Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/57399C513B63A8737275C1297B370904E04720997FE7F8D124D9B547CC3EDE7A/0/3139302e3130342e3230302e302f32312d3234203d3e203131303134.roa
File:                     3139302e3130342e3230302e302f32312d3234203d3e203131303134.roa (raw, json)
Hash identifier:          ykq7bagYRFnSi1ILugkHaAhCfZoWRCPC5BoyiFcLEco=
Subject key identifier:   72:A2:43:26:B8:12:49:0C:EB:50:0B:81:B2:A1:0A:69:49:B7:59:67
Certificate issuer:       /CN=A36910F3C3995D7CCC06ADC2F152FFD4A168F24C
Certificate serial:       0364B8A64D093D6D89B8F71C6491D80F8C5BA4CA
Authority key identifier: A3:69:10:F3:C3:99:5D:7C:CC:06:AD:C2:F1:52:FF:D4:A1:68:F2:4C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A36910F3C3995D7CCC06ADC2F152FFD4A168F24C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/57399C513B63A8737275C1297B370904E04720997FE7F8D124D9B547CC3EDE7A/0/3139302e3130342e3230302e302f32312d3234203d3e203131303134.roa
Signing time:             Tue 05 Mar 2024 17:55:15 +0000
ROA not before:           Tue 05 Mar 2024 17:50:15 +0000
ROA not after:            Tue 04 Mar 2025 17:55:15 +0000
asID:                     11014
IP address blocks:        190.104.200.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/57399C513B63A8737275C1297B370904E04720997FE7F8D124D9B547CC3EDE7A/0/A36910F3C3995D7CCC06ADC2F152FFD4A168F24C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/57399C513B63A8737275C1297B370904E04720997FE7F8D124D9B547CC3EDE7A/0/A36910F3C3995D7CCC06ADC2F152FFD4A168F24C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A36910F3C3995D7CCC06ADC2F152FFD4A168F24C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:64:b8:a6:4d:09:3d:6d:89:b8:f7:1c:64:91:d8:0f:8c:5b:a4:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A36910F3C3995D7CCC06ADC2F152FFD4A168F24C
        Validity
            Not Before: Mar  5 17:50:15 2024 GMT
            Not After : Mar  4 17:55:15 2025 GMT
        Subject: CN=72A24326B812490CEB500B81B2A10A6949B75967
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:47:2d:72:e5:de:76:38:aa:b6:3d:05:ae:a6:
                    91:a1:d5:24:96:8d:f3:03:7b:19:f5:1f:9b:57:87:
                    5c:dd:7d:fb:42:bf:96:db:e7:29:4d:6b:1f:0d:81:
                    ea:ea:7e:4b:4d:75:c0:3f:5f:ba:dc:f9:d0:9b:5b:
                    74:c3:0d:10:54:67:5c:a4:31:eb:95:75:9c:2a:ce:
                    1e:8e:ac:d1:54:52:b2:52:12:f8:6a:f1:68:cd:17:
                    7f:ca:df:c8:b2:7f:72:c9:bf:20:15:57:66:60:8b:
                    bf:65:11:c7:0e:14:3c:dc:b5:65:37:f8:1c:1c:9d:
                    32:f8:fd:a6:41:54:1c:f9:30:5d:89:79:5c:48:af:
                    13:99:1b:d7:96:0b:9b:4e:94:cc:d6:24:b7:a7:a0:
                    78:e4:68:46:fb:a5:97:a5:0a:db:73:72:cc:d3:d5:
                    da:87:e7:a2:1a:05:0b:19:0f:f4:80:ae:97:ee:15:
                    18:9f:c6:40:3a:9c:c7:c6:1c:8d:54:37:9f:99:40:
                    86:7b:bf:6d:1a:7c:d7:8e:4f:00:fd:c8:79:71:f2:
                    2c:3f:71:79:1c:a0:25:fd:38:a3:73:ea:a0:2c:6a:
                    4d:ea:58:6e:37:85:85:5b:41:df:0f:5a:3a:00:d1:
                    8d:b3:b0:1a:e8:e4:b8:a8:5a:05:8e:04:6a:e4:33:
                    91:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:A2:43:26:B8:12:49:0C:EB:50:0B:81:B2:A1:0A:69:49:B7:59:67
            X509v3 Authority Key Identifier:
                keyid:A3:69:10:F3:C3:99:5D:7C:CC:06:AD:C2:F1:52:FF:D4:A1:68:F2:4C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/57399C513B63A8737275C1297B370904E04720997FE7F8D124D9B547CC3EDE7A/0/A36910F3C3995D7CCC06ADC2F152FFD4A168F24C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A36910F3C3995D7CCC06ADC2F152FFD4A168F24C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/57399C513B63A8737275C1297B370904E04720997FE7F8D124D9B547CC3EDE7A/0/3139302e3130342e3230302e302f32312d3234203d3e203131303134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.104.200.0/21

    Signature Algorithm: sha256WithRSAEncryption
         25:a1:ec:d0:e1:52:eb:78:f5:fb:dd:d8:c8:62:49:a2:f3:3c:
         39:6c:c6:46:cd:e2:b6:23:d5:ef:39:6d:68:e9:a5:8a:b0:b2:
         4c:ba:2d:76:be:51:fd:c8:30:58:47:30:06:2b:2d:af:8d:11:
         14:38:53:83:87:02:37:8d:d9:1a:b2:c8:92:b5:0b:a1:39:ab:
         2a:5a:57:b9:bd:6b:1c:c7:d4:0d:ca:0e:0d:36:a0:73:99:a8:
         e6:85:52:fa:76:73:c4:ac:73:83:b3:1a:1e:91:a5:9a:8e:a0:
         74:16:3c:72:98:ed:e8:9e:83:37:03:2a:9f:2a:d4:86:34:92:
         a3:36:3f:18:5b:08:d5:80:55:2b:38:f3:14:9f:5e:a5:40:83:
         a5:69:1d:c9:b4:0b:7c:2e:8f:5c:dc:e1:39:09:c7:2d:f2:7a:
         e9:04:7b:5d:f6:48:e7:84:14:14:d6:a3:92:8d:aa:d0:a9:4a:
         a3:c8:e6:03:ec:27:f4:97:2c:b2:74:32:0a:15:2f:ba:76:9e:
         c5:18:21:a6:f4:3a:50:1d:8d:83:b1:92:eb:d9:1b:d6:cc:72:
         90:3b:55:48:fa:2d:a1:03:45:ea:1d:9d:83:4a:48:15:70:68:
         1b:c0:2b:f5:a9:ba:8d:c1:7a:e1:bd:df:25:eb:5c:6e:c8:fa:
         f7:57:1d:95
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUA2S4pk0JPW2JuPccZJHYD4xbpMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTM2OTEwRjNDMzk5NUQ3Q0NDMDZBREMyRjE1MkZGRDRB
MTY4RjI0QzAeFw0yNDAzMDUxNzUwMTVaFw0yNTAzMDQxNzU1MTVaMDMxMTAvBgNV
BAMTKDcyQTI0MzI2QjgxMjQ5MENFQjUwMEI4MUIyQTEwQTY5NDlCNzU5NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHRy1y5d52OKq2PQWuppGh1SSW
jfMDexn1H5tXh1zdfftCv5bb5ylNax8NgerqfktNdcA/X7rc+dCbW3TDDRBUZ1yk
MeuVdZwqzh6OrNFUUrJSEvhq8WjNF3/K38iyf3LJvyAVV2Zgi79lEccOFDzctWU3
+BwcnTL4/aZBVBz5MF2JeVxIrxOZG9eWC5tOlMzWJLenoHjkaEb7pZelCttzcszT
1dqH56IaBQsZD/SArpfuFRifxkA6nMfGHI1UN5+ZQIZ7v20afNeOTwD9yHlx8iw/
cXkcoCX9OKNz6qAsak3qWG43hYVbQd8PWjoA0Y2zsBro5LioWgWOBGrkM5EBAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUcqJDJrgSSQzrUAuBsqEKaUm3WWcwHwYDVR0j
BBgwFoAUo2kQ88OZXXzMBq3C8VL/1KFo8kwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NzM5OUM1MTNCNjNBODczNzI3NUMxMjk3QjM3MDkwNEUw
NDcyMDk5N0ZFN0Y4RDEyNEQ5QjU0N0NDM0VERTdBLzAvQTM2OTEwRjNDMzk5NUQ3
Q0NDMDZBREMyRjE1MkZGRDRBMTY4RjI0Qy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMzY5MTBGM0MzOTk1RDdDQ0Mw
NkFEQzJGMTUyRkZENEExNjhGMjRDLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTczOTlDNTEzQjYzQTg3MzcyNzVDMTI5N0IzNzA5MDRFMDQ3MjA5OTdG
RTdGOEQxMjREOUI1NDdDQzNFREU3QS8wLzMxMzkzMDJlMzEzMDM0MmUzMjMwMzAy
ZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzMTMxMzAzMTM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvmjI
MA0GCSqGSIb3DQEBCwUAA4IBAQAloezQ4VLrePX73djIYkmi8zw5bMZGzeK2I9Xv
OW1o6aWKsLJMui12vlH9yDBYRzAGKy2vjREUOFODhwI3jdkassiStQuhOasqWle5
vWscx9QNyg4NNqBzmajmhVL6dnPErHODsxoekaWajqB0FjxymO3onoM3AyqfKtSG
NJKjNj8YWwjVgFUrOPMUn16lQIOlaR3JtAt8Lo9c3OE5Ccct8nrpBHtd9kjnhBQU
1qOSjarQqUqjyOYD7Cf0lyyydDIKFS+6dp7FGCGm9DpQHY2DsZLr2RvWzHKQO1VI
+i2hA0XqHZ2DSkgVcGgbwCv1qbqNwXrhvd8l61xuyPr3Vx2V
-----END CERTIFICATE-----
Generated at Tue Nov 19 17:52:29 2024 by rpki-client on console-ams.rpki-client.org