Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/597F7AA232F21919B58016692954265E42C59FFE514E65734CE69AF641E8E827/0/3136342e3136332e3136302e302f32322d3234203d3e20323636383637.roa
File:                     3136342e3136332e3136302e302f32322d3234203d3e20323636383637.roa (raw, json)
Hash identifier:          Rignw3LgqiOhZLxOwCO5yypMeVOv6lE6w9tyq0jq4E8=
Subject key identifier:   2E:C8:1A:EB:36:1A:69:24:0E:38:B2:0F:AF:B8:64:40:83:91:B2:3F
Certificate issuer:       /CN=EB6F7C65D0D0E90316E9740CDF465857E2002AA0
Certificate serial:       309F5D081CC96A1EB5DA5BF44698F189D8101812
Authority key identifier: EB:6F:7C:65:D0:D0:E9:03:16:E9:74:0C:DF:46:58:57:E2:00:2A:A0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EB6F7C65D0D0E90316E9740CDF465857E2002AA0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/597F7AA232F21919B58016692954265E42C59FFE514E65734CE69AF641E8E827/0/3136342e3136332e3136302e302f32322d3234203d3e20323636383637.roa
Signing time:             Tue 05 Mar 2024 17:42:32 +0000
ROA not before:           Tue 05 Mar 2024 17:37:32 +0000
ROA not after:            Tue 04 Mar 2025 17:42:32 +0000
asID:                     266867
IP address blocks:        164.163.160.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/597F7AA232F21919B58016692954265E42C59FFE514E65734CE69AF641E8E827/0/EB6F7C65D0D0E90316E9740CDF465857E2002AA0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/597F7AA232F21919B58016692954265E42C59FFE514E65734CE69AF641E8E827/0/EB6F7C65D0D0E90316E9740CDF465857E2002AA0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EB6F7C65D0D0E90316E9740CDF465857E2002AA0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Jul 2024 02:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:9f:5d:08:1c:c9:6a:1e:b5:da:5b:f4:46:98:f1:89:d8:10:18:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB6F7C65D0D0E90316E9740CDF465857E2002AA0
        Validity
            Not Before: Mar  5 17:37:32 2024 GMT
            Not After : Mar  4 17:42:32 2025 GMT
        Subject: CN=2EC81AEB361A69240E38B20FAFB864408391B23F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:bc:38:0a:62:d8:3a:5b:d3:77:d5:11:fb:c6:
                    cc:5b:bc:93:ca:7e:83:15:de:bb:21:27:da:0c:12:
                    03:47:89:72:89:fa:67:25:9b:86:86:3c:b4:8e:c0:
                    4f:01:4a:7a:51:62:81:3d:d6:fb:26:f1:5b:6e:df:
                    41:13:04:ed:53:63:59:d5:51:2d:42:e9:7d:da:48:
                    16:fa:6f:a9:0a:21:05:c2:2a:22:a1:75:f7:b5:e6:
                    9a:d6:88:15:a9:dc:2b:ec:d9:e6:97:51:99:bf:9b:
                    f5:51:40:4f:58:cf:b8:10:9c:fb:0b:99:5b:d5:ba:
                    2c:2d:a1:a0:de:e9:ba:ea:7f:18:db:03:7c:3d:67:
                    b1:ca:46:ca:05:29:a9:f2:9f:9c:86:a4:bd:95:2b:
                    43:3c:af:94:e4:07:a9:00:38:3a:62:74:06:54:49:
                    3f:aa:ce:45:6b:8d:d3:ba:d3:86:b0:8f:d8:b9:c0:
                    bf:7c:55:8a:3c:be:d2:ea:89:36:f2:4d:51:ed:2b:
                    64:54:be:39:a1:98:5d:bd:d1:19:47:ce:14:4c:d8:
                    e0:2d:65:0f:81:51:7b:87:19:f3:3d:25:24:84:72:
                    f7:eb:99:44:34:e5:7e:4f:03:b5:0d:0f:e7:18:02:
                    37:4f:a7:66:33:15:0a:08:34:82:a3:fe:31:78:9b:
                    13:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:C8:1A:EB:36:1A:69:24:0E:38:B2:0F:AF:B8:64:40:83:91:B2:3F
            X509v3 Authority Key Identifier:
