Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8144F5D010FF039B15D07B5E60DF16D7EE79D39BBBBE4AF9FAD68623663D2F89/0/3137302e3233312e3230342e302f32322d3234203d3e20323635383536.roa
File:                     3137302e3233312e3230342e302f32322d3234203d3e20323635383536.roa (raw, json)
Hash identifier:          rvqAyF1l7j4yIZiUevg68H1DKkAWRgcvVSv9Sjc0/UY=
Subject key identifier:   99:0E:02:07:B1:89:C2:DC:37:89:33:4F:D9:1B:9A:CB:E1:14:3B:B3
Certificate issuer:       /CN=81E2188947DD0D1730B8D31567606086CAC50E83
Certificate serial:       225F3ACB4E6C55FC7995E31FA229DB2477552B9C
Authority key identifier: 81:E2:18:89:47:DD:0D:17:30:B8:D3:15:67:60:60:86:CA:C5:0E:83
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/81E2188947DD0D1730B8D31567606086CAC50E83.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8144F5D010FF039B15D07B5E60DF16D7EE79D39BBBBE4AF9FAD68623663D2F89/0/3137302e3233312e3230342e302f32322d3234203d3e20323635383536.roa
Signing time:             Tue 05 Mar 2024 17:45:47 +0000
ROA not before:           Tue 05 Mar 2024 17:40:47 +0000
ROA not after:            Tue 04 Mar 2025 17:45:47 +0000
asID:                     265856
IP address blocks:        170.231.204.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8144F5D010FF039B15D07B5E60DF16D7EE79D39BBBBE4AF9FAD68623663D2F89/0/81E2188947DD0D1730B8D31567606086CAC50E83.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8144F5D010FF039B15D07B5E60DF16D7EE79D39BBBBE4AF9FAD68623663D2F89/0/81E2188947DD0D1730B8D31567606086CAC50E83.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/81E2188947DD0D1730B8D31567606086CAC50E83.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 26 Nov 2024 22:33:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:5f:3a:cb:4e:6c:55:fc:79:95:e3:1f:a2:29:db:24:77:55:2b:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81E2188947DD0D1730B8D31567606086CAC50E83
        Validity
            Not Before: Mar  5 17:40:47 2024 GMT
            Not After : Mar  4 17:45:47 2025 GMT
        Subject: CN=990E0207B189C2DC3789334FD91B9ACBE1143BB3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:49:39:9f:c7:c4:13:32:ff:05:4c:f8:64:55:
                    2c:2e:55:01:6d:fa:97:36:d4:ff:74:79:00:40:25:
                    92:1a:0f:6e:aa:cc:1c:12:73:b8:15:ed:93:62:dd:
                    fb:cb:56:e6:4c:5a:a9:bd:be:4c:58:48:3d:bf:fb:
                    7c:fc:3f:09:d0:90:41:e7:90:b7:d1:90:2d:02:ff:
                    90:ce:9d:ae:ad:de:fd:63:8f:56:0d:43:72:b4:37:
                    c1:13:d3:a9:f0:54:83:25:b7:97:f6:8a:07:23:77:
                    c8:22:f4:e5:74:03:ad:5e:2d:0d:28:dd:0f:37:21:
                    89:4b:e8:aa:8b:e9:e5:41:70:c8:71:91:d5:87:cc:
                    8b:a1:52:ae:22:67:d3:cd:40:99:f6:10:d9:37:60:
                    0b:8b:fc:ed:34:64:f2:e4:de:8d:07:89:35:3a:f4:
                    3b:b2:64:a0:45:f0:99:99:f3:58:ca:72:9e:34:de:
                    17:ed:e7:79:18:a4:b1:a8:dd:fe:a9:e6:74:f6:7a:
                    f0:fb:75:a6:2d:28:14:02:81:9f:c1:21:32:38:a7:
                    c7:6e:dd:3d:97:84:14:01:14:90:cd:8f:65:be:46:
                    03:4d:99:b9:81:30:e8:45:4d:fd:cf:ff:a7:9b:9e:
                    6a:b5:8d:31:2c:5c:f4:c8:8d:8d:69:96:8b:d8:36:
                    c7:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:0E:02:07:B1:89:C2:DC:37:89:33:4F:D9:1B:9A:CB:E1:14:3B:B3
            X509v3 Authority Key Identifier:
                keyid:81:E2:18:89:47:DD:0D:17:30:B8:D3:15:67:60:60:86:CA:C5:0E:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8144F5D010FF039B15D07B5E60DF16D7EE79D39BBBBE4AF9FAD68623663D2F89/0/81E2188947DD0D1730B8D31567606086CAC50E83.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/81E2188947DD0D1730B8D31567606086CAC50E83.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8144F5D010FF039B15D07B5E60DF16D7EE79D39BBBBE4AF9FAD68623663D2F89/0/3137302e3233312e3230342e302f32322d3234203d3e20323635383536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.231.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1b:b8:95:c8:6e:85:26:9f:86:d8:78:c8:8c:61:81:19:38:79:
         d1:c9:14:90:83:01:c6:7e:fa:65:ee:e4:4f:87:46:ea:f2:86:
         b6:3d:3d:ff:aa:8e:69:eb:e5:2a:36:4e:c0:61:f0:59:b5:b7:
         39:39:d7:bd:40:9a:41:99:2d:bf:5b:69:fa:a3:f4:a4:45:4d:
         8b:e3:1d:e4:f5:82:fb:4c:d2:6b:88:89:01:01:f0:61:83:27:
         47:86:5b:42:60:14:3d:d9:2c:d5:5e:65:0c:b4:c2:85:a6:e0:
         7d:9d:dd:c6:17:12:e6:eb:3b:c9:b2:7a:d0:f7:a6:aa:56:1b:
         08:36:4b:e7:cd:92:73:af:32:44:8d:84:11:46:7c:1a:f0:61:
         81:dc:04:11:2c:26:20:a2:57:c0:a0:c0:a2:4d:66:06:c2:c0:
         27:a3:e1:62:89:2b:fa:17:ea:78:b3:f2:52:8c:26:bb:2d:5a:
         f2:b1:91:22:85:db:28:6b:28:4c:01:e2:b8:e0:61:4d:ad:e0:
         1f:ac:ac:d5:30:2c:3b:16:ea:6a:b0:ec:e3:4d:6a:2b:88:56:
         43:ba:24:80:67:9d:0c:82:11:bb:3a:31:76:16:4c:63:e3:84:
         bb:58:86:07:95:8a:a4:a7:a8:61:22:b0:ed:5e:9c:96:3a:be:
         a2:92:f3:ff
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUIl86y05sVfx5leMfoinbJHdVK5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODFFMjE4ODk0N0REMEQxNzMwQjhEMzE1Njc2MDYwODZD
QUM1MEU4MzAeFw0yNDAzMDUxNzQwNDdaFw0yNTAzMDQxNzQ1NDdaMDMxMTAvBgNV
BAMTKDk5MEUwMjA3QjE4OUMyREMzNzg5MzM0RkQ5MUI5QUNCRTExNDNCQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjSTmfx8QTMv8FTPhkVSwuVQFt
+pc21P90eQBAJZIaD26qzBwSc7gV7ZNi3fvLVuZMWqm9vkxYSD2/+3z8PwnQkEHn
kLfRkC0C/5DOna6t3v1jj1YNQ3K0N8ET06nwVIMlt5f2igcjd8gi9OV0A61eLQ0o
3Q83IYlL6KqL6eVBcMhxkdWHzIuhUq4iZ9PNQJn2ENk3YAuL/O00ZPLk3o0HiTU6
9DuyZKBF8JmZ81jKcp403hft53kYpLGo3f6p5nT2evD7daYtKBQCgZ/BITI4p8du
3T2XhBQBFJDNj2W+RgNNmbmBMOhFTf3P/6ebnmq1jTEsXPTIjY1plovYNsf1AgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUmQ4CB7GJwtw3iTNP2Ruay+EUO7MwHwYDVR0j
BBgwFoAUgeIYiUfdDRcwuNMVZ2BghsrFDoMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84MTQ0RjVEMDEwRkYwMzlCMTVEMDdCNUU2MERGMTZEN0VF
NzlEMzlCQkJCRTRBRjlGQUQ2ODYyMzY2M0QyRjg5LzAvODFFMjE4ODk0N0REMEQx
NzMwQjhEMzE1Njc2MDYwODZDQUM1MEU4My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84MUUyMTg4OTQ3REQwRDE3MzBC
OEQzMTU2NzYwNjA4NkNBQzUwRTgzLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODE0NEY1RDAxMEZGMDM5QjE1RDA3QjVFNjBERjE2RDdFRTc5RDM5QkJC
QkU0QUY5RkFENjg2MjM2NjNEMkY4OS8wLzMxMzczMDJlMzIzMzMxMmUzMjMwMzQy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzUzODM1MzYucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKq
58wwDQYJKoZIhvcNAQELBQADggEBABu4lchuhSafhth4yIxhgRk4edHJFJCDAcZ+
+mXu5E+HRuryhrY9Pf+qjmnr5So2TsBh8Fm1tzk5171AmkGZLb9bafqj9KRFTYvj
HeT1gvtM0muIiQEB8GGDJ0eGW0JgFD3ZLNVeZQy0woWm4H2d3cYXEubrO8myetD3
pqpWGwg2S+fNknOvMkSNhBFGfBrwYYHcBBEsJiCiV8CgwKJNZgbCwCej4WKJK/oX
6niz8lKMJrstWvKxkSKF2yhrKEwB4rjgYU2t4B+srNUwLDsW6mqw7ONNaiuIVkO6
JIBnnQyCEbs6MXYWTGPjhLtYhgeViqSnqGEisO1enJY6vqKS8/8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:30:04 2024 by rpki-client on console-fra.rpki-client.org