Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/76429D3FC4898C43FD0C89E905ACAE83D553D45217106A8E0DB04088EE4FF11D/0/3133382e39392e3133392e302f32342d3234203d3e203631343937.roa
File:                     3133382e39392e3133392e302f32342d3234203d3e203631343937.roa (raw, json)
Hash identifier:          sJkpQ4tkjgym46DXN6VwrxYMHTygyIuhy2sD7958Wzc=
Subject key identifier:   0F:88:21:2F:45:B0:E7:91:A1:12:7C:8B:78:5D:D1:39:E5:D3:9D:1F
Certificate issuer:       /CN=CED1302EBC484C7C69E637E45AEF6775D5E618A9
Certificate serial:       76688490498AD71AC67141613D7D49CAC0C590D9
Authority key identifier: CE:D1:30:2E:BC:48:4C:7C:69:E6:37:E4:5A:EF:67:75:D5:E6:18:A9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CED1302EBC484C7C69E637E45AEF6775D5E618A9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/76429D3FC4898C43FD0C89E905ACAE83D553D45217106A8E0DB04088EE4FF11D/0/3133382e39392e3133392e302f32342d3234203d3e203631343937.roa
Signing time:             Tue 05 Mar 2024 18:17:47 +0000
ROA not before:           Tue 05 Mar 2024 18:12:47 +0000
ROA not after:            Tue 04 Mar 2025 18:17:47 +0000
asID:                     61497
IP address blocks:        138.99.139.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/76429D3FC4898C43FD0C89E905ACAE83D553D45217106A8E0DB04088EE4FF11D/0/CED1302EBC484C7C69E637E45AEF6775D5E618A9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/76429D3FC4898C43FD0C89E905ACAE83D553D45217106A8E0DB04088EE4FF11D/0/CED1302EBC484C7C69E637E45AEF6775D5E618A9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CED1302EBC484C7C69E637E45AEF6775D5E618A9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:68:84:90:49:8a:d7:1a:c6:71:41:61:3d:7d:49:ca:c0:c5:90:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CED1302EBC484C7C69E637E45AEF6775D5E618A9
        Validity
            Not Before: Mar  5 18:12:47 2024 GMT
            Not After : Mar  4 18:17:47 2025 GMT
        Subject: CN=0F88212F45B0E791A1127C8B785DD139E5D39D1F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b0:a8:77:52:cb:01:a1:b3:bd:2b:ce:7c:a6:
                    d2:32:61:b2:ef:85:3f:41:e5:cd:d8:3e:b7:10:71:
                    f0:62:07:5f:de:a2:e0:d3:94:f4:8e:d2:24:70:01:
                    e7:80:4c:6b:86:05:b2:a5:bc:ce:7c:fe:63:3a:fa:
                    05:82:88:ef:51:1e:30:d0:f3:0b:08:8d:67:d7:f7:
                    8b:ba:ba:72:c0:c3:43:5e:4f:4c:fc:6a:3c:91:90:
                    08:f6:07:3d:ef:d5:36:d5:1f:0f:a0:fa:57:e7:95:
                    1e:02:03:f5:b6:52:1f:c6:fc:57:ca:5f:33:65:ab:
                    25:62:94:3a:4a:8d:89:0e:1f:7e:28:db:67:5d:73:
                    dd:f1:ad:d3:41:2b:02:ca:1a:7b:0b:02:df:dd:f4:
                    94:f2:df:35:de:b3:94:2f:36:92:17:45:3d:17:ab:
                    fa:a8:99:14:ba:f6:63:98:59:04:47:b3:28:78:42:
                    51:84:25:0a:fe:43:69:74:47:67:80:f8:a7:34:eb:
                    d2:bc:cd:c9:88:6b:a2:ba:36:ef:0e:ce:1d:af:ee:
                    30:cf:27:45:21:66:7f:57:e8:1f:3f:2b:e7:b4:c8:
                    9d:0e:f9:08:43:3b:00:5b:8c:42:07:bc:6f:aa:56:
                    97:ec:91:c1:ba:b3:65:04:d1:f5:5d:54:5a:38:af:
                    af:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:88:21:2F:45:B0:E7:91:A1:12:7C:8B:78:5D:D1:39:E5:D3:9D:1F
            X509v3 Authority Key Identifier:
