Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/69D44F36490705CF133929528BB6793C3344D10F79254B6246513125A1042020/0/3139302e3131342e36342e302f31392d3234203d3e203238303338.roa
File:                     3139302e3131342e36342e302f31392d3234203d3e203238303338.roa (raw, json)
Hash identifier:          nnGvME3eXOR8nQy83G6w/sfNPTK8UAo0LXQVf81OKPI=
Subject key identifier:   09:DF:71:26:52:7B:19:7C:CB:B7:71:D6:42:C8:D4:AE:2C:1B:14:96
Certificate issuer:       /CN=CB3D66305FCD8F1974E1E4AD92D8D4F187BA51E8
Certificate serial:       7B61D14029EB89A8E8795D3384C5778169FFE037
Authority key identifier: CB:3D:66:30:5F:CD:8F:19:74:E1:E4:AD:92:D8:D4:F1:87:BA:51:E8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CB3D66305FCD8F1974E1E4AD92D8D4F187BA51E8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/69D44F36490705CF133929528BB6793C3344D10F79254B6246513125A1042020/0/3139302e3131342e36342e302f31392d3234203d3e203238303338.roa
Signing time:             Wed 25 Sep 2024 20:25:00 +0000
ROA not before:           Wed 25 Sep 2024 20:20:00 +0000
ROA not after:            Wed 24 Sep 2025 20:25:00 +0000
asID:                     28038
IP address blocks:        190.114.64.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/69D44F36490705CF133929528BB6793C3344D10F79254B6246513125A1042020/0/CB3D66305FCD8F1974E1E4AD92D8D4F187BA51E8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/69D44F36490705CF133929528BB6793C3344D10F79254B6246513125A1042020/0/CB3D66305FCD8F1974E1E4AD92D8D4F187BA51E8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CB3D66305FCD8F1974E1E4AD92D8D4F187BA51E8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 07:58:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:61:d1:40:29:eb:89:a8:e8:79:5d:33:84:c5:77:81:69:ff:e0:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CB3D66305FCD8F1974E1E4AD92D8D4F187BA51E8
        Validity
            Not Before: Sep 25 20:20:00 2024 GMT
            Not After : Sep 24 20:25:00 2025 GMT
        Subject: CN=09DF7126527B197CCBB771D642C8D4AE2C1B1496
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e7:5b:9d:47:d3:eb:63:ba:7e:2e:51:24:a9:
                    09:c0:2f:42:83:c4:9c:6a:3d:59:01:94:de:6e:41:
                    f0:45:7c:a3:c7:78:16:fb:23:7e:30:03:25:7a:8b:
                    a7:c4:44:21:d3:c3:66:ba:03:e6:37:57:df:88:47:
                    ac:2d:bf:49:41:12:18:79:0c:08:ab:bf:64:47:bc:
                    76:19:f3:fc:39:1d:da:24:cc:c5:f1:ba:bd:c5:6e:
                    5b:86:00:b9:d8:6b:9f:69:13:3a:53:3e:94:8f:bf:
                    77:23:ae:ab:a8:57:8f:f6:18:69:ed:7f:22:b5:dd:
                    aa:c1:60:db:71:c6:bc:a9:ca:15:1a:e2:90:10:b1:
                    27:ca:17:2b:8d:b5:90:87:e3:2c:74:b6:fe:79:e9:
                    e9:eb:54:88:a1:8f:4c:de:36:1b:f6:ea:bc:93:19:
                    37:24:a2:7b:43:3e:3f:12:99:33:15:8a:d1:a3:d8:
                    d1:57:df:ea:2b:01:da:db:f3:9a:d1:df:45:b5:f1:
                    93:ab:05:5c:0e:8c:4f:a0:8b:65:ef:79:b2:63:f8:
                    14:96:d4:c2:3b:8b:93:ca:e3:89:cc:f9:6d:1b:bf:
                    63:1d:16:82:0b:12:66:83:13:1e:b0:5a:29:bf:c7:
                    ff:9e:c5:09:57:e7:54:0f:19:ee:e1:e5:b1:72:81:
                    55:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:DF:71:26:52:7B:19:7C:CB:B7:71:D6:42:C8:D4:AE:2C:1B:14:96
            X509v3 Authority Key Identifier:
