Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/3139302e3130362e36342e302f32302d3234203d3e203238303232.roa
File:                     3139302e3130362e36342e302f32302d3234203d3e203238303232.roa (raw, json)
Hash identifier:          vGptCy49nSrDMp9wIbKIPZToIt9cCGURqHC8Jd5ZK/c=
Subject key identifier:   B3:9D:70:4B:E1:7D:E9:08:16:47:80:8E:3A:76:D7:86:EF:25:B7:EB
Certificate issuer:       /CN=2000BFC4CE0B56183990500772974F91AC5629B4
Certificate serial:       1CC4C40E99C9D5A2ADA3AF4E06544981BD41CC2E
Authority key identifier: 20:00:BF:C4:CE:0B:56:18:39:90:50:07:72:97:4F:91:AC:56:29:B4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2000BFC4CE0B56183990500772974F91AC5629B4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/3139302e3130362e36342e302f32302d3234203d3e203238303232.roa
Signing time:             Tue 05 Mar 2024 18:02:25 +0000
ROA not before:           Tue 05 Mar 2024 17:57:25 +0000
ROA not after:            Tue 04 Mar 2025 18:02:25 +0000
asID:                     28022
IP address blocks:        190.106.64.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/2000BFC4CE0B56183990500772974F91AC5629B4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/2000BFC4CE0B56183990500772974F91AC5629B4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2000BFC4CE0B56183990500772974F91AC5629B4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 22 May 2024 10:19:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:c4:c4:0e:99:c9:d5:a2:ad:a3:af:4e:06:54:49:81:bd:41:cc:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2000BFC4CE0B56183990500772974F91AC5629B4
        Validity
            Not Before: Mar  5 17:57:25 2024 GMT
            Not After : Mar  4 18:02:25 2025 GMT
        Subject: CN=B39D704BE17DE9081647808E3A76D786EF25B7EB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:60:36:c8:24:7f:94:75:42:1d:72:f4:34:41:
                    71:02:6b:a0:dd:7a:d8:7e:8e:eb:95:ac:b4:65:14:
                    17:f2:db:e8:35:e6:04:e3:17:2e:e0:d4:a4:b3:4a:
                    cc:32:4d:98:39:11:5c:70:0b:cc:8b:3c:36:9f:35:
                    27:58:76:9d:ff:af:a7:10:29:9a:bf:ba:4a:54:61:
                    06:7f:e8:98:cf:db:40:14:d3:5c:d8:92:62:ce:88:
                    9d:50:e1:de:05:70:72:7c:f5:f6:a7:94:92:47:77:
                    83:cf:50:18:9c:79:31:7b:77:56:c8:f5:c3:9f:28:
                    26:4e:25:b1:91:3c:3d:3f:94:a1:e8:4d:fa:91:ce:
                    a6:b8:c5:06:4a:1b:18:ab:d4:4e:1a:03:dd:2e:fc:
                    34:15:00:b7:4c:52:27:ec:3f:82:6c:2f:d7:2f:0b:
                    ee:98:05:e5:62:d5:09:ce:fa:45:90:a2:1f:4c:3a:
                    61:1e:08:73:93:dc:2f:89:b4:27:36:a5:b9:e9:ac:
                    ba:a7:79:81:dc:06:ce:a6:f9:7a:83:72:75:a5:f4:
                    1e:25:75:53:20:22:77:6b:2c:20:55:0b:f7:48:15:
                    9c:d7:8a:e0:3d:6e:62:84:0e:01:79:3b:60:86:c8:
                    89:22:a2:84:d9:96:2b:77:11:ce:1e:92:2d:3b:60:
                    36:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:9D:70:4B:E1:7D:E9:08:16:47:80:8E:3A:76:D7:86:EF:25:B7:EB
            X509v3 Authority Key Identifier:
                keyid:20:00:BF:C4:CE:0B:56:18:39:90:50:07:72:97:4F:91:AC:56:29:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/2000BFC4CE0B56183990500772974F91AC5629B4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2000BFC4CE0B56183990500772974F91AC5629B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/651B06C59A0B162BEE25D0591333AEC2EC1921B263E89EE760DC7B75FAFABF55/0/3139302e3130362e36342e302f32302d3234203d3e203238303232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.106.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         69:1f:81:d1:56:a4:14:87:bd:5b:20:58:dc:ea:b7:d7:25:64:
         c1:ef:84:94:2e:2e:39:2d:20:30:d9:e6:15:67:9f:63:b8:53:
         53:52:cf:a4:e4:36:e5:90:b5:c2:ba:5e:c9:fb:86:19:9f:62:
         3b:bc:fb:2e:e2:89:35:2c:86:d7:4b:f7:c4:7c:ce:1c:f3:49:
         e3:27:3a:4e:07:60:3b:e3:09:18:b7:ac:cd:2e:7b:cf:45:88:
         72:c5:87:ce:1f:cc:6e:75:fe:fe:7c:86:b2:2f:4d:51:8c:9c:
         3a:67:d2:31:c7:8d:b8:78:18:bb:9e:47:b0:35:ea:65:1a:19:
         0c:5e:f8:a6:48:6d:8b:d4:2f:3d:81:a4:0f:e8:77:f1:06:3b:
         8f:62:07:85:19:4f:a3:9c:b4:38:33:ff:b0:19:77:67:ac:36:
         b3:da:14:29:75:f9:46:01:0e:7a:fd:18:64:15:c4:02:54:c1:
         13:44:26:d4:6f:03:11:81:f6:16:b2:18:be:cf:68:17:c1:01:
         9c:02:09:29:24:1b:f7:de:42:43:60:69:2a:3e:80:55:b2:09:
         2e:fc:0c:a6:fe:26:c5:63:f6:da:b2:dc:0e:72:9f:c3:00:72:
         9e:0c:95:b7:9c:f3:c1:b5:94:e1:44:eb:fc:70:44:a5:ed:f6:
         f8:0e:31:8a
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUHMTEDpnJ1aKto69OBlRJgb1BzC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjAwMEJGQzRDRTBCNTYxODM5OTA1MDA3NzI5NzRGOTFB
QzU2MjlCNDAeFw0yNDAzMDUxNzU3MjVaFw0yNTAzMDQxODAyMjVaMDMxMTAvBgNV
BAMTKEIzOUQ3MDRCRTE3REU5MDgxNjQ3ODA4RTNBNzZENzg2RUYyNUI3RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbYDbIJH+UdUIdcvQ0QXECa6Dd
eth+juuVrLRlFBfy2+g15gTjFy7g1KSzSswyTZg5EVxwC8yLPDafNSdYdp3/r6cQ
KZq/ukpUYQZ/6JjP20AU01zYkmLOiJ1Q4d4FcHJ89fanlJJHd4PPUBiceTF7d1bI
9cOfKCZOJbGRPD0/lKHoTfqRzqa4xQZKGxir1E4aA90u/DQVALdMUifsP4JsL9cv
C+6YBeVi1QnO+kWQoh9MOmEeCHOT3C+JtCc2pbnprLqneYHcBs6m+XqDcnWl9B4l
dVMgIndrLCBVC/dIFZzXiuA9bmKEDgF5O2CGyIkiooTZlit3Ec4eki07YDYxAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUs51wS+F96QgWR4COOnbXhu8lt+swHwYDVR0j
BBgwFoAUIAC/xM4LVhg5kFAHcpdPkaxWKbQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82NTFCMDZDNTlBMEIxNjJCRUUyNUQwNTkxMzMzQUVDMkVD
MTkyMUIyNjNFODlFRTc2MERDN0I3NUZBRkFCRjU1LzAvMjAwMEJGQzRDRTBCNTYx
ODM5OTA1MDA3NzI5NzRGOTFBQzU2MjlCNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMDAwQkZDNENFMEI1NjE4Mzk5
MDUwMDc3Mjk3NEY5MUFDNTYyOUI0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjUxQjA2QzU5QTBCMTYyQkVFMjVEMDU5MTMzM0FFQzJFQzE5MjFCMjYz
RTg5RUU3NjBEQzdCNzVGQUZBQkY1NS8wLzMxMzkzMDJlMzEzMDM2MmUzNjM0MmUz
MDJmMzIzMDJkMzIzNDIwM2QzZTIwMzIzODMwMzIzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBL5qQDAN
BgkqhkiG9w0BAQsFAAOCAQEAaR+B0VakFIe9WyBY3Oq31yVkwe+ElC4uOS0gMNnm
FWefY7hTU1LPpOQ25ZC1wrpeyfuGGZ9iO7z7LuKJNSyG10v3xHzOHPNJ4yc6Tgdg
O+MJGLeszS57z0WIcsWHzh/MbnX+/nyGsi9NUYycOmfSMceNuHgYu55HsDXqZRoZ
DF74pkhti9QvPYGkD+h38QY7j2IHhRlPo5y0ODP/sBl3Z6w2s9oUKXX5RgEOev0Y
ZBXEAlTBE0Qm1G8DEYH2FrIYvs9oF8EBnAIJKSQb995CQ2BpKj6AVbIJLvwMpv4m
xWP22rLcDnKfwwByngyVt5zzwbWU4UTr/HBEpe32+A4xig==
-----END CERTIFICATE-----
Generated at Sat May 18 15:57:31 2024 by rpki-client on console-ams.rpki-client.org