Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/63B98F93D01E90BFE5D56BFBD45D2A441BE3B790695A98DD8BDF6BBF3CC3DC2D/0/3137302e3234342e35322e302f32322d3232203d3e203633303233.roa
File:                     3137302e3234342e35322e302f32322d3232203d3e203633303233.roa (raw, json)
Hash identifier:          kBM0UgjC7rrDA85aEfJXEQDMqMDrrgNuCU9lr1wy12s=
Subject key identifier:   6A:81:5C:F3:79:DB:6C:82:A6:27:7E:26:D1:C5:4F:9F:23:A3:86:D6
Certificate issuer:       /CN=64CA902FE672A198EBE9410C4C09F2FFF81502BB
Certificate serial:       260233733747F7B79D4BDF55AEA206C16885A939
Authority key identifier: 64:CA:90:2F:E6:72:A1:98:EB:E9:41:0C:4C:09:F2:FF:F8:15:02:BB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/64CA902FE672A198EBE9410C4C09F2FFF81502BB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/63B98F93D01E90BFE5D56BFBD45D2A441BE3B790695A98DD8BDF6BBF3CC3DC2D/0/3137302e3234342e35322e302f32322d3232203d3e203633303233.roa
Signing time:             Tue 05 Mar 2024 18:09:49 +0000
ROA not before:           Tue 05 Mar 2024 18:04:49 +0000
ROA not after:            Tue 04 Mar 2025 18:09:49 +0000
asID:                     63023
IP address blocks:        170.244.52.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/63B98F93D01E90BFE5D56BFBD45D2A441BE3B790695A98DD8BDF6BBF3CC3DC2D/0/64CA902FE672A198EBE9410C4C09F2FFF81502BB.crl
                          rsync://repository.lacnic.net/rpki/lacnic/63B98F93D01E90BFE5D56BFBD45D2A441BE3B790695A98DD8BDF6BBF3CC3DC2D/0/64CA902FE672A198EBE9410C4C09F2FFF81502BB.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/64CA902FE672A198EBE9410C4C09F2FFF81502BB.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:02:33:73:37:47:f7:b7:9d:4b:df:55:ae:a2:06:c1:68:85:a9:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64CA902FE672A198EBE9410C4C09F2FFF81502BB
        Validity
            Not Before: Mar  5 18:04:49 2024 GMT
            Not After : Mar  4 18:09:49 2025 GMT
        Subject: CN=6A815CF379DB6C82A6277E26D1C54F9F23A386D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:8b:af:46:12:80:0c:ff:ee:56:41:1b:0d:7e:
                    cf:5b:56:75:97:84:99:fe:77:c1:8c:9b:78:9d:57:
                    7b:02:ca:bb:6e:49:de:6e:0e:22:18:9e:c2:99:c3:
                    45:fc:19:24:31:e3:aa:30:21:c5:31:d3:cd:d1:e8:
                    a0:21:b6:d9:3b:ad:b7:b8:4f:1d:4a:fa:b7:54:a8:
                    a4:9a:89:e0:cb:51:44:31:91:33:c6:c2:fa:a3:66:
                    6e:14:ce:7c:c3:00:85:ea:7b:3a:63:01:08:3a:08:
                    41:48:63:f8:96:de:27:5a:56:05:07:70:83:39:b3:
                    d4:88:cf:f3:35:95:61:27:3b:e8:72:49:fc:12:d2:
                    3d:c9:36:5a:96:38:e3:e4:36:67:2a:53:c8:6f:66:
                    32:b8:6d:89:43:6e:ce:9e:a0:c3:83:93:f9:29:4d:
                    68:2a:41:ff:0a:cd:fb:9e:25:e9:03:89:4f:50:7d:
                    85:f7:88:6b:f2:ae:fd:0a:86:d6:cc:0d:be:e0:7a:
                    48:54:d4:fe:2d:10:23:8d:f7:c3:3e:a3:97:1b:eb:
                    8b:cd:8b:6b:7a:ad:2c:6e:89:e3:a7:03:9a:ba:be:
                    81:17:7e:bb:17:c6:7d:a2:92:64:be:b0:33:7c:aa:
                    d1:ca:d7:d2:62:0d:60:0f:ad:4f:16:46:a0:d5:42:
                    4f:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:81:5C:F3:79:DB:6C:82:A6:27:7E:26:D1:C5:4F:9F:23:A3:86:D6
            X509v3 Authority Key Identifier:
                keyid:64:CA:90:2F:E6:72:A1:98:EB:E9:41:0C:4C:09:F2:FF:F8:15:02:BB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/63B98F93D01E90BFE5D56BFBD45D2A441BE3B790695A98DD8BDF6BBF3CC3DC2D/0/64CA902FE672A198EBE9410C4C09F2FFF81502BB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/64CA902FE672A198EBE9410C4C09F2FFF81502BB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/63B98F93D01E90BFE5D56BFBD45D2A441BE3B790695A98DD8BDF6BBF3CC3DC2D/0/3137302e3234342e35322e302f32322d3232203d3e203633303233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.244.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         35:04:e9:fb:06:27:02:e4:fc:91:54:37:64:6a:26:b1:c0:0d:
         bc:7e:56:b6:4b:3f:25:6e:eb:59:73:76:39:b5:6e:8f:c9:97:
         b8:1f:62:a9:34:56:75:01:e4:d8:ba:53:4f:b4:2d:c3:f5:e4:
         80:ab:57:1e:17:e8:23:22:0b:a0:a7:3b:ba:dc:48:15:94:f7:
         df:6a:bf:08:12:cd:e4:5b:9d:39:19:ec:b0:5f:12:d0:bd:2c:
         5d:e7:ba:90:c1:33:40:b0:56:9b:c4:a9:ea:f7:28:78:a1:c6:
         55:c0:59:65:b2:2b:bd:22:6f:79:8f:35:54:cc:22:e0:52:72:
         e1:db:e4:1a:e7:e1:e7:5e:a6:e5:c1:89:a3:ae:f5:a9:8e:10:
         d8:ed:5a:7d:51:37:c9:61:23:9b:39:87:44:6c:97:16:d2:fe:
         12:56:9f:10:6e:39:e8:89:d7:70:ba:e9:21:b0:bb:65:04:de:
         7f:b7:6b:65:a3:a0:1d:89:8f:48:79:4b:09:56:f1:b7:fb:d4:
         b0:b3:b4:db:55:d5:e7:db:8a:18:36:e3:dc:ce:50:3a:49:7d:
         20:7f:4f:8d:53:46:f2:fc:0d:15:19:6c:7a:4d:6d:4f:04:0a:
         dc:b6:44:15:e0:2c:02:ea:28:b5:f1:27:8b:67:6d:9a:33:06:
         46:a1:af:79
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUJgIzczdH97edS99VrqIGwWiFqTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjRDQTkwMkZFNjcyQTE5OEVCRTk0MTBDNEMwOUYyRkZG
ODE1MDJCQjAeFw0yNDAzMDUxODA0NDlaFw0yNTAzMDQxODA5NDlaMDMxMTAvBgNV
BAMTKDZBODE1Q0YzNzlEQjZDODJBNjI3N0UyNkQxQzU0RjlGMjNBMzg2RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyi69GEoAM/+5WQRsNfs9bVnWX
hJn+d8GMm3idV3sCyrtuSd5uDiIYnsKZw0X8GSQx46owIcUx083R6KAhttk7rbe4
Tx1K+rdUqKSaieDLUUQxkTPGwvqjZm4UznzDAIXqezpjAQg6CEFIY/iW3idaVgUH
cIM5s9SIz/M1lWEnO+hySfwS0j3JNlqWOOPkNmcqU8hvZjK4bYlDbs6eoMODk/kp
TWgqQf8KzfueJekDiU9QfYX3iGvyrv0KhtbMDb7gekhU1P4tECON98M+o5cb64vN
i2t6rSxuieOnA5q6voEXfrsXxn2ikmS+sDN8qtHK19JiDWAPrU8WRqDVQk//AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUaoFc83nbbIKmJ34m0cVPnyOjhtYwHwYDVR0j
BBgwFoAUZMqQL+ZyoZjr6UEMTAny//gVArswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82M0I5OEY5M0QwMUU5MEJGRTVENTZCRkJENDVEMkE0NDFC
RTNCNzkwNjk1QTk4REQ4QkRGNkJCRjNDQzNEQzJELzAvNjRDQTkwMkZFNjcyQTE5
OEVCRTk0MTBDNEMwOUYyRkZGODE1MDJCQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NENBOTAyRkU2NzJBMTk4RUJF
OTQxMEM0QzA5RjJGRkY4MTUwMkJCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjNCOThGOTNEMDFFOTBCRkU1RDU2QkZCRDQ1RDJBNDQxQkUzQjc5MDY5
NUE5OEREOEJERjZCQkYzQ0MzREMyRC8wLzMxMzczMDJlMzIzNDM0MmUzNTMyMmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzYzMzMwMzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqr0NDAN
BgkqhkiG9w0BAQsFAAOCAQEANQTp+wYnAuT8kVQ3ZGomscANvH5Wtks/JW7rWXN2
ObVuj8mXuB9iqTRWdQHk2LpTT7Qtw/XkgKtXHhfoIyILoKc7utxIFZT332q/CBLN
5FudORnssF8S0L0sXee6kMEzQLBWm8Sp6vcoeKHGVcBZZbIrvSJveY81VMwi4FJy
4dvkGufh516m5cGJo671qY4Q2O1afVE3yWEjmzmHRGyXFtL+ElafEG456InXcLrp
IbC7ZQTef7drZaOgHYmPSHlLCVbxt/vUsLO021XV59uKGDbj3M5QOkl9IH9PjVNG
8vwNFRlsek1tTwQK3LZEFeAsAuootfEni2dtmjMGRqGveQ==
-----END CERTIFICATE-----
Generated at Sun Dec 8 23:48:14 2024 by rpki-client on console-fra.rpki-client.org