Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/84380F178E7F2128D1EC239DFDB18C666D849AAB8B7E0960A9BE139A9D98812F/0/3137302e3234372e3231322e302f32322d3234203d3e20323634363630.roa
File:                     3137302e3234372e3231322e302f32322d3234203d3e20323634363630.roa (raw, json)
Hash identifier:          hMVJJRt4iT6zVTG08gckwyiWQc8pVqClxCNbIEfw9TQ=
Subject key identifier:   13:24:18:48:63:8B:3F:86:A5:09:DC:76:BB:9B:2B:68:D3:6C:2A:6D
Certificate issuer:       /CN=84445FEE22581E9527451A2023AA1565199DA88D
Certificate serial:       171B3B6B1DF8E267529B5027BDB064413E07B531
Authority key identifier: 84:44:5F:EE:22:58:1E:95:27:45:1A:20:23:AA:15:65:19:9D:A8:8D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/84445FEE22581E9527451A2023AA1565199DA88D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/84380F178E7F2128D1EC239DFDB18C666D849AAB8B7E0960A9BE139A9D98812F/0/3137302e3234372e3231322e302f32322d3234203d3e20323634363630.roa
Signing time:             Tue 05 Mar 2024 18:01:06 +0000
ROA not before:           Tue 05 Mar 2024 17:56:06 +0000
ROA not after:            Tue 04 Mar 2025 18:01:06 +0000
asID:                     264660
IP address blocks:        170.247.212.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/84380F178E7F2128D1EC239DFDB18C666D849AAB8B7E0960A9BE139A9D98812F/0/84445FEE22581E9527451A2023AA1565199DA88D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/84380F178E7F2128D1EC239DFDB18C666D849AAB8B7E0960A9BE139A9D98812F/0/84445FEE22581E9527451A2023AA1565199DA88D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/84445FEE22581E9527451A2023AA1565199DA88D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Dec 2024 18:28:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:1b:3b:6b:1d:f8:e2:67:52:9b:50:27:bd:b0:64:41:3e:07:b5:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84445FEE22581E9527451A2023AA1565199DA88D
        Validity
            Not Before: Mar  5 17:56:06 2024 GMT
            Not After : Mar  4 18:01:06 2025 GMT
        Subject: CN=13241848638B3F86A509DC76BB9B2B68D36C2A6D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f7:6c:c3:36:16:62:98:0e:a4:b3:90:3b:75:
                    e9:20:0f:e4:d4:b7:89:4a:ad:88:46:fc:36:e5:e7:
                    a8:eb:9d:fb:0e:a5:fa:6c:88:4c:12:21:5a:fa:ea:
                    c5:bb:ae:fe:22:9e:4d:51:c3:95:ad:94:c1:c2:ad:
                    fb:44:aa:fe:7b:19:d0:a6:ae:8d:dc:31:d2:c6:09:
                    a3:b0:b7:36:cc:4a:00:ea:c5:a8:2a:a7:2b:d7:a3:
                    bf:54:c2:1c:c6:93:f4:60:74:a7:ec:3a:11:57:b7:
                    e9:25:51:48:8d:28:4b:31:2a:5f:d4:e7:03:4a:77:
                    35:73:42:4f:7a:cb:96:2b:47:ac:35:f6:38:e1:f3:
                    6d:a5:1f:ba:23:90:40:dc:da:b1:4e:99:96:3d:e0:
                    bf:97:b4:e4:d6:18:64:ae:af:0b:48:66:e6:da:60:
                    d2:50:47:dc:4d:ed:32:7a:da:dd:27:7d:ff:0d:89:
                    2a:2f:2b:20:1b:77:dc:8c:05:23:83:4d:06:3e:52:
                    ce:b3:a0:de:89:42:09:5c:56:cb:07:2c:77:13:f1:
                    cb:c4:af:7c:1f:42:1c:d1:c8:bf:95:d0:a1:c6:00:
                    02:44:2b:41:d7:eb:79:e0:f7:4e:8f:a9:9e:07:4b:
                    10:c1:6e:0f:71:22:b8:74:2b:dd:25:37:ac:5a:13:
                    81:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:24:18:48:63:8B:3F:86:A5:09:DC:76:BB:9B:2B:68:D3:6C:2A:6D
            X509v3 Authority Key Identifier:
                keyid:84:44:5F:EE:22:58:1E:95:27:45:1A:20:23:AA:15:65:19:9D:A8:8D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/84380F178E7F2128D1EC239DFDB18C666D849AAB8B7E0960A9BE139A9D98812F/0/84445FEE22581E9527451A2023AA1565199DA88D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/84445FEE22581E9527451A2023AA1565199DA88D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/84380F178E7F2128D1EC239DFDB18C666D849AAB8B7E0960A9BE139A9D98812F/0/3137302e3234372e3231322e302f32322d3234203d3e20323634363630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.247.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:f8:2e:7e:97:51:0d:bb:c0:e7:7e:79:03:ed:13:7b:a6:b9:
         e6:38:1b:3f:3e:b8:13:b0:d2:2f:2a:85:62:79:7e:37:6f:9e:
         b9:ce:ee:3c:55:6e:04:01:ab:b2:8b:57:95:43:a0:da:50:b8:
         65:4a:f6:9a:42:96:03:17:14:50:ba:0e:c7:57:17:61:bb:b6:
         81:0f:d4:87:9a:55:e5:c1:26:18:5e:b1:d0:73:ca:5a:52:b9:
         dc:26:63:7f:23:b0:de:cf:ee:7b:9e:76:73:00:c9:7a:8d:b1:
         52:4d:c0:19:07:0c:cc:19:75:15:80:b7:fc:41:47:66:4a:e7:
         de:1b:16:d4:64:8b:d5:bf:6e:1a:90:e1:ea:6d:3e:ff:4b:02:
         76:97:a6:2c:b8:ff:43:0d:71:bb:38:22:c3:6b:43:0d:aa:21:
         33:b4:21:ec:ac:a0:ae:86:28:a3:3d:d2:cc:43:c5:6d:23:2d:
         59:db:05:6e:a4:45:67:b4:25:6f:b3:7f:b4:24:c1:6b:84:93:
         56:88:cc:bd:63:9a:d0:6c:cb:69:ff:ae:25:c7:08:68:62:01:
         2a:48:ea:3d:40:5e:29:02:22:28:3d:52:2e:d1:13:23:02:c1:
         57:70:fa:47:95:b0:42:7c:27:05:7d:3f:ee:70:22:9e:fc:be:
         33:85:fb:4d
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUFxs7ax344mdSm1AnvbBkQT4HtTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ0NDVGRUUyMjU4MUU5NTI3NDUxQTIwMjNBQTE1NjUx
OTlEQTg4RDAeFw0yNDAzMDUxNzU2MDZaFw0yNTAzMDQxODAxMDZaMDMxMTAvBgNV
BAMTKDEzMjQxODQ4NjM4QjNGODZBNTA5REM3NkJCOUIyQjY4RDM2QzJBNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx92zDNhZimA6ks5A7dekgD+TU
t4lKrYhG/Dbl56jrnfsOpfpsiEwSIVr66sW7rv4ink1Rw5WtlMHCrftEqv57GdCm
ro3cMdLGCaOwtzbMSgDqxagqpyvXo79UwhzGk/RgdKfsOhFXt+klUUiNKEsxKl/U
5wNKdzVzQk96y5YrR6w19jjh822lH7ojkEDc2rFOmZY94L+XtOTWGGSurwtIZuba
YNJQR9xN7TJ62t0nff8NiSovKyAbd9yMBSODTQY+Us6zoN6JQglcVssHLHcT8cvE
r3wfQhzRyL+V0KHGAAJEK0HX63ng906PqZ4HSxDBbg9xIrh0K90lN6xaE4FVAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUEyQYSGOLP4alCdx2u5sraNNsKm0wHwYDVR0j
BBgwFoAUhERf7iJYHpUnRRogI6oVZRmdqI0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84NDM4MEYxNzhFN0YyMTI4RDFFQzIzOURGREIxOEM2NjZE
ODQ5QUFCOEI3RTA5NjBBOUJFMTM5QTlEOTg4MTJGLzAvODQ0NDVGRUUyMjU4MUU5
NTI3NDUxQTIwMjNBQTE1NjUxOTlEQTg4RC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NDQ0NUZFRTIyNTgxRTk1Mjc0
NTFBMjAyM0FBMTU2NTE5OURBODhELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODQzODBGMTc4RTdGMjEyOEQxRUMyMzlERkRCMThDNjY2RDg0OUFBQjhC
N0UwOTYwQTlCRTEzOUE5RDk4ODEyRi8wLzMxMzczMDJlMzIzNDM3MmUzMjMxMzIy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzQzNjM2MzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKq
99QwDQYJKoZIhvcNAQELBQADggEBAGr4Ln6XUQ27wOd+eQPtE3umueY4Gz8+uBOw
0i8qhWJ5fjdvnrnO7jxVbgQBq7KLV5VDoNpQuGVK9ppClgMXFFC6DsdXF2G7toEP
1IeaVeXBJhhesdBzylpSudwmY38jsN7P7nuednMAyXqNsVJNwBkHDMwZdRWAt/xB
R2ZK594bFtRki9W/bhqQ4eptPv9LAnaXpiy4/0MNcbs4IsNrQw2qITO0IeysoK6G
KKM90sxDxW0jLVnbBW6kRWe0JW+zf7QkwWuEk1aIzL1jmtBsy2n/riXHCGhiASpI
6j1AXikCIig9Ui7REyMCwVdw+keVsEJ8JwV9P+5wIp78vjOF+00=
-----END CERTIFICATE-----
Generated at Fri Dec 6 09:27:26 2024 by rpki-client on console-ams.rpki-client.org