Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6835E0579C68E4B706030A9D2B7DEEEA9EBB69E97F5A21E3B9FABE7362B92030/0/3133312e3232312e382e302f32322d3234203d3e20323633363930.roa
File:                     3133312e3232312e382e302f32322d3234203d3e20323633363930.roa (raw, json)
Hash identifier:          AafvaTxXUKgy16nRdCBOH8qj/lsa3a8EsGIz5ArXrVQ=
Subject key identifier:   DF:10:FC:C1:6F:2D:7E:0E:6B:6C:81:3C:CA:14:4D:25:74:CA:0E:9C
Certificate issuer:       /CN=7DEC8FC037FE46A30FD532A83FCDEC72B729CC04
Certificate serial:       68897C68FC5697BB687CD948E0F1162CF68B9E07
Authority key identifier: 7D:EC:8F:C0:37:FE:46:A3:0F:D5:32:A8:3F:CD:EC:72:B7:29:CC:04
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7DEC8FC037FE46A30FD532A83FCDEC72B729CC04.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6835E0579C68E4B706030A9D2B7DEEEA9EBB69E97F5A21E3B9FABE7362B92030/0/3133312e3232312e382e302f32322d3234203d3e20323633363930.roa
Signing time:             Tue 05 Mar 2024 17:50:11 +0000
ROA not before:           Tue 05 Mar 2024 17:45:11 +0000
ROA not after:            Tue 04 Mar 2025 17:50:11 +0000
asID:                     263690
IP address blocks:        131.221.8.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6835E0579C68E4B706030A9D2B7DEEEA9EBB69E97F5A21E3B9FABE7362B92030/0/7DEC8FC037FE46A30FD532A83FCDEC72B729CC04.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6835E0579C68E4B706030A9D2B7DEEEA9EBB69E97F5A21E3B9FABE7362B92030/0/7DEC8FC037FE46A30FD532A83FCDEC72B729CC04.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7DEC8FC037FE46A30FD532A83FCDEC72B729CC04.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 29 Nov 2024 03:21:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:89:7c:68:fc:56:97:bb:68:7c:d9:48:e0:f1:16:2c:f6:8b:9e:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7DEC8FC037FE46A30FD532A83FCDEC72B729CC04
        Validity
            Not Before: Mar  5 17:45:11 2024 GMT
            Not After : Mar  4 17:50:11 2025 GMT
        Subject: CN=DF10FCC16F2D7E0E6B6C813CCA144D2574CA0E9C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:cd:50:a8:1e:74:17:b8:ab:ee:d4:54:31:c3:
                    10:1f:41:1e:05:fc:88:11:7b:62:c3:49:4a:bb:b5:
                    4f:b6:97:55:78:88:51:18:7b:a3:30:d1:64:6b:99:
                    ad:93:bd:36:d6:70:cb:12:72:47:db:c6:26:99:05:
                    e5:64:22:d9:9d:76:26:5c:d1:0f:0e:b0:ca:ca:9b:
                    2f:94:d4:f6:8b:ce:f9:f2:ac:ce:b4:8e:8b:e6:e8:
                    46:1b:e9:e6:03:0e:de:a1:85:47:2a:6f:18:0c:a8:
                    d4:36:e6:37:70:12:94:3b:3d:ee:44:07:40:ef:c7:
                    20:30:71:30:0a:6b:bc:61:4a:b2:e3:15:4c:4b:99:
                    d2:88:7e:78:c7:d1:70:9c:02:53:8f:18:30:ae:8a:
                    af:aa:7e:c8:0c:c0:db:88:60:d6:41:c8:48:ec:c6:
                    a3:fd:ec:8d:c3:47:ea:8c:d8:03:99:0d:16:6e:bd:
                    8c:e9:b3:68:b6:cb:73:eb:f7:ce:92:a2:f4:30:68:
                    22:6f:6d:9b:fc:ec:4f:ac:8b:ad:e7:5e:fa:b3:1e:
                    f7:8b:47:ce:70:ce:c4:01:e0:91:4d:d7:2c:d4:85:
                    0f:88:8e:f7:59:49:ab:3e:0b:37:14:6a:a5:4d:f5:
                    2f:e3:ca:dd:55:4c:35:c2:5a:3e:f7:16:0d:5f:df:
                    91:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:10:FC:C1:6F:2D:7E:0E:6B:6C:81:3C:CA:14:4D:25:74:CA:0E:9C
            X509v3 Authority Key Identifier:
                keyid:7D:EC:8F:C0:37:FE:46:A3:0F:D5:32:A8:3F:CD:EC:72:B7:29:CC:04

