Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/3139302e3231312e3136302e302f32312d3234203d3e20323632353839.roa
File:                     3139302e3231312e3136302e302f32312d3234203d3e20323632353839.roa (raw, json)
Hash identifier:          G9BY/9Isu9xTSHbsmlRixLSTOn2z7J5LgEHRsd4lTs4=
Subject key identifier:   37:70:5A:93:4B:DF:17:0E:43:79:23:49:5B:06:2B:39:FF:DC:60:2B
Certificate issuer:       /CN=2152913C2D5333E6F48DA45B339F5C285841364B
Certificate serial:       2260350CA59E029151D051A06E81E6816D7ED542
Authority key identifier: 21:52:91:3C:2D:53:33:E6:F4:8D:A4:5B:33:9F:5C:28:58:41:36:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2152913C2D5333E6F48DA45B339F5C285841364B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/3139302e3231312e3136302e302f32312d3234203d3e20323632353839.roa
Signing time:             Tue 05 Mar 2024 17:45:47 +0000
ROA not before:           Tue 05 Mar 2024 17:40:47 +0000
ROA not after:            Tue 04 Mar 2025 17:45:47 +0000
asID:                     262589
IP address blocks:        190.211.160.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/2152913C2D5333E6F48DA45B339F5C285841364B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/2152913C2D5333E6F48DA45B339F5C285841364B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2152913C2D5333E6F48DA45B339F5C285841364B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 07:58:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:60:35:0c:a5:9e:02:91:51:d0:51:a0:6e:81:e6:81:6d:7e:d5:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2152913C2D5333E6F48DA45B339F5C285841364B
        Validity
            Not Before: Mar  5 17:40:47 2024 GMT
            Not After : Mar  4 17:45:47 2025 GMT
        Subject: CN=37705A934BDF170E437923495B062B39FFDC602B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:2f:88:cb:c5:34:ac:e3:db:32:ce:8e:3b:3d:
                    7b:e8:bb:7e:3e:3f:14:c1:26:13:10:85:cf:af:35:
                    75:25:96:f1:5b:a3:fe:a9:70:b0:f9:32:1e:75:fc:
                    7a:90:6a:15:67:b4:2c:8e:cc:df:c5:b9:1c:9a:85:
                    49:f3:87:dc:7e:ca:e6:c3:9d:44:c4:48:48:fb:07:
                    79:e1:29:a1:80:54:b5:81:b6:2c:71:1b:34:f1:13:
                    17:24:fb:7e:77:67:dd:2e:5f:32:19:ec:3d:16:59:
                    6d:9e:a2:02:c5:29:78:82:55:92:bb:02:d1:c9:ea:
                    8d:27:f5:db:16:30:e3:ca:c9:90:d8:25:21:d6:a8:
                    bc:11:65:81:40:83:2f:5c:6a:9a:76:3a:0d:27:4b:
                    66:76:1e:80:26:fc:de:78:c3:4c:08:14:37:4c:45:
                    a3:61:4f:40:9a:e1:29:8c:f1:bf:7e:00:dd:28:2f:
                    47:bf:3f:b0:1a:c1:80:be:17:69:8e:01:fb:88:28:
                    2a:3b:85:c1:74:0b:ab:5a:55:49:67:fe:11:50:82:
                    a9:ef:22:7a:5b:34:21:de:8e:fe:90:14:09:71:ec:
                    d1:54:82:bd:33:3f:e0:29:1a:a1:a9:5b:0f:de:33:
                    18:75:9b:2e:5a:6d:9e:a7:ae:45:b6:8b:8e:99:ba:
                    20:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:70:5A:93:4B:DF:17:0E:43:79:23:49:5B:06:2B:39:FF:DC:60:2B
            X509v3 Authority Key Identifier:
                keyid:21:52:91:3C:2D:53:33:E6:F4:8D:A4:5B:33:9F:5C:28:58:41:36:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/2152913C2D5333E6F48DA45B339F5C285841364B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2152913C2D5333E6F48DA45B339F5C285841364B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/3139302e3231312e3136302e302f32312d3234203d3e20323632353839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.211.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         18:f7:7d:01:95:ac:4e:a5:4f:7d:61:05:12:02:10:37:7c:e9:
         84:f3:49:6d:c5:9d:f3:bb:e4:95:99:41:8d:d7:13:fd:c7:88:
         a7:27:e3:64:22:97:73:fe:c7:5b:70:37:59:06:2c:e6:fa:56:
         30:2a:fe:57:15:29:9a:15:cf:59:b0:61:6a:8c:a9:d9:c8:d7:
         14:7c:32:df:86:d9:f0:b8:c0:21:97:38:26:af:10:4a:17:23:
         a7:3c:02:0f:55:ab:73:b7:b3:a9:c6:5a:1b:cf:7d:55:1a:a6:
         0d:a2:d2:38:82:4b:fd:38:6b:b5:fd:f1:64:29:e4:0b:69:5e:
         9e:7b:d2:53:e7:46:11:0b:85:b4:cb:76:0c:26:36:70:39:7c:
         90:af:6e:3b:5a:46:c2:12:23:80:06:20:18:e4:e4:8c:c7:bc:
         b0:d8:e2:36:dc:25:54:26:27:20:20:25:0f:01:3e:fb:fb:ce:
         35:9a:47:4d:3e:be:32:2b:c8:75:19:ad:3c:22:06:9f:a6:cf:
         64:ae:0e:fb:97:ae:14:ac:7e:46:e5:48:8b:f3:ef:e6:78:7d:
         4b:53:6f:ef:e0:f4:12:6e:60:e9:b1:a5:6d:80:48:cb:8b:28:
         bc:52:f0:68:06:d8:22:e2:24:59:f0:4d:eb:51:87:a9:ae:57:
         50:8f:2b:af
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUImA1DKWeApFR0FGgboHmgW1+1UIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE1MjkxM0MyRDUzMzNFNkY0OERBNDVCMzM5RjVDMjg1
ODQxMzY0QjAeFw0yNDAzMDUxNzQwNDdaFw0yNTAzMDQxNzQ1NDdaMDMxMTAvBgNV
BAMTKDM3NzA1QTkzNEJERjE3MEU0Mzc5MjM0OTVCMDYyQjM5RkZEQzYwMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrL4jLxTSs49syzo47PXvou34+
PxTBJhMQhc+vNXUllvFbo/6pcLD5Mh51/HqQahVntCyOzN/FuRyahUnzh9x+yubD
nUTESEj7B3nhKaGAVLWBtixxGzTxExck+353Z90uXzIZ7D0WWW2eogLFKXiCVZK7
AtHJ6o0n9dsWMOPKyZDYJSHWqLwRZYFAgy9capp2Og0nS2Z2HoAm/N54w0wIFDdM
RaNhT0Ca4SmM8b9+AN0oL0e/P7AawYC+F2mOAfuIKCo7hcF0C6taVUln/hFQgqnv
InpbNCHejv6QFAlx7NFUgr0zP+ApGqGpWw/eMxh1my5abZ6nrkW2i46ZuiCVAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUN3Bak0vfFw5DeSNJWwYrOf/cYCswHwYDVR0j
BBgwFoAUIVKRPC1TM+b0jaRbM59cKFhBNkswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83MTRBQTlFNjM2M0QwNDBCQUUwODgwMTAwNUREOEE4MzM1
QUU1MEQ0NkRGRjUzQjMzNTlFNDZCQ0FGNDJGMEQ2LzAvMjE1MjkxM0MyRDUzMzNF
NkY0OERBNDVCMzM5RjVDMjg1ODQxMzY0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMTUyOTEzQzJENTMzM0U2RjQ4
REE0NUIzMzlGNUMyODU4NDEzNjRCLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzE0QUE5RTYzNjNEMDQwQkFFMDg4MDEwMDVERDhBODMzNUFFNTBENDZE
RkY1M0IzMzU5RTQ2QkNBRjQyRjBENi8wLzMxMzkzMDJlMzIzMTMxMmUzMTM2MzAy
ZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzMjM2MzIzNTM4Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO+
06AwDQYJKoZIhvcNAQELBQADggEBABj3fQGVrE6lT31hBRICEDd86YTzSW3FnfO7
5JWZQY3XE/3HiKcn42Qil3P+x1twN1kGLOb6VjAq/lcVKZoVz1mwYWqMqdnI1xR8
Mt+G2fC4wCGXOCavEEoXI6c8Ag9Vq3O3s6nGWhvPfVUapg2i0jiCS/04a7X98WQp
5AtpXp570lPnRhELhbTLdgwmNnA5fJCvbjtaRsISI4AGIBjk5IzHvLDY4jbcJVQm
JyAgJQ8BPvv7zjWaR00+vjIryHUZrTwiBp+mz2SuDvuXrhSsfkblSIvz7+Z4fUtT
b+/g9BJuYOmxpW2ASMuLKLxS8GgG2CLiJFnwTetRh6muV1CPK68=
-----END CERTIFICATE-----
Generated at Tue Oct 29 14:09:12 2024 by rpki-client on console-fra.rpki-client.org