Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3230342e302f32332d3233203d3e203232313232.roa
File:                     3134382e3230392e3230342e302f32332d3233203d3e203232313232.roa (raw, json)
Hash identifier:          0uFYrLB3uFBBx2cj5gTUXV66tbvVg7WJHcbN3PTaVjU=
Subject key identifier:   20:94:78:2B:47:1E:7C:EC:69:2B:9E:81:D9:23:D3:07:03:0C:C6:AB
Certificate issuer:       /CN=8D67A138567146B2E89E0918237CB2D076D67AFA
Certificate serial:       3048E03E5BFCD85C512D5257950525ED66253A2D
Authority key identifier: 8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3230342e302f32332d3233203d3e203232313232.roa
Signing time:             Tue 05 Mar 2024 17:46:39 +0000
ROA not before:           Tue 05 Mar 2024 17:41:39 +0000
ROA not after:            Tue 04 Mar 2025 17:46:39 +0000
asID:                     22122
IP address blocks:        148.209.204.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:48:e0:3e:5b:fc:d8:5c:51:2d:52:57:95:05:25:ed:66:25:3a:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D67A138567146B2E89E0918237CB2D076D67AFA
        Validity
            Not Before: Mar  5 17:41:39 2024 GMT
            Not After : Mar  4 17:46:39 2025 GMT
        Subject: CN=2094782B471E7CEC692B9E81D923D307030CC6AB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ea:7f:7f:9b:76:bf:26:fe:4e:4d:d7:3e:1c:
                    92:f3:07:fe:5b:ab:ad:7a:1c:75:93:01:24:59:cc:
                    6c:3a:ac:10:de:51:ef:d7:3f:75:4b:c0:b3:90:da:
                    d7:b7:9b:70:a2:68:04:64:99:49:96:44:71:23:79:
                    7b:ae:e6:3b:b3:41:58:7c:bf:f2:8f:86:08:b9:cf:
                    1f:62:c9:95:51:72:c6:11:d3:76:2a:d1:c7:a8:a3:
                    fa:ad:ca:ca:84:5e:98:a0:d5:23:c3:6c:2e:2a:df:
                    86:fe:2d:32:20:60:03:b6:74:fb:05:fc:90:65:32:
                    bd:39:6c:4f:5a:ae:f7:9a:87:76:d7:df:f6:1d:b3:
                    c6:c6:b9:ec:6a:34:d1:e1:4d:cc:4f:9f:f2:98:b7:
                    f6:15:b0:bc:df:ac:24:0d:8d:45:ce:44:36:d6:0e:
                    2d:4a:16:8b:9d:a7:23:68:ab:84:0d:fb:18:13:0c:
                    a9:ac:07:9e:90:aa:83:78:2c:52:8c:bc:08:b6:27:
                    73:c8:41:f4:22:f1:fe:80:af:3a:89:cb:e2:9a:5e:
                    5a:e1:85:2b:ae:4c:2f:22:c0:7a:0d:82:a3:e4:0f:
                    d1:12:29:75:81:42:29:d8:ee:89:e5:1a:1b:f2:8e:
                    df:7d:b1:f8:1e:d4:86:30:78:6f:a3:98:47:5a:3b:
                    18:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:94:78:2B:47:1E:7C:EC:69:2B:9E:81:D9:23:D3:07:03:0C:C6:AB
            X509v3 Authority Key Identifier:
                keyid:8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3230342e302f32332d3233203d3e203232313232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.209.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         40:05:fc:7c:04:cc:6b:ee:72:f2:63:90:43:d2:96:81:af:fc:
         22:00:44:0b:22:9d:e9:22:1f:1a:2b:b1:03:02:ba:ff:7e:f2:
         5a:ab:c3:c1:7c:41:be:70:0d:12:43:d3:82:45:11:6b:cf:95:
         0a:8a:8a:75:ab:7e:77:3b:46:28:50:0f:34:5e:ad:f4:7d:3a:
         9e:1f:18:60:27:ce:a2:9a:56:f0:09:bf:32:98:dc:35:0d:cc:
         32:33:bf:51:5f:39:af:f1:54:78:2d:bb:dc:bb:fe:66:41:1e:
         8d:4e:3c:6a:d0:b1:23:7e:7d:99:dc:e3:90:48:f3:7b:da:1b:
         2a:b4:96:0c:f2:87:02:32:a2:5d:8e:72:d3:13:d2:bb:d1:46:
         9a:04:dd:24:5c:db:83:31:9c:0d:87:e6:2d:37:5e:53:83:b8:
         8a:1c:cf:7e:95:f7:f2:ff:be:2c:1d:4b:d7:0c:46:a0:0d:55:
         4b:4e:22:3b:2e:ae:ab:2c:fe:e1:b3:35:5f:e2:68:19:33:70:
         b9:ef:f5:9f:e3:ac:d1:43:c0:b5:26:75:f1:fd:33:e6:21:7e:
         f1:64:1f:43:5d:d1:fd:16:8b:e9:2f:dc:8d:0e:72:53:3e:9e:
         51:ff:6b:89:26:14:7b:92:d5:fd:37:3a:68:92:3d:3a:bf:5c:
         94:82:dd:ce
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUMEjgPlv82FxRLVJXlQUl7WYlOi0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQ2N0ExMzg1NjcxNDZCMkU4OUUwOTE4MjM3Q0IyRDA3
NkQ2N0FGQTAeFw0yNDAzMDUxNzQxMzlaFw0yNTAzMDQxNzQ2MzlaMDMxMTAvBgNV
BAMTKDIwOTQ3ODJCNDcxRTdDRUM2OTJCOUU4MUQ5MjNEMzA3MDMwQ0M2QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC26n9/m3a/Jv5OTdc+HJLzB/5b
q616HHWTASRZzGw6rBDeUe/XP3VLwLOQ2te3m3CiaARkmUmWRHEjeXuu5juzQVh8
v/KPhgi5zx9iyZVRcsYR03Yq0ceoo/qtysqEXpig1SPDbC4q34b+LTIgYAO2dPsF
/JBlMr05bE9arveah3bX3/Yds8bGuexqNNHhTcxPn/KYt/YVsLzfrCQNjUXORDbW
Di1KFoudpyNoq4QN+xgTDKmsB56QqoN4LFKMvAi2J3PIQfQi8f6ArzqJy+KaXlrh
hSuuTC8iwHoNgqPkD9ESKXWBQinY7onlGhvyjt99sfge1IYweG+jmEdaOxi3AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUIJR4K0cefOxpK56B2SPTBwMMxqswHwYDVR0j
BBgwFoAUjWehOFZxRrLongkYI3yy0HbWevowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NkZENjdEODlEOTZEMzlBMzk3MjRDNEFENjE0RjQ1N0Mw
OEZBMjc4NDQxNUJFMzk1MkM0OTFCRUJFNEJFMjA3LzAvOEQ2N0ExMzg1NjcxNDZC
MkU4OUUwOTE4MjM3Q0IyRDA3NkQ2N0FGQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RDY3QTEzODU2NzE0NkIyRTg5
RTA5MTgyMzdDQjJEMDc2RDY3QUZBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTZGRDY3RDg5RDk2RDM5QTM5NzI0QzRBRDYxNEY0NTdDMDhGQTI3ODQ0
MTVCRTM5NTJDNDkxQkVCRTRCRTIwNy8wLzMxMzQzODJlMzIzMDM5MmUzMjMwMzQy
ZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjMyMzEzMjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBlNHM
MA0GCSqGSIb3DQEBCwUAA4IBAQBABfx8BMxr7nLyY5BD0paBr/wiAEQLIp3pIh8a
K7EDArr/fvJaq8PBfEG+cA0SQ9OCRRFrz5UKiop1q353O0YoUA80Xq30fTqeHxhg
J86imlbwCb8ymNw1DcwyM79RXzmv8VR4Lbvcu/5mQR6NTjxq0LEjfn2Z3OOQSPN7
2hsqtJYM8ocCMqJdjnLTE9K70UaaBN0kXNuDMZwNh+YtN15Tg7iKHM9+lffy/74s
HUvXDEagDVVLTiI7Lq6rLP7hszVf4mgZM3C57/Wf46zRQ8C1JnXx/TPmIX7xZB9D
XdH9FovpL9yNDnJTPp5R/2uJJhR7ktX9Nzpokj06v1yUgt3O
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:47:53 2024 by rpki-client on console-fra.rpki-client.org