Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/69902A30F10F8ADA321C31A3F647B13D510B7FC17870C5F2945606707C4BBE88/0/3137392e36332e3231362e302f32312d3234203d3e20323634363430.roa
File:                     3137392e36332e3231362e302f32312d3234203d3e20323634363430.roa (raw, json)
Hash identifier:          1qdMgsEI+BcetEkRh7dcB/Qmi5FPM9ifnQvrzbOtxgY=
Subject key identifier:   7A:A4:59:B3:E5:18:92:6E:02:94:F8:A4:34:0F:29:AB:93:04:E1:5A
Certificate issuer:       /CN=871A5F48AD8A83C183DB3624AEA05825D749DDF7
Certificate serial:       3C8C5563EA598432621C58B9702AA0AA0147DC66
Authority key identifier: 87:1A:5F:48:AD:8A:83:C1:83:DB:36:24:AE:A0:58:25:D7:49:DD:F7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/871A5F48AD8A83C183DB3624AEA05825D749DDF7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/69902A30F10F8ADA321C31A3F647B13D510B7FC17870C5F2945606707C4BBE88/0/3137392e36332e3231362e302f32312d3234203d3e20323634363430.roa
Signing time:             Mon 08 Jul 2024 19:25:00 +0000
ROA not before:           Mon 08 Jul 2024 19:20:00 +0000
ROA not after:            Mon 07 Jul 2025 19:25:00 +0000
asID:                     264640
IP address blocks:        179.63.216.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/69902A30F10F8ADA321C31A3F647B13D510B7FC17870C5F2945606707C4BBE88/0/871A5F48AD8A83C183DB3624AEA05825D749DDF7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/69902A30F10F8ADA321C31A3F647B13D510B7FC17870C5F2945606707C4BBE88/0/871A5F48AD8A83C183DB3624AEA05825D749DDF7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/871A5F48AD8A83C183DB3624AEA05825D749DDF7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 07:58:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:8c:55:63:ea:59:84:32:62:1c:58:b9:70:2a:a0:aa:01:47:dc:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=871A5F48AD8A83C183DB3624AEA05825D749DDF7
        Validity
            Not Before: Jul  8 19:20:00 2024 GMT
            Not After : Jul  7 19:25:00 2025 GMT
        Subject: CN=7AA459B3E518926E0294F8A4340F29AB9304E15A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:9f:3f:01:28:50:8f:13:97:3c:68:77:9a:a3:
                    50:41:3a:04:ed:bf:4a:4e:d4:47:42:00:3a:6f:c7:
                    18:bd:64:5d:28:54:10:b2:73:77:41:30:f4:49:0d:
                    da:65:cf:3a:52:3a:fd:d8:40:33:ee:43:e4:c5:dc:
                    79:f4:da:a6:33:84:9c:1b:ed:f1:c9:ee:03:96:de:
                    fc:67:be:16:59:00:7a:b5:f2:37:0a:f2:07:03:0d:
                    63:f1:e4:b9:43:1c:ea:79:e4:23:b7:d4:98:ff:79:
                    f2:0e:31:94:7b:b5:9e:4f:b3:d2:e2:96:bd:13:be:
                    4b:53:79:0f:83:74:20:7a:7a:fc:40:63:9d:0a:b9:
                    2a:66:9f:21:9b:b6:4a:af:c8:7c:6b:f4:5c:4c:e7:
                    f4:8d:22:d3:74:85:a4:64:55:d5:50:7e:b5:29:e0:
                    62:77:5a:56:0a:11:59:94:db:74:05:17:f1:d0:ed:
                    85:90:3c:3a:5e:dd:45:5d:67:62:71:18:e3:08:78:
                    26:38:22:30:eb:fb:cd:e4:d5:d3:7c:fc:4c:1e:4f:
                    35:76:4c:68:df:39:ea:1a:ea:10:b0:0b:be:cb:87:
                    21:dd:bb:19:65:b2:e5:97:a8:2d:9c:1b:b4:bb:0b:
                    28:4f:2e:2a:39:f0:ce:f2:0b:f4:00:89:94:3f:47:
                    66:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:A4:59:B3:E5:18:92:6E:02:94:F8:A4:34:0F:29:AB:93:04:E1:5A
            X509v3 Authority Key Identifier:
