Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/83A255FCE12BB26D5E1202F7987362AF9551BFC5B0336BD0ED979FDAEBA20571/0/3137302e3233312e37362e302f32322d3234203d3e203237383333.roa
File:                     3137302e3233312e37362e302f32322d3234203d3e203237383333.roa (raw, json)
Hash identifier:          rK70yRzvZqCevB5sLFdmVMilEKn/JMdKcgqgaj8TOSc=
Subject key identifier:   97:4D:93:41:B9:E2:4B:C4:1C:AD:61:61:45:70:27:6D:5A:02:48:8E
Certificate issuer:       /CN=BB049027AED3847EFEF3E2D27C66FE9D520E44B1
Certificate serial:       76B2D377A313C93F1AF40155C25E0E094F9D5F9D
Authority key identifier: BB:04:90:27:AE:D3:84:7E:FE:F3:E2:D2:7C:66:FE:9D:52:0E:44:B1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BB049027AED3847EFEF3E2D27C66FE9D520E44B1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/83A255FCE12BB26D5E1202F7987362AF9551BFC5B0336BD0ED979FDAEBA20571/0/3137302e3233312e37362e302f32322d3234203d3e203237383333.roa
Signing time:             Tue 05 Mar 2024 17:40:22 +0000
ROA not before:           Tue 05 Mar 2024 17:35:22 +0000
ROA not after:            Tue 04 Mar 2025 17:40:22 +0000
asID:                     27833
IP address blocks:        170.231.76.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/83A255FCE12BB26D5E1202F7987362AF9551BFC5B0336BD0ED979FDAEBA20571/0/BB049027AED3847EFEF3E2D27C66FE9D520E44B1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/83A255FCE12BB26D5E1202F7987362AF9551BFC5B0336BD0ED979FDAEBA20571/0/BB049027AED3847EFEF3E2D27C66FE9D520E44B1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BB049027AED3847EFEF3E2D27C66FE9D520E44B1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:b2:d3:77:a3:13:c9:3f:1a:f4:01:55:c2:5e:0e:09:4f:9d:5f:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BB049027AED3847EFEF3E2D27C66FE9D520E44B1
        Validity
            Not Before: Mar  5 17:35:22 2024 GMT
            Not After : Mar  4 17:40:22 2025 GMT
        Subject: CN=974D9341B9E24BC41CAD61614570276D5A02488E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:84:a7:fc:b6:29:d8:1b:75:b8:50:1a:5a:f5:
                    b8:c8:5f:12:06:15:36:4f:ca:39:e8:69:35:e2:71:
                    25:75:e8:63:81:2a:7a:3d:88:f7:7c:2d:f0:6b:48:
                    e4:58:c2:09:e0:b8:e4:ea:63:18:05:14:a4:b0:31:
                    fd:63:e2:d4:08:be:ab:dd:2b:b0:24:03:10:f8:cd:
                    8b:55:b6:79:40:f3:2e:ea:95:dd:6a:25:26:b2:52:
                    4e:c0:de:e9:0a:a3:c1:ed:84:89:4b:82:b2:76:96:
                    da:51:08:82:44:fc:c6:e4:2d:6e:25:55:38:15:df:
                    a4:47:5f:65:24:c8:6e:34:d3:dd:89:e9:53:cd:ed:
                    05:75:67:ee:fb:f5:1a:c0:1f:c1:b8:37:03:9a:4d:
                    f3:71:e9:5f:36:07:52:3e:8a:ca:aa:6a:e4:72:7a:
                    fc:29:1d:08:92:e6:f9:24:4d:a2:c3:f9:47:74:a1:
                    e9:56:d9:8a:ec:c2:78:02:05:13:97:74:d6:e3:15:
                    0d:85:86:99:92:0b:65:fe:5f:51:2e:e0:3e:9c:26:
                    4f:c2:c7:b1:6f:8c:95:1d:94:27:e3:f6:b2:3a:5d:
                    3d:b9:cf:94:d5:35:e4:ff:c5:19:fc:cf:6e:d1:83:
                    65:c2:b2:b8:c7:af:ae:ee:15:c7:8b:09:9f:6b:84:
                    00:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:4D:93:41:B9:E2:4B:C4:1C:AD:61:61:45:70:27:6D:5A:02:48:8E
            X509v3 Authority Key Identifier:
                keyid:BB:04:90:27:AE:D3:84:7E:FE:F3:E2:D2:7C:66:FE:9D:52:0E:44:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/83A255FCE12BB26D5E1202F7987362AF9551BFC5B0336BD0ED979FDAEBA20571/0/BB049027AED3847EFEF3E2D27C66FE9D520E44B1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BB049027AED3847EFEF3E2D27C66FE9D520E44B1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/83A255FCE12BB26D5E1202F7987362AF9551BFC5B0336BD0ED979FDAEBA20571/0/3137302e3233312e37362e302f32322d3234203d3e203237383333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.231.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3d:ce:e9:6c:55:59:ba:71:a0:ac:ae:0a:43:b1:b9:2c:c4:ca:
         a2:38:19:9e:ea:4c:3b:74:a4:04:d1:26:f5:59:5f:e6:bb:9f:
         fa:4f:34:d8:28:d6:a1:59:39:7d:92:7e:e3:96:ed:1d:a9:1d:
         9a:c4:7d:bd:1f:fd:3e:1d:3c:10:ac:10:6f:31:c4:df:95:8f:
         32:71:3b:fc:d6:ee:47:86:18:d9:01:18:04:4b:11:27:da:32:
         39:bc:59:5e:1e:09:e9:30:33:ad:49:63:68:da:22:4b:7e:63:
         6d:0f:e8:45:b4:e9:63:90:ef:db:9a:03:7c:2e:f2:f0:23:d4:
         fc:3a:09:c5:fc:52:45:ea:c5:c9:4f:a1:a4:05:c0:b8:85:37:
         36:a4:80:f7:70:68:1d:78:4a:86:f2:c3:bd:6e:32:67:a4:20:
         19:7e:a7:e5:88:94:01:0d:e2:96:13:05:81:44:ae:e8:8a:14:
         b4:91:98:a3:15:26:db:0c:10:d7:20:1d:72:27:d8:55:a6:bc:
         66:ec:c5:44:55:53:1a:14:ac:44:24:3f:da:c6:84:1d:04:72:
         f8:c8:46:76:aa:9e:e7:51:6a:83:00:f8:d2:01:27:91:97:6d:
         aa:75:53:61:66:68:ed:83:6c:b8:bc:d5:01:73:f2:b3:bf:de:
         c9:9e:9a:f6
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUdrLTd6MTyT8a9AFVwl4OCU+dX50wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkIwNDkwMjdBRUQzODQ3RUZFRjNFMkQyN0M2NkZFOUQ1
MjBFNDRCMTAeFw0yNDAzMDUxNzM1MjJaFw0yNTAzMDQxNzQwMjJaMDMxMTAvBgNV
BAMTKDk3NEQ5MzQxQjlFMjRCQzQxQ0FENjE2MTQ1NzAyNzZENUEwMjQ4OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDahKf8tinYG3W4UBpa9bjIXxIG
FTZPyjnoaTXicSV16GOBKno9iPd8LfBrSORYwgnguOTqYxgFFKSwMf1j4tQIvqvd
K7AkAxD4zYtVtnlA8y7qld1qJSayUk7A3ukKo8HthIlLgrJ2ltpRCIJE/MbkLW4l
VTgV36RHX2UkyG40092J6VPN7QV1Z+779RrAH8G4NwOaTfNx6V82B1I+isqqauRy
evwpHQiS5vkkTaLD+Ud0oelW2YrswngCBROXdNbjFQ2FhpmSC2X+X1Eu4D6cJk/C
x7FvjJUdlCfj9rI6XT25z5TVNeT/xRn8z27Rg2XCsrjHr67uFceLCZ9rhADNAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUl02TQbniS8QcrWFhRXAnbVoCSI4wHwYDVR0j
BBgwFoAUuwSQJ67ThH7+8+LSfGb+nVIORLEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84M0EyNTVGQ0UxMkJCMjZENUUxMjAyRjc5ODczNjJBRjk1
NTFCRkM1QjAzMzZCRDBFRDk3OUZEQUVCQTIwNTcxLzAvQkIwNDkwMjdBRUQzODQ3
RUZFRjNFMkQyN0M2NkZFOUQ1MjBFNDRCMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CQjA0OTAyN0FFRDM4NDdFRkVG
M0UyRDI3QzY2RkU5RDUyMEU0NEIxLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODNBMjU1RkNFMTJCQjI2RDVFMTIwMkY3OTg3MzYyQUY5NTUxQkZDNUIw
MzM2QkQwRUQ5NzlGREFFQkEyMDU3MS8wLzMxMzczMDJlMzIzMzMxMmUzNzM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzM4MzMzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqrnTDAN
BgkqhkiG9w0BAQsFAAOCAQEAPc7pbFVZunGgrK4KQ7G5LMTKojgZnupMO3SkBNEm
9Vlf5ruf+k802CjWoVk5fZJ+45btHakdmsR9vR/9Ph08EKwQbzHE35WPMnE7/Nbu
R4YY2QEYBEsRJ9oyObxZXh4J6TAzrUljaNoiS35jbQ/oRbTpY5Dv25oDfC7y8CPU
/DoJxfxSRerFyU+hpAXAuIU3NqSA93BoHXhKhvLDvW4yZ6QgGX6n5YiUAQ3ilhMF
gUSu6IoUtJGYoxUm2wwQ1yAdcifYVaa8ZuzFRFVTGhSsRCQ/2saEHQRy+MhGdqqe
51FqgwD40gEnkZdtqnVTYWZo7YNsuLzVAXPys7/eyZ6a9g==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:38:02 2024 by rpki-client on console-ams.rpki-client.org