Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/3136302e3233382e3230342e302f32322d3234203d3e20323635363839.roa
File:                     3136302e3233382e3230342e302f32322d3234203d3e20323635363839.roa (raw, json)
Hash identifier:          OXGcGb/j3D5tlQrqHVyS79pq3rHElWwFIB8vjqnlKnQ=
Subject key identifier:   91:66:BD:1B:20:FE:25:E2:46:7E:CB:26:4F:05:FC:EB:09:A0:13:69
Certificate issuer:       /CN=66D7CB6044C192E36153B39F7AF75BC83FF1DCB6
Certificate serial:       216C3BBD8223BE50A7398700F2BD1215CA0A26CE
Authority key identifier: 66:D7:CB:60:44:C1:92:E3:61:53:B3:9F:7A:F7:5B:C8:3F:F1:DC:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/3136302e3233382e3230342e302f32322d3234203d3e20323635363839.roa
Signing time:             Tue 05 Mar 2024 18:08:37 +0000
ROA not before:           Tue 05 Mar 2024 18:03:37 +0000
ROA not after:            Tue 04 Mar 2025 18:08:37 +0000
asID:                     265689
IP address blocks:        160.238.204.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 01:51:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:6c:3b:bd:82:23:be:50:a7:39:87:00:f2:bd:12:15:ca:0a:26:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66D7CB6044C192E36153B39F7AF75BC83FF1DCB6
        Validity
            Not Before: Mar  5 18:03:37 2024 GMT
            Not After : Mar  4 18:08:37 2025 GMT
        Subject: CN=9166BD1B20FE25E2467ECB264F05FCEB09A01369
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:38:a2:bc:25:e6:10:4c:2a:6e:b5:d8:18:20:
                    79:d5:21:a2:01:f8:f5:5d:74:66:66:08:d7:40:ef:
                    02:8d:f0:1e:f9:41:cd:06:44:be:d3:95:9d:b1:c1:
                    99:b5:7c:57:a4:da:ae:8c:45:2f:ac:70:08:57:5b:
                    5e:df:be:96:de:a7:f4:11:d1:e3:a3:78:df:01:57:
                    a0:74:4a:f3:c4:23:ba:bc:51:cb:de:0b:65:f1:53:
                    ec:7a:39:59:4c:4b:39:1a:9d:1e:b0:f2:34:27:95:
                    c0:3a:f5:6b:2e:9c:32:66:2a:7f:dc:13:6a:c8:00:
                    a3:b4:e8:3c:d2:ae:11:7f:18:26:cc:ab:ab:e0:d3:
                    85:aa:ef:78:4b:f4:53:97:b6:b6:5e:de:44:eb:96:
                    73:2e:50:07:60:51:cd:98:81:f7:98:45:7d:43:21:
                    56:d3:7b:1f:9c:13:a6:9e:ff:4c:dd:ad:0c:95:a5:
                    36:93:28:0b:72:d0:a1:62:75:83:a2:50:0f:55:36:
                    68:88:f1:86:82:b8:31:04:0e:3c:31:13:12:c5:0e:
                    7f:6f:e9:d9:7f:b1:e7:79:a2:b7:d6:b3:a2:0d:b2:
                    c9:8a:44:71:19:7d:41:87:f4:8d:f8:1b:04:f8:b7:
                    38:23:2f:1a:35:46:12:bd:6e:c9:d2:a1:8a:2e:7c:
                    c3:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:66:BD:1B:20:FE:25:E2:46:7E:CB:26:4F:05:FC:EB:09:A0:13:69
            X509v3 Authority Key Identifier:
                keyid:66:D7:CB:60:44:C1:92:E3:61:53:B3:9F:7A:F7:5B:C8:3F:F1:DC:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/3136302e3233382e3230342e302f32322d3234203d3e20323635363839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.238.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         d0:8d:4e:53:7d:45:de:e0:78:2c:32:b6:73:03:cd:88:0d:94:
         aa:53:26:4d:98:6f:f6:d6:c3:7e:d4:69:b6:4c:c6:31:d8:49:
         8e:8e:36:2f:2d:fe:33:5f:eb:61:8b:b4:64:06:b9:29:20:88:
         ef:c6:73:db:ee:6e:66:c1:93:b5:17:bf:b4:8f:9c:30:ce:d5:
         b3:41:62:ba:5a:19:bf:21:55:85:0e:98:9f:02:e8:8b:9b:70:
         75:d5:3b:1b:b9:9d:6e:4e:c2:d8:59:a1:f6:57:19:56:60:04:
         75:c3:8d:4a:78:8f:79:07:cb:1f:a9:5e:b4:e4:60:a5:83:10:
         dc:ec:d9:a9:0e:be:4b:1a:90:00:cb:32:15:bb:4d:a9:ee:39:
         91:c0:4e:db:7a:b1:62:ca:1b:03:57:27:b1:90:72:12:ca:eb:
         6a:d7:87:5d:20:90:20:cf:db:bd:59:95:78:d8:15:7c:1a:ab:
         85:a0:9a:33:2e:f3:cd:9d:aa:4b:0f:95:4f:6f:d1:e4:65:b5:
         42:69:34:5b:49:a5:ad:68:fc:e1:43:a9:f2:dd:0e:64:c2:1c:
         a7:96:7b:9b:ee:69:1c:4b:bf:67:f2:99:c3:0e:a1:a3:90:1d:
         cc:48:de:42:be:72:ea:66:e4:d6:58:d7:6e:c9:e0:b9:a9:98:
         95:3f:2c:87
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUIWw7vYIjvlCnOYcA8r0SFcoKJs4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjZEN0NCNjA0NEMxOTJFMzYxNTNCMzlGN0FGNzVCQzgz
RkYxRENCNjAeFw0yNDAzMDUxODAzMzdaFw0yNTAzMDQxODA4MzdaMDMxMTAvBgNV
BAMTKDkxNjZCRDFCMjBGRTI1RTI0NjdFQ0IyNjRGMDVGQ0VCMDlBMDEzNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtOKK8JeYQTCputdgYIHnVIaIB
+PVddGZmCNdA7wKN8B75Qc0GRL7TlZ2xwZm1fFek2q6MRS+scAhXW17fvpbep/QR
0eOjeN8BV6B0SvPEI7q8UcveC2XxU+x6OVlMSzkanR6w8jQnlcA69WsunDJmKn/c
E2rIAKO06DzSrhF/GCbMq6vg04Wq73hL9FOXtrZe3kTrlnMuUAdgUc2YgfeYRX1D
IVbTex+cE6ae/0zdrQyVpTaTKAty0KFidYOiUA9VNmiI8YaCuDEEDjwxExLFDn9v
6dl/sed5orfWs6INssmKRHEZfUGH9I34GwT4tzgjLxo1RhK9bsnSoYoufMOlAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUkWa9GyD+JeJGfssmTwX86wmgE2kwHwYDVR0j
BBgwFoAUZtfLYETBkuNhU7OfevdbyD/x3LYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83OTc0REYyQjRGQTZFQjc0RUVDODUxNzNGMEJBNDZCRDND
MUZGRDZGMUM2RjU5M0I0MTM1MEVBN0E1NTY1RTc4LzAvNjZEN0NCNjA0NEMxOTJF
MzYxNTNCMzlGN0FGNzVCQzgzRkYxRENCNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NkQ3Q0I2MDQ0QzE5MkUzNjE1
M0IzOUY3QUY3NUJDODNGRjFEQ0I2LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzk3NERGMkI0RkE2RUI3NEVFQzg1MTczRjBCQTQ2QkQzQzFGRkQ2RjFD
NkY1OTNCNDEzNTBFQTdBNTU2NUU3OC8wLzMxMzYzMDJlMzIzMzM4MmUzMjMwMzQy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzUzNjM4Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKg
7swwDQYJKoZIhvcNAQELBQADggEBANCNTlN9Rd7geCwytnMDzYgNlKpTJk2Yb/bW
w37UabZMxjHYSY6ONi8t/jNf62GLtGQGuSkgiO/Gc9vubmbBk7UXv7SPnDDO1bNB
YrpaGb8hVYUOmJ8C6IubcHXVOxu5nW5OwthZofZXGVZgBHXDjUp4j3kHyx+pXrTk
YKWDENzs2akOvksakADLMhW7TanuOZHATtt6sWLKGwNXJ7GQchLK62rXh10gkCDP
271ZlXjYFXwaq4WgmjMu882dqksPlU9v0eRltUJpNFtJpa1o/OFDqfLdDmTCHKeW
e5vuaRxLv2fymcMOoaOQHcxI3kK+cupm5NZY127J4LmpmJU/LIc=
-----END CERTIFICATE-----
Generated at Sat Jun 22 03:17:12 2024 by rpki-client on console-fra.rpki-client.org