                keyid:EB:6F:7C:65:D0:D0:E9:03:16:E9:74:0C:DF:46:58:57:E2:00:2A:A0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/597F7AA232F21919B58016692954265E42C59FFE514E65734CE69AF641E8E827/0/EB6F7C65D0D0E90316E9740CDF465857E2002AA0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EB6F7C65D0D0E90316E9740CDF465857E2002AA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/597F7AA232F21919B58016692954265E42C59FFE514E65734CE69AF641E8E827/0/3136342e3136332e3136302e302f32322d3234203d3e20323636383637.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.163.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         25:46:ef:85:90:60:6e:a5:79:52:06:25:c6:75:e2:5a:84:1d:
         c1:68:b6:8b:3b:e1:85:7e:db:c8:39:8f:5a:8c:46:a7:ac:1b:
         3f:13:3c:82:d2:9f:61:05:81:6e:7b:3e:59:c4:06:09:3a:b0:
         49:50:f9:45:af:53:30:19:70:70:70:aa:76:52:53:5c:7f:1a:
         81:7c:1a:33:3d:10:3b:b2:37:86:93:d8:50:98:51:10:ea:31:
         f5:e5:bb:b3:cb:52:c6:a1:df:93:ad:3c:c8:5b:02:e0:ff:ca:
         13:e8:f7:82:28:5b:46:ad:2b:9f:c9:59:2a:c4:a9:6d:40:cd:
         24:97:51:dc:2e:00:dd:a6:3d:e1:ea:ad:83:6d:38:30:90:c8:
         76:09:ce:af:d1:d2:71:11:ef:c3:16:98:f2:85:d9:89:c0:92:
         6e:5b:a2:1f:f8:d3:1a:9e:42:c6:35:6b:56:6c:70:2a:3d:72:
         17:0b:4f:fa:3a:15:22:52:4b:9f:dd:1c:62:ce:d4:5d:24:56:
         34:f1:9a:f6:c5:74:56:b5:7a:c5:91:ed:64:b6:3d:29:98:38:
         d1:da:31:4e:e8:05:57:ac:46:71:22:4c:15:7d:c7:bb:ab:9b:
         11:61:22:43:a4:b8:8c:5c:51:ec:fa:61:26:f1:46:04:27:99:
         7c:43:c5:72
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUMJ9dCBzJah612lv0RpjxidgQGBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUI2RjdDNjVEMEQwRTkwMzE2RTk3NDBDREY0NjU4NTdF
MjAwMkFBMDAeFw0yNDAzMDUxNzM3MzJaFw0yNTAzMDQxNzQyMzJaMDMxMTAvBgNV
BAMTKDJFQzgxQUVCMzYxQTY5MjQwRTM4QjIwRkFGQjg2NDQwODM5MUIyM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjvDgKYtg6W9N31RH7xsxbvJPK
foMV3rshJ9oMEgNHiXKJ+mclm4aGPLSOwE8BSnpRYoE91vsm8Vtu30ETBO1TY1nV
US1C6X3aSBb6b6kKIQXCKiKhdfe15prWiBWp3Cvs2eaXUZm/m/VRQE9Yz7gQnPsL
mVvVuiwtoaDe6brqfxjbA3w9Z7HKRsoFKanyn5yGpL2VK0M8r5TkB6kAODpidAZU
ST+qzkVrjdO604awj9i5wL98VYo8vtLqiTbyTVHtK2RUvjmhmF290RlHzhRM2OAt
ZQ+BUXuHGfM9JSSEcvfrmUQ05X5PA7UND+cYAjdPp2YzFQoINIKj/jF4mxPhAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQULsga6zYaaSQOOLIPr7hkQIORsj8wHwYDVR0j
BBgwFoAU6298ZdDQ6QMW6XQM30ZYV+IAKqAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81OTdGN0FBMjMyRjIxOTE5QjU4MDE2NjkyOTU0MjY1RTQy
QzU5RkZFNTE0RTY1NzM0Q0U2OUFGNjQxRThFODI3LzAvRUI2RjdDNjVEMEQwRTkw
MzE2RTk3NDBDREY0NjU4NTdFMjAwMkFBMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FQjZGN0M2NUQwRDBFOTAzMTZF
OTc0MENERjQ2NTg1N0UyMDAyQUEwLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTk3RjdBQTIzMkYyMTkxOUI1ODAxNjY5Mjk1NDI2NUU0MkM1OUZGRTUx
NEU2NTczNENFNjlBRjY0MUU4RTgyNy8wLzMxMzYzNDJlMzEzNjMzMmUzMTM2MzAy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzYzODM2Mzcucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKk
o6AwDQYJKoZIhvcNAQELBQADggEBACVG74WQYG6leVIGJcZ14lqEHcFotos74YV+
28g5j1qMRqesGz8TPILSn2EFgW57PlnEBgk6sElQ+UWvUzAZcHBwqnZSU1x/GoF8
GjM9EDuyN4aT2FCYURDqMfXlu7PLUsah35OtPMhbAuD/yhPo94IoW0atK5/JWSrE
qW1AzSSXUdwuAN2mPeHqrYNtODCQyHYJzq/R0nER78MWmPKF2YnAkm5boh/40xqe
QsY1a1ZscCo9chcLT/o6FSJSS5/dHGLO1F0kVjTxmvbFdFa1esWR7WS2PSmYONHa
MU7oBVesRnEiTBV9x7urmxFhIkOkuIxcUez6YSbxRgQnmXxDxXI=
-----END CERTIFICATE-----
Generated at Thu Jul 11 07:23:35 2024 by rpki-client on console-fra.rpki-client.org