Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3230302e302f32322d3232203d3e203232313232.roa
File:                     3134382e3230392e3230302e302f32322d3232203d3e203232313232.roa (raw, json)
Hash identifier:          YObhVpfS76HzfY7WtBtoppIKYpCKfZP3RaZbyPAm1vU=
Subject key identifier:   5E:98:5B:D7:7A:1B:C4:6F:C3:1E:5A:63:59:7C:77:34:6E:A6:7F:D4
Certificate issuer:       /CN=8D67A138567146B2E89E0918237CB2D076D67AFA
Certificate serial:       7F3E583B0590A21EB2C3299C93895EADCE0D5DF8
Authority key identifier: 8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3230302e302f32322d3232203d3e203232313232.roa
Signing time:             Tue 05 Mar 2024 17:46:40 +0000
ROA not before:           Tue 05 Mar 2024 17:41:40 +0000
ROA not after:            Tue 04 Mar 2025 17:46:40 +0000
asID:                     22122
IP address blocks:        148.209.200.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:3e:58:3b:05:90:a2:1e:b2:c3:29:9c:93:89:5e:ad:ce:0d:5d:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D67A138567146B2E89E0918237CB2D076D67AFA
        Validity
            Not Before: Mar  5 17:41:40 2024 GMT
            Not After : Mar  4 17:46:40 2025 GMT
        Subject: CN=5E985BD77A1BC46FC31E5A63597C77346EA67FD4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ae:2a:60:ef:5d:98:35:49:de:b7:25:67:e0:
                    d9:3c:56:62:63:35:82:76:0b:ad:89:cf:e1:4f:05:
                    46:03:74:5c:11:b1:da:1f:b6:6c:cc:48:96:28:f2:
                    96:fe:33:74:29:fe:0e:6b:58:12:a3:19:fb:7a:4f:
                    2b:b8:7f:1e:46:52:71:4b:af:4d:2a:e6:74:02:f9:
                    3f:74:ef:74:59:62:34:38:20:41:fd:fe:66:40:7a:
                    a9:18:cd:c6:d1:e9:13:af:0b:8e:cb:d5:a7:23:64:
                    fc:1a:6d:4e:92:7e:b5:a7:26:a9:af:9a:74:c6:1e:
                    3b:26:88:3f:3d:a6:68:48:a9:19:ce:6f:26:b0:34:
                    4a:56:e2:c4:6f:75:f6:31:d6:80:bf:ad:6b:63:3a:
                    2d:c2:33:26:4f:45:37:83:cc:e3:96:5c:3e:5e:84:
                    bd:67:d0:3f:70:cf:52:1d:f3:de:86:13:fb:ba:7b:
                    f0:1d:d3:28:c8:ab:d6:79:a0:fa:91:38:c8:7b:da:
                    70:68:9d:30:4f:a2:0f:ba:67:02:93:a6:97:e9:a4:
                    94:01:a7:32:b1:b4:b1:bc:4e:be:a7:6c:2b:d6:95:
                    82:3f:d6:22:e1:9e:71:85:5f:f1:48:c3:c1:91:e4:
                    b8:31:79:c7:6e:92:89:a6:57:64:84:0c:fb:f1:3f:
                    4a:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:98:5B:D7:7A:1B:C4:6F:C3:1E:5A:63:59:7C:77:34:6E:A6:7F:D4
            X509v3 Authority Key Identifier:
                keyid:8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3230302e302f32322d3232203d3e203232313232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.209.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         56:ce:55:6a:dc:a1:84:58:94:3e:3c:9f:a0:5a:b2:d6:89:3a:
         d9:5a:d8:36:dc:30:5b:07:b6:e7:be:77:2a:46:ac:0a:8b:12:
         58:b5:d9:0a:8e:4c:d5:de:40:5d:ac:42:56:d6:31:3f:1d:f7:
         9f:5b:37:f4:6c:66:ec:71:14:fc:98:bd:f5:c1:80:2a:23:c6:
         46:65:ce:bb:52:33:d6:db:e9:d6:df:46:48:ca:ac:b5:b9:df:
         ef:78:89:98:5f:d9:6d:5a:74:47:c4:78:28:79:29:b6:ff:fc:
         69:e0:83:9b:7e:c1:fa:7e:f7:c6:f4:66:3e:d9:d9:df:c4:1e:
         a8:82:94:29:cd:7c:ba:82:47:7d:f1:c1:a0:66:e2:c1:4d:b9:
         1d:36:ae:b6:28:68:7e:be:1e:ab:6e:06:6b:1f:ae:00:34:91:
         b0:56:8e:9b:06:4f:fa:88:fe:a3:ab:ab:ca:b9:a8:57:06:12:
         52:14:2a:22:07:59:76:6d:2f:e0:29:a0:dd:4f:8e:b7:4b:78:
         61:93:ff:78:c8:54:7c:db:9d:24:e7:54:64:ce:1e:ca:bb:2c:
         ce:80:eb:58:f6:72:de:d3:99:a1:db:70:f2:3c:6b:f0:91:a1:
         1a:1f:3d:c8:80:e4:37:b8:5b:99:d8:6b:14:ee:b6:92:eb:9a:
         e2:7e:11:d2
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUfz5YOwWQoh6ywymck4lerc4NXfgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQ2N0ExMzg1NjcxNDZCMkU4OUUwOTE4MjM3Q0IyRDA3
NkQ2N0FGQTAeFw0yNDAzMDUxNzQxNDBaFw0yNTAzMDQxNzQ2NDBaMDMxMTAvBgNV
BAMTKDVFOTg1QkQ3N0ExQkM0NkZDMzFFNUE2MzU5N0M3NzM0NkVBNjdGRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFripg712YNUnetyVn4Nk8VmJj
NYJ2C62Jz+FPBUYDdFwRsdoftmzMSJYo8pb+M3Qp/g5rWBKjGft6Tyu4fx5GUnFL
r00q5nQC+T9073RZYjQ4IEH9/mZAeqkYzcbR6ROvC47L1acjZPwabU6SfrWnJqmv
mnTGHjsmiD89pmhIqRnObyawNEpW4sRvdfYx1oC/rWtjOi3CMyZPRTeDzOOWXD5e
hL1n0D9wz1Id896GE/u6e/Ad0yjIq9Z5oPqROMh72nBonTBPog+6ZwKTppfppJQB
pzKxtLG8Tr6nbCvWlYI/1iLhnnGFX/FIw8GR5LgxecdukommV2SEDPvxP0qBAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUXphb13obxG/DHlpjWXx3NG6mf9QwHwYDVR0j
BBgwFoAUjWehOFZxRrLongkYI3yy0HbWevowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NkZENjdEODlEOTZEMzlBMzk3MjRDNEFENjE0RjQ1N0Mw
OEZBMjc4NDQxNUJFMzk1MkM0OTFCRUJFNEJFMjA3LzAvOEQ2N0ExMzg1NjcxNDZC
MkU4OUUwOTE4MjM3Q0IyRDA3NkQ2N0FGQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RDY3QTEzODU2NzE0NkIyRTg5
RTA5MTgyMzdDQjJEMDc2RDY3QUZBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTZGRDY3RDg5RDk2RDM5QTM5NzI0QzRBRDYxNEY0NTdDMDhGQTI3ODQ0
MTVCRTM5NTJDNDkxQkVCRTRCRTIwNy8wLzMxMzQzODJlMzIzMDM5MmUzMjMwMzAy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMyMzEzMjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQClNHI
MA0GCSqGSIb3DQEBCwUAA4IBAQBWzlVq3KGEWJQ+PJ+gWrLWiTrZWtg23DBbB7bn
vncqRqwKixJYtdkKjkzV3kBdrEJW1jE/HfefWzf0bGbscRT8mL31wYAqI8ZGZc67
UjPW2+nW30ZIyqy1ud/veImYX9ltWnRHxHgoeSm2//xp4IObfsH6fvfG9GY+2dnf
xB6ogpQpzXy6gkd98cGgZuLBTbkdNq62KGh+vh6rbgZrH64ANJGwVo6bBk/6iP6j
q6vKuahXBhJSFCoiB1l2bS/gKaDdT463S3hhk/94yFR8250k51Rkzh7KuyzOgOtY
9nLe05mh23DyPGvwkaEaHz3IgOQ3uFuZ2GsU7raS65rifhHS
-----END CERTIFICATE-----
Generated at Tue Nov 19 23:16:57 2024 by rpki-client on console-ams.rpki-client.org