                keyid:CE:D1:30:2E:BC:48:4C:7C:69:E6:37:E4:5A:EF:67:75:D5:E6:18:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/76429D3FC4898C43FD0C89E905ACAE83D553D45217106A8E0DB04088EE4FF11D/0/CED1302EBC484C7C69E637E45AEF6775D5E618A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CED1302EBC484C7C69E637E45AEF6775D5E618A9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/76429D3FC4898C43FD0C89E905ACAE83D553D45217106A8E0DB04088EE4FF11D/0/3133382e39392e3133392e302f32342d3234203d3e203631343937.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.99.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:fa:5b:f4:1e:3a:ce:6e:e5:09:42:f6:b9:4b:85:7f:ca:55:
         51:21:43:96:fd:fc:e4:40:ae:97:ba:55:83:b5:77:90:a6:ce:
         53:27:f6:72:fd:5c:0d:24:32:ac:c8:b4:4d:05:7d:b2:0d:f7:
         fa:54:82:8c:3d:4d:15:44:55:d5:65:52:ac:1b:f1:3c:0d:9c:
         c2:2b:a8:02:50:a8:ef:f9:ec:a2:6c:37:6c:d4:07:d8:08:e7:
         75:77:e6:56:e1:2e:fd:35:c9:e9:67:61:fa:b0:27:98:f5:24:
         1c:65:e3:45:bc:81:70:88:2c:a3:80:ab:bf:e9:89:0c:b3:cb:
         f9:9a:3b:7c:47:17:73:84:c1:46:31:fd:c4:68:50:f8:e0:51:
         8d:94:61:c9:f6:ce:0c:25:6e:d5:5e:e8:2e:65:d4:13:b5:f1:
         55:f6:f2:f2:f5:f8:dc:6d:45:f2:a9:06:c7:9b:bd:16:81:72:
         54:bf:94:11:c4:b5:ed:f5:71:65:cd:da:1a:83:e6:ba:37:a1:
         74:26:41:8b:bc:2f:ed:a3:72:f1:c8:12:83:cf:78:c8:cd:b8:
         cd:42:f8:30:44:77:cd:f4:db:c9:fc:11:e9:e8:81:d0:b4:7f:
         3d:da:7d:91:65:67:af:f7:5d:4d:44:26:84:a0:62:09:38:27:
         e4:4a:07:92
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUdmiEkEmK1xrGcUFhPX1JysDFkNkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0VEMTMwMkVCQzQ4NEM3QzY5RTYzN0U0NUFFRjY3NzVE
NUU2MThBOTAeFw0yNDAzMDUxODEyNDdaFw0yNTAzMDQxODE3NDdaMDMxMTAvBgNV
BAMTKDBGODgyMTJGNDVCMEU3OTFBMTEyN0M4Qjc4NUREMTM5RTVEMzlEMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvsKh3UssBobO9K858ptIyYbLv
hT9B5c3YPrcQcfBiB1/eouDTlPSO0iRwAeeATGuGBbKlvM58/mM6+gWCiO9RHjDQ
8wsIjWfX94u6unLAw0NeT0z8ajyRkAj2Bz3v1TbVHw+g+lfnlR4CA/W2Uh/G/FfK
XzNlqyVilDpKjYkOH34o22ddc93xrdNBKwLKGnsLAt/d9JTy3zXes5QvNpIXRT0X
q/qomRS69mOYWQRHsyh4QlGEJQr+Q2l0R2eA+Kc069K8zcmIa6K6Nu8Ozh2v7jDP
J0UhZn9X6B8/K+e0yJ0O+QhDOwBbjEIHvG+qVpfskcG6s2UE0fVdVFo4r6+dAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUD4ghL0Ww55GhEnyLeF3ROeXTnR8wHwYDVR0j
BBgwFoAUztEwLrxITHxp5jfkWu9nddXmGKkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83NjQyOUQzRkM0ODk4QzQzRkQwQzg5RTkwNUFDQUU4M0Q1
NTNENDUyMTcxMDZBOEUwREIwNDA4OEVFNEZGMTFELzAvQ0VEMTMwMkVCQzQ4NEM3
QzY5RTYzN0U0NUFFRjY3NzVENUU2MThBOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DRUQxMzAyRUJDNDg0QzdDNjlF
NjM3RTQ1QUVGNjc3NUQ1RTYxOEE5LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzY0MjlEM0ZDNDg5OEM0M0ZEMEM4OUU5MDVBQ0FFODNENTUzRDQ1MjE3
MTA2QThFMERCMDQwODhFRTRGRjExRC8wLzMxMzMzODJlMzkzOTJlMzEzMzM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTM0MzkzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIpjizAN
BgkqhkiG9w0BAQsFAAOCAQEALfpb9B46zm7lCUL2uUuFf8pVUSFDlv385ECul7pV
g7V3kKbOUyf2cv1cDSQyrMi0TQV9sg33+lSCjD1NFURV1WVSrBvxPA2cwiuoAlCo
7/nsomw3bNQH2AjndXfmVuEu/TXJ6Wdh+rAnmPUkHGXjRbyBcIgso4Crv+mJDLPL
+Zo7fEcXc4TBRjH9xGhQ+OBRjZRhyfbODCVu1V7oLmXUE7XxVfby8vX43G1F8qkG
x5u9FoFyVL+UEcS17fVxZc3aGoPmujehdCZBi7wv7aNy8cgSg894yM24zUL4MER3
zfTbyfwR6eiB0LR/Pdp9kWVnr/ddTUQmhKBiCTgn5EoHkg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:38:04 2024 by rpki-client on console-ams.rpki-client.org