Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5B996C1AF21FC5FB59BE1C349AAA90661D63D6846477746596187E432F8F5F23/0/3139322e3138382e3139362e302f32342d3234203d3e203237393437.roa
File:                     3139322e3138382e3139362e302f32342d3234203d3e203237393437.roa (raw, json)
Hash identifier:          lG08vqNGwFX/RkVd2x4t5afjKBac8G4PEJGHhiAOKFA=
Subject key identifier:   62:78:2E:36:0F:54:D2:4D:1C:15:CB:1D:8A:7C:E2:08:C6:20:8F:B5
Certificate issuer:       /CN=962E09CED777E3B6E30D51D97754EF33B1DFD373
Certificate serial:       7381D80A38CB87555D5E0DAA0DBFFCE6876968A0
Authority key identifier: 96:2E:09:CE:D7:77:E3:B6:E3:0D:51:D9:77:54:EF:33:B1:DF:D3:73
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/962E09CED777E3B6E30D51D97754EF33B1DFD373.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5B996C1AF21FC5FB59BE1C349AAA90661D63D6846477746596187E432F8F5F23/0/3139322e3138382e3139362e302f32342d3234203d3e203237393437.roa
Signing time:             Tue 05 Mar 2024 17:50:33 +0000
ROA not before:           Tue 05 Mar 2024 17:45:33 +0000
ROA not after:            Tue 04 Mar 2025 17:50:33 +0000
asID:                     27947
IP address blocks:        192.188.196.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5B996C1AF21FC5FB59BE1C349AAA90661D63D6846477746596187E432F8F5F23/0/962E09CED777E3B6E30D51D97754EF33B1DFD373.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5B996C1AF21FC5FB59BE1C349AAA90661D63D6846477746596187E432F8F5F23/0/962E09CED777E3B6E30D51D97754EF33B1DFD373.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/962E09CED777E3B6E30D51D97754EF33B1DFD373.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 19:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:81:d8:0a:38:cb:87:55:5d:5e:0d:aa:0d:bf:fc:e6:87:69:68:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=962E09CED777E3B6E30D51D97754EF33B1DFD373
        Validity
            Not Before: Mar  5 17:45:33 2024 GMT
            Not After : Mar  4 17:50:33 2025 GMT
        Subject: CN=62782E360F54D24D1C15CB1D8A7CE208C6208FB5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2b:f0:4d:2a:2a:84:88:77:4a:b9:85:c1:fb:
                    11:2d:a0:aa:69:56:16:2b:1e:77:5f:b9:eb:74:3c:
                    de:15:25:91:fd:38:fa:cc:99:78:8c:ba:e9:44:a0:
                    50:60:5b:84:ac:35:af:e1:3c:44:2f:72:84:2c:85:
                    a7:28:32:8c:ea:f2:57:dc:e2:db:f2:6a:52:30:93:
                    ab:81:4a:4b:16:43:c2:68:4f:51:53:78:4d:3e:1b:
                    e2:af:6b:ca:35:a7:36:bb:38:9b:2a:ff:15:25:41:
                    c3:81:31:f0:d5:b0:40:ca:db:32:b8:1d:80:e4:82:
                    48:b8:55:57:3d:28:60:b7:da:90:a2:95:3c:fc:de:
                    7f:89:00:6b:02:7c:bb:12:66:65:7a:17:d1:17:c9:
                    d1:68:c4:2a:51:be:e0:28:05:45:6c:b1:3e:4a:42:
                    73:49:35:11:ca:02:11:ed:1a:be:48:0c:93:6b:07:
                    56:09:2d:ce:97:1e:bf:10:b6:45:0d:a4:21:df:5b:
                    ef:49:3f:f5:29:10:bf:07:ee:63:41:8a:8b:86:9c:
                    34:1c:b5:8b:03:bf:a5:a5:c6:18:9a:b0:f5:95:f4:
                    9a:2b:ec:d9:95:ed:e3:20:0b:28:5a:e3:06:92:33:
                    63:02:f5:09:8c:b6:8d:90:9a:24:73:16:62:06:f7:
                    90:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:78:2E:36:0F:54:D2:4D:1C:15:CB:1D:8A:7C:E2:08:C6:20:8F:B5
            X509v3 Authority Key Identifier:
                keyid:96:2E:09:CE:D7:77:E3:B6:E3:0D:51:D9:77:54:EF:33:B1:DF:D3:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5B996C1AF21FC5FB59BE1C349AAA90661D63D6846477746596187E432F8F5F23/0/962E09CED777E3B6E30D51D97754EF33B1DFD373.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/962E09CED777E3B6E30D51D97754EF33B1DFD373.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5B996C1AF21FC5FB59BE1C349AAA90661D63D6846477746596187E432F8F5F23/0/3139322e3138382e3139362e302f32342d3234203d3e203237393437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.188.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:67:f1:2b:ae:89:6a:51:05:0a:3f:88:59:82:5a:21:a0:c5:
         a8:11:48:86:42:a6:59:19:a4:36:fd:90:b2:db:2f:e1:4e:91:
         90:39:d8:bc:20:c4:fe:57:75:99:97:c4:45:58:20:9c:e0:d9:
         88:49:b8:76:99:7e:7b:d1:49:49:c0:56:4e:e6:db:45:bc:25:
         73:da:75:75:3a:28:c1:7c:86:40:36:e7:d2:55:48:4c:36:2a:
         ce:66:72:30:14:65:f4:ca:e1:81:c5:49:5c:38:56:a6:62:cc:
         e5:56:ae:48:4c:36:f2:6a:03:99:b5:68:d3:23:d7:a5:f2:18:
         49:54:80:3c:96:7a:59:f5:93:d6:90:f5:74:30:a0:6f:18:c1:
         e7:7d:fa:de:de:89:46:85:21:bc:92:42:a9:cf:e8:89:cb:62:
         af:6d:8b:c6:d5:e5:f4:2f:71:3c:71:f8:a5:e4:0e:2e:10:e1:
         ec:a8:eb:11:2d:5c:25:7b:f1:89:10:d9:0e:3e:b2:39:76:f2:
         a5:16:4a:73:2e:aa:51:93:a0:a8:9d:50:fa:e8:c7:71:fa:87:
         bc:a2:b5:85:3a:5d:d1:e0:1d:09:85:46:bd:2c:6d:f7:a1:d7:
         e4:81:d4:d0:a2:0d:2c:3d:cf:a8:18:f6:6c:e8:c0:ad:bb:ab:
         c7:39:67:2f
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUc4HYCjjLh1VdXg2qDb/85odpaKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTYyRTA5Q0VENzc3RTNCNkUzMEQ1MUQ5Nzc1NEVGMzNC
MURGRDM3MzAeFw0yNDAzMDUxNzQ1MzNaFw0yNTAzMDQxNzUwMzNaMDMxMTAvBgNV
BAMTKDYyNzgyRTM2MEY1NEQyNEQxQzE1Q0IxRDhBN0NFMjA4QzYyMDhGQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9K/BNKiqEiHdKuYXB+xEtoKpp
VhYrHndfuet0PN4VJZH9OPrMmXiMuulEoFBgW4SsNa/hPEQvcoQshacoMozq8lfc
4tvyalIwk6uBSksWQ8JoT1FTeE0+G+Kva8o1pza7OJsq/xUlQcOBMfDVsEDK2zK4
HYDkgki4VVc9KGC32pCilTz83n+JAGsCfLsSZmV6F9EXydFoxCpRvuAoBUVssT5K
QnNJNRHKAhHtGr5IDJNrB1YJLc6XHr8QtkUNpCHfW+9JP/UpEL8H7mNBiouGnDQc
tYsDv6WlxhiasPWV9Jor7NmV7eMgCyha4waSM2MC9QmMto2QmiRzFmIG95ArAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUYnguNg9U0k0cFcsdinziCMYgj7UwHwYDVR0j
BBgwFoAUli4Jztd347bjDVHZd1TvM7Hf03MwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81Qjk5NkMxQUYyMUZDNUZCNTlCRTFDMzQ5QUFBOTA2NjFE
NjNENjg0NjQ3Nzc0NjU5NjE4N0U0MzJGOEY1RjIzLzAvOTYyRTA5Q0VENzc3RTNC
NkUzMEQ1MUQ5Nzc1NEVGMzNCMURGRDM3My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85NjJFMDlDRUQ3NzdFM0I2RTMw
RDUxRDk3NzU0RUYzM0IxREZEMzczLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUI5OTZDMUFGMjFGQzVGQjU5QkUxQzM0OUFBQTkwNjYxRDYzRDY4NDY0
Nzc3NDY1OTYxODdFNDMyRjhGNUYyMy8wLzMxMzkzMjJlMzEzODM4MmUzMTM5MzYy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzkzNDM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwLzE
MA0GCSqGSIb3DQEBCwUAA4IBAQCoZ/ErrolqUQUKP4hZglohoMWoEUiGQqZZGaQ2
/ZCy2y/hTpGQOdi8IMT+V3WZl8RFWCCc4NmISbh2mX570UlJwFZO5ttFvCVz2nV1
OijBfIZANufSVUhMNirOZnIwFGX0yuGBxUlcOFamYszlVq5ITDbyagOZtWjTI9el
8hhJVIA8lnpZ9ZPWkPV0MKBvGMHnffre3olGhSG8kkKpz+iJy2KvbYvG1eX0L3E8
cfil5A4uEOHsqOsRLVwle/GJENkOPrI5dvKlFkpzLqpRk6ConVD66Mdx+oe8orWF
Ol3R4B0JhUa9LG33odfkgdTQog0sPc+oGPZs6MCtu6vHOWcv
-----END CERTIFICATE-----
Generated at Tue Dec 10 19:44:05 2024 by rpki-client on console-ams.rpki-client.org