Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3234342e302f32332d3233203d3e203232313232.roa
File:                     3134382e3230392e3234342e302f32332d3233203d3e203232313232.roa (raw, json)
Hash identifier:          kn0KIvihBJjf9Nr459dxXbMqgPE0vqVy2KNncJv6KsU=
Subject key identifier:   DD:F9:AC:CE:73:87:27:12:FE:3F:15:08:42:12:8E:9C:B7:99:72:42
Certificate issuer:       /CN=8D67A138567146B2E89E0918237CB2D076D67AFA
Certificate serial:       492C93A893AD4F1156003CCA60867D675999ACCF
Authority key identifier: 8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3234342e302f32332d3233203d3e203232313232.roa
Signing time:             Tue 05 Mar 2024 17:46:51 +0000
ROA not before:           Tue 05 Mar 2024 17:41:51 +0000
ROA not after:            Tue 04 Mar 2025 17:46:51 +0000
asID:                     22122
IP address blocks:        148.209.244.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:2c:93:a8:93:ad:4f:11:56:00:3c:ca:60:86:7d:67:59:99:ac:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D67A138567146B2E89E0918237CB2D076D67AFA
        Validity
            Not Before: Mar  5 17:41:51 2024 GMT
            Not After : Mar  4 17:46:51 2025 GMT
        Subject: CN=DDF9ACCE73872712FE3F150842128E9CB7997242
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:da:98:50:db:0e:dd:6f:eb:16:5f:37:94:fa:
                    a5:25:1c:48:7d:37:b8:73:41:ce:d5:d7:7f:7f:8f:
                    2b:99:61:d6:55:3b:f7:1e:75:42:15:af:31:36:9e:
                    ba:5c:13:ca:5a:c8:81:03:ec:9b:a9:16:f4:af:05:
                    30:29:c5:ff:bf:c2:2a:b2:43:f8:99:df:ee:e6:db:
                    4d:5e:82:20:4c:ee:70:9a:13:26:5b:e7:07:44:8b:
                    74:25:22:00:61:c2:63:25:5e:77:31:ee:68:52:da:
                    45:a7:eb:8a:ed:e7:bc:af:b0:a2:1c:3d:a7:e1:c5:
                    14:55:7e:fa:13:a8:de:ad:ca:ac:6f:8f:f8:a4:09:
                    8d:6b:42:e7:d0:60:7d:27:6a:33:47:6e:ad:a2:da:
                    a2:d5:26:72:ac:e6:f3:65:4c:62:9f:d6:c4:5f:bd:
                    11:31:c1:23:5a:ae:54:af:1d:e1:50:e3:8a:5f:1b:
                    65:64:26:52:31:4b:52:e0:53:7a:59:1b:8b:a1:3f:
                    75:26:2f:ac:73:1a:f2:55:82:16:8d:f0:49:95:91:
                    db:ab:2e:96:7d:cb:02:17:60:6a:c2:4d:22:85:3f:
                    c1:74:b5:32:c2:bb:d1:13:79:0f:70:6b:2d:9f:88:
                    c5:da:3d:06:de:b1:d4:d6:61:b1:bb:71:b3:4f:d8:
                    7b:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:F9:AC:CE:73:87:27:12:FE:3F:15:08:42:12:8E:9C:B7:99:72:42
            X509v3 Authority Key Identifier:
                keyid:8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3234342e302f32332d3233203d3e203232313232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.209.244.0/23

    Signature Algorithm: sha256WithRSAEncryption
