Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/3139302e3231312e3136382e302f32312d3234203d3e20323632353839.roa
File:                     3139302e3231312e3136382e302f32312d3234203d3e20323632353839.roa (raw, json)
Hash identifier:          9Q7aw5eEUgHCwGYShpMYQIm1GCm/d2auQlb94vtfnHg=
Subject key identifier:   CD:7B:DD:B4:A3:14:DC:FB:EA:90:A0:AA:5A:92:5F:40:1F:03:36:51
Certificate issuer:       /CN=2152913C2D5333E6F48DA45B339F5C285841364B
Certificate serial:       4608288A1AD45324A611D07FB2FA1A0682B82D16
Authority key identifier: 21:52:91:3C:2D:53:33:E6:F4:8D:A4:5B:33:9F:5C:28:58:41:36:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2152913C2D5333E6F48DA45B339F5C285841364B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/3139302e3231312e3136382e302f32312d3234203d3e20323632353839.roa
Signing time:             Tue 05 Mar 2024 17:45:46 +0000
ROA not before:           Tue 05 Mar 2024 17:40:46 +0000
ROA not after:            Tue 04 Mar 2025 17:45:46 +0000
asID:                     262589
IP address blocks:        190.211.168.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/2152913C2D5333E6F48DA45B339F5C285841364B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/2152913C2D5333E6F48DA45B339F5C285841364B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2152913C2D5333E6F48DA45B339F5C285841364B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 07:58:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:08:28:8a:1a:d4:53:24:a6:11:d0:7f:b2:fa:1a:06:82:b8:2d:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2152913C2D5333E6F48DA45B339F5C285841364B
        Validity
            Not Before: Mar  5 17:40:46 2024 GMT
            Not After : Mar  4 17:45:46 2025 GMT
        Subject: CN=CD7BDDB4A314DCFBEA90A0AA5A925F401F033651
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:3d:d1:46:64:4d:d9:b3:cf:68:c1:b8:1e:2d:
                    a5:b1:c9:0e:4d:56:7c:d4:56:5c:8a:c0:f0:d4:b7:
                    e8:ce:40:18:3d:e3:85:79:c7:d5:bd:8c:98:1c:e7:
                    67:0b:dd:41:05:81:5b:b5:c5:5e:52:2b:d2:da:a3:
                    ce:f2:44:4d:01:ff:64:2b:3b:1b:64:8b:34:28:d0:
                    b1:96:0b:96:b6:f5:a8:ea:66:e1:c3:ce:c9:91:f7:
                    4f:c0:45:16:5b:18:00:b8:0d:06:34:ef:55:26:49:
                    59:c9:d4:54:21:11:61:ba:85:8d:16:07:32:2b:3b:
                    91:ae:bb:2a:f1:ab:67:5a:13:d1:c1:36:76:fa:ac:
                    92:e6:86:3c:8b:35:ab:7e:d8:5b:f2:60:97:2d:b1:
                    48:d7:a1:4c:60:c2:eb:da:07:30:cc:be:03:41:88:
                    5e:aa:fa:70:44:80:72:ff:67:46:05:f6:37:a2:70:
                    a3:05:9b:bc:ae:75:80:e5:9b:48:14:2c:ad:7c:1d:
                    42:e4:6e:2d:f1:66:c8:fb:ee:5f:91:2b:d9:a3:43:
                    60:4c:70:e6:e4:8b:33:3b:db:c9:d0:2f:41:69:31:
                    a0:e1:a6:45:7c:b3:45:a1:fd:8f:0a:4d:1d:d4:9d:
                    0e:1e:d7:5c:f0:47:4e:ee:23:da:a0:66:e3:da:1d:
                    41:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:7B:DD:B4:A3:14:DC:FB:EA:90:A0:AA:5A:92:5F:40:1F:03:36:51
            X509v3 Authority Key Identifier:
                keyid:21:52:91:3C:2D:53:33:E6:F4:8D:A4:5B:33:9F:5C:28:58:41:36:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/2152913C2D5333E6F48DA45B339F5C285841364B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2152913C2D5333E6F48DA45B339F5C285841364B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/714AA9E6363D040BAE08801005DD8A8335AE50D46DFF53B3359E46BCAF42F0D6/0/3139302e3231312e3136382e302f32312d3234203d3e20323632353839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.211.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         45:3f:c6:3f:eb:7e:38:54:dc:90:34:25:5a:af:18:57:b0:24:
         86:0c:31:d3:c4:88:19:cf:95:af:ea:8d:df:9f:79:44:f0:74:
         9f:5f:0a:65:f7:3d:cc:08:36:05:05:f3:91:07:c7:72:d8:5e:
         6b:5f:64:d0:fb:5d:1c:a0:eb:5f:55:c1:ef:31:1b:18:72:34:
         96:ab:c7:8d:56:61:6d:ae:4d:01:dc:8c:79:70:b1:c6:13:9b:
         89:dc:ed:7a:23:1d:0d:94:9a:90:2e:e4:ed:49:b8:e4:74:9e:
         12:e5:8c:72:68:34:c8:14:d2:ae:e5:36:7f:45:e5:a5:98:d0:
         b2:16:9e:55:82:e0:c1:be:44:07:4e:c5:45:c2:f9:b7:45:50:
         f6:23:51:05:de:96:79:5b:47:0d:b2:5c:a0:70:67:ba:9f:db:
         da:a9:df:dd:57:21:26:ec:48:02:66:e1:56:88:55:77:35:f9:
         fd:8c:40:78:5e:6d:db:e9:b8:fa:f0:da:a2:d7:4b:ec:5e:b5:
         bc:48:4b:c9:c9:af:4b:eb:1b:e7:9a:e1:e5:d8:9a:14:a2:14:
         92:b6:5f:8d:23:13:0d:64:0a:11:b3:b7:09:c2:7c:fb:22:4e:
         d4:0a:88:5d:ad:77:72:90:35:6c:5b:fd:b0:f7:ca:f0:57:10:
         32:79:cb:18
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIURggoihrUUySmEdB/svoaBoK4LRYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE1MjkxM0MyRDUzMzNFNkY0OERBNDVCMzM5RjVDMjg1
ODQxMzY0QjAeFw0yNDAzMDUxNzQwNDZaFw0yNTAzMDQxNzQ1NDZaMDMxMTAvBgNV
BAMTKENEN0JEREI0QTMxNERDRkJFQTkwQTBBQTVBOTI1RjQwMUYwMzM2NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsPdFGZE3Zs89owbgeLaWxyQ5N
VnzUVlyKwPDUt+jOQBg944V5x9W9jJgc52cL3UEFgVu1xV5SK9Lao87yRE0B/2Qr
OxtkizQo0LGWC5a29ajqZuHDzsmR90/ARRZbGAC4DQY071UmSVnJ1FQhEWG6hY0W
BzIrO5Guuyrxq2daE9HBNnb6rJLmhjyLNat+2FvyYJctsUjXoUxgwuvaBzDMvgNB
iF6q+nBEgHL/Z0YF9jeicKMFm7yudYDlm0gULK18HULkbi3xZsj77l+RK9mjQ2BM
cObkizM728nQL0FpMaDhpkV8s0Wh/Y8KTR3UnQ4e11zwR07uI9qgZuPaHUFtAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUzXvdtKMU3PvqkKCqWpJfQB8DNlEwHwYDVR0j
BBgwFoAUIVKRPC1TM+b0jaRbM59cKFhBNkswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83MTRBQTlFNjM2M0QwNDBCQUUwODgwMTAwNUREOEE4MzM1
QUU1MEQ0NkRGRjUzQjMzNTlFNDZCQ0FGNDJGMEQ2LzAvMjE1MjkxM0MyRDUzMzNF
NkY0OERBNDVCMzM5RjVDMjg1ODQxMzY0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMTUyOTEzQzJENTMzM0U2RjQ4
REE0NUIzMzlGNUMyODU4NDEzNjRCLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzE0QUE5RTYzNjNEMDQwQkFFMDg4MDEwMDVERDhBODMzNUFFNTBENDZE
RkY1M0IzMzU5RTQ2QkNBRjQyRjBENi8wLzMxMzkzMDJlMzIzMTMxMmUzMTM2Mzgy
ZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzMjM2MzIzNTM4Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO+
06gwDQYJKoZIhvcNAQELBQADggEBAEU/xj/rfjhU3JA0JVqvGFewJIYMMdPEiBnP
la/qjd+feUTwdJ9fCmX3PcwINgUF85EHx3LYXmtfZND7XRyg619Vwe8xGxhyNJar
x41WYW2uTQHcjHlwscYTm4nc7XojHQ2UmpAu5O1JuOR0nhLljHJoNMgU0q7lNn9F
5aWY0LIWnlWC4MG+RAdOxUXC+bdFUPYjUQXelnlbRw2yXKBwZ7qf29qp391XISbs
SAJm4VaIVXc1+f2MQHhebdvpuPrw2qLXS+xetbxIS8nJr0vrG+ea4eXYmhSiFJK2
X40jEw1kChGztwnCfPsiTtQKiF2td3KQNWxb/bD3yvBXEDJ5yxg=
-----END CERTIFICATE-----
Generated at Tue Oct 29 15:59:46 2024 by rpki-client on console-ams.rpki-client.org