Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6BEFC392F2381E797DDA0C0583BC361E29CB18ECEB78221B6E88749E2F205C3E/0/3137302e3234372e38382e302f32322d3234203d3e20323634373431.roa
File:                     3137302e3234372e38382e302f32322d3234203d3e20323634373431.roa (raw, json)
Hash identifier:          mHcldxbcHx7uM6Wj2TvCHNacvGgLZbgtzNyNNX0O+64=
Subject key identifier:   4E:76:BE:42:F7:DC:ED:0E:F5:F8:B6:DA:97:06:FE:4F:35:BD:AC:13
Certificate issuer:       /CN=E2AD036F3B8ACE531E1A095FAC1E13B2C7324430
Certificate serial:       40807B2F77BAB407A0C20F65066C5A28D06784E5
Authority key identifier: E2:AD:03:6F:3B:8A:CE:53:1E:1A:09:5F:AC:1E:13:B2:C7:32:44:30
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E2AD036F3B8ACE531E1A095FAC1E13B2C7324430.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6BEFC392F2381E797DDA0C0583BC361E29CB18ECEB78221B6E88749E2F205C3E/0/3137302e3234372e38382e302f32322d3234203d3e20323634373431.roa
Signing time:             Tue 05 Mar 2024 18:05:34 +0000
ROA not before:           Tue 05 Mar 2024 18:00:34 +0000
ROA not after:            Tue 04 Mar 2025 18:05:34 +0000
asID:                     264741
IP address blocks:        170.247.88.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6BEFC392F2381E797DDA0C0583BC361E29CB18ECEB78221B6E88749E2F205C3E/0/E2AD036F3B8ACE531E1A095FAC1E13B2C7324430.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6BEFC392F2381E797DDA0C0583BC361E29CB18ECEB78221B6E88749E2F205C3E/0/E2AD036F3B8ACE531E1A095FAC1E13B2C7324430.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E2AD036F3B8ACE531E1A095FAC1E13B2C7324430.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 26 Nov 2024 11:55:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:80:7b:2f:77:ba:b4:07:a0:c2:0f:65:06:6c:5a:28:d0:67:84:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E2AD036F3B8ACE531E1A095FAC1E13B2C7324430
        Validity
            Not Before: Mar  5 18:00:34 2024 GMT
            Not After : Mar  4 18:05:34 2025 GMT
        Subject: CN=4E76BE42F7DCED0EF5F8B6DA9706FE4F35BDAC13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c1:22:9c:a9:61:09:d9:c4:93:9c:ea:ae:dd:
                    b5:a8:46:ed:16:e6:49:74:b5:46:16:39:59:9c:35:
                    1f:36:43:5e:40:0f:81:89:1e:2d:66:24:36:f0:02:
                    a8:d0:cd:24:ad:b2:09:15:36:1c:c4:33:ef:40:63:
                    7a:aa:ba:f7:71:5c:c5:92:a7:29:bb:c2:8e:85:41:
                    52:87:da:ba:d1:13:41:7c:00:7e:64:c9:99:44:72:
                    08:1c:3b:d2:e2:06:6f:4b:11:ca:a6:e6:9a:4e:79:
                    23:61:9e:55:a4:37:77:90:7f:8d:9e:55:db:9b:e4:
                    87:e6:17:c1:eb:74:99:0f:14:c1:4e:49:f2:6a:a8:
                    48:53:e6:cf:d7:90:eb:fa:d0:14:a9:01:6a:31:da:
                    95:fb:a1:d3:f2:76:69:11:68:48:cb:e3:72:07:38:
                    6e:fc:aa:90:9e:11:3f:3f:8c:38:a4:53:89:2f:2a:
                    ed:3e:87:22:1e:3d:cf:c1:78:de:fa:be:67:c3:f5:
                    b9:88:24:f9:4b:ee:d4:06:77:a3:7b:48:fc:e0:54:
                    10:e9:81:40:92:27:59:de:10:09:e1:2a:d6:04:87:
                    71:d5:f8:27:20:59:af:f1:d3:a1:80:e1:13:d2:4f:
                    7d:ef:f6:aa:66:41:49:a0:5c:ee:43:2a:c7:c4:72:
                    6c:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:76:BE:42:F7:DC:ED:0E:F5:F8:B6:DA:97:06:FE:4F:35:BD:AC:13
            X509v3 Authority Key Identifier:
                keyid:E2:AD:03:6F:3B:8A:CE:53:1E:1A:09:5F:AC:1E:13:B2:C7:32:44:30

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6BEFC392F2381E797DDA0C0583BC361E29CB18ECEB78221B6E88749E2F205C3E/0/E2AD036F3B8ACE531E1A095FAC1E13B2C7324430.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E2AD036F3B8ACE531E1A095FAC1E13B2C7324430.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6BEFC392F2381E797DDA0C0583BC361E29CB18ECEB78221B6E88749E2F205C3E/0/3137302e3234372e38382e302f32322d3234203d3e20323634373431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.247.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         51:c0:05:4b:e7:e2:76:2e:68:c5:cd:58:0c:26:17:38:31:87:
         d7:72:88:56:00:45:b7:fc:5b:c1:97:20:e4:4f:db:fc:ca:d4:
         6b:2a:78:04:d2:73:e4:67:c2:75:11:f0:b2:d5:e8:a0:02:9f:
         87:c6:b6:9a:58:61:51:53:56:11:d4:82:16:46:e4:8a:97:43:
         ee:c6:75:5d:f8:bd:f5:8b:5d:37:c3:d3:81:19:80:75:b7:4c:
         ec:f8:00:d3:6e:30:d5:95:19:5c:a6:66:62:21:50:17:e0:af:
         6a:c2:3e:62:3d:b3:c4:00:45:f0:52:45:ef:19:d6:29:d3:ea:
         21:fc:40:80:30:68:c0:4c:b4:c7:a0:06:c0:87:cd:2b:97:12:
         ff:44:d4:66:3e:c6:fc:8b:f2:66:62:1a:12:af:e6:e0:57:81:
         5e:0e:01:b9:30:c9:0c:b8:fa:db:dd:68:8c:99:ea:c2:bb:9a:
         d7:0a:77:b8:09:9e:36:12:8e:48:0f:57:d7:de:31:62:2d:41:
         4e:46:c2:d5:51:e5:46:c9:91:34:54:e0:8f:34:de:7a:94:88:
         51:96:bd:81:f1:73:0f:11:56:a1:5a:45:45:d2:4e:90:69:e1:
         c8:b1:67:3d:a3:e1:bb:40:a7:97:96:75:47:cc:15:90:13:06:
         39:71:cc:76
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUQIB7L3e6tAegwg9lBmxaKNBnhOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTJBRDAzNkYzQjhBQ0U1MzFFMUEwOTVGQUMxRTEzQjJD
NzMyNDQzMDAeFw0yNDAzMDUxODAwMzRaFw0yNTAzMDQxODA1MzRaMDMxMTAvBgNV
BAMTKDRFNzZCRTQyRjdEQ0VEMEVGNUY4QjZEQTk3MDZGRTRGMzVCREFDMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUwSKcqWEJ2cSTnOqu3bWoRu0W
5kl0tUYWOVmcNR82Q15AD4GJHi1mJDbwAqjQzSStsgkVNhzEM+9AY3qquvdxXMWS
pym7wo6FQVKH2rrRE0F8AH5kyZlEcggcO9LiBm9LEcqm5ppOeSNhnlWkN3eQf42e
Vdub5IfmF8HrdJkPFMFOSfJqqEhT5s/XkOv60BSpAWox2pX7odPydmkRaEjL43IH
OG78qpCeET8/jDikU4kvKu0+hyIePc/BeN76vmfD9bmIJPlL7tQGd6N7SPzgVBDp
gUCSJ1neEAnhKtYEh3HV+CcgWa/x06GA4RPST33v9qpmQUmgXO5DKsfEcmw5AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUTna+Qvfc7Q71+Lbalwb+TzW9rBMwHwYDVR0j
BBgwFoAU4q0DbzuKzlMeGglfrB4TsscyRDAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82QkVGQzM5MkYyMzgxRTc5N0REQTBDMDU4M0JDMzYxRTI5
Q0IxOEVDRUI3ODIyMUI2RTg4NzQ5RTJGMjA1QzNFLzAvRTJBRDAzNkYzQjhBQ0U1
MzFFMUEwOTVGQUMxRTEzQjJDNzMyNDQzMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FMkFEMDM2RjNCOEFDRTUzMUUx
QTA5NUZBQzFFMTNCMkM3MzI0NDMwLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNkJFRkMzOTJGMjM4MUU3OTdEREEwQzA1ODNCQzM2MUUyOUNCMThFQ0VC
NzgyMjFCNkU4ODc0OUUyRjIwNUMzRS8wLzMxMzczMDJlMzIzNDM3MmUzODM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM0MzczNDMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqvdY
MA0GCSqGSIb3DQEBCwUAA4IBAQBRwAVL5+J2LmjFzVgMJhc4MYfXcohWAEW3/FvB
lyDkT9v8ytRrKngE0nPkZ8J1EfCy1eigAp+HxraaWGFRU1YR1IIWRuSKl0PuxnVd
+L31i103w9OBGYB1t0zs+ADTbjDVlRlcpmZiIVAX4K9qwj5iPbPEAEXwUkXvGdYp
0+oh/ECAMGjATLTHoAbAh80rlxL/RNRmPsb8i/JmYhoSr+bgV4FeDgG5MMkMuPrb
3WiMmerCu5rXCne4CZ42Eo5ID1fX3jFiLUFORsLVUeVGyZE0VOCPNN56lIhRlr2B
8XMPEVahWkVF0k6QaeHIsWc9o+G7QKeXlnVHzBWQEwY5ccx2
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:00:00 2024 by rpki-client on console-ams.rpki-client.org