         01:38:55:b8:a7:2f:84:22:b9:21:f9:0f:29:75:08:49:3c:8b:
         3a:f3:08:78:67:8b:06:71:b7:60:ed:1c:7b:73:b0:a5:a7:50:
         38:b9:77:96:ab:19:b8:3b:53:b7:fa:c5:20:18:88:d6:50:8b:
         54:87:8e:0e:89:bb:b0:81:83:6b:1e:38:61:47:85:96:19:5e:
         e4:1f:18:d9:3a:e5:d1:1f:e1:2d:38:1d:fa:74:fe:75:fc:62:
         f7:4a:9e:74:67:15:96:4d:06:24:c3:23:07:20:6a:5b:35:a3:
         89:d3:78:4e:2b:0c:bf:50:12:c8:58:41:06:f4:0a:a9:68:65:
         a8:6f:7a:1e:86:53:46:45:ab:9c:b0:85:36:f2:64:d8:bc:ee:
         a7:0b:6e:0d:cf:78:16:06:ad:ef:fc:a3:27:2f:00:b4:c3:de:
         77:07:99:f0:b7:0a:c2:d9:c0:23:bd:95:46:0f:e2:af:b9:c6:
         84:cb:4d:15:96:6a:82:64:87:77:4a:f4:97:9c:b6:35:12:73:
         a8:08:e3:b3:54:92:73:99:7e:19:e0:57:c1:18:48:33:f9:7b:
         6e:3e:d6:05:46:d9:ab:d4:2f:95:49:0a:c6:5d:b3:77:06:e0:
         ae:17:d3:00:f0:ed:d2:27:7e:4c:5b:bb:e5:11:60:cb:4f:e8:
         9d:c4:45:63
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUSSyTqJOtTxFWADzKYIZ9Z1mZrM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQ2N0ExMzg1NjcxNDZCMkU4OUUwOTE4MjM3Q0IyRDA3
NkQ2N0FGQTAeFw0yNDAzMDUxNzQxNTFaFw0yNTAzMDQxNzQ2NTFaMDMxMTAvBgNV
BAMTKERERjlBQ0NFNzM4NzI3MTJGRTNGMTUwODQyMTI4RTlDQjc5OTcyNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw2phQ2w7db+sWXzeU+qUlHEh9
N7hzQc7V139/jyuZYdZVO/cedUIVrzE2nrpcE8payIED7JupFvSvBTApxf+/wiqy
Q/iZ3+7m201egiBM7nCaEyZb5wdEi3QlIgBhwmMlXncx7mhS2kWn64rt57yvsKIc
PafhxRRVfvoTqN6tyqxvj/ikCY1rQufQYH0najNHbq2i2qLVJnKs5vNlTGKf1sRf
vRExwSNarlSvHeFQ44pfG2VkJlIxS1LgU3pZG4uhP3UmL6xzGvJVghaN8EmVkdur
LpZ9ywIXYGrCTSKFP8F0tTLCu9ETeQ9way2fiMXaPQbesdTWYbG7cbNP2HvlAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU3fmsznOHJxL+PxUIQhKOnLeZckIwHwYDVR0j
BBgwFoAUjWehOFZxRrLongkYI3yy0HbWevowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NkZENjdEODlEOTZEMzlBMzk3MjRDNEFENjE0RjQ1N0Mw
OEZBMjc4NDQxNUJFMzk1MkM0OTFCRUJFNEJFMjA3LzAvOEQ2N0ExMzg1NjcxNDZC
MkU4OUUwOTE4MjM3Q0IyRDA3NkQ2N0FGQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RDY3QTEzODU2NzE0NkIyRTg5
RTA5MTgyMzdDQjJEMDc2RDY3QUZBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTZGRDY3RDg5RDk2RDM5QTM5NzI0QzRBRDYxNEY0NTdDMDhGQTI3ODQ0
MTVCRTM5NTJDNDkxQkVCRTRCRTIwNy8wLzMxMzQzODJlMzIzMDM5MmUzMjM0MzQy
ZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjMyMzEzMjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBlNH0
MA0GCSqGSIb3DQEBCwUAA4IBAQABOFW4py+EIrkh+Q8pdQhJPIs68wh4Z4sGcbdg
7Rx7c7Clp1A4uXeWqxm4O1O3+sUgGIjWUItUh44OibuwgYNrHjhhR4WWGV7kHxjZ
OuXRH+EtOB36dP51/GL3Sp50ZxWWTQYkwyMHIGpbNaOJ03hOKwy/UBLIWEEG9Aqp
aGWob3oehlNGRaucsIU28mTYvO6nC24Nz3gWBq3v/KMnLwC0w953B5nwtwrC2cAj
vZVGD+KvucaEy00VlmqCZId3SvSXnLY1EnOoCOOzVJJzmX4Z4FfBGEgz+XtuPtYF
Rtmr1C+VSQrGXbN3BuCuF9MA8O3SJ35MW7vlEWDLT+idxEVj
-----END CERTIFICATE-----
Generated at Tue Nov 19 22:25:42 2024 by rpki-client on console-fra.rpki-client.org