Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/757D6598483B0D1E52E22DFE67B37F03EAE18A33AECC6EC1BC364861B1B214CB/0/3138312e3137342e3130382e302f32322d3234203d3e203233323433.roa
File:                     3138312e3137342e3130382e302f32322d3234203d3e203233323433.roa (raw, json)
Hash identifier:          LlNnp2icCDQlmKH3TSfkTOY98lLjAlyJwAOCHbky8rQ=
Subject key identifier:   00:C2:95:E7:0F:A2:C7:EA:69:D9:0E:24:19:93:83:30:2B:BC:5E:07
Certificate issuer:       /CN=8E1499D12067F2BEA1287B63425EA3B70FCAFFC1
Certificate serial:       4625DF7D50A9D5F4FBC4FEF07A19F0553CCBA18D
Authority key identifier: 8E:14:99:D1:20:67:F2:BE:A1:28:7B:63:42:5E:A3:B7:0F:CA:FF:C1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8E1499D12067F2BEA1287B63425EA3B70FCAFFC1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/757D6598483B0D1E52E22DFE67B37F03EAE18A33AECC6EC1BC364861B1B214CB/0/3138312e3137342e3130382e302f32322d3234203d3e203233323433.roa
Signing time:             Tue 05 Mar 2024 17:55:57 +0000
ROA not before:           Tue 05 Mar 2024 17:50:57 +0000
ROA not after:            Tue 04 Mar 2025 17:55:57 +0000
asID:                     23243
IP address blocks:        181.174.108.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/757D6598483B0D1E52E22DFE67B37F03EAE18A33AECC6EC1BC364861B1B214CB/0/8E1499D12067F2BEA1287B63425EA3B70FCAFFC1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/757D6598483B0D1E52E22DFE67B37F03EAE18A33AECC6EC1BC364861B1B214CB/0/8E1499D12067F2BEA1287B63425EA3B70FCAFFC1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8E1499D12067F2BEA1287B63425EA3B70FCAFFC1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 28 Nov 2024 18:28:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:25:df:7d:50:a9:d5:f4:fb:c4:fe:f0:7a:19:f0:55:3c:cb:a1:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8E1499D12067F2BEA1287B63425EA3B70FCAFFC1
        Validity
            Not Before: Mar  5 17:50:57 2024 GMT
            Not After : Mar  4 17:55:57 2025 GMT
        Subject: CN=00C295E70FA2C7EA69D90E24199383302BBC5E07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:67:50:8b:0a:fc:75:7b:66:d8:0b:da:fd:32:
                    7c:b7:1f:3f:8e:21:a8:0d:07:5b:cf:dc:9d:cb:80:
                    9f:00:ee:81:4a:69:60:9e:b0:7b:73:e0:c6:93:6c:
                    09:64:3c:58:3e:eb:e6:2c:31:d9:c2:2c:62:f7:8e:
                    76:97:02:a8:f9:f3:04:aa:fb:dd:03:18:53:21:fc:
                    8a:59:ca:a9:86:9e:5d:af:24:25:78:e9:df:e2:64:
                    53:fb:d3:79:54:74:38:91:64:8d:a2:ee:ee:54:c6:
                    ba:b6:23:3b:15:b4:af:24:f3:d9:1f:b2:1b:22:13:
                    a1:c0:4b:15:4c:3e:b4:6c:40:a2:70:ba:8f:b4:70:
                    37:11:99:58:06:1f:54:01:75:65:33:66:23:0b:8b:
                    ad:75:ef:8b:f4:f6:f5:a8:b3:5e:1e:b7:41:08:6e:
                    43:be:d0:fb:40:87:6e:6d:b5:fc:48:40:fa:4a:e9:
                    03:af:f3:1c:fd:c5:d3:d2:2e:e9:1c:88:1b:ac:a5:
                    6b:28:bf:82:30:b1:97:22:d5:a2:ce:21:c4:06:69:
                    74:9c:f4:c6:73:ad:2c:de:1e:25:63:e3:07:07:57:
                    ce:e2:13:54:65:db:e4:ac:48:f4:86:83:79:42:f4:
                    00:e6:b3:16:a0:09:7f:25:bb:d3:f3:73:b8:ef:30:
                    6e:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:C2:95:E7:0F:A2:C7:EA:69:D9:0E:24:19:93:83:30:2B:BC:5E:07
            X509v3 Authority Key Identifier:
                keyid:8E:14:99:D1:20:67:F2:BE:A1:28:7B:63:42:5E:A3:B7:0F:CA:FF:C1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/757D6598483B0D1E52E22DFE67B37F03EAE18A33AECC6EC1BC364861B1B214CB/0/8E1499D12067F2BEA1287B63425EA3B70FCAFFC1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8E1499D12067F2BEA1287B63425EA3B70FCAFFC1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/757D6598483B0D1E52E22DFE67B37F03EAE18A33AECC6EC1BC364861B1B214CB/0/3138312e3137342e3130382e302f32322d3234203d3e203233323433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.174.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6d:49:98:bf:93:df:e0:10:97:57:67:e9:58:8a:fd:ae:d9:a5:
         ac:b5:04:87:08:a8:ce:a2:67:db:69:13:3a:5e:c8:56:5c:8d:
         f6:9d:44:b5:ca:86:c3:2c:e2:f2:38:06:51:f7:b0:0b:c9:ff:
         ce:45:dd:6c:87:df:95:f4:9f:f9:60:75:2f:38:00:58:f5:22:
         aa:f9:7c:4d:b2:28:34:37:16:5b:a1:06:f7:29:40:2b:ea:ee:
         db:d4:0d:0b:15:7d:73:09:16:af:97:02:20:c5:99:82:28:49:
         fc:bd:f3:bc:ac:5d:33:b6:fc:12:dd:96:b2:db:61:45:49:67:
         59:07:1c:32:e1:a9:95:17:2c:cc:41:a4:6b:84:c5:31:b1:7c:
         6a:02:61:6b:ef:8d:27:7d:35:b2:ed:f9:65:23:f7:92:3e:1a:
         0b:fa:58:48:f0:60:67:1e:e6:73:fe:08:5b:df:2c:1e:d4:3e:
         b5:64:4b:33:85:f8:28:0b:0d:90:b7:ca:1e:47:c9:5f:2f:27:
         1f:3c:65:9a:7c:b4:12:44:90:a2:e1:85:31:2f:45:f5:1c:71:
         01:c8:93:44:20:ce:16:4d:9f:25:c6:1e:a8:06:23:c6:30:6e:
         4d:c0:a5:88:a8:59:05:26:70:ae:82:10:cb:4b:12:3c:f6:ce:
         7a:37:4f:a9
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIURiXffVCp1fT7xP7wehnwVTzLoY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEUxNDk5RDEyMDY3RjJCRUExMjg3QjYzNDI1RUEzQjcw
RkNBRkZDMTAeFw0yNDAzMDUxNzUwNTdaFw0yNTAzMDQxNzU1NTdaMDMxMTAvBgNV
BAMTKDAwQzI5NUU3MEZBMkM3RUE2OUQ5MEUyNDE5OTM4MzMwMkJCQzVFMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdZ1CLCvx1e2bYC9r9Mny3Hz+O
IagNB1vP3J3LgJ8A7oFKaWCesHtz4MaTbAlkPFg+6+YsMdnCLGL3jnaXAqj58wSq
+90DGFMh/IpZyqmGnl2vJCV46d/iZFP703lUdDiRZI2i7u5Uxrq2IzsVtK8k89kf
shsiE6HASxVMPrRsQKJwuo+0cDcRmVgGH1QBdWUzZiMLi61174v09vWos14et0EI
bkO+0PtAh25ttfxIQPpK6QOv8xz9xdPSLukciBuspWsov4IwsZci1aLOIcQGaXSc
9MZzrSzeHiVj4wcHV87iE1Rl2+SsSPSGg3lC9ADmsxagCX8lu9Pzc7jvMG59AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUAMKV5w+ix+pp2Q4kGZODMCu8XgcwHwYDVR0j
BBgwFoAUjhSZ0SBn8r6hKHtjQl6jtw/K/8EwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83NTdENjU5ODQ4M0IwRDFFNTJFMjJERkU2N0IzN0YwM0VB
RTE4QTMzQUVDQzZFQzFCQzM2NDg2MUIxQjIxNENCLzAvOEUxNDk5RDEyMDY3RjJC
RUExMjg3QjYzNDI1RUEzQjcwRkNBRkZDMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RTE0OTlEMTIwNjdGMkJFQTEy
ODdCNjM0MjVFQTNCNzBGQ0FGRkMxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzU3RDY1OTg0ODNCMEQxRTUyRTIyREZFNjdCMzdGMDNFQUUxOEEzM0FF
Q0M2RUMxQkMzNjQ4NjFCMUIyMTRDQi8wLzMxMzgzMTJlMzEzNzM0MmUzMTMwMzgy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMzMzIzNDMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCta5s
MA0GCSqGSIb3DQEBCwUAA4IBAQBtSZi/k9/gEJdXZ+lYiv2u2aWstQSHCKjOomfb
aRM6XshWXI32nUS1yobDLOLyOAZR97ALyf/ORd1sh9+V9J/5YHUvOABY9SKq+XxN
sig0NxZboQb3KUAr6u7b1A0LFX1zCRavlwIgxZmCKEn8vfO8rF0ztvwS3Zay22FF
SWdZBxwy4amVFyzMQaRrhMUxsXxqAmFr740nfTWy7fllI/eSPhoL+lhI8GBnHuZz
/ghb3ywe1D61ZEszhfgoCw2Qt8oeR8lfLycfPGWafLQSRJCi4YUxL0X1HHEByJNE
IM4WTZ8lxh6oBiPGMG5NwKWIqFkFJnCughDLSxI89s56N0+p
-----END CERTIFICATE-----
Generated at Sun Nov 24 08:01:27 2024 by rpki-client on console-fra.rpki-client.org