Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139312e37312e302e302f31372d3234203d3e203134303830.roa
File:                     3139312e37312e302e302f31372d3234203d3e203134303830.roa (raw, json)
Hash identifier:          /YPSvkZwuiRfQESZbLx/wWhDzVvcEiAaWP4kfdUVaNM=
Subject key identifier:   5A:18:7C:15:3F:7C:9B:56:67:87:E2:DA:99:92:0C:8F:7B:EC:98:66
Certificate issuer:       /CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
Certificate serial:       48D10570AA9EBEFD3C76B00C79BC73160999B634
Authority key identifier: 43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139312e37312e302e302f31372d3234203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 18:01:13 +0000
ROA not before:           Tue 05 Mar 2024 17:56:13 +0000
ROA not after:            Tue 04 Mar 2025 18:01:13 +0000
asID:                     14080
IP address blocks:        191.71.0.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 10:27:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:d1:05:70:aa:9e:be:fd:3c:76:b0:0c:79:bc:73:16:09:99:b6:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
        Validity
            Not Before: Mar  5 17:56:13 2024 GMT
            Not After : Mar  4 18:01:13 2025 GMT
        Subject: CN=5A187C153F7C9B566787E2DA99920C8F7BEC9866
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:0b:d0:ad:9d:df:75:88:84:b4:45:14:90:3b:
                    a9:bf:12:0d:be:55:4b:c0:57:f8:6e:51:61:ec:70:
                    40:6f:01:f8:5b:60:01:05:42:06:ef:84:68:85:57:
                    9d:34:6e:86:09:f2:f8:4b:5a:e3:5b:1d:14:31:ea:
                    52:35:e5:33:e3:5b:53:b2:0a:99:4f:e9:ce:2a:d6:
                    45:2c:95:3a:e2:dd:4e:9d:07:44:96:53:ff:c6:f9:
                    b6:31:50:cc:a0:34:ba:3b:f3:d9:86:a0:55:6a:b4:
                    f4:cc:19:4e:ab:a6:35:30:3f:93:39:2b:38:07:3c:
                    20:7e:fd:d4:5a:fa:11:4a:ca:02:33:42:4b:9f:21:
                    e3:83:5b:2f:27:e5:be:80:35:47:19:33:84:48:36:
                    a6:46:25:d1:b6:22:7e:25:bc:2c:ed:3f:29:14:62:
                    e4:ef:35:f8:3d:19:dd:06:8f:4f:f8:c0:9d:d2:b9:
                    4d:59:7e:9f:c6:cc:a8:84:9f:6f:bf:af:5a:8f:a5:
                    df:b8:4d:ff:92:5a:ed:45:ae:0f:b5:e6:30:4a:33:
                    1a:4a:b7:10:c2:49:1c:c4:e2:01:74:0e:9f:27:9a:
                    1c:ba:2e:75:52:91:2c:2c:47:a9:25:54:5b:00:76:
                    a0:c1:cb:9a:38:ea:f1:18:f2:9d:4b:00:ce:5f:66:
                    73:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:18:7C:15:3F:7C:9B:56:67:87:E2:DA:99:92:0C:8F:7B:EC:98:66
            X509v3 Authority Key Identifier:
                keyid:43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139312e37312e302e302f31372d3234203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.71.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         48:66:e2:c4:6e:6b:16:f3:51:75:77:be:a7:35:4a:02:a5:67:
         8b:74:fa:08:a1:ec:df:1a:49:72:c7:89:78:82:09:5e:69:41:
         70:f2:cb:82:43:d5:9b:47:9c:5b:f7:84:c6:70:48:60:5e:ff:
         5d:21:44:a2:a7:e5:40:da:f3:62:87:1d:13:cc:5d:b1:1e:54:
         64:92:81:66:54:69:af:96:82:da:75:66:04:ed:0c:16:45:37:
         af:f7:6c:2c:e6:4c:40:9d:76:12:6f:a7:92:09:fe:ba:8e:e1:
         33:bb:1c:45:f6:d2:80:46:8f:04:f9:e2:b4:bd:08:ee:67:f8:
         ce:0c:b2:f1:f3:35:d0:69:a8:de:7d:50:3a:6a:9a:22:23:c9:
         dd:63:a0:17:b3:77:d0:20:cd:84:53:5c:34:e5:fe:cb:5b:4d:
         42:86:97:21:dc:b3:31:fd:5f:c1:9f:87:a2:98:19:af:64:39:
         e1:62:f8:0e:bb:13:7c:82:91:9f:25:83:de:ae:15:0e:3e:cf:
         c1:80:69:d5:e7:7b:67:e4:96:99:10:e0:c4:ad:b2:93:ae:57:
         7b:8b:a5:f2:d5:1c:cb:bc:5d:2b:bc:2b:6b:fe:fd:47:fb:f0:
         7d:e8:f6:7a:eb:a9:bd:af:fd:d4:a1:27:52:82:62:aa:8c:95:
         0f:27:32:aa
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUSNEFcKqevv08drAMebxzFgmZtjQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGRjFDOEFFMEI0NzU3RTY4RUREMDhBRTFBRUIyQURB
RDg2NTNENTAeFw0yNDAzMDUxNzU2MTNaFw0yNTAzMDQxODAxMTNaMDMxMTAvBgNV
BAMTKDVBMTg3QzE1M0Y3QzlCNTY2Nzg3RTJEQTk5OTIwQzhGN0JFQzk4NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4C9Ctnd91iIS0RRSQO6m/Eg2+
VUvAV/huUWHscEBvAfhbYAEFQgbvhGiFV500boYJ8vhLWuNbHRQx6lI15TPjW1Oy
CplP6c4q1kUslTri3U6dB0SWU//G+bYxUMygNLo789mGoFVqtPTMGU6rpjUwP5M5
KzgHPCB+/dRa+hFKygIzQkufIeODWy8n5b6ANUcZM4RINqZGJdG2In4lvCztPykU
YuTvNfg9Gd0Gj0/4wJ3SuU1Zfp/GzKiEn2+/r1qPpd+4Tf+SWu1Frg+15jBKMxpK
txDCSRzE4gF0Dp8nmhy6LnVSkSwsR6klVFsAdqDBy5o46vEY8p1LAM5fZnNzAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUWhh8FT98m1Znh+LamZIMj3vsmGYwHwYDVR0j
BBgwFoAUQ/8ciuC0dX5o7dCK4a6yra2GU9UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MTI0MEU3OTYyQjkzODBBM0U2MjdDOTQ0NDFFQTZCQjJD
Q0EzREIxRDIyRTkzNEI2Q0M5REM1QjYzNUVGNDkxLzAvNDNGRjFDOEFFMEI0NzU3
RTY4RUREMDhBRTFBRUIyQURBRDg2NTNENS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80M0ZGMUM4QUUwQjQ3NTdFNjhF
REQwOEFFMUFFQjJBREFEODY1M0Q1LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTEyNDBFNzk2MkI5MzgwQTNFNjI3Qzk0NDQxRUE2QkIyQ0NBM0RCMUQy
MkU5MzRCNkNDOURDNUI2MzVFRjQ5MS8wLzMxMzkzMTJlMzczMTJlMzAyZTMwMmYz
MTM3MmQzMjM0MjAzZDNlMjAzMTM0MzAzODMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHv0cAMA0GCSqG
SIb3DQEBCwUAA4IBAQBIZuLEbmsW81F1d76nNUoCpWeLdPoIoezfGklyx4l4ggle
aUFw8suCQ9WbR5xb94TGcEhgXv9dIUSip+VA2vNihx0TzF2xHlRkkoFmVGmvloLa
dWYE7QwWRTev92ws5kxAnXYSb6eSCf66juEzuxxF9tKARo8E+eK0vQjuZ/jODLLx
8zXQaajefVA6apoiI8ndY6AXs3fQIM2EU1w05f7LW01Chpch3LMx/V/Bn4eimBmv
ZDnhYvgOuxN8gpGfJYPerhUOPs/BgGnV53tn5JaZEODErbKTrld7i6Xy1RzLvF0r
vCtr/v1H+/B96PZ666m9r/3UoSdSgmKqjJUPJzKq
-----END CERTIFICATE-----
Generated at Sat Jun 22 21:55:36 2024 by rpki-client on console-ams.rpki-client.org