Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5AE3FAF8B48149878FA72C6C8B85A317DD0DA696660834DEA597254200506983/0/3230312e3135392e35362e302f32312d3234203d3e203532323535.roa
File:                     3230312e3135392e35362e302f32312d3234203d3e203532323535.roa (raw, json)
Hash identifier:          WouR61JeXa3xqC67ka65qgDak1z5dVXv1VdHd1cngxs=
Subject key identifier:   6B:81:31:37:35:6A:AD:0D:99:A5:A9:AD:DC:D2:7B:DC:23:F3:C3:53
Certificate issuer:       /CN=07A392B2A81913D27F04B16E33DA798EA5E4B8A3
Certificate serial:       5FB9D7BC6C5FEC7D1CE56B904C4D72565719C564
Authority key identifier: 07:A3:92:B2:A8:19:13:D2:7F:04:B1:6E:33:DA:79:8E:A5:E4:B8:A3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/07A392B2A81913D27F04B16E33DA798EA5E4B8A3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5AE3FAF8B48149878FA72C6C8B85A317DD0DA696660834DEA597254200506983/0/3230312e3135392e35362e302f32312d3234203d3e203532323535.roa
Signing time:             Tue 05 Mar 2024 17:52:53 +0000
ROA not before:           Tue 05 Mar 2024 17:47:53 +0000
ROA not after:            Tue 04 Mar 2025 17:52:53 +0000
asID:                     52255
IP address blocks:        201.159.56.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5AE3FAF8B48149878FA72C6C8B85A317DD0DA696660834DEA597254200506983/0/07A392B2A81913D27F04B16E33DA798EA5E4B8A3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5AE3FAF8B48149878FA72C6C8B85A317DD0DA696660834DEA597254200506983/0/07A392B2A81913D27F04B16E33DA798EA5E4B8A3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/07A392B2A81913D27F04B16E33DA798EA5E4B8A3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 21 Jul 2024 04:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:b9:d7:bc:6c:5f:ec:7d:1c:e5:6b:90:4c:4d:72:56:57:19:c5:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07A392B2A81913D27F04B16E33DA798EA5E4B8A3
        Validity
            Not Before: Mar  5 17:47:53 2024 GMT
            Not After : Mar  4 17:52:53 2025 GMT
        Subject: CN=6B813137356AAD0D99A5A9ADDCD27BDC23F3C353
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:32:cc:f4:57:69:ea:6d:e4:f2:d4:c0:b2:33:
                    57:5e:38:7f:c1:0b:39:b0:37:c3:af:df:32:5c:b5:
                    d9:36:16:f9:48:ac:89:21:82:1b:10:fb:45:d7:10:
                    b7:c6:cc:3e:e2:4e:b9:7a:bd:03:8f:69:b4:82:0e:
                    04:73:49:3e:54:2d:32:1e:4a:02:21:fd:a4:b5:45:
                    82:2b:81:43:e5:a8:e8:34:0d:99:e9:42:7f:09:c4:
                    e1:ba:6e:6b:1b:d8:5b:cc:2e:d5:73:23:0b:85:cc:
                    32:4e:60:50:aa:06:21:37:1a:de:73:ec:78:dd:93:
                    c0:7a:1c:60:42:0d:88:c9:55:8b:72:30:0a:4a:52:
                    0d:6d:ae:2a:cd:e5:8a:4f:a8:59:51:6d:cc:42:49:
                    5d:79:40:6a:8b:28:b9:7a:63:d2:66:b8:a5:ba:a7:
                    46:5b:3b:85:17:bb:ad:58:06:3f:71:e2:b7:7a:ad:
                    3c:08:81:cd:87:9d:ff:de:af:22:bd:94:52:37:cb:
                    af:21:24:d2:e1:a5:37:f6:08:d0:04:ea:07:62:46:
                    ca:26:98:c1:79:4b:8d:d4:0e:ec:93:23:ef:b9:f8:
                    c2:1f:bf:ce:5d:3d:5a:21:5b:44:63:88:36:d3:93:
                    ec:87:ad:3e:ae:57:07:be:37:e4:70:a0:66:bb:3e:
                    4d:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:81:31:37:35:6A:AD:0D:99:A5:A9:AD:DC:D2:7B:DC:23:F3:C3:53
            X509v3 Authority Key Identifier:
                keyid:07:A3:92:B2:A8:19:13:D2:7F:04:B1:6E:33:DA:79:8E:A5:E4:B8:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5AE3FAF8B48149878FA72C6C8B85A317DD0DA696660834DEA597254200506983/0/07A392B2A81913D27F04B16E33DA798EA5E4B8A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/07A392B2A81913D27F04B16E33DA798EA5E4B8A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5AE3FAF8B48149878FA72C6C8B85A317DD0DA696660834DEA597254200506983/0/3230312e3135392e35362e302f32312d3234203d3e203532323535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.159.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         25:ee:86:e1:a4:c5:3c:57:fe:d9:94:97:b3:10:7f:04:97:46:
         be:4b:5d:9f:b6:5b:7f:87:d1:e3:63:cd:42:9f:85:2b:7d:46:
         2e:7b:c1:19:29:3e:d7:f0:ac:02:37:5d:d5:26:ea:80:ae:c0:
         3b:b3:3b:53:de:7c:1a:4b:fd:3b:40:6e:20:0b:1e:1a:ff:36:
         e9:0b:ac:ec:4b:48:b4:36:e1:86:98:9f:96:ea:39:d0:1d:00:
         20:ad:ff:36:b8:ad:25:c0:9c:46:f2:36:ac:c6:c3:a7:88:61:
         0f:3f:a4:13:af:3c:bf:5d:b5:2a:fe:66:aa:d6:69:3c:77:6a:
         78:37:f4:90:8a:e0:fe:96:43:10:91:f0:d3:c2:04:c1:6a:8a:
         2e:ca:f2:14:3e:1e:a6:c3:08:88:50:01:b4:0a:39:a7:8f:97:
         ee:a3:71:56:48:87:fb:1b:f5:80:f7:3a:7f:82:fc:1d:f3:da:
         b6:6a:8a:8e:e2:d3:36:d0:fd:11:cf:c0:a0:94:ab:54:b0:9d:
         fa:56:91:a1:38:1b:86:c8:42:23:6e:18:81:57:48:f4:d9:3b:
         67:6f:08:d4:24:c7:87:58:6b:d7:9f:87:77:3d:fc:6c:b5:bd:
         16:81:9f:c1:7a:ae:ae:84:dd:19:27:f9:f2:c3:68:78:de:3c:
         17:7a:ab:54
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUX7nXvGxf7H0c5WuQTE1yVlcZxWQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDdBMzkyQjJBODE5MTNEMjdGMDRCMTZFMzNEQTc5OEVB
NUU0QjhBMzAeFw0yNDAzMDUxNzQ3NTNaFw0yNTAzMDQxNzUyNTNaMDMxMTAvBgNV
BAMTKDZCODEzMTM3MzU2QUFEMEQ5OUE1QTlBRERDRDI3QkRDMjNGM0MzNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCGMsz0V2nqbeTy1MCyM1deOH/B
CzmwN8Ov3zJctdk2FvlIrIkhghsQ+0XXELfGzD7iTrl6vQOPabSCDgRzST5ULTIe
SgIh/aS1RYIrgUPlqOg0DZnpQn8JxOG6bmsb2FvMLtVzIwuFzDJOYFCqBiE3Gt5z
7Hjdk8B6HGBCDYjJVYtyMApKUg1trirN5YpPqFlRbcxCSV15QGqLKLl6Y9JmuKW6
p0ZbO4UXu61YBj9x4rd6rTwIgc2Hnf/eryK9lFI3y68hJNLhpTf2CNAE6gdiRsom
mMF5S43UDuyTI++5+MIfv85dPVohW0RjiDbTk+yHrT6uVwe+N+RwoGa7Pk3NAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUa4ExNzVqrQ2Zpamt3NJ73CPzw1MwHwYDVR0j
BBgwFoAUB6OSsqgZE9J/BLFuM9p5jqXkuKMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81QUUzRkFGOEI0ODE0OTg3OEZBNzJDNkM4Qjg1QTMxN0RE
MERBNjk2NjYwODM0REVBNTk3MjU0MjAwNTA2OTgzLzAvMDdBMzkyQjJBODE5MTNE
MjdGMDRCMTZFMzNEQTc5OEVBNUU0QjhBMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wN0EzOTJCMkE4MTkxM0QyN0Yw
NEIxNkUzM0RBNzk4RUE1RTRCOEEzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUFFM0ZBRjhCNDgxNDk4NzhGQTcyQzZDOEI4NUEzMTdERDBEQTY5NjY2
MDgzNERFQTU5NzI1NDIwMDUwNjk4My8wLzMyMzAzMTJlMzEzNTM5MmUzNTM2MmUz
MDJmMzIzMTJkMzIzNDIwM2QzZTIwMzUzMjMyMzUzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8mfODAN
BgkqhkiG9w0BAQsFAAOCAQEAJe6G4aTFPFf+2ZSXsxB/BJdGvktdn7Zbf4fR42PN
Qp+FK31GLnvBGSk+1/CsAjdd1SbqgK7AO7M7U958Gkv9O0BuIAseGv826Qus7EtI
tDbhhpifluo50B0AIK3/NritJcCcRvI2rMbDp4hhDz+kE688v121Kv5mqtZpPHdq
eDf0kIrg/pZDEJHw08IEwWqKLsryFD4epsMIiFABtAo5p4+X7qNxVkiH+xv1gPc6
f4L8HfPatmqKjuLTNtD9Ec/AoJSrVLCd+laRoTgbhshCI24YgVdI9Nk7Z28I1CTH
h1hr15+Hdz38bLW9FoGfwXquroTdGSf58sNoeN48F3qrVA==
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:16:10 2024 by rpki-client on console-ams.rpki-client.org