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6835E0579C68E4B706030A9D2B7DEEEA9EBB69E97F5A21E3B9FABE7362B92030/0/7DEC8FC037FE46A30FD532A83FCDEC72B729CC04.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7DEC8FC037FE46A30FD532A83FCDEC72B729CC04.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6835E0579C68E4B706030A9D2B7DEEEA9EBB69E97F5A21E3B9FABE7362B92030/0/3133312e3232312e382e302f32322d3234203d3e20323633363930.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.221.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         85:91:13:67:e3:ee:bd:d7:0c:61:45:47:5a:a8:d4:e2:7a:aa:
         33:d6:72:e1:c2:3c:a4:72:cf:8c:df:15:e9:a6:79:8d:ac:69:
         af:ad:09:c2:97:80:46:3f:b8:46:1e:f6:65:f4:ae:47:0b:1b:
         56:aa:4c:e0:03:8e:20:8e:e2:1a:70:8d:32:d5:3e:98:86:85:
         74:fb:3c:d4:a3:10:fe:5b:53:c1:7a:0e:8e:f3:ae:d8:cb:9b:
         fe:28:63:7c:40:98:17:7b:d2:d6:2f:ec:67:54:bf:cb:9d:ed:
         82:69:39:2e:f7:c8:1a:49:2c:b8:72:cf:06:bd:22:a4:b6:54:
         c0:2d:99:78:f1:5e:83:a6:7e:ae:e4:7e:bb:54:37:73:27:30:
         0f:dd:ed:2a:56:df:a3:74:41:c3:c4:ca:7d:bc:ee:f5:57:a6:
         a0:46:d2:d2:d6:63:fb:37:4b:ba:93:a9:a2:da:37:71:ff:07:
         8c:99:45:79:07:5a:77:cb:b5:3b:18:e2:ca:fb:ca:3e:f5:3a:
         b3:e1:a8:63:a6:c0:ca:d2:d8:3f:34:d2:a0:80:c4:ba:b5:10:
         23:21:a0:bc:9f:83:74:94:20:61:98:32:e4:e7:09:01:82:a7:
         f1:50:c3:13:0b:c1:3d:91:17:7f:93:58:bd:af:26:e4:3b:9b:
         36:68:d6:d5
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUaIl8aPxWl7tofNlI4PEWLPaLngcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0RFQzhGQzAzN0ZFNDZBMzBGRDUzMkE4M0ZDREVDNzJC
NzI5Q0MwNDAeFw0yNDAzMDUxNzQ1MTFaFw0yNTAzMDQxNzUwMTFaMDMxMTAvBgNV
BAMTKERGMTBGQ0MxNkYyRDdFMEU2QjZDODEzQ0NBMTQ0RDI1NzRDQTBFOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQzVCoHnQXuKvu1FQxwxAfQR4F
/IgRe2LDSUq7tU+2l1V4iFEYe6Mw0WRrma2TvTbWcMsSckfbxiaZBeVkItmddiZc
0Q8OsMrKmy+U1PaLzvnyrM60jovm6EYb6eYDDt6hhUcqbxgMqNQ25jdwEpQ7Pe5E
B0DvxyAwcTAKa7xhSrLjFUxLmdKIfnjH0XCcAlOPGDCuiq+qfsgMwNuIYNZByEjs
xqP97I3DR+qM2AOZDRZuvYzps2i2y3Pr986SovQwaCJvbZv87E+si63nXvqzHveL
R85wzsQB4JFN1yzUhQ+IjvdZSas+CzcUaqVN9S/jyt1VTDXCWj73Fg1f35FjAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU3xD8wW8tfg5rbIE8yhRNJXTKDpwwHwYDVR0j
BBgwFoAUfeyPwDf+RqMP1TKoP83scrcpzAQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82ODM1RTA1NzlDNjhFNEI3MDYwMzBBOUQyQjdERUVFQTlF
QkI2OUU5N0Y1QTIxRTNCOUZBQkU3MzYyQjkyMDMwLzAvN0RFQzhGQzAzN0ZFNDZB
MzBGRDUzMkE4M0ZDREVDNzJCNzI5Q0MwNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83REVDOEZDMDM3RkU0NkEzMEZE
NTMyQTgzRkNERUM3MkI3MjlDQzA0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjgzNUUwNTc5QzY4RTRCNzA2MDMwQTlEMkI3REVFRUE5RUJCNjlFOTdG
NUEyMUUzQjlGQUJFNzM2MkI5MjAzMC8wLzMxMzMzMTJlMzIzMjMxMmUzODJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzMzM2MzkzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAoPdCDAN
BgkqhkiG9w0BAQsFAAOCAQEAhZETZ+PuvdcMYUVHWqjU4nqqM9Zy4cI8pHLPjN8V
6aZ5jaxpr60JwpeARj+4Rh72ZfSuRwsbVqpM4AOOII7iGnCNMtU+mIaFdPs81KMQ
/ltTwXoOjvOu2Mub/ihjfECYF3vS1i/sZ1S/y53tgmk5LvfIGkksuHLPBr0ipLZU
wC2ZePFeg6Z+ruR+u1Q3cycwD93tKlbfo3RBw8TKfbzu9VemoEbS0tZj+zdLupOp
oto3cf8HjJlFeQdad8u1OxjiyvvKPvU6s+GoY6bAytLYPzTSoIDEurUQIyGgvJ+D
dJQgYZgy5OcJAYKn8VDDEwvBPZEXf5NYva8m5DubNmjW1Q==
-----END CERTIFICATE-----
Generated at Sun Nov 24 08:01:27 2024 by rpki-client on console-fra.rpki-client.org