Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8242AEDB377C5F1D98258FE4094FBF43D38725E4C14FBA584E1FDA9AAD5564B6/0/3139312e39372e38382e302f32312d3234203d3e20323633323132.roa
File:                     3139312e39372e38382e302f32312d3234203d3e20323633323132.roa (raw, json)
Hash identifier:          FqiP2pAaNjJCWX+B9W+jtKLfoEKEqWQFO/9wG4hpPWM=
Subject key identifier:   4C:DC:77:CC:A6:C2:3B:82:29:86:17:15:2D:6C:CF:95:A1:26:FA:3D
Certificate issuer:       /CN=AFBD0215C0EE827E1DDF72219656649845EB2918
Certificate serial:       17E548D40BD858F26F68E0DD38EA80C6F46BB1B7
Authority key identifier: AF:BD:02:15:C0:EE:82:7E:1D:DF:72:21:96:56:64:98:45:EB:29:18
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AFBD0215C0EE827E1DDF72219656649845EB2918.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8242AEDB377C5F1D98258FE4094FBF43D38725E4C14FBA584E1FDA9AAD5564B6/0/3139312e39372e38382e302f32312d3234203d3e20323633323132.roa
Signing time:             Tue 05 Mar 2024 18:12:17 +0000
ROA not before:           Tue 05 Mar 2024 18:07:17 +0000
ROA not after:            Tue 04 Mar 2025 18:12:17 +0000
asID:                     263212
IP address blocks:        191.97.88.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8242AEDB377C5F1D98258FE4094FBF43D38725E4C14FBA584E1FDA9AAD5564B6/0/AFBD0215C0EE827E1DDF72219656649845EB2918.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8242AEDB377C5F1D98258FE4094FBF43D38725E4C14FBA584E1FDA9AAD5564B6/0/AFBD0215C0EE827E1DDF72219656649845EB2918.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AFBD0215C0EE827E1DDF72219656649845EB2918.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 26 Nov 2024 22:33:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:e5:48:d4:0b:d8:58:f2:6f:68:e0:dd:38:ea:80:c6:f4:6b:b1:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFBD0215C0EE827E1DDF72219656649845EB2918
        Validity
            Not Before: Mar  5 18:07:17 2024 GMT
            Not After : Mar  4 18:12:17 2025 GMT
        Subject: CN=4CDC77CCA6C23B82298617152D6CCF95A126FA3D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:46:4d:28:9f:de:91:6d:c4:7c:d2:a5:92:bc:
                    dc:95:06:d3:c5:fd:3e:30:6f:64:bf:6b:af:69:a1:
                    42:6e:0b:e9:23:54:f1:93:91:02:73:b8:0a:d2:15:
                    45:aa:96:6b:8d:80:03:d9:92:3d:da:be:30:b6:db:
                    0e:68:f7:92:3b:aa:86:83:eb:d2:07:0d:dd:22:9b:
                    ee:a3:52:c1:4d:cb:eb:40:91:03:dc:11:9d:ab:8e:
                    8b:61:60:50:a6:f9:fa:25:ba:24:80:5e:af:52:4b:
                    7e:67:75:09:77:9c:22:26:8c:eb:20:4b:32:7c:3a:
                    77:1f:8a:31:6e:74:97:c6:1b:72:e6:e3:0d:9a:74:
                    41:3d:29:64:e0:e3:a5:dc:23:e9:21:03:8c:2b:6f:
                    73:9c:9f:2a:9f:16:5b:72:96:2c:41:03:6f:03:9c:
                    db:1b:4b:72:2d:fc:ac:4d:cd:cd:9b:43:dd:be:53:
                    86:d9:cb:31:f4:4f:af:02:42:f4:61:a8:11:a1:e7:
                    b2:1c:f2:1e:87:4c:90:53:9a:a8:65:c9:72:d0:0c:
                    da:25:fc:0f:0f:40:c8:15:bf:23:e5:89:50:18:9b:
                    02:3d:4a:46:38:cd:01:cb:2b:c6:46:d9:e0:7e:3a:
                    80:0b:f8:7a:04:99:16:6f:8d:8f:5e:29:09:7b:60:
                    b0:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:DC:77:CC:A6:C2:3B:82:29:86:17:15:2D:6C:CF:95:A1:26:FA:3D
            X509v3 Authority Key Identifier:
