Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139312e3135362e32332e302f32342d3234203d3e203134303830.roa
File:                     3139312e3135362e32332e302f32342d3234203d3e203134303830.roa (raw, json)
Hash identifier:          9EbusZsbUqZohF1wltENlHm8xdtg8DryWL5EVEbR8q0=
Subject key identifier:   6F:D5:7B:EF:9D:31:5B:00:34:77:25:CC:81:10:DC:4B:2A:BD:15:AD
Certificate issuer:       /CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
Certificate serial:       376760C7D107E0896575DA340EEA96F0510F83B4
Authority key identifier: 43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139312e3135362e32332e302f32342d3234203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 18:01:11 +0000
ROA not before:           Tue 05 Mar 2024 17:56:11 +0000
ROA not after:            Tue 04 Mar 2025 18:01:11 +0000
asID:                     14080
IP address blocks:        191.156.23.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 10:27:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:67:60:c7:d1:07:e0:89:65:75:da:34:0e:ea:96:f0:51:0f:83:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
        Validity
            Not Before: Mar  5 17:56:11 2024 GMT
            Not After : Mar  4 18:01:11 2025 GMT
        Subject: CN=6FD57BEF9D315B00347725CC8110DC4B2ABD15AD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:90:7f:ab:14:66:6e:a4:59:9d:02:8a:03:38:
                    f6:21:29:e2:e0:9a:3c:08:16:e6:cb:01:cf:02:51:
                    25:84:f4:ca:04:74:78:c6:05:7d:47:05:ab:83:a4:
                    5c:26:a6:f3:81:22:86:d3:73:d5:5d:33:c1:43:5e:
                    9b:26:b5:ac:9b:49:a9:f6:ae:7d:0e:0e:fe:d7:a6:
                    31:91:67:ef:e7:09:63:45:47:e2:ff:df:87:30:5a:
                    fa:15:d4:7d:c7:a5:5b:9b:6b:c9:f1:24:03:09:37:
                    76:4d:de:a5:9f:c7:05:53:d9:b7:25:c4:98:0f:3d:
                    50:c0:d2:cb:a3:13:d5:b3:ed:1d:fc:92:c3:eb:94:
                    5b:dc:df:2d:f4:fc:8f:b9:12:4c:a8:0b:9e:ea:c6:
                    16:72:80:33:52:5a:e7:d8:0e:5d:d6:2b:b1:c6:07:
                    08:da:30:76:ed:e4:8e:f6:56:ce:7b:5a:ce:3e:44:
                    1e:f3:7a:fb:06:72:31:0d:94:b1:b2:11:2c:85:87:
                    1a:78:aa:97:a9:fb:d9:9b:10:b2:1d:bf:52:16:78:
                    a3:13:08:61:da:78:c0:ee:5b:84:74:c8:50:45:f6:
                    93:16:53:1a:61:8f:38:ee:96:da:95:9d:c7:2b:13:
                    01:95:e4:39:04:be:16:d0:93:35:4e:ef:9e:ec:5e:
                    d2:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:D5:7B:EF:9D:31:5B:00:34:77:25:CC:81:10:DC:4B:2A:BD:15:AD
            X509v3 Authority Key Identifier:
                keyid:43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139312e3135362e32332e302f32342d3234203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.156.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:cf:a4:ea:73:08:3c:d1:c5:a9:de:92:fe:6e:f3:cb:02:76:
         cf:eb:18:57:75:71:13:5a:71:de:21:a9:78:8c:eb:4a:c5:4e:
         b9:9a:59:d0:62:c6:b1:a9:52:14:73:55:49:27:04:26:75:1a:
         4a:78:3c:b8:fb:f6:29:1a:ce:99:5a:36:03:4f:76:3b:1e:dc:
         41:7b:d4:8a:0b:92:32:20:0b:ae:44:e6:0c:5f:3e:07:a1:2d:
         c2:ab:bb:36:68:27:59:9d:45:40:96:9c:43:a9:ed:7f:f4:15:
         6e:38:6a:f3:54:66:d1:4f:b1:cd:cf:e3:f3:a5:fd:09:e3:58:
         3b:ee:8f:79:a0:36:9c:fd:dc:68:3d:70:93:d8:d6:85:b1:c4:
         90:19:fa:70:04:b3:d3:07:06:11:5b:a1:38:db:ef:18:30:39:
         52:46:f8:0b:ec:56:e1:7f:8b:ec:58:9a:68:cf:bf:79:e9:6a:
         23:cf:06:04:99:1d:bd:da:8b:28:e3:37:ca:93:0a:29:93:96:
         8e:be:80:e2:00:ba:45:8b:c8:d7:90:b4:9a:e5:10:e9:80:b7:
         f6:fe:14:c5:05:90:90:30:cb:fb:19:11:42:73:f3:63:c5:14:
         75:d1:37:d6:d9:5c:f9:92:e4:df:a5:36:be:08:2c:9d:fc:c4:
         03:7d:11:5d
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUN2dgx9EH4Illddo0DuqW8FEPg7QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGRjFDOEFFMEI0NzU3RTY4RUREMDhBRTFBRUIyQURB
RDg2NTNENTAeFw0yNDAzMDUxNzU2MTFaFw0yNTAzMDQxODAxMTFaMDMxMTAvBgNV
BAMTKDZGRDU3QkVGOUQzMTVCMDAzNDc3MjVDQzgxMTBEQzRCMkFCRDE1QUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzkH+rFGZupFmdAooDOPYhKeLg
mjwIFubLAc8CUSWE9MoEdHjGBX1HBauDpFwmpvOBIobTc9VdM8FDXpsmtaybSan2
rn0ODv7XpjGRZ+/nCWNFR+L/34cwWvoV1H3HpVuba8nxJAMJN3ZN3qWfxwVT2bcl
xJgPPVDA0sujE9Wz7R38ksPrlFvc3y30/I+5EkyoC57qxhZygDNSWufYDl3WK7HG
BwjaMHbt5I72Vs57Ws4+RB7zevsGcjENlLGyESyFhxp4qpep+9mbELIdv1IWeKMT
CGHaeMDuW4R0yFBF9pMWUxphjzjultqVnccrEwGV5DkEvhbQkzVO757sXtIDAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUb9V7750xWwA0dyXMgRDcSyq9Fa0wHwYDVR0j
BBgwFoAUQ/8ciuC0dX5o7dCK4a6yra2GU9UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MTI0MEU3OTYyQjkzODBBM0U2MjdDOTQ0NDFFQTZCQjJD
Q0EzREIxRDIyRTkzNEI2Q0M5REM1QjYzNUVGNDkxLzAvNDNGRjFDOEFFMEI0NzU3
RTY4RUREMDhBRTFBRUIyQURBRDg2NTNENS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80M0ZGMUM4QUUwQjQ3NTdFNjhF
REQwOEFFMUFFQjJBREFEODY1M0Q1LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTEyNDBFNzk2MkI5MzgwQTNFNjI3Qzk0NDQxRUE2QkIyQ0NBM0RCMUQy
MkU5MzRCNkNDOURDNUI2MzVFRjQ5MS8wLzMxMzkzMTJlMzEzNTM2MmUzMjMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMwMzgzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAL+cFzAN
BgkqhkiG9w0BAQsFAAOCAQEAOs+k6nMIPNHFqd6S/m7zywJ2z+sYV3VxE1px3iGp
eIzrSsVOuZpZ0GLGsalSFHNVSScEJnUaSng8uPv2KRrOmVo2A092Ox7cQXvUiguS
MiALrkTmDF8+B6Etwqu7NmgnWZ1FQJacQ6ntf/QVbjhq81Rm0U+xzc/j86X9CeNY
O+6PeaA2nP3caD1wk9jWhbHEkBn6cASz0wcGEVuhONvvGDA5Ukb4C+xW4X+L7Fia
aM+/eelqI88GBJkdvdqLKOM3ypMKKZOWjr6A4gC6RYvI15C0muUQ6YC39v4UxQWQ
kDDL+xkRQnPzY8UUddE31tlc+ZLk36U2vggsnfzEA30RXQ==
-----END CERTIFICATE-----
Generated at Sat Jun 22 21:55:36 2024 by rpki-client on console-ams.rpki-client.org