Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3130342e302f32342d3234203d3e203232313232.roa
File:                     3134382e3230392e3130342e302f32342d3234203d3e203232313232.roa (raw, json)
Hash identifier:          LqPdGZlAMgLSQQSaJG9C316Z6EME6clbMuqYNH/AV80=
Subject key identifier:   B5:18:81:0A:77:3E:DE:6B:C8:93:4A:8C:2C:37:9B:57:F3:E1:B5:E3
Certificate issuer:       /CN=8D67A138567146B2E89E0918237CB2D076D67AFA
Certificate serial:       52B7F229773B6253ADB90D690EFD8095E3CFE677
Authority key identifier: 8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3130342e302f32342d3234203d3e203232313232.roa
Signing time:             Tue 05 Mar 2024 17:46:40 +0000
ROA not before:           Tue 05 Mar 2024 17:41:40 +0000
ROA not after:            Tue 04 Mar 2025 17:46:40 +0000
asID:                     22122
IP address blocks:        148.209.104.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:b7:f2:29:77:3b:62:53:ad:b9:0d:69:0e:fd:80:95:e3:cf:e6:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D67A138567146B2E89E0918237CB2D076D67AFA
        Validity
            Not Before: Mar  5 17:41:40 2024 GMT
            Not After : Mar  4 17:46:40 2025 GMT
        Subject: CN=B518810A773EDE6BC8934A8C2C379B57F3E1B5E3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a6:ce:15:51:3a:35:b9:f5:9a:06:cb:2f:71:
                    27:07:78:1b:bf:f1:fe:25:4a:1f:b4:8e:de:a0:ae:
                    69:fb:e6:72:74:68:20:e8:9a:c8:ad:0f:ee:d7:62:
                    5d:14:93:18:aa:6e:c5:f1:e7:81:e2:5e:32:bd:49:
                    7a:60:b4:5d:84:8a:ce:c5:df:6c:4a:84:0d:17:f0:
                    d1:3b:ed:f5:fd:4e:74:19:4b:b0:67:e4:e5:05:02:
                    76:c7:cd:03:bb:ce:72:98:a6:cf:a3:2e:3f:a8:90:
                    86:37:e3:75:d3:90:bd:32:72:09:ae:cf:68:50:18:
                    9a:e4:df:c4:c3:db:41:d9:b5:03:7b:cf:e6:77:43:
                    96:be:30:72:67:5c:b1:a8:b2:85:7a:f5:6c:aa:1d:
                    f9:55:e5:1c:cc:24:b0:85:bd:5c:d4:65:7f:c9:24:
                    f9:f7:5b:9b:fd:7a:50:d9:b3:07:7c:fd:de:46:57:
                    74:a3:a7:4e:78:ad:d3:35:42:87:99:1e:41:3f:b8:
                    ce:2b:b8:e1:b9:77:d3:ca:b7:41:21:2f:70:59:35:
                    0f:1b:4a:d2:7a:4f:aa:87:62:cd:12:50:e3:5c:18:
                    2e:0b:49:ab:16:5a:b2:13:49:d3:57:77:38:a9:03:
                    9f:64:f8:5b:7d:6e:21:17:80:ec:81:a7:c7:76:6e:
                    cf:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:18:81:0A:77:3E:DE:6B:C8:93:4A:8C:2C:37:9B:57:F3:E1:B5:E3
            X509v3 Authority Key Identifier:
                keyid:8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3130342e302f32342d3234203d3e203232313232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.209.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:6a:51:ef:f9:c9:4f:c8:2e:e3:da:35:5a:6e:87:d1:ad:a9:
         e1:24:a1:c1:ef:f5:62:b5:8f:3f:94:61:26:25:d5:a6:f8:24:
         ea:39:d4:6b:c5:f1:17:4f:b2:67:83:3f:d6:a5:54:d7:25:4b:
         df:18:7c:a1:ce:15:ab:f7:24:55:93:4f:06:cd:73:7e:79:1b:
         17:6b:63:7c:71:de:db:60:9f:5a:c8:2b:a2:f2:35:ba:ee:43:
         53:de:fd:96:9e:eb:a9:8f:9f:3d:21:cd:aa:2d:f9:75:cd:9a:
         8d:91:bb:79:f4:ed:43:4d:a9:8e:45:93:c1:47:be:3d:06:0a:
         4c:11:18:b0:4e:74:83:4b:c7:b1:68:0f:5c:c0:97:34:24:17:
         de:4c:18:8b:07:59:ef:08:12:f1:4c:95:af:aa:4b:ff:a6:93:
         09:d3:2a:61:6b:b4:31:4f:67:9a:7e:e4:76:0c:69:3c:85:b7:
         1f:4a:f5:6a:0e:91:96:61:4e:88:33:7e:84:ce:73:0f:b6:c1:
         37:0c:c7:3d:7c:77:20:85:67:7c:ed:52:11:c9:fc:e2:c5:6b:
         89:e2:d0:45:8c:4c:27:f3:ce:5e:43:b4:b5:88:3a:f6:aa:6e:
         c7:5f:84:91:83:80:4d:bf:55:fe:89:73:f9:b8:2a:7c:f7:4c:
         27:b3:bd:31
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUUrfyKXc7YlOtuQ1pDv2AlePP5ncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQ2N0ExMzg1NjcxNDZCMkU4OUUwOTE4MjM3Q0IyRDA3
NkQ2N0FGQTAeFw0yNDAzMDUxNzQxNDBaFw0yNTAzMDQxNzQ2NDBaMDMxMTAvBgNV
BAMTKEI1MTg4MTBBNzczRURFNkJDODkzNEE4QzJDMzc5QjU3RjNFMUI1RTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxps4VUTo1ufWaBssvcScHeBu/
8f4lSh+0jt6grmn75nJ0aCDomsitD+7XYl0UkxiqbsXx54HiXjK9SXpgtF2Eis7F
32xKhA0X8NE77fX9TnQZS7Bn5OUFAnbHzQO7znKYps+jLj+okIY343XTkL0ycgmu
z2hQGJrk38TD20HZtQN7z+Z3Q5a+MHJnXLGosoV69WyqHflV5RzMJLCFvVzUZX/J
JPn3W5v9elDZswd8/d5GV3Sjp054rdM1QoeZHkE/uM4ruOG5d9PKt0EhL3BZNQ8b
StJ6T6qHYs0SUONcGC4LSasWWrITSdNXdzipA59k+Ft9biEXgOyBp8d2bs//AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUtRiBCnc+3mvIk0qMLDebV/PhteMwHwYDVR0j
BBgwFoAUjWehOFZxRrLongkYI3yy0HbWevowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NkZENjdEODlEOTZEMzlBMzk3MjRDNEFENjE0RjQ1N0Mw
OEZBMjc4NDQxNUJFMzk1MkM0OTFCRUJFNEJFMjA3LzAvOEQ2N0ExMzg1NjcxNDZC
MkU4OUUwOTE4MjM3Q0IyRDA3NkQ2N0FGQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RDY3QTEzODU2NzE0NkIyRTg5
RTA5MTgyMzdDQjJEMDc2RDY3QUZBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTZGRDY3RDg5RDk2RDM5QTM5NzI0QzRBRDYxNEY0NTdDMDhGQTI3ODQ0
MTVCRTM5NTJDNDkxQkVCRTRCRTIwNy8wLzMxMzQzODJlMzIzMDM5MmUzMTMwMzQy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMyMzEzMjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlNFo
MA0GCSqGSIb3DQEBCwUAA4IBAQBHalHv+clPyC7j2jVabofRranhJKHB7/VitY8/
lGEmJdWm+CTqOdRrxfEXT7Jngz/WpVTXJUvfGHyhzhWr9yRVk08GzXN+eRsXa2N8
cd7bYJ9ayCui8jW67kNT3v2Wnuupj589Ic2qLfl1zZqNkbt59O1DTamORZPBR749
BgpMERiwTnSDS8exaA9cwJc0JBfeTBiLB1nvCBLxTJWvqkv/ppMJ0ypha7QxT2ea
fuR2DGk8hbcfSvVqDpGWYU6IM36EznMPtsE3DMc9fHcghWd87VIRyfzixWuJ4tBF
jEwn885eQ7S1iDr2qm7HX4SRg4BNv1X+iXP5uCp890wns70x
-----END CERTIFICATE-----
Generated at Tue Nov 19 23:16:57 2024 by rpki-client on console-ams.rpki-client.org