                keyid:87:1A:5F:48:AD:8A:83:C1:83:DB:36:24:AE:A0:58:25:D7:49:DD:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/69902A30F10F8ADA321C31A3F647B13D510B7FC17870C5F2945606707C4BBE88/0/871A5F48AD8A83C183DB3624AEA05825D749DDF7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/871A5F48AD8A83C183DB3624AEA05825D749DDF7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/69902A30F10F8ADA321C31A3F647B13D510B7FC17870C5F2945606707C4BBE88/0/3137392e36332e3231362e302f32312d3234203d3e20323634363430.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.63.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0b:b5:78:bb:af:0e:25:48:c4:0d:6a:75:30:77:01:b7:3f:43:
         f8:d9:42:4f:ee:39:e1:28:7c:e5:77:9f:14:fe:24:c6:a8:99:
         af:ca:be:e1:84:9b:6b:5d:c9:10:3b:75:db:68:e3:df:8b:2a:
         63:0e:81:6e:0f:a7:27:30:db:8c:0e:49:bd:b3:db:44:74:05:
         50:b2:74:30:8a:a7:5e:ab:e4:5e:4a:c5:13:bb:50:69:67:8f:
         d5:71:24:19:cc:36:f8:48:10:6e:9f:05:79:ab:4c:b2:a4:15:
         7c:31:c2:09:83:a3:c8:d3:b4:7f:76:00:02:d1:e0:a4:ae:7b:
         c0:97:26:65:3e:be:8c:78:bf:60:93:f4:fe:50:a2:da:07:87:
         83:ca:71:e4:5d:41:6d:b3:48:fb:32:9d:d9:4a:61:eb:3c:41:
         ff:09:76:73:8a:d8:04:42:05:ed:c6:22:9e:fc:22:da:91:6c:
         8d:10:c5:91:f4:b6:3f:a8:aa:f5:12:27:67:a6:92:14:5a:17:
         68:da:7a:60:fc:07:b4:ed:0f:7e:0e:f3:74:1b:00:1f:06:86:
         cc:c1:88:16:cd:71:b9:1e:41:0f:c4:b1:44:a3:7d:4b:36:31:
         ac:1e:7d:2a:ea:24:68:fb:a4:e5:05:7e:04:81:c1:75:db:db:
         ca:cc:bd:ca
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUPIxVY+pZhDJiHFi5cCqgqgFH3GYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODcxQTVGNDhBRDhBODNDMTgzREIzNjI0QUVBMDU4MjVE
NzQ5RERGNzAeFw0yNDA3MDgxOTIwMDBaFw0yNTA3MDcxOTI1MDBaMDMxMTAvBgNV
BAMTKDdBQTQ1OUIzRTUxODkyNkUwMjk0RjhBNDM0MEYyOUFCOTMwNEUxNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCanz8BKFCPE5c8aHeao1BBOgTt
v0pO1EdCADpvxxi9ZF0oVBCyc3dBMPRJDdplzzpSOv3YQDPuQ+TF3Hn02qYzhJwb
7fHJ7gOW3vxnvhZZAHq18jcK8gcDDWPx5LlDHOp55CO31Jj/efIOMZR7tZ5Ps9Li
lr0TvktTeQ+DdCB6evxAY50KuSpmnyGbtkqvyHxr9FxM5/SNItN0haRkVdVQfrUp
4GJ3WlYKEVmU23QFF/HQ7YWQPDpe3UVdZ2JxGOMIeCY4IjDr+83k1dN8/EweTzV2
TGjfOeoa6hCwC77LhyHduxllsuWXqC2cG7S7CyhPLio58M7yC/QAiZQ/R2aBAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUeqRZs+UYkm4ClPikNA8pq5ME4VowHwYDVR0j
BBgwFoAUhxpfSK2Kg8GD2zYkrqBYJddJ3fcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82OTkwMkEzMEYxMEY4QURBMzIxQzMxQTNGNjQ3QjEzRDUx
MEI3RkMxNzg3MEM1RjI5NDU2MDY3MDdDNEJCRTg4LzAvODcxQTVGNDhBRDhBODND
MTgzREIzNjI0QUVBMDU4MjVENzQ5RERGNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NzFBNUY0OEFEOEE4M0MxODNE
QjM2MjRBRUEwNTgyNUQ3NDlEREY3LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjk5MDJBMzBGMTBGOEFEQTMyMUMzMUEzRjY0N0IxM0Q1MTBCN0ZDMTc4
NzBDNUYyOTQ1NjA2NzA3QzRCQkU4OC8wLzMxMzczOTJlMzYzMzJlMzIzMTM2MmUz
MDJmMzIzMTJkMzIzNDIwM2QzZTIwMzIzNjM0MzYzNDMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsz/Y
MA0GCSqGSIb3DQEBCwUAA4IBAQALtXi7rw4lSMQNanUwdwG3P0P42UJP7jnhKHzl
d58U/iTGqJmvyr7hhJtrXckQO3XbaOPfiypjDoFuD6cnMNuMDkm9s9tEdAVQsnQw
iqdeq+ReSsUTu1BpZ4/VcSQZzDb4SBBunwV5q0yypBV8McIJg6PI07R/dgAC0eCk
rnvAlyZlPr6MeL9gk/T+UKLaB4eDynHkXUFts0j7Mp3ZSmHrPEH/CXZzitgEQgXt
xiKe/CLakWyNEMWR9LY/qKr1EidnppIUWhdo2npg/Ae07Q9+DvN0GwAfBobMwYgW
zXG5HkEPxLFEo31LNjGsHn0q6iRo+6TlBX4EgcF129vKzL3K
-----END CERTIFICATE-----
Generated at Wed Oct 30 00:58:15 2024 by rpki-client on console-ams.rpki-client.org