Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3134342e302f32322d3232203d3e203232313232.roa
File:                     3134382e3230392e3134342e302f32322d3232203d3e203232313232.roa (raw, json)
Hash identifier:          6qscLte8Uh73xsQRUUstYGcMWF++FhxwebcsSXqMjmg=
Subject key identifier:   AE:D9:DE:46:89:63:24:DE:73:96:A8:30:C5:4A:AF:3B:31:AD:C6:1F
Certificate issuer:       /CN=8D67A138567146B2E89E0918237CB2D076D67AFA
Certificate serial:       1639AAA05227A916F388831452CC9CDC26E5A0E2
Authority key identifier: 8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3134342e302f32322d3232203d3e203232313232.roa
Signing time:             Tue 05 Mar 2024 17:46:45 +0000
ROA not before:           Tue 05 Mar 2024 17:41:45 +0000
ROA not after:            Tue 04 Mar 2025 17:46:45 +0000
asID:                     22122
IP address blocks:        148.209.144.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:39:aa:a0:52:27:a9:16:f3:88:83:14:52:cc:9c:dc:26:e5:a0:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D67A138567146B2E89E0918237CB2D076D67AFA
        Validity
            Not Before: Mar  5 17:41:45 2024 GMT
            Not After : Mar  4 17:46:45 2025 GMT
        Subject: CN=AED9DE46896324DE7396A830C54AAF3B31ADC61F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e2:11:2c:6a:a3:9a:76:32:33:d1:47:fa:6c:
                    07:e1:bc:c8:09:d1:86:3c:25:6e:af:b3:92:94:9a:
                    1a:50:43:78:6b:ee:91:4a:35:d1:07:11:72:ef:84:
                    7b:ec:8b:3c:7e:4a:27:f8:20:c6:aa:52:2c:4b:8b:
                    ed:bf:98:ad:e1:96:ae:88:28:24:26:68:40:07:3c:
                    e3:55:f3:74:db:79:58:c0:c0:b7:dc:cc:a9:1d:fa:
                    79:71:ad:3a:68:44:a1:b4:56:7c:3b:6f:ff:ed:de:
                    67:57:56:e1:55:7d:09:52:a0:73:c7:8f:0d:34:94:
                    96:ac:09:54:e8:01:fc:5a:d9:7b:29:a2:ca:8c:f1:
                    51:30:7d:3b:61:f7:ac:19:48:da:48:e7:86:c1:35:
                    81:22:9b:2d:c7:d0:36:d1:42:05:56:c3:5c:e2:7f:
                    ff:33:2d:dd:15:97:f2:89:61:a5:04:ca:27:ac:d0:
                    5f:3a:a1:4c:1a:52:3c:ac:3a:1c:cf:a2:f5:7a:99:
                    6f:3d:04:6c:6d:27:a2:95:25:80:00:d9:f8:8b:ab:
                    04:0a:86:01:c3:f0:cc:b7:65:42:c9:44:78:8d:5f:
                    22:2a:a1:d2:31:c8:8f:8f:38:47:dd:db:f5:78:df:
                    30:72:07:e7:9b:e0:2c:18:32:c8:a8:6e:0c:68:82:
                    37:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:D9:DE:46:89:63:24:DE:73:96:A8:30:C5:4A:AF:3B:31:AD:C6:1F
            X509v3 Authority Key Identifier:
                keyid:8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3134342e302f32322d3232203d3e203232313232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.209.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         97:8b:0e:78:c6:7d:48:34:79:ed:4e:06:0f:6a:cd:1f:94:94:
         18:bd:95:40:73:82:98:43:72:61:da:e8:8a:7c:2b:08:42:91:
         3f:e9:18:e4:1e:85:ea:c7:a2:f0:73:8a:0d:9c:f6:14:bf:b7:
         ee:b3:09:3f:a8:0e:85:26:ce:1d:c6:b4:52:22:d4:ed:a1:cd:
         33:c1:7f:08:1d:29:ec:2e:50:d3:21:a5:2b:24:9f:d9:9f:5e:
         a1:d0:93:43:2f:cf:00:90:e0:9b:ec:87:a7:61:50:03:48:df:
         ba:30:01:2a:bf:1a:9c:ed:26:6d:e7:b5:b6:b5:16:37:7a:53:
         e5:bc:1d:da:b5:72:6f:bd:75:f5:36:93:11:e5:e8:ec:94:3d:
         90:9d:4c:ce:19:f6:0a:50:23:3e:d7:09:8e:cf:1f:76:7a:d7:
         9c:ec:b6:40:77:48:39:6a:05:c4:04:d4:88:b9:a2:46:f4:7a:
         db:3a:b8:fa:97:22:6e:d9:c8:8c:56:fb:e5:b6:be:7d:53:3d:
         a3:4a:80:c5:4e:bf:c7:a0:42:86:a0:d8:67:45:75:76:52:72:
         1a:de:81:f1:ed:11:07:cf:e5:12:1f:b4:b2:ed:3c:ed:53:65:
         36:fb:5b:4f:11:c3:79:71:c3:78:a6:bd:e1:18:02:d3:b0:2d:
         9d:6c:b3:66
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUFjmqoFInqRbziIMUUsyc3CbloOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQ2N0ExMzg1NjcxNDZCMkU4OUUwOTE4MjM3Q0IyRDA3
NkQ2N0FGQTAeFw0yNDAzMDUxNzQxNDVaFw0yNTAzMDQxNzQ2NDVaMDMxMTAvBgNV
BAMTKEFFRDlERTQ2ODk2MzI0REU3Mzk2QTgzMEM1NEFBRjNCMzFBREM2MUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu4hEsaqOadjIz0Uf6bAfhvMgJ
0YY8JW6vs5KUmhpQQ3hr7pFKNdEHEXLvhHvsizx+Sif4IMaqUixLi+2/mK3hlq6I
KCQmaEAHPONV83TbeVjAwLfczKkd+nlxrTpoRKG0Vnw7b//t3mdXVuFVfQlSoHPH
jw00lJasCVToAfxa2XsposqM8VEwfTth96wZSNpI54bBNYEimy3H0DbRQgVWw1zi
f/8zLd0Vl/KJYaUEyies0F86oUwaUjysOhzPovV6mW89BGxtJ6KVJYAA2fiLqwQK
hgHD8My3ZULJRHiNXyIqodIxyI+POEfd2/V43zByB+eb4CwYMsiobgxogjcXAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUrtneRoljJN5zlqgwxUqvOzGtxh8wHwYDVR0j
BBgwFoAUjWehOFZxRrLongkYI3yy0HbWevowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NkZENjdEODlEOTZEMzlBMzk3MjRDNEFENjE0RjQ1N0Mw
OEZBMjc4NDQxNUJFMzk1MkM0OTFCRUJFNEJFMjA3LzAvOEQ2N0ExMzg1NjcxNDZC
MkU4OUUwOTE4MjM3Q0IyRDA3NkQ2N0FGQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RDY3QTEzODU2NzE0NkIyRTg5
RTA5MTgyMzdDQjJEMDc2RDY3QUZBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTZGRDY3RDg5RDk2RDM5QTM5NzI0QzRBRDYxNEY0NTdDMDhGQTI3ODQ0
MTVCRTM5NTJDNDkxQkVCRTRCRTIwNy8wLzMxMzQzODJlMzIzMDM5MmUzMTM0MzQy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMyMzEzMjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQClNGQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCXiw54xn1INHntTgYPas0flJQYvZVAc4KYQ3Jh
2uiKfCsIQpE/6RjkHoXqx6Lwc4oNnPYUv7fuswk/qA6FJs4dxrRSItTtoc0zwX8I
HSnsLlDTIaUrJJ/Zn16h0JNDL88AkOCb7IenYVADSN+6MAEqvxqc7SZt57W2tRY3
elPlvB3atXJvvXX1NpMR5ejslD2QnUzOGfYKUCM+1wmOzx92etec7LZAd0g5agXE
BNSIuaJG9HrbOrj6lyJu2ciMVvvltr59Uz2jSoDFTr/HoEKGoNhnRXV2UnIa3oHx
7REHz+USH7Sy7TztU2U2+1tPEcN5ccN4pr3hGALTsC2dbLNm
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:17:08 2024 by rpki-client on console-ams.rpki-client.org