Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/636FF6D8D8EC63E16B2FEC4411B685E89C831C4E1924C0D16A5BF1D9FFD965EE/0/3139302e3130382e3139382e302f32332d3234203d3e203532323533.roa
File:                     3139302e3130382e3139382e302f32332d3234203d3e203532323533.roa (raw, json)
Hash identifier:          7XXl75BNP6FqPC8Q5LVjaoTz5aH3rSVGkb1V9K8XNLc=
Subject key identifier:   5D:99:CB:1D:32:C3:FE:B5:38:29:E8:7D:EB:BC:48:27:A8:2A:41:0C
Certificate issuer:       /CN=430B8CC1EC30DC6EF3BF59369DAA6F85C022BC14
Certificate serial:       6114A859E9855852E116A6343FD3807C1FA3BF5B
Authority key identifier: 43:0B:8C:C1:EC:30:DC:6E:F3:BF:59:36:9D:AA:6F:85:C0:22:BC:14
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/430B8CC1EC30DC6EF3BF59369DAA6F85C022BC14.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/636FF6D8D8EC63E16B2FEC4411B685E89C831C4E1924C0D16A5BF1D9FFD965EE/0/3139302e3130382e3139382e302f32332d3234203d3e203532323533.roa
Signing time:             Tue 05 Mar 2024 18:18:37 +0000
ROA not before:           Tue 05 Mar 2024 18:13:37 +0000
ROA not after:            Tue 04 Mar 2025 18:18:37 +0000
asID:                     52253
IP address blocks:        190.108.198.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/636FF6D8D8EC63E16B2FEC4411B685E89C831C4E1924C0D16A5BF1D9FFD965EE/0/430B8CC1EC30DC6EF3BF59369DAA6F85C022BC14.crl
                          rsync://repository.lacnic.net/rpki/lacnic/636FF6D8D8EC63E16B2FEC4411B685E89C831C4E1924C0D16A5BF1D9FFD965EE/0/430B8CC1EC30DC6EF3BF59369DAA6F85C022BC14.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/430B8CC1EC30DC6EF3BF59369DAA6F85C022BC14.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:14:a8:59:e9:85:58:52:e1:16:a6:34:3f:d3:80:7c:1f:a3:bf:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=430B8CC1EC30DC6EF3BF59369DAA6F85C022BC14
        Validity
            Not Before: Mar  5 18:13:37 2024 GMT
            Not After : Mar  4 18:18:37 2025 GMT
        Subject: CN=5D99CB1D32C3FEB53829E87DEBBC4827A82A410C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:7b:db:f3:d4:52:18:3f:e6:68:6a:61:0e:d8:
                    61:3e:21:b0:d0:34:e6:97:4c:ec:e6:a2:d9:ff:44:
                    88:d1:2f:c2:1b:78:3f:19:84:57:0b:7c:19:01:dc:
                    a7:97:3a:31:30:33:82:9d:69:c2:1a:6f:f4:78:95:
                    20:3e:b5:65:35:cc:f7:40:87:76:5e:ac:d5:70:c5:
                    4b:37:a6:c7:72:aa:90:fd:7d:50:ff:97:23:0f:bb:
                    3a:6e:c7:fa:bd:42:6a:ff:e2:c8:d8:0d:0b:65:e3:
                    9a:85:fa:04:57:19:29:e9:5d:17:21:00:c3:90:8a:
                    e4:ae:c8:ca:56:e5:b7:df:73:c8:b6:79:48:db:f1:
                    33:c1:31:d2:cb:81:db:7e:36:21:f9:ab:f0:52:12:
                    25:6b:fb:c9:04:35:0e:23:c1:80:c5:59:15:a5:32:
                    fd:58:d6:ad:fc:07:f6:14:b0:da:b1:3f:32:db:27:
                    79:4f:72:89:0b:1e:b0:3d:f2:fb:c7:5b:a4:07:f9:
                    e3:c7:dd:e3:70:64:07:49:5b:09:69:b8:b3:df:ff:
                    d2:b0:d8:4d:5a:70:61:51:71:fa:23:22:b8:cd:66:
                    6a:d4:e8:f0:93:3e:05:4c:68:93:3c:4c:f7:4a:1b:
                    31:9e:b8:35:86:11:96:24:e5:bb:ca:df:77:d7:cd:
                    ab:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:99:CB:1D:32:C3:FE:B5:38:29:E8:7D:EB:BC:48:27:A8:2A:41:0C
            X509v3 Authority Key Identifier:
                keyid:43:0B:8C:C1:EC:30:DC:6E:F3:BF:59:36:9D:AA:6F:85:C0:22:BC:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/636FF6D8D8EC63E16B2FEC4411B685E89C831C4E1924C0D16A5BF1D9FFD965EE/0/430B8CC1EC30DC6EF3BF59369DAA6F85C022BC14.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/430B8CC1EC30DC6EF3BF59369DAA6F85C022BC14.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/636FF6D8D8EC63E16B2FEC4411B685E89C831C4E1924C0D16A5BF1D9FFD965EE/0/3139302e3130382e3139382e302f32332d3234203d3e203532323533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.108.198.0/23

    Signature Algorithm: sha256WithRSAEncryption
         20:37:9b:de:7d:d5:d5:a4:08:ea:cf:7c:6b:fd:d7:b5:70:98:
         c1:a5:34:5d:6b:e1:8d:48:44:d5:09:29:75:11:75:ec:ee:05:
         ea:a8:4d:e4:40:04:c4:84:81:f5:73:c2:9d:25:be:6c:6a:d5:
         7c:62:36:cf:c0:4a:4a:d3:70:92:1a:e6:c9:05:39:35:52:85:
         66:dc:94:45:2a:b0:d4:54:bf:e9:ee:94:1a:25:3c:52:42:13:
         f5:b0:2d:f8:08:73:f0:f2:07:03:02:77:f2:dd:a7:45:d8:e8:
         1e:5e:93:14:62:6e:82:1c:08:89:4c:f1:f7:1c:16:5c:76:7d:
         41:28:2d:ff:54:4a:54:b7:08:92:9e:cb:f9:38:94:6f:e6:56:
         b4:95:31:13:d5:a6:bc:b1:f3:da:70:fe:3b:95:b5:03:f3:60:
         5d:f6:35:e0:98:56:e0:a5:f4:aa:58:ed:fb:6f:8b:cc:d9:82:
         b8:38:1f:38:25:b2:bd:b9:63:09:ae:b0:1c:46:fb:2c:4f:57:
         77:4e:73:d9:aa:8e:47:38:2d:9b:64:85:88:92:d3:fa:f3:02:
         d4:0d:e2:52:3d:72:dc:7e:e8:05:d2:5a:7f:40:af:28:8f:5b:
         97:68:8d:cf:f3:b9:83:9a:9a:1d:fd:6f:f3:e2:f9:76:78:23:
         b0:b6:da:2c
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUYRSoWemFWFLhFqY0P9OAfB+jv1swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDMwQjhDQzFFQzMwREM2RUYzQkY1OTM2OURBQTZGODVD
MDIyQkMxNDAeFw0yNDAzMDUxODEzMzdaFw0yNTAzMDQxODE4MzdaMDMxMTAvBgNV
BAMTKDVEOTlDQjFEMzJDM0ZFQjUzODI5RTg3REVCQkM0ODI3QTgyQTQxMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4e9vz1FIYP+ZoamEO2GE+IbDQ
NOaXTOzmotn/RIjRL8IbeD8ZhFcLfBkB3KeXOjEwM4KdacIab/R4lSA+tWU1zPdA
h3ZerNVwxUs3psdyqpD9fVD/lyMPuzpux/q9Qmr/4sjYDQtl45qF+gRXGSnpXRch
AMOQiuSuyMpW5bffc8i2eUjb8TPBMdLLgdt+NiH5q/BSEiVr+8kENQ4jwYDFWRWl
Mv1Y1q38B/YUsNqxPzLbJ3lPcokLHrA98vvHW6QH+ePH3eNwZAdJWwlpuLPf/9Kw
2E1acGFRcfojIrjNZmrU6PCTPgVMaJM8TPdKGzGeuDWGEZYk5bvK33fXzavpAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUXZnLHTLD/rU4Keh967xIJ6gqQQwwHwYDVR0j
BBgwFoAUQwuMweww3G7zv1k2napvhcAivBQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82MzZGRjZEOEQ4RUM2M0UxNkIyRkVDNDQxMUI2ODVFODlD
ODMxQzRFMTkyNEMwRDE2QTVCRjFEOUZGRDk2NUVFLzAvNDMwQjhDQzFFQzMwREM2
RUYzQkY1OTM2OURBQTZGODVDMDIyQkMxNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80MzBCOENDMUVDMzBEQzZFRjNC
RjU5MzY5REFBNkY4NUMwMjJCQzE0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjM2RkY2RDhEOEVDNjNFMTZCMkZFQzQ0MTFCNjg1RTg5QzgzMUM0RTE5
MjRDMEQxNkE1QkYxRDlGRkQ5NjVFRS8wLzMxMzkzMDJlMzEzMDM4MmUzMTM5Mzgy
ZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNTMyMzIzNTMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvmzG
MA0GCSqGSIb3DQEBCwUAA4IBAQAgN5vefdXVpAjqz3xr/de1cJjBpTRda+GNSETV
CSl1EXXs7gXqqE3kQATEhIH1c8KdJb5satV8YjbPwEpK03CSGubJBTk1UoVm3JRF
KrDUVL/p7pQaJTxSQhP1sC34CHPw8gcDAnfy3adF2OgeXpMUYm6CHAiJTPH3HBZc
dn1BKC3/VEpUtwiSnsv5OJRv5la0lTET1aa8sfPacP47lbUD82Bd9jXgmFbgpfSq
WO37b4vM2YK4OB84JbK9uWMJrrAcRvssT1d3TnPZqo5HOC2bZIWIktP68wLUDeJS
PXLcfugF0lp/QK8oj1uXaI3P87mDmpod/W/z4vl2eCOwttos
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:44:48 2024 by rpki-client on console-ams.rpki-client.org