Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/84380F178E7F2128D1EC239DFDB18C666D849AAB8B7E0960A9BE139A9D98812F/0/3133382e3138362e362e302f32332d3234203d3e20323732383734.roa
File:                     3133382e3138362e362e302f32332d3234203d3e20323732383734.roa (raw, json)
Hash identifier:          ZelTJ71S4Ln0lKBe7A+VgEYbD/J6hfJrixYveFUp5oM=
Subject key identifier:   02:BC:7C:D0:55:87:7A:20:47:FA:E0:89:A9:AB:25:B6:AE:25:9E:C3
Certificate issuer:       /CN=84445FEE22581E9527451A2023AA1565199DA88D
Certificate serial:       035100C9FFE73FECBFD8CD1ED07461F228FFC941
Authority key identifier: 84:44:5F:EE:22:58:1E:95:27:45:1A:20:23:AA:15:65:19:9D:A8:8D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/84445FEE22581E9527451A2023AA1565199DA88D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/84380F178E7F2128D1EC239DFDB18C666D849AAB8B7E0960A9BE139A9D98812F/0/3133382e3138362e362e302f32332d3234203d3e20323732383734.roa
Signing time:             Tue 05 Mar 2024 18:01:06 +0000
ROA not before:           Tue 05 Mar 2024 17:56:06 +0000
ROA not after:            Tue 04 Mar 2025 18:01:06 +0000
asID:                     272874
IP address blocks:        138.186.6.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/84380F178E7F2128D1EC239DFDB18C666D849AAB8B7E0960A9BE139A9D98812F/0/84445FEE22581E9527451A2023AA1565199DA88D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/84380F178E7F2128D1EC239DFDB18C666D849AAB8B7E0960A9BE139A9D98812F/0/84445FEE22581E9527451A2023AA1565199DA88D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/84445FEE22581E9527451A2023AA1565199DA88D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 28 Jul 2024 16:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:51:00:c9:ff:e7:3f:ec:bf:d8:cd:1e:d0:74:61:f2:28:ff:c9:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84445FEE22581E9527451A2023AA1565199DA88D
        Validity
            Not Before: Mar  5 17:56:06 2024 GMT
            Not After : Mar  4 18:01:06 2025 GMT
        Subject: CN=02BC7CD055877A2047FAE089A9AB25B6AE259EC3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:7e:f8:8c:23:72:6f:51:37:7f:6d:9d:4f:89:
                    33:a6:ba:78:7f:25:52:a7:c2:c8:40:aa:13:fd:85:
                    0b:ed:27:a1:63:40:58:6f:57:9e:43:f9:ed:54:36:
                    9a:5a:47:9b:c7:9f:a5:d6:bf:b4:76:25:c2:04:e9:
                    5b:f2:25:02:45:11:20:f5:f8:eb:c2:6d:1f:b0:0c:
                    f2:7e:3a:f5:f1:d2:e3:11:d1:de:c1:19:ec:a9:a1:
                    38:a3:6e:fa:9a:fb:21:e6:61:8f:5e:15:a7:d8:c5:
                    bd:28:3e:c7:7e:a9:fd:3e:00:7e:92:e5:5e:4c:7d:
                    7b:6b:1e:98:4e:13:97:4f:16:95:a1:6e:8d:ca:84:
                    6c:5b:02:47:f8:30:04:cc:40:d4:ab:38:f6:5a:6b:
                    c0:71:f6:2b:78:dc:12:ca:89:df:8e:50:eb:df:36:
                    1f:e2:e3:f1:cd:fa:7d:a3:3b:26:52:df:c1:55:8a:
                    a3:9d:b1:85:81:7f:ae:7c:b2:fa:97:cc:98:d9:b6:
                    ae:57:8e:90:4a:85:32:d7:dc:98:0a:ee:21:ce:93:
                    41:cf:5e:d7:65:d3:d9:07:30:e6:88:45:ac:c7:25:
                    c3:f0:e2:08:c6:1c:ff:b2:cb:f8:1f:11:da:42:77:
                    68:aa:5d:59:5f:ec:3f:bf:8b:b2:a8:53:b9:10:2c:
                    b2:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:BC:7C:D0:55:87:7A:20:47:FA:E0:89:A9:AB:25:B6:AE:25:9E:C3
            X509v3 Authority Key Identifier:
                keyid:84:44:5F:EE:22:58:1E:95:27:45:1A:20:23:AA:15:65:19:9D:A8:8D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/84380F178E7F2128D1EC239DFDB18C666D849AAB8B7E0960A9BE139A9D98812F/0/84445FEE22581E9527451A2023AA1565199DA88D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/84445FEE22581E9527451A2023AA1565199DA88D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/84380F178E7F2128D1EC239DFDB18C666D849AAB8B7E0960A9BE139A9D98812F/0/3133382e3138362e362e302f32332d3234203d3e20323732383734.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.186.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0a:7e:8a:5e:d7:aa:94:6a:bb:0c:88:73:2f:e9:e4:d8:a2:e9:
         1f:30:63:96:b2:38:7f:75:2b:c5:51:c7:d1:03:7f:0e:2f:31:
         23:8b:64:c8:db:87:eb:fc:08:46:96:82:df:63:bc:38:ff:ea:
         dd:c6:20:7c:c4:af:f3:66:01:7b:48:3d:9a:c4:be:94:ac:f2:
         a6:40:82:a1:e8:32:69:c7:d3:4a:9d:b8:36:f1:c9:d9:4c:56:
         03:34:98:1f:ff:f7:44:17:31:65:83:1e:fb:4e:a3:c5:fc:e8:
         5e:c1:27:9f:68:2d:b2:31:bc:34:ac:4a:00:89:9c:f4:ac:f5:
         ee:83:c7:6e:b0:99:ff:6c:d7:f6:21:1b:55:3b:78:dd:8c:4b:
         82:55:fc:7e:7e:f2:ec:8b:45:95:6b:05:89:e1:53:1d:15:dc:
         26:db:5f:55:cb:dc:ae:af:10:16:57:b2:49:28:79:cd:5b:2e:
         aa:9f:8a:15:d9:08:aa:7a:da:61:0e:15:67:00:fd:52:96:eb:
         e4:e7:de:07:ac:64:be:7d:26:a6:38:93:33:26:f3:ab:52:51:
         39:c0:88:7f:d9:22:44:8c:e2:87:89:96:62:c1:41:98:34:bc:
         a5:88:f8:6b:22:8d:56:08:f2:80:a8:43:77:65:0b:40:9d:c3:
         72:66:72:6d
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUA1EAyf/nP+y/2M0e0HRh8ij/yUEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ0NDVGRUUyMjU4MUU5NTI3NDUxQTIwMjNBQTE1NjUx
OTlEQTg4RDAeFw0yNDAzMDUxNzU2MDZaFw0yNTAzMDQxODAxMDZaMDMxMTAvBgNV
BAMTKDAyQkM3Q0QwNTU4NzdBMjA0N0ZBRTA4OUE5QUIyNUI2QUUyNTlFQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqfviMI3JvUTd/bZ1PiTOmunh/
JVKnwshAqhP9hQvtJ6FjQFhvV55D+e1UNppaR5vHn6XWv7R2JcIE6VvyJQJFESD1
+OvCbR+wDPJ+OvXx0uMR0d7BGeypoTijbvqa+yHmYY9eFafYxb0oPsd+qf0+AH6S
5V5MfXtrHphOE5dPFpWhbo3KhGxbAkf4MATMQNSrOPZaa8Bx9it43BLKid+OUOvf
Nh/i4/HN+n2jOyZS38FViqOdsYWBf658svqXzJjZtq5XjpBKhTLX3JgK7iHOk0HP
Xtdl09kHMOaIRazHJcPw4gjGHP+yy/gfEdpCd2iqXVlf7D+/i7KoU7kQLLI9AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUArx80FWHeiBH+uCJqasltq4lnsMwHwYDVR0j
BBgwFoAUhERf7iJYHpUnRRogI6oVZRmdqI0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84NDM4MEYxNzhFN0YyMTI4RDFFQzIzOURGREIxOEM2NjZE
ODQ5QUFCOEI3RTA5NjBBOUJFMTM5QTlEOTg4MTJGLzAvODQ0NDVGRUUyMjU4MUU5
NTI3NDUxQTIwMjNBQTE1NjUxOTlEQTg4RC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NDQ0NUZFRTIyNTgxRTk1Mjc0
NTFBMjAyM0FBMTU2NTE5OURBODhELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODQzODBGMTc4RTdGMjEyOEQxRUMyMzlERkRCMThDNjY2RDg0OUFBQjhC
N0UwOTYwQTlCRTEzOUE5RDk4ODEyRi8wLzMxMzMzODJlMzEzODM2MmUzNjJlMzAy
ZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzczMjM4MzczNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAYq6BjAN
BgkqhkiG9w0BAQsFAAOCAQEACn6KXteqlGq7DIhzL+nk2KLpHzBjlrI4f3UrxVHH
0QN/Di8xI4tkyNuH6/wIRpaC32O8OP/q3cYgfMSv82YBe0g9msS+lKzypkCCoegy
acfTSp24NvHJ2UxWAzSYH//3RBcxZYMe+06jxfzoXsEnn2gtsjG8NKxKAImc9Kz1
7oPHbrCZ/2zX9iEbVTt43YxLglX8fn7y7ItFlWsFieFTHRXcJttfVcvcrq8QFley
SSh5zVsuqp+KFdkIqnraYQ4VZwD9Upbr5OfeB6xkvn0mpjiTMybzq1JROcCIf9ki
RIzih4mWYsFBmDS8pYj4ayKNVgjygKhDd2ULQJ3DcmZybQ==
-----END CERTIFICATE-----
Generated at Tue Jul 23 20:42:21 2024 by rpki-client on console-fra.rpki-client.org