Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/79F564028EB529CDD82C025FC5AB4DC02E0CD3CEDCF996330523DAA5E253256D/0/3137392e3138392e3232302e302f32332d3234203d3e20323732303238.roa
File:                     3137392e3138392e3232302e302f32332d3234203d3e20323732303238.roa (raw, json)
Hash identifier:          4U3VlRGCODvDNv8LUUzO3cVRKPEAB90f/690q9cs/i0=
Subject key identifier:   2B:27:39:EF:E9:D9:64:19:F6:BE:16:87:2D:CC:47:79:56:47:A1:34
Certificate issuer:       /CN=A9F940AE06C32D0ACDBF321EB9CA4A0B9988DC81
Certificate serial:       250D8EFFC4C99B64C6ECFB53B24508AFDB90A638
Authority key identifier: A9:F9:40:AE:06:C3:2D:0A:CD:BF:32:1E:B9:CA:4A:0B:99:88:DC:81
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A9F940AE06C32D0ACDBF321EB9CA4A0B9988DC81.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/79F564028EB529CDD82C025FC5AB4DC02E0CD3CEDCF996330523DAA5E253256D/0/3137392e3138392e3232302e302f32332d3234203d3e20323732303238.roa
Signing time:             Tue 05 Mar 2024 18:12:12 +0000
ROA not before:           Tue 05 Mar 2024 18:07:12 +0000
ROA not after:            Tue 04 Mar 2025 18:12:12 +0000
asID:                     272028
IP address blocks:        179.189.220.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/79F564028EB529CDD82C025FC5AB4DC02E0CD3CEDCF996330523DAA5E253256D/0/A9F940AE06C32D0ACDBF321EB9CA4A0B9988DC81.crl
                          rsync://repository.lacnic.net/rpki/lacnic/79F564028EB529CDD82C025FC5AB4DC02E0CD3CEDCF996330523DAA5E253256D/0/A9F940AE06C32D0ACDBF321EB9CA4A0B9988DC81.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A9F940AE06C32D0ACDBF321EB9CA4A0B9988DC81.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 14 Nov 2024 04:05:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:0d:8e:ff:c4:c9:9b:64:c6:ec:fb:53:b2:45:08:af:db:90:a6:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9F940AE06C32D0ACDBF321EB9CA4A0B9988DC81
        Validity
            Not Before: Mar  5 18:07:12 2024 GMT
            Not After : Mar  4 18:12:12 2025 GMT
        Subject: CN=2B2739EFE9D96419F6BE16872DCC47795647A134
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:8c:1b:d9:22:46:3f:f3:ff:f5:df:07:7d:7a:
                    c9:6f:7f:09:49:70:17:00:9c:67:85:e4:0e:e1:57:
                    72:21:a9:6d:56:dd:18:43:a0:11:04:01:80:a4:ee:
                    2f:d7:8a:39:e3:37:3e:77:27:94:4a:d4:fd:f7:dc:
                    f6:79:84:ab:e6:fb:6a:0c:aa:bf:51:4a:c4:85:e4:
                    7b:8d:cd:86:11:f3:78:9c:b1:dd:d6:a8:00:68:d2:
                    5f:37:a3:ca:ad:6c:8f:5a:f4:6d:3f:7a:cb:ee:b6:
                    75:f4:60:c7:13:ac:08:bb:af:ea:32:4d:8e:f2:de:
                    45:4d:14:c7:08:75:b0:45:ef:3b:b3:f9:af:c7:cf:
                    d4:e7:88:3b:a7:9b:86:40:16:84:82:37:6b:c0:80:
                    3b:cf:2e:91:59:d7:82:ee:ec:dc:dc:41:63:86:16:
                    a8:ad:6c:c0:36:c4:3a:84:9b:85:a1:81:70:7f:70:
                    de:1b:07:01:b6:9e:fd:2f:2f:6e:0a:c0:95:04:89:
                    cd:0d:ee:45:40:03:61:bc:33:36:a8:7d:17:d0:a6:
                    4b:88:1c:47:63:4b:ea:ce:1c:ef:80:8f:72:d5:19:
                    04:45:4a:17:89:c4:35:a6:09:a8:12:67:72:bc:e6:
                    87:63:13:5b:ab:c7:36:50:1c:4c:a1:47:06:5d:60:
                    f8:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:27:39:EF:E9:D9:64:19:F6:BE:16:87:2D:CC:47:79:56:47:A1:34
            X509v3 Authority Key Identifier:
                keyid:A9:F9:40:AE:06:C3:2D:0A:CD:BF:32:1E:B9:CA:4A:0B:99:88:DC:81

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/79F564028EB529CDD82C025FC5AB4DC02E0CD3CEDCF996330523DAA5E253256D/0/A9F940AE06C32D0ACDBF321EB9CA4A0B9988DC81.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A9F940AE06C32D0ACDBF321EB9CA4A0B9988DC81.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/79F564028EB529CDD82C025FC5AB4DC02E0CD3CEDCF996330523DAA5E253256D/0/3137392e3138392e3232302e302f32332d3234203d3e20323732303238.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.189.220.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0a:16:ab:15:06:8d:d7:89:51:84:e2:e7:ed:ec:51:64:18:44:
         07:28:f6:93:3a:44:09:7e:1f:be:15:f0:0c:ae:62:32:46:ff:
         1d:9e:ca:26:7a:94:53:ea:34:e4:57:ff:b3:32:f1:02:22:6f:
         39:27:9b:5c:da:79:0c:d4:5b:64:07:d8:33:f7:35:7a:5b:b4:
         7a:09:0e:18:f1:b0:65:ad:01:02:c8:7d:fb:ec:b9:e0:c7:1b:
         90:db:9f:dc:22:0b:91:f7:9a:2e:dc:9a:48:3e:32:8c:5c:e5:
         42:48:d9:18:60:03:be:c6:2f:2e:9c:6d:56:e0:75:aa:f5:94:
         f6:0b:53:59:7f:d3:87:03:d1:4b:19:4d:d4:3e:09:22:68:32:
         89:28:10:2d:ce:a3:56:05:0b:4e:d9:aa:6c:68:26:55:2b:7e:
         76:50:16:2b:3e:24:ca:d7:9f:82:50:eb:3e:ba:d3:a7:4f:8a:
         5e:7e:a0:86:d9:49:09:e6:7c:ca:93:b1:32:84:34:1c:f4:68:
         b5:74:b3:7c:8d:31:70:e9:8a:2f:a0:93:d4:00:63:63:29:c7:
         0d:9a:bd:d1:5e:a5:f6:12:e4:c0:09:db:a9:4e:ce:00:2c:50:
         8f:0b:a3:97:2c:f0:3b:59:d7:ff:cf:0c:da:a5:fa:49:a4:3f:
         e4:4c:00:45
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUJQ2O/8TJm2TG7PtTskUIr9uQpjgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTlGOTQwQUUwNkMzMkQwQUNEQkYzMjFFQjlDQTRBMEI5
OTg4REM4MTAeFw0yNDAzMDUxODA3MTJaFw0yNTAzMDQxODEyMTJaMDMxMTAvBgNV
BAMTKDJCMjczOUVGRTlEOTY0MTlGNkJFMTY4NzJEQ0M0Nzc5NTY0N0ExMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcjBvZIkY/8//13wd9eslvfwlJ
cBcAnGeF5A7hV3IhqW1W3RhDoBEEAYCk7i/XijnjNz53J5RK1P333PZ5hKvm+2oM
qr9RSsSF5HuNzYYR83icsd3WqABo0l83o8qtbI9a9G0/esvutnX0YMcTrAi7r+oy
TY7y3kVNFMcIdbBF7zuz+a/Hz9TniDunm4ZAFoSCN2vAgDvPLpFZ14Lu7NzcQWOG
FqitbMA2xDqEm4WhgXB/cN4bBwG2nv0vL24KwJUEic0N7kVAA2G8MzaofRfQpkuI
HEdjS+rOHO+Aj3LVGQRFSheJxDWmCagSZ3K85odjE1urxzZQHEyhRwZdYPh9AgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUKyc57+nZZBn2vhaHLcxHeVZHoTQwHwYDVR0j
BBgwFoAUqflArgbDLQrNvzIeucpKC5mI3IEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83OUY1NjQwMjhFQjUyOUNERDgyQzAyNUZDNUFCNERDMDJF
MENEM0NFRENGOTk2MzMwNTIzREFBNUUyNTMyNTZELzAvQTlGOTQwQUUwNkMzMkQw
QUNEQkYzMjFFQjlDQTRBMEI5OTg4REM4MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BOUY5NDBBRTA2QzMyRDBBQ0RC
RjMyMUVCOUNBNEEwQjk5ODhEQzgxLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzlGNTY0MDI4RUI1MjlDREQ4MkMwMjVGQzVBQjREQzAyRTBDRDNDRURD
Rjk5NjMzMDUyM0RBQTVFMjUzMjU2RC8wLzMxMzczOTJlMzEzODM5MmUzMjMyMzAy
ZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjM3MzIzMDMyMzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGz
vdwwDQYJKoZIhvcNAQELBQADggEBAAoWqxUGjdeJUYTi5+3sUWQYRAco9pM6RAl+
H74V8AyuYjJG/x2eyiZ6lFPqNORX/7My8QIibzknm1zaeQzUW2QH2DP3NXpbtHoJ
DhjxsGWtAQLIffvsueDHG5Dbn9wiC5H3mi7cmkg+Moxc5UJI2RhgA77GLy6cbVbg
dar1lPYLU1l/04cD0UsZTdQ+CSJoMokoEC3Oo1YFC07ZqmxoJlUrfnZQFis+JMrX
n4JQ6z6606dPil5+oIbZSQnmfMqTsTKENBz0aLV0s3yNMXDpii+gk9QAY2Mpxw2a
vdFepfYS5MAJ26lOzgAsUI8Lo5cs8DtZ1//PDNql+kmkP+RMAEU=
-----END CERTIFICATE-----
Generated at Sat Nov 9 11:53:20 2024 by rpki-client on console-fra.rpki-client.org