Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6C37CA7E71577E7E86E7A213DC193C7D5A250CFAF83FF0570553691DD700529D/0/3139302e31342e3135362e302f32322d3234203d3e203532333232.roa
File:                     3139302e31342e3135362e302f32322d3234203d3e203532333232.roa (raw, json)
Hash identifier:          oSv/Sp/JFIopnTpssyuKGP+cHvZbzDqw/z+nw+BsLWI=
Subject key identifier:   22:E3:57:4D:5D:F5:F8:2D:4B:35:A8:1A:8D:CD:D9:2A:63:58:F3:88
Certificate issuer:       /CN=C29F087109B76309AE65BC7A7F7BAE0D3175209C
Certificate serial:       1F93313A272F044554FA1F4C2C012A8A32DF9030
Authority key identifier: C2:9F:08:71:09:B7:63:09:AE:65:BC:7A:7F:7B:AE:0D:31:75:20:9C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C29F087109B76309AE65BC7A7F7BAE0D3175209C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6C37CA7E71577E7E86E7A213DC193C7D5A250CFAF83FF0570553691DD700529D/0/3139302e31342e3135362e302f32322d3234203d3e203532333232.roa
Signing time:             Tue 05 Mar 2024 18:18:09 +0000
ROA not before:           Tue 05 Mar 2024 18:13:09 +0000
ROA not after:            Tue 04 Mar 2025 18:18:09 +0000
asID:                     52322
IP address blocks:        190.14.156.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6C37CA7E71577E7E86E7A213DC193C7D5A250CFAF83FF0570553691DD700529D/0/C29F087109B76309AE65BC7A7F7BAE0D3175209C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6C37CA7E71577E7E86E7A213DC193C7D5A250CFAF83FF0570553691DD700529D/0/C29F087109B76309AE65BC7A7F7BAE0D3175209C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C29F087109B76309AE65BC7A7F7BAE0D3175209C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:93:31:3a:27:2f:04:45:54:fa:1f:4c:2c:01:2a:8a:32:df:90:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C29F087109B76309AE65BC7A7F7BAE0D3175209C
        Validity
            Not Before: Mar  5 18:13:09 2024 GMT
            Not After : Mar  4 18:18:09 2025 GMT
        Subject: CN=22E3574D5DF5F82D4B35A81A8DCDD92A6358F388
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d4:06:8f:5d:88:b3:69:ac:b9:92:f0:0b:7e:
                    fe:45:32:46:a1:9a:a2:bd:92:6b:87:41:3c:de:5b:
                    4e:8e:36:d1:24:38:81:36:b8:dd:9c:c4:60:f1:44:
                    b0:2b:c2:35:24:7b:bc:fa:44:c4:77:b0:90:66:4a:
                    9b:b2:0d:1e:a7:16:e4:ee:e2:94:4f:87:bc:91:c7:
                    6c:cc:cf:30:c5:8b:e6:c3:5c:86:e0:d9:c7:63:ad:
                    d8:a0:ce:cb:5a:9b:3a:f3:54:3c:61:1b:80:cc:ab:
                    a1:3c:51:f1:32:43:ac:3d:a1:a4:be:11:f7:cc:2f:
                    67:2e:4e:e1:bb:d8:d9:dd:9f:25:9a:7a:14:39:78:
                    8e:0c:bf:d3:8e:b0:9e:f8:84:0a:f9:69:da:2b:ab:
                    b3:41:a7:8b:c8:fa:c1:a0:46:78:15:92:60:91:39:
                    60:71:0b:19:93:2a:98:c4:52:c9:b7:41:25:7b:aa:
                    30:1c:26:43:b0:27:39:0a:1c:e6:6f:ef:cd:df:a8:
                    d9:4b:a1:e3:f0:d9:b0:29:af:06:6c:ef:20:73:f9:
                    a4:c0:89:eb:f6:9c:07:2c:7f:dc:2f:29:5c:9f:e4:
                    2c:01:a0:f5:25:fd:6a:03:23:a0:9d:97:a9:cd:69:
                    75:fd:ee:b3:e8:5f:01:ff:df:c9:8a:bc:ba:c3:77:
                    1b:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:E3:57:4D:5D:F5:F8:2D:4B:35:A8:1A:8D:CD:D9:2A:63:58:F3:88
            X509v3 Authority Key Identifier:
                keyid:C2:9F:08:71:09:B7:63:09:AE:65:BC:7A:7F:7B:AE:0D:31:75:20:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6C37CA7E71577E7E86E7A213DC193C7D5A250CFAF83FF0570553691DD700529D/0/C29F087109B76309AE65BC7A7F7BAE0D3175209C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C29F087109B76309AE65BC7A7F7BAE0D3175209C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6C37CA7E71577E7E86E7A213DC193C7D5A250CFAF83FF0570553691DD700529D/0/3139302e31342e3135362e302f32322d3234203d3e203532333232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.14.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         32:a0:52:f2:10:eb:31:01:4c:a3:87:75:af:94:d6:74:1b:b9:
         95:42:2f:9d:05:3b:79:69:f2:5a:41:61:e2:6e:d2:00:70:92:
         8e:a2:39:a5:1b:e3:37:b5:ef:28:7e:7e:30:1e:dc:1d:c3:52:
         16:9d:7e:5c:c2:c8:a3:30:4c:98:44:c7:b0:9f:f4:c2:47:55:
         cc:39:59:dc:9a:5e:f9:d8:e4:75:e7:c0:2f:c8:d5:f0:18:01:
         1b:73:af:24:b0:88:c6:ab:cc:c2:d5:0b:c5:b1:a3:c3:73:27:
         8c:3a:13:c4:b9:0e:ff:b9:9f:49:98:c3:88:f2:ce:61:ed:70:
         9f:48:78:01:f7:25:02:3d:05:41:d9:fd:10:32:a4:8e:07:1b:
         b9:63:bc:cf:be:19:9e:93:23:d3:c1:6f:5c:61:42:1a:82:d3:
         80:c0:16:36:67:89:bb:26:2a:cc:47:d7:29:5e:64:51:f0:78:
         13:8b:37:4e:2c:b4:d0:fd:0c:1d:de:4c:09:da:f9:8b:16:9a:
         f9:43:4e:9f:8d:7b:7d:43:6a:b4:96:ec:33:1d:bd:bc:f6:60:
         77:e0:dc:60:03:be:0f:b7:c0:0d:e6:3b:62:b9:15:22:c9:e9:
         6f:1e:37:bb:fe:20:6f:0a:30:11:fc:74:2a:f6:db:15:58:bb:
         b7:4f:96:fd
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUH5MxOicvBEVU+h9MLAEqijLfkDAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzI5RjA4NzEwOUI3NjMwOUFFNjVCQzdBN0Y3QkFFMEQz
MTc1MjA5QzAeFw0yNDAzMDUxODEzMDlaFw0yNTAzMDQxODE4MDlaMDMxMTAvBgNV
BAMTKDIyRTM1NzRENURGNUY4MkQ0QjM1QTgxQThEQ0REOTJBNjM1OEYzODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr1AaPXYizaay5kvALfv5FMkah
mqK9kmuHQTzeW06ONtEkOIE2uN2cxGDxRLArwjUke7z6RMR3sJBmSpuyDR6nFuTu
4pRPh7yRx2zMzzDFi+bDXIbg2cdjrdigzstamzrzVDxhG4DMq6E8UfEyQ6w9oaS+
EffML2cuTuG72NndnyWaehQ5eI4Mv9OOsJ74hAr5adorq7NBp4vI+sGgRngVkmCR
OWBxCxmTKpjEUsm3QSV7qjAcJkOwJzkKHOZv783fqNlLoePw2bAprwZs7yBz+aTA
iev2nAcsf9wvKVyf5CwBoPUl/WoDI6Cdl6nNaXX97rPoXwH/38mKvLrDdxszAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUIuNXTV31+C1LNagajc3ZKmNY84gwHwYDVR0j
BBgwFoAUwp8IcQm3YwmuZbx6f3uuDTF1IJwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82QzM3Q0E3RTcxNTc3RTdFODZFN0EyMTNEQzE5M0M3RDVB
MjUwQ0ZBRjgzRkYwNTcwNTUzNjkxREQ3MDA1MjlELzAvQzI5RjA4NzEwOUI3NjMw
OUFFNjVCQzdBN0Y3QkFFMEQzMTc1MjA5Qy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMjlGMDg3MTA5Qjc2MzA5QUU2
NUJDN0E3RjdCQUUwRDMxNzUyMDlDLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNkMzN0NBN0U3MTU3N0U3RTg2RTdBMjEzREMxOTNDN0Q1QTI1MENGQUY4
M0ZGMDU3MDU1MzY5MURENzAwNTI5RC8wLzMxMzkzMDJlMzEzNDJlMzEzNTM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzUzMjMzMzIzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAr4OnDAN
BgkqhkiG9w0BAQsFAAOCAQEAMqBS8hDrMQFMo4d1r5TWdBu5lUIvnQU7eWnyWkFh
4m7SAHCSjqI5pRvjN7XvKH5+MB7cHcNSFp1+XMLIozBMmETHsJ/0wkdVzDlZ3Jpe
+djkdefAL8jV8BgBG3OvJLCIxqvMwtULxbGjw3MnjDoTxLkO/7mfSZjDiPLOYe1w
n0h4AfclAj0FQdn9EDKkjgcbuWO8z74ZnpMj08FvXGFCGoLTgMAWNmeJuyYqzEfX
KV5kUfB4E4s3Tiy00P0MHd5MCdr5ixaa+UNOn417fUNqtJbsMx29vPZgd+DcYAO+
D7fADeY7YrkVIsnpbx43u/4gbwowEfx0KvbbFVi7t0+W/Q==
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:38:04 2024 by rpki-client on console-ams.rpki-client.org