Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/3136382e3233322e37362e302f32322d3234203d3e203532323836.roa
File:                     3136382e3233322e37362e302f32322d3234203d3e203532323836.roa (raw, json)
Hash identifier:          d66sVOZYJMdWJTgLhb5GXYM83Xva4htqm/JbaksDcpM=
Subject key identifier:   40:C3:5F:90:1F:68:DD:28:34:90:81:94:24:5D:EB:1E:0D:14:64:41
Certificate issuer:       /CN=241DE049AC3C932631785D79E6569AB7CF57A340
Certificate serial:       16876904DFE2898B352CFEB2E8D1B1AAD7EE2FC5
Authority key identifier: 24:1D:E0:49:AC:3C:93:26:31:78:5D:79:E6:56:9A:B7:CF:57:A3:40
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/241DE049AC3C932631785D79E6569AB7CF57A340.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/3136382e3233322e37362e302f32322d3234203d3e203532323836.roa
Signing time:             Tue 05 Mar 2024 17:54:33 +0000
ROA not before:           Tue 05 Mar 2024 17:49:33 +0000
ROA not after:            Tue 04 Mar 2025 17:54:33 +0000
asID:                     52286
IP address blocks:        168.232.76.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/241DE049AC3C932631785D79E6569AB7CF57A340.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/241DE049AC3C932631785D79E6569AB7CF57A340.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/241DE049AC3C932631785D79E6569AB7CF57A340.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:87:69:04:df:e2:89:8b:35:2c:fe:b2:e8:d1:b1:aa:d7:ee:2f:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=241DE049AC3C932631785D79E6569AB7CF57A340
        Validity
            Not Before: Mar  5 17:49:33 2024 GMT
            Not After : Mar  4 17:54:33 2025 GMT
        Subject: CN=40C35F901F68DD2834908194245DEB1E0D146441
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ba:10:6f:5c:5b:ed:8a:fa:76:c9:a0:f3:a1:
                    f1:b0:fe:3e:88:0f:16:32:1f:32:ac:b7:6f:0d:ff:
                    c1:9c:d2:14:63:8f:ad:5e:ef:90:d8:1a:40:b7:30:
                    5c:cb:40:9f:dd:a9:f3:1d:ab:6e:72:8a:a1:13:3b:
                    d3:00:ea:8a:3b:f1:fb:23:6e:06:15:31:11:b5:0f:
                    75:ba:b8:f1:3e:f8:fb:39:4a:df:bc:b7:25:00:6b:
                    c7:9b:44:f6:f6:7e:5f:bd:a6:1a:66:65:b7:20:61:
                    93:42:f6:8a:bd:82:c0:b5:1d:08:df:5e:b3:23:45:
                    89:21:db:fa:a1:3e:61:8c:d3:91:f7:0c:33:c5:a1:
                    7d:d1:53:7a:b4:0f:03:78:42:32:be:be:b7:a7:64:
                    10:87:61:95:ef:b3:a9:b6:8f:23:cb:f8:78:2a:7d:
                    04:3d:db:61:44:73:06:23:a4:a9:86:92:1e:f9:76:
                    04:a4:fa:37:f0:18:b2:b6:d3:93:6a:c6:8a:7c:42:
                    17:03:2d:5c:1a:27:81:47:9a:3c:b9:d6:65:64:cb:
                    be:fb:8a:27:93:23:2f:03:b7:a8:e1:8e:58:8e:8b:
                    ec:2f:0e:67:bd:da:35:7a:7a:5f:d8:74:69:45:f6:
                    e3:0f:3b:03:67:d3:a6:65:ba:e3:99:ff:b0:cb:c7:
                    f4:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:C3:5F:90:1F:68:DD:28:34:90:81:94:24:5D:EB:1E:0D:14:64:41
            X509v3 Authority Key Identifier:
                keyid:24:1D:E0:49:AC:3C:93:26:31:78:5D:79:E6:56:9A:B7:CF:57:A3:40