                keyid:AF:BD:02:15:C0:EE:82:7E:1D:DF:72:21:96:56:64:98:45:EB:29:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8242AEDB377C5F1D98258FE4094FBF43D38725E4C14FBA584E1FDA9AAD5564B6/0/AFBD0215C0EE827E1DDF72219656649845EB2918.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AFBD0215C0EE827E1DDF72219656649845EB2918.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8242AEDB377C5F1D98258FE4094FBF43D38725E4C14FBA584E1FDA9AAD5564B6/0/3139312e39372e38382e302f32312d3234203d3e20323633323132.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.97.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1a:9d:9c:80:70:6c:ec:e6:f4:64:b2:b1:7e:01:c9:4c:8b:98:
         8c:70:3a:00:d0:4e:e2:45:10:41:8d:12:18:2f:d1:2e:50:f9:
         5b:82:c4:6d:b7:1f:47:85:2b:50:6d:6c:30:a4:21:f4:d9:83:
         51:e8:89:ba:f2:6c:19:69:b2:a1:95:03:de:60:9b:10:2b:ca:
         02:a8:b9:61:e3:14:44:b1:42:9a:e1:4e:fa:95:c8:72:50:a4:
         e2:bc:8e:56:c3:b8:86:2e:e9:aa:55:fe:9f:93:93:b8:32:aa:
         39:86:80:e7:3f:42:03:5e:7c:f2:f0:20:ac:60:3f:47:9c:a1:
         ae:27:fe:95:dd:2f:e4:96:b0:f8:92:3a:0b:7c:ec:94:30:20:
         5b:7d:36:84:f2:26:26:ab:b3:61:02:44:1a:f2:bc:9e:57:b3:
         ef:3f:b3:88:c8:ce:9c:76:48:cd:d6:14:11:fd:fd:ca:58:58:
         21:d9:8a:87:c1:3c:d5:30:d7:79:0d:df:c7:9c:7f:5b:fc:c8:
         01:95:fb:eb:20:c0:12:9f:24:6e:a1:96:41:2b:bd:0c:68:04:
         b3:ed:ea:80:4b:93:13:f0:a6:59:3f:fd:f2:3f:e1:8c:61:e3:
         1a:6b:8c:34:69:3c:e8:ec:0a:71:dc:54:b3:c4:dd:12:0e:f1:
         66:11:fd:74
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUF+VI1AvYWPJvaODdOOqAxvRrsbcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUZCRDAyMTVDMEVFODI3RTFEREY3MjIxOTY1NjY0OTg0
NUVCMjkxODAeFw0yNDAzMDUxODA3MTdaFw0yNTAzMDQxODEyMTdaMDMxMTAvBgNV
BAMTKDRDREM3N0NDQTZDMjNCODIyOTg2MTcxNTJENkNDRjk1QTEyNkZBM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Rk0on96RbcR80qWSvNyVBtPF
/T4wb2S/a69poUJuC+kjVPGTkQJzuArSFUWqlmuNgAPZkj3avjC22w5o95I7qoaD
69IHDd0im+6jUsFNy+tAkQPcEZ2rjothYFCm+foluiSAXq9SS35ndQl3nCImjOsg
SzJ8OncfijFudJfGG3Lm4w2adEE9KWTg46XcI+khA4wrb3OcnyqfFltylixBA28D
nNsbS3It/KxNzc2bQ92+U4bZyzH0T68CQvRhqBGh57Ic8h6HTJBTmqhlyXLQDNol
/A8PQMgVvyPliVAYmwI9SkY4zQHLK8ZG2eB+OoAL+HoEmRZvjY9eKQl7YLAfAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUTNx3zKbCO4IphhcVLWzPlaEm+j0wHwYDVR0j
BBgwFoAUr70CFcDugn4d33IhllZkmEXrKRgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84MjQyQUVEQjM3N0M1RjFEOTgyNThGRTQwOTRGQkY0M0Qz
ODcyNUU0QzE0RkJBNTg0RTFGREE5QUFENTU2NEI2LzAvQUZCRDAyMTVDMEVFODI3
RTFEREY3MjIxOTY1NjY0OTg0NUVCMjkxOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BRkJEMDIxNUMwRUU4MjdFMURE
RjcyMjE5NjU2NjQ5ODQ1RUIyOTE4LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODI0MkFFREIzNzdDNUYxRDk4MjU4RkU0MDk0RkJGNDNEMzg3MjVFNEMx
NEZCQTU4NEUxRkRBOUFBRDU1NjRCNi8wLzMxMzkzMTJlMzkzNzJlMzgzODJlMzAy
ZjMyMzEyZDMyMzQyMDNkM2UyMDMyMzYzMzMyMzEzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA79hWDAN
BgkqhkiG9w0BAQsFAAOCAQEAGp2cgHBs7Ob0ZLKxfgHJTIuYjHA6ANBO4kUQQY0S
GC/RLlD5W4LEbbcfR4UrUG1sMKQh9NmDUeiJuvJsGWmyoZUD3mCbECvKAqi5YeMU
RLFCmuFO+pXIclCk4ryOVsO4hi7pqlX+n5OTuDKqOYaA5z9CA1588vAgrGA/R5yh
rif+ld0v5Jaw+JI6C3zslDAgW302hPImJquzYQJEGvK8nlez7z+ziMjOnHZIzdYU
Ef39ylhYIdmKh8E81TDXeQ3fx5x/W/zIAZX76yDAEp8kbqGWQSu9DGgEs+3qgEuT
E/CmWT/98j/hjGHjGmuMNGk86OwKcdxUs8TdEg7xZhH9dA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:30:04 2024 by rpki-client on console-fra.rpki-client.org