Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5BDE3AF68B1A87E79458AA6D1B175E1357B89802F0F2404ECD7C130E77A36FF5/0/3139302e352e3231322e302f32322d3233203d3e20323632313834.roa
File:                     3139302e352e3231322e302f32322d3233203d3e20323632313834.roa (raw, json)
Hash identifier:          zFIppVR2e8ytu8N+Ha0xT7It1c2tHz3RSHWgEglZo/8=
Subject key identifier:   C1:97:77:71:55:E5:FB:BE:BB:65:B9:FA:29:56:3E:45:C1:C2:27:4F
Certificate issuer:       /CN=56CC624428BCED9F377BAC95D562A585D509F1B4
Certificate serial:       588E10EBA1D1363A2FD7B8560BC968558DEF766F
Authority key identifier: 56:CC:62:44:28:BC:ED:9F:37:7B:AC:95:D5:62:A5:85:D5:09:F1:B4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/56CC624428BCED9F377BAC95D562A585D509F1B4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5BDE3AF68B1A87E79458AA6D1B175E1357B89802F0F2404ECD7C130E77A36FF5/0/3139302e352e3231322e302f32322d3233203d3e20323632313834.roa
Signing time:             Tue 05 Mar 2024 18:13:21 +0000
ROA not before:           Tue 05 Mar 2024 18:08:21 +0000
ROA not after:            Tue 04 Mar 2025 18:13:21 +0000
asID:                     262184
IP address blocks:        190.5.212.0/22 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5BDE3AF68B1A87E79458AA6D1B175E1357B89802F0F2404ECD7C130E77A36FF5/0/56CC624428BCED9F377BAC95D562A585D509F1B4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5BDE3AF68B1A87E79458AA6D1B175E1357B89802F0F2404ECD7C130E77A36FF5/0/56CC624428BCED9F377BAC95D562A585D509F1B4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/56CC624428BCED9F377BAC95D562A585D509F1B4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 21 Jun 2024 08:25:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:8e:10:eb:a1:d1:36:3a:2f:d7:b8:56:0b:c9:68:55:8d:ef:76:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56CC624428BCED9F377BAC95D562A585D509F1B4
        Validity
            Not Before: Mar  5 18:08:21 2024 GMT
            Not After : Mar  4 18:13:21 2025 GMT
        Subject: CN=C197777155E5FBBEBB65B9FA29563E45C1C2274F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:65:e0:05:e9:60:56:02:7b:cd:a3:83:62:ff:
                    b1:09:b2:25:8c:3e:b4:e9:1f:ed:92:f3:7b:56:6c:
                    43:f2:4c:2a:45:94:24:61:9d:e4:e5:f9:5b:dc:d0:
                    ba:0d:ac:d0:33:17:f7:ef:82:40:dc:79:4f:66:e0:
                    20:04:57:00:ba:5b:4f:f0:e8:8e:67:c0:23:74:90:
                    2e:83:4d:df:19:09:bf:7e:2b:20:cf:7b:76:63:90:
                    0c:26:4c:3c:29:9c:6d:5c:69:83:b6:45:be:5e:a8:
                    5e:bd:ed:8f:69:73:a5:3a:01:38:be:8e:48:9e:bc:
                    e9:13:7d:cd:50:a0:43:e4:a1:6e:f5:fc:dc:63:61:
                    8e:5c:0d:54:55:3c:73:c5:8e:93:2d:b6:9d:1f:09:
                    3b:5f:5d:bb:7d:84:d1:34:b9:38:09:7f:73:8b:a6:
                    f6:f8:78:1f:62:3c:c2:fb:38:f2:bd:3f:0b:14:3b:
                    9f:8c:69:8a:83:55:7a:d8:8a:4c:0f:3b:97:92:90:
                    f4:03:fe:ca:b6:ec:e6:9f:40:e3:41:05:68:ec:9c:
                    04:b4:c3:8e:06:44:a1:ed:c5:3a:70:45:02:40:e3:
                    f7:04:c2:e7:fd:56:17:52:77:70:29:90:76:60:6a:
                    fa:c6:2b:2e:23:19:85:0f:d1:ea:87:ef:4d:45:33:
                    ef:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:97:77:71:55:E5:FB:BE:BB:65:B9:FA:29:56:3E:45:C1:C2:27:4F
            X509v3 Authority Key Identifier:
                keyid:56:CC:62:44:28:BC:ED:9F:37:7B:AC:95:D5:62:A5:85:D5:09:F1:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5BDE3AF68B1A87E79458AA6D1B175E1357B89802F0F2404ECD7C130E77A36FF5/0/56CC624428BCED9F377BAC95D562A585D509F1B4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/56CC624428BCED9F377BAC95D562A585D509F1B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5BDE3AF68B1A87E79458AA6D1B175E1357B89802F0F2404ECD7C130E77A36FF5/0/3139302e352e3231322e302f32322d3233203d3e20323632313834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.5.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b5:19:3a:39:c0:99:ba:47:86:e8:3c:f4:a3:bd:70:4a:e9:b6:
         ef:46:9c:7f:c8:94:4f:fb:be:d5:67:b1:d9:90:9f:c7:19:83:
         4f:1f:e6:c1:35:a5:d6:f9:7e:04:87:7a:5e:29:55:16:7a:7f:
         5e:61:08:73:a1:17:63:ff:f4:9a:da:cb:3b:3a:b5:99:69:d9:
         20:61:c7:9b:2e:bd:41:66:8f:38:0a:6a:d1:42:64:0a:63:19:
         15:2e:57:0f:7a:e9:82:b3:b0:b5:9b:41:c5:cc:05:6e:48:06:
         25:22:f8:9e:70:73:5c:08:71:c8:eb:ad:6c:8a:a8:cd:af:e3:
         83:15:9c:ae:d1:47:03:c3:bb:6b:3b:18:b2:2b:7f:f4:cc:97:
         6c:10:99:4f:4b:84:06:67:5b:80:cc:70:5e:c7:69:f1:e2:ce:
         d9:22:3b:d4:ce:0f:66:1d:bd:2a:d6:a4:61:0f:df:1c:c3:09:
         c0:2b:be:4b:1d:f7:4e:47:e0:19:b6:b7:f6:ad:64:93:5f:ca:
         c5:0e:f7:d9:f0:10:74:5f:b0:8f:5a:2a:66:cc:c9:9a:45:e7:
         60:bb:b3:2c:f3:78:95:0f:27:53:c1:d3:58:63:a1:e7:0a:7c:
         3b:33:6e:9d:ca:e7:ea:3d:7f:d1:6d:05:d3:a2:3a:55:5e:18:
         59:e8:88:11
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUWI4Q66HRNjov17hWC8loVY3vdm8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTZDQzYyNDQyOEJDRUQ5RjM3N0JBQzk1RDU2MkE1ODVE
NTA5RjFCNDAeFw0yNDAzMDUxODA4MjFaFw0yNTAzMDQxODEzMjFaMDMxMTAvBgNV
BAMTKEMxOTc3NzcxNTVFNUZCQkVCQjY1QjlGQTI5NTYzRTQ1QzFDMjI3NEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmZeAF6WBWAnvNo4Ni/7EJsiWM
PrTpH+2S83tWbEPyTCpFlCRhneTl+Vvc0LoNrNAzF/fvgkDceU9m4CAEVwC6W0/w
6I5nwCN0kC6DTd8ZCb9+KyDPe3ZjkAwmTDwpnG1caYO2Rb5eqF697Y9pc6U6ATi+
jkievOkTfc1QoEPkoW71/NxjYY5cDVRVPHPFjpMttp0fCTtfXbt9hNE0uTgJf3OL
pvb4eB9iPML7OPK9PwsUO5+MaYqDVXrYikwPO5eSkPQD/sq27OafQONBBWjsnAS0
w44GRKHtxTpwRQJA4/cEwuf9VhdSd3ApkHZgavrGKy4jGYUP0eqH701FM++NAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUwZd3cVXl+767Zbn6KVY+RcHCJ08wHwYDVR0j
BBgwFoAUVsxiRCi87Z83e6yV1WKlhdUJ8bQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81QkRFM0FGNjhCMUE4N0U3OTQ1OEFBNkQxQjE3NUUxMzU3
Qjg5ODAyRjBGMjQwNEVDRDdDMTMwRTc3QTM2RkY1LzAvNTZDQzYyNDQyOEJDRUQ5
RjM3N0JBQzk1RDU2MkE1ODVENTA5RjFCNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81NkNDNjI0NDI4QkNFRDlGMzc3
QkFDOTVENTYyQTU4NUQ1MDlGMUI0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUJERTNBRjY4QjFBODdFNzk0NThBQTZEMUIxNzVFMTM1N0I4OTgwMkYw
RjI0MDRFQ0Q3QzEzMEU3N0EzNkZGNS8wLzMxMzkzMDJlMzUyZTMyMzEzMjJlMzAy
ZjMyMzIyZDMyMzMyMDNkM2UyMDMyMzYzMjMxMzgzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAr4F1DAN
BgkqhkiG9w0BAQsFAAOCAQEAtRk6OcCZukeG6Dz0o71wSum270acf8iUT/u+1Wex
2ZCfxxmDTx/mwTWl1vl+BId6XilVFnp/XmEIc6EXY//0mtrLOzq1mWnZIGHHmy69
QWaPOApq0UJkCmMZFS5XD3rpgrOwtZtBxcwFbkgGJSL4nnBzXAhxyOutbIqoza/j
gxWcrtFHA8O7azsYsit/9MyXbBCZT0uEBmdbgMxwXsdp8eLO2SI71M4PZh29Ktak
YQ/fHMMJwCu+Sx33TkfgGba39q1kk1/KxQ732fAQdF+wj1oqZszJmkXnYLuzLPN4
lQ8nU8HTWGOh5wp8OzNuncrn6j1/0W0F06I6VV4YWeiIEQ==
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:41:11 2024 by rpki-client on console-ams.rpki-client.org