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/241DE049AC3C932631785D79E6569AB7CF57A340.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/241DE049AC3C932631785D79E6569AB7CF57A340.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/3136382e3233322e37362e302f32322d3234203d3e203532323836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.232.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5b:8f:03:ae:7e:66:71:c2:98:73:be:ad:6f:b5:94:9a:0d:30:
         b4:a9:62:eb:13:d6:ed:e6:86:d9:b4:95:7d:04:c5:f2:5d:54:
         07:70:bc:26:43:d4:46:bc:d8:5a:c1:f4:da:bb:55:67:eb:2b:
         1c:50:ec:e7:6a:9e:4d:3d:c1:73:35:75:e2:c6:38:74:b8:e8:
         7f:10:fb:e6:de:33:c3:a7:17:0f:e8:b5:5e:33:58:14:da:aa:
         16:24:4a:c2:63:6f:fa:6f:ae:69:20:93:d4:02:c8:6e:8e:f1:
         20:07:b4:47:3f:40:be:db:e7:7c:45:83:f5:9b:84:f8:7a:73:
         db:08:d6:98:43:ce:f7:e9:6c:05:d8:2d:94:b0:f8:7a:d7:9d:
         cd:04:bc:40:e2:c8:8a:ed:a0:54:bb:0a:10:3a:43:bd:88:b0:
         e2:cd:cb:2e:aa:e7:b0:3b:4f:59:16:76:67:8e:85:cb:08:79:
         1b:ea:af:1e:0a:5f:ab:04:b3:a1:08:d6:e8:a5:2f:49:22:1d:
         78:c7:fc:1c:5f:4e:67:6e:a5:c7:20:79:91:77:0d:e8:08:43:
         1a:41:95:be:be:49:d2:8c:16:c1:cd:aa:be:71:5e:e2:28:ea:
         b6:3e:98:32:80:69:d4:f1:52:db:df:cc:7e:8d:52:4c:6c:03:
         fe:53:4e:93
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUFodpBN/iiYs1LP6y6NGxqtfuL8UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjQxREUwNDlBQzNDOTMyNjMxNzg1RDc5RTY1NjlBQjdD
RjU3QTM0MDAeFw0yNDAzMDUxNzQ5MzNaFw0yNTAzMDQxNzU0MzNaMDMxMTAvBgNV
BAMTKDQwQzM1RjkwMUY2OEREMjgzNDkwODE5NDI0NURFQjFFMEQxNDY0NDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFuhBvXFvtivp2yaDzofGw/j6I
DxYyHzKst28N/8Gc0hRjj61e75DYGkC3MFzLQJ/dqfMdq25yiqETO9MA6oo78fsj
bgYVMRG1D3W6uPE++Ps5St+8tyUAa8ebRPb2fl+9phpmZbcgYZNC9oq9gsC1HQjf
XrMjRYkh2/qhPmGM05H3DDPFoX3RU3q0DwN4QjK+vrenZBCHYZXvs6m2jyPL+Hgq
fQQ922FEcwYjpKmGkh75dgSk+jfwGLK205Nqxop8QhcDLVwaJ4FHmjy51mVky777
iieTIy8Dt6jhjliOi+wvDme92jV6el/YdGlF9uMPOwNn06ZluuOZ/7DLx/TXAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUQMNfkB9o3Sg0kIGUJF3rHg0UZEEwHwYDVR0j
BBgwFoAUJB3gSaw8kyYxeF155laat89Xo0AwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81RDhGNTFCMUQxNjU3QkYzNjY2MTQ1MTFBMjA1ODFCREVE
MDNCMzJGQkNENUU5RDQ3MUFGOTg2QkE0MzYyMTFCLzAvMjQxREUwNDlBQzNDOTMy
NjMxNzg1RDc5RTY1NjlBQjdDRjU3QTM0MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNDFERTA0OUFDM0M5MzI2MzE3
ODVENzlFNjU2OUFCN0NGNTdBMzQwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUQ4RjUxQjFEMTY1N0JGMzY2NjE0NTExQTIwNTgxQkRFRDAzQjMyRkJD
RDVFOUQ0NzFBRjk4NkJBNDM2MjExQi8wLzMxMzYzODJlMzIzMzMyMmUzNzM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzUzMjMyMzgzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqjoTDAN
BgkqhkiG9w0BAQsFAAOCAQEAW48Drn5mccKYc76tb7WUmg0wtKli6xPW7eaG2bSV
fQTF8l1UB3C8JkPURrzYWsH02rtVZ+srHFDs52qeTT3BczV14sY4dLjofxD75t4z
w6cXD+i1XjNYFNqqFiRKwmNv+m+uaSCT1ALIbo7xIAe0Rz9AvtvnfEWD9ZuE+Hpz
2wjWmEPO9+lsBdgtlLD4etedzQS8QOLIiu2gVLsKEDpDvYiw4s3LLqrnsDtPWRZ2
Z46Fywh5G+qvHgpfqwSzoQjW6KUvSSIdeMf8HF9OZ26lxyB5kXcN6AhDGkGVvr5J
0owWwc2qvnFe4ijqtj6YMoBp1PFS29/Mfo1STGwD/lNOkw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:46:59 2024 by rpki-client on console-ams.rpki-client.org