Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/83809FE0D97C80F8740EAD84EE758AA0C569B069AE6B49A656770F885F95DD08/0/3230312e3137342e3130362e302f32342d3234203d3e203330313637.roa
File:                     3230312e3137342e3130362e302f32342d3234203d3e203330313637.roa (raw, json)
Hash identifier:          YiiKv7lcDl8EESBJHBmmPp6P/TlevuTs+MpIHbAWvGY=
Subject key identifier:   2B:63:57:67:A8:8C:D2:89:6F:58:C4:11:2F:C9:E5:DE:61:66:E3:F5
Certificate issuer:       /CN=0D01CF02784E73C34A5AF36C6029E9464A070D38
Certificate serial:       35376FC7DB36F7F80C4D74CDE7F4A5DB2C419F56
Authority key identifier: 0D:01:CF:02:78:4E:73:C3:4A:5A:F3:6C:60:29:E9:46:4A:07:0D:38
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D01CF02784E73C34A5AF36C6029E9464A070D38.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/83809FE0D97C80F8740EAD84EE758AA0C569B069AE6B49A656770F885F95DD08/0/3230312e3137342e3130362e302f32342d3234203d3e203330313637.roa
Signing time:             Tue 05 Mar 2024 18:17:48 +0000
ROA not before:           Tue 05 Mar 2024 18:12:48 +0000
ROA not after:            Tue 04 Mar 2025 18:17:48 +0000
asID:                     30167
IP address blocks:        201.174.106.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/83809FE0D97C80F8740EAD84EE758AA0C569B069AE6B49A656770F885F95DD08/0/0D01CF02784E73C34A5AF36C6029E9464A070D38.crl
                          rsync://repository.lacnic.net/rpki/lacnic/83809FE0D97C80F8740EAD84EE758AA0C569B069AE6B49A656770F885F95DD08/0/0D01CF02784E73C34A5AF36C6029E9464A070D38.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D01CF02784E73C34A5AF36C6029E9464A070D38.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 06:05:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:37:6f:c7:db:36:f7:f8:0c:4d:74:cd:e7:f4:a5:db:2c:41:9f:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0D01CF02784E73C34A5AF36C6029E9464A070D38
        Validity
            Not Before: Mar  5 18:12:48 2024 GMT
            Not After : Mar  4 18:17:48 2025 GMT
        Subject: CN=2B635767A88CD2896F58C4112FC9E5DE6166E3F5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:ac:ea:31:16:65:70:5d:94:d6:f4:84:57:33:
                    6d:eb:16:1e:3e:13:04:d7:c3:6c:f7:a3:53:fa:5b:
                    56:7a:11:e7:11:7b:a8:0f:9f:11:d7:9a:06:27:a5:
                    33:eb:09:e5:2d:6d:bd:0f:1a:9c:9a:24:96:8d:9c:
                    47:ab:8f:8c:81:c0:bb:5a:b7:b4:ad:89:1f:e9:b6:
                    ce:56:54:1f:d3:a1:82:a6:c4:3b:4b:f2:1c:d4:b8:
                    48:21:dd:e7:87:9f:2e:4b:21:fc:45:65:d4:46:5c:
                    a2:de:64:87:ad:9e:18:e1:c7:00:b5:02:10:7b:75:
                    96:2c:6b:b4:f2:44:5e:77:40:1d:01:1a:c3:34:01:
                    53:fb:05:85:d0:cb:a6:c1:b4:2d:e1:0e:b8:d9:fb:
                    eb:a0:4e:67:2b:51:27:b1:6b:f9:6e:d8:5d:a3:e3:
                    f7:37:cc:0d:d5:9a:80:d2:5b:dd:98:72:57:0d:25:
                    37:0f:81:c4:1b:19:46:d4:3f:92:d9:e4:d7:e1:60:
                    39:13:51:4f:52:d5:de:9d:da:8f:aa:fe:fc:95:22:
                    c6:09:5a:7b:59:69:8e:ec:a2:44:b5:1e:2e:be:65:
                    c5:27:ae:76:86:74:94:f0:1f:b5:6e:7c:74:79:69:
                    ce:8b:e2:fc:a4:46:fc:96:bb:c2:36:64:27:11:aa:
                    ca:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:63:57:67:A8:8C:D2:89:6F:58:C4:11:2F:C9:E5:DE:61:66:E3:F5
            X509v3 Authority Key Identifier:
