo+WbPZnuT4lYpAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUMwQWRAVIkw7Pl/VbtEMDeloFzJEwHwYDVR0j
BBgwFoAUQ/8ciuC0dX5o7dCK4a6yra2GU9UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MTI0MEU3OTYyQjkzODBBM0U2MjdDOTQ0NDFFQTZCQjJD
Q0EzREIxRDIyRTkzNEI2Q0M5REM1QjYzNUVGNDkxLzAvNDNGRjFDOEFFMEI0NzU3
RTY4RUREMDhBRTFBRUIyQURBRDg2NTNENS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80M0ZGMUM4QUUwQjQ3NTdFNjhF
REQwOEFFMUFFQjJBREFEODY1M0Q1LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTEyNDBFNzk2MkI5MzgwQTNFNjI3Qzk0NDQxRUE2QkIyQ0NBM0RCMUQy
MkU5MzRCNkNDOURDNUI2MzVFRjQ5MS8wLzMxMzkzMDJlMzEzMjM3MmUzMjM0MzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzYzMTMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvn/x
MA0GCSqGSIb3DQEBCwUAA4IBAQAwjEuIiIdQzroN4sCwxO/M8M0Xl/N8wK2PJNbd
S/7C9wnDngRz/teoMqZ+FL7pi0thRG4rsAON7qum35fXLFUSHtv8qVIGEQNR6NTu
gjm/ld5bq77bD97APMkIR90aPmmKFEWBH9jg+GdQ6m6EIn6zdLfl3hgE6pjZUPA3
3g4sLk52j8dCPWp+Rlh7qH7z58J0oaciBReNOqwiwU8U2hOR4x/U6QZWshp+Nze3
iTi552rKKkwT7qf/sFgVxTH67IpPC2fkxKARqFkumP7i2xZjrixqD/j4sdq1HkCc
cX2jnly18MgLa3JglimmcwSketfpSkVCi2N5Mwpof9L1e3iC
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:38:02 2024 by rpki-client on console-ams.rpki-client.org