Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/553E915C78B115ED1EF6B8D6134A2D64DB6515223B082FD4FB27AB8146AA88A2/0/3132382e3230312e3137312e302f32342d3234203d3e20323731393439.roa
File:                     3132382e3230312e3137312e302f32342d3234203d3e20323731393439.roa (raw, json)
Hash identifier:          1UPRYkVx+g8vHpA006Z1Oi0ibcwkLJr/TAwa8jbUCM4=
Subject key identifier:   A3:74:83:BA:3A:2B:C0:FF:88:5D:B7:7F:31:47:BA:48:E0:F5:77:B1
Certificate issuer:       /CN=D5490AC693B00C1BF51582B1691FC2DC46B71FA9
Certificate serial:       6D6F4513A31ABDF96F41885B9A3684028644A4C8
Authority key identifier: D5:49:0A:C6:93:B0:0C:1B:F5:15:82:B1:69:1F:C2:DC:46:B7:1F:A9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D5490AC693B00C1BF51582B1691FC2DC46B71FA9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/553E915C78B115ED1EF6B8D6134A2D64DB6515223B082FD4FB27AB8146AA88A2/0/3132382e3230312e3137312e302f32342d3234203d3e20323731393439.roa
Signing time:             Tue 05 Mar 2024 17:41:05 +0000
ROA not before:           Tue 05 Mar 2024 17:36:05 +0000
ROA not after:            Tue 04 Mar 2025 17:41:05 +0000
asID:                     271949
IP address blocks:        128.201.171.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/553E915C78B115ED1EF6B8D6134A2D64DB6515223B082FD4FB27AB8146AA88A2/0/D5490AC693B00C1BF51582B1691FC2DC46B71FA9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/553E915C78B115ED1EF6B8D6134A2D64DB6515223B082FD4FB27AB8146AA88A2/0/D5490AC693B00C1BF51582B1691FC2DC46B71FA9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D5490AC693B00C1BF51582B1691FC2DC46B71FA9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:6f:45:13:a3:1a:bd:f9:6f:41:88:5b:9a:36:84:02:86:44:a4:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D5490AC693B00C1BF51582B1691FC2DC46B71FA9
        Validity
            Not Before: Mar  5 17:36:05 2024 GMT
            Not After : Mar  4 17:41:05 2025 GMT
        Subject: CN=A37483BA3A2BC0FF885DB77F3147BA48E0F577B1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:09:e5:5f:ba:1e:6f:e8:62:f0:1d:b2:f8:8f:
                    cb:32:b4:5f:96:45:cf:7e:ae:91:99:09:c3:6b:12:
                    69:66:52:a9:7e:63:7b:72:48:57:3f:ba:d7:d8:e1:
                    23:a5:43:37:91:5a:33:5a:7b:ee:e1:05:44:3e:31:
                    4c:81:b7:e8:37:e5:d6:e3:7d:85:54:6f:2f:81:63:
                    2a:36:99:61:ab:17:b5:f0:0b:80:22:82:6e:b2:b4:
                    43:42:96:d4:20:be:dd:fe:e9:e1:b8:7f:4f:6c:8c:
                    66:f9:01:45:3f:d6:6e:16:ed:63:43:91:cd:8a:d5:
                    d4:34:60:f8:b2:1d:e1:a6:f7:6b:1b:a8:c9:cd:73:
                    4d:57:e4:71:15:6e:c9:db:45:c8:66:4d:4b:2a:74:
                    b4:27:86:c3:6a:aa:8b:3e:11:36:9e:04:f8:6f:83:
                    62:31:b5:49:c9:c3:ab:fa:74:d3:da:ec:cb:3e:e1:
                    3c:12:a9:6f:a6:d6:21:3f:97:44:fd:cd:61:5a:c9:
                    f3:0c:a4:ec:bc:61:b7:7c:6d:a5:ae:84:f1:91:ec:
                    c1:f5:64:c9:45:9c:2c:b0:ba:86:8e:77:d2:a0:f3:
                    08:01:22:e8:17:c2:f7:81:28:e2:23:da:86:1b:dd:
                    df:5f:ea:c8:6b:ff:b9:e5:9b:75:1f:23:55:50:8f:
                    5a:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:74:83:BA:3A:2B:C0:FF:88:5D:B7:7F:31:47:BA:48:E0:F5:77:B1
            X509v3 Authority Key Identifier:
                keyid:D5:49:0A:C6:93:B0:0C:1B:F5:15:82:B1:69:1F:C2:DC:46:B7:1F:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/553E915C78B115ED1EF6B8D6134A2D64DB6515223B082FD4FB27AB8146AA88A2/0/D5490AC693B00C1BF51582B1691FC2DC46B71FA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D5490AC693B00C1BF51582B1691FC2DC46B71FA9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/553E915C78B115ED1EF6B8D6134A2D64DB6515223B082FD4FB27AB8146AA88A2/0/3132382e3230312e3137312e302f32342d3234203d3e20323731393439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.201.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:15:db:19:61:89:b1:4e:18:fc:83:ad:a6:5c:12:f2:fd:95:
         8d:e9:52:e6:59:50:74:c0:a0:a5:19:75:92:28:71:9c:fb:8f:
         26:61:c6:b9:73:03:0b:68:33:93:22:da:54:cf:d6:67:1e:94:
         fd:7b:a9:86:5d:46:2a:20:19:b4:ef:42:36:d2:6d:38:1b:47:
         9e:53:5c:b3:1a:c3:1e:05:9b:a9:ad:f4:b5:77:26:61:e3:db:
         80:c9:90:7a:2b:18:4e:75:21:bf:a9:01:34:96:bd:64:0b:39:
         5a:cf:ae:a8:12:76:80:18:98:83:22:c4:01:96:9d:aa:7e:d2:
         fa:93:db:d4:26:3d:b3:fb:ce:4e:8b:b3:09:8c:7b:02:15:45:
         2f:9f:ee:5c:fb:a9:2e:24:8d:f9:d9:3f:66:09:c2:45:46:34:
         a6:d8:92:13:ad:2d:02:30:70:f5:d4:79:44:0e:99:ef:66:a0:
         79:26:e0:b2:dd:4b:85:ae:88:fe:1a:22:97:1a:73:cf:d1:67:
         79:ca:da:5d:43:2d:9b:56:1b:fd:88:16:1d:0b:6b:f9:58:f0:
         83:94:05:d6:fc:2c:84:bd:29:41:45:c8:d7:24:01:32:91:ad:
         5e:02:3a:36:0d:7e:e8:0e:b1:0c:12:8a:ee:31:37:ad:5d:e1:
         6d:c9:2e:cd
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUbW9FE6MavflvQYhbmjaEAoZEpMgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDU0OTBBQzY5M0IwMEMxQkY1MTU4MkIxNjkxRkMyREM0
NkI3MUZBOTAeFw0yNDAzMDUxNzM2MDVaFw0yNTAzMDQxNzQxMDVaMDMxMTAvBgNV
BAMTKEEzNzQ4M0JBM0EyQkMwRkY4ODVEQjc3RjMxNDdCQTQ4RTBGNTc3QjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5CeVfuh5v6GLwHbL4j8sytF+W
Rc9+rpGZCcNrEmlmUql+Y3tySFc/utfY4SOlQzeRWjNae+7hBUQ+MUyBt+g35dbj
fYVUby+BYyo2mWGrF7XwC4Aigm6ytENCltQgvt3+6eG4f09sjGb5AUU/1m4W7WND
kc2K1dQ0YPiyHeGm92sbqMnNc01X5HEVbsnbRchmTUsqdLQnhsNqqos+ETaeBPhv
g2IxtUnJw6v6dNPa7Ms+4TwSqW+m1iE/l0T9zWFayfMMpOy8Ybd8baWuhPGR7MH1
ZMlFnCywuoaOd9Kg8wgBIugXwveBKOIj2oYb3d9f6shr/7nlm3UfI1VQj1pXAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUo3SDujorwP+IXbd/MUe6SOD1d7EwHwYDVR0j
BBgwFoAU1UkKxpOwDBv1FYKxaR/C3Ea3H6kwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NTNFOTE1Qzc4QjExNUVEMUVGNkI4RDYxMzRBMkQ2NERC
NjUxNTIyM0IwODJGRDRGQjI3QUI4MTQ2QUE4OEEyLzAvRDU0OTBBQzY5M0IwMEMx
QkY1MTU4MkIxNjkxRkMyREM0NkI3MUZBOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENTQ5MEFDNjkzQjAwQzFCRjUx
NTgyQjE2OTFGQzJEQzQ2QjcxRkE5LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTUzRTkxNUM3OEIxMTVFRDFFRjZCOEQ2MTM0QTJENjREQjY1MTUyMjNC
MDgyRkQ0RkIyN0FCODE0NkFBODhBMi8wLzMxMzIzODJlMzIzMDMxMmUzMTM3MzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzEzOTM0Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACA
yaswDQYJKoZIhvcNAQELBQADggEBADEV2xlhibFOGPyDraZcEvL9lY3pUuZZUHTA
oKUZdZIocZz7jyZhxrlzAwtoM5Mi2lTP1mcelP17qYZdRiogGbTvQjbSbTgbR55T
XLMawx4Fm6mt9LV3JmHj24DJkHorGE51Ib+pATSWvWQLOVrPrqgSdoAYmIMixAGW
nap+0vqT29QmPbP7zk6LswmMewIVRS+f7lz7qS4kjfnZP2YJwkVGNKbYkhOtLQIw
cPXUeUQOme9moHkm4LLdS4WuiP4aIpcac8/RZ3nK2l1DLZtWG/2IFh0La/lY8IOU
Bdb8LIS9KUFFyNckATKRrV4COjYNfugOsQwSiu4xN61d4W3JLs0=
-----END CERTIFICATE-----
Generated at Thu Nov 21 08:04:22 2024 by rpki-client on console-fra.rpki-client.org