                keyid:0D:01:CF:02:78:4E:73:C3:4A:5A:F3:6C:60:29:E9:46:4A:07:0D:38

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/83809FE0D97C80F8740EAD84EE758AA0C569B069AE6B49A656770F885F95DD08/0/0D01CF02784E73C34A5AF36C6029E9464A070D38.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D01CF02784E73C34A5AF36C6029E9464A070D38.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/83809FE0D97C80F8740EAD84EE758AA0C569B069AE6B49A656770F885F95DD08/0/3230312e3137342e3130362e302f32342d3234203d3e203330313637.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.174.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:4f:06:de:04:93:1b:f9:15:10:38:5e:45:25:fe:f1:6e:90:
         3c:07:8a:9e:bd:53:f5:a2:b7:76:d5:b0:f1:e4:3d:c0:0d:ef:
         d4:e1:f7:0c:78:95:f7:e1:9e:9e:6c:26:32:73:09:aa:bd:cc:
         0a:57:c8:72:81:37:46:0e:e1:52:d9:d9:a6:fa:69:47:57:fe:
         d6:33:08:44:cb:6b:3d:23:6c:4b:58:05:6f:7f:2c:c5:a5:db:
         b2:e2:3e:52:2f:1c:f3:2d:93:76:12:0d:87:05:e2:07:c7:f6:
         bd:a8:4b:90:6d:88:1b:18:73:c2:c5:87:f0:62:20:b7:d1:fb:
         00:b5:dd:7c:22:09:d8:de:8e:01:22:d1:81:f4:27:c6:3c:f0:
         95:b6:ef:a6:5c:3d:a5:56:d6:a3:ef:a9:78:c1:49:56:de:0b:
         92:c9:43:8e:8e:e6:d7:6a:4a:d4:a4:6b:4a:85:f5:e6:00:0c:
         28:ca:8b:e2:91:93:23:33:9f:92:de:2c:74:83:a2:17:a3:6d:
         cd:53:b7:d9:4d:b1:87:93:e6:f5:6e:98:a2:1d:2b:e4:1b:81:
         10:f4:98:dd:d9:6d:5e:27:b9:cd:a4:92:d1:cc:54:50:e5:83:
         e9:25:27:c1:9f:83:34:82:06:02:80:0c:e0:d5:4e:ea:70:b7:
         ac:e6:15:3f
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUNTdvx9s29/gMTXTN5/Sl2yxBn1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEQwMUNGMDI3ODRFNzNDMzRBNUFGMzZDNjAyOUU5NDY0
QTA3MEQzODAeFw0yNDAzMDUxODEyNDhaFw0yNTAzMDQxODE3NDhaMDMxMTAvBgNV
BAMTKDJCNjM1NzY3QTg4Q0QyODk2RjU4QzQxMTJGQzlFNURFNjE2NkUzRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTrOoxFmVwXZTW9IRXM23rFh4+
EwTXw2z3o1P6W1Z6EecRe6gPnxHXmgYnpTPrCeUtbb0PGpyaJJaNnEerj4yBwLta
t7StiR/pts5WVB/ToYKmxDtL8hzUuEgh3eeHny5LIfxFZdRGXKLeZIetnhjhxwC1
AhB7dZYsa7TyRF53QB0BGsM0AVP7BYXQy6bBtC3hDrjZ++ugTmcrUSexa/lu2F2j
4/c3zA3VmoDSW92YclcNJTcPgcQbGUbUP5LZ5NfhYDkTUU9S1d6d2o+q/vyVIsYJ
WntZaY7sokS1Hi6+ZcUnrnaGdJTwH7VufHR5ac6L4vykRvyWu8I2ZCcRqsr9AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUK2NXZ6iM0olvWMQRL8nl3mFm4/UwHwYDVR0j
BBgwFoAUDQHPAnhOc8NKWvNsYCnpRkoHDTgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84MzgwOUZFMEQ5N0M4MEY4NzQwRUFEODRFRTc1OEFBMEM1
NjlCMDY5QUU2QjQ5QTY1Njc3MEY4ODVGOTVERDA4LzAvMEQwMUNGMDI3ODRFNzND
MzRBNUFGMzZDNjAyOUU5NDY0QTA3MEQzOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wRDAxQ0YwMjc4NEU3M0MzNEE1
QUYzNkM2MDI5RTk0NjRBMDcwRDM4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODM4MDlGRTBEOTdDODBGODc0MEVBRDg0RUU3NThBQTBDNTY5QjA2OUFF
NkI0OUE2NTY3NzBGODg1Rjk1REQwOC8wLzMyMzAzMTJlMzEzNzM0MmUzMTMwMzYy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMwMzEzNjM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAya5q
MA0GCSqGSIb3DQEBCwUAA4IBAQCaTwbeBJMb+RUQOF5FJf7xbpA8B4qevVP1ord2
1bDx5D3ADe/U4fcMeJX34Z6ebCYycwmqvcwKV8hygTdGDuFS2dmm+mlHV/7WMwhE
y2s9I2xLWAVvfyzFpduy4j5SLxzzLZN2Eg2HBeIHx/a9qEuQbYgbGHPCxYfwYiC3
0fsAtd18IgnY3o4BItGB9CfGPPCVtu+mXD2lVtaj76l4wUlW3guSyUOOjubXakrU
pGtKhfXmAAwoyovikZMjM5+S3ix0g6IXo23NU7fZTbGHk+b1bpiiHSvkG4EQ9Jjd
2W1eJ7nNpJLRzFRQ5YPpJSfBn4M0ggYCgAzg1U7qcLes5hU/
-----END CERTIFICATE-----
Generated at Sun Nov 24 04:28:54 2024 by rpki-client on console-fra.rpki-client.org