                keyid:CB:3D:66:30:5F:CD:8F:19:74:E1:E4:AD:92:D8:D4:F1:87:BA:51:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/69D44F36490705CF133929528BB6793C3344D10F79254B6246513125A1042020/0/CB3D66305FCD8F1974E1E4AD92D8D4F187BA51E8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CB3D66305FCD8F1974E1E4AD92D8D4F187BA51E8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/69D44F36490705CF133929528BB6793C3344D10F79254B6246513125A1042020/0/3139302e3131342e36342e302f31392d3234203d3e203238303338.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.114.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         60:d2:67:a7:e0:5f:db:ec:72:37:ab:07:fe:69:86:c5:45:14:
         c6:3d:df:1c:d1:8c:d3:54:f6:91:bd:4c:95:3b:72:9a:e1:d4:
         db:0c:72:01:9a:f4:21:06:e4:42:1a:04:65:66:dd:b8:ec:cd:
         9c:34:c5:40:06:76:b7:92:0e:23:25:27:f2:a2:b7:c1:c5:42:
         d9:2c:7f:80:62:2b:c0:ce:04:24:31:78:f5:40:51:c7:58:cf:
         0f:3c:3a:a0:c2:e0:4f:6b:f1:28:2c:38:63:2b:46:cb:f3:e3:
         fb:1d:a2:d4:ca:42:1f:4c:f9:74:4c:ec:d7:c2:9b:fd:36:64:
         1f:d5:7d:7f:d0:bd:86:26:b3:93:99:13:53:a4:52:14:dc:38:
         60:31:7d:62:64:ac:cc:17:b2:37:ba:eb:bd:43:2d:40:49:a1:
         aa:96:39:db:d8:cb:6b:f3:3f:28:23:aa:d3:61:46:48:70:02:
         f4:8a:3c:65:08:7c:26:02:be:67:8d:6c:c1:0f:f3:54:05:3b:
         4d:3e:66:0d:ed:41:a0:af:3b:6a:b8:09:f6:e6:0f:c7:bc:a8:
         b8:a7:df:44:37:64:05:79:2b:7e:07:d7:eb:95:a7:98:7d:3e:
         66:6c:3e:c2:27:c7:46:21:6f:8c:7c:13:37:d5:64:70:37:69:
         df:5c:2c:9e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUe2HRQCnriajoeV0zhMV3gWn/4DcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0IzRDY2MzA1RkNEOEYxOTc0RTFFNEFEOTJEOEQ0RjE4
N0JBNTFFODAeFw0yNDA5MjUyMDIwMDBaFw0yNTA5MjQyMDI1MDBaMDMxMTAvBgNV
BAMTKDA5REY3MTI2NTI3QjE5N0NDQkI3NzFENjQyQzhENEFFMkMxQjE0OTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/51udR9PrY7p+LlEkqQnAL0KD
xJxqPVkBlN5uQfBFfKPHeBb7I34wAyV6i6fERCHTw2a6A+Y3V9+IR6wtv0lBEhh5
DAirv2RHvHYZ8/w5HdokzMXxur3FbluGALnYa59pEzpTPpSPv3cjrquoV4/2GGnt
fyK13arBYNtxxrypyhUa4pAQsSfKFyuNtZCH4yx0tv556enrVIihj0zeNhv26ryT
GTckontDPj8SmTMVitGj2NFX3+orAdrb85rR30W18ZOrBVwOjE+gi2XvebJj+BSW
1MI7i5PK44nM+W0bv2MdFoILEmaDEx6wWim/x/+exQlX51QPGe7h5bFygVWXAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUCd9xJlJ7GXzLt3HWQsjUriwbFJYwHwYDVR0j
BBgwFoAUyz1mMF/Njxl04eStktjU8Ye6UegwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82OUQ0NEYzNjQ5MDcwNUNGMTMzOTI5NTI4QkI2NzkzQzMz
NDREMTBGNzkyNTRCNjI0NjUxMzEyNUExMDQyMDIwLzAvQ0IzRDY2MzA1RkNEOEYx
OTc0RTFFNEFEOTJEOEQ0RjE4N0JBNTFFOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQjNENjYzMDVGQ0Q4RjE5NzRF
MUU0QUQ5MkQ4RDRGMTg3QkE1MUU4LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjlENDRGMzY0OTA3MDVDRjEzMzkyOTUyOEJCNjc5M0MzMzQ0RDEwRjc5
MjU0QjYyNDY1MTMxMjVBMTA0MjAyMC8wLzMxMzkzMDJlMzEzMTM0MmUzNjM0MmUz
MDJmMzEzOTJkMzIzNDIwM2QzZTIwMzIzODMwMzMzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBb5yQDAN
BgkqhkiG9w0BAQsFAAOCAQEAYNJnp+Bf2+xyN6sH/mmGxUUUxj3fHNGM01T2kb1M
lTtymuHU2wxyAZr0IQbkQhoEZWbduOzNnDTFQAZ2t5IOIyUn8qK3wcVC2Sx/gGIr
wM4EJDF49UBRx1jPDzw6oMLgT2vxKCw4YytGy/Pj+x2i1MpCH0z5dEzs18Kb/TZk
H9V9f9C9hiazk5kTU6RSFNw4YDF9YmSszBeyN7rrvUMtQEmhqpY529jLa/M/KCOq
02FGSHAC9Io8ZQh8JgK+Z41swQ/zVAU7TT5mDe1BoK87argJ9uYPx7youKffRDdk
BXkrfgfX65WnmH0+Zmw+wifHRiFvjHwTN9VkcDdp31wsng==
-----END CERTIFICATE-----
Generated at Tue Oct 29 19:34:11 2024 by rpki-client on console-ams.rpki-client.org