Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/84E9CFD0BCC44D1CF08FDA245B0A3088B0249CA1F629FA2EC30BEE800680995C/0/3139312e3234312e3134302e302f32322d3232203d3e20323730313036.roa
File:                     3139312e3234312e3134302e302f32322d3232203d3e20323730313036.roa (raw, json)
Hash identifier:          DcdPgQjYr46fgLgou66kCLq0xbEN9dHVFU7q1sdzcAU=
Subject key identifier:   59:BA:B4:8E:CE:10:7F:F2:38:12:80:84:92:D5:8F:69:92:C6:A5:B4
Certificate issuer:       /CN=8F3AF6492C8FEF731CBFEDBFD08A6B918FDA4D83
Certificate serial:       0605D36F15FE7FC2138904929E7FB6040803DD5A
Authority key identifier: 8F:3A:F6:49:2C:8F:EF:73:1C:BF:ED:BF:D0:8A:6B:91:8F:DA:4D:83
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8F3AF6492C8FEF731CBFEDBFD08A6B918FDA4D83.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/84E9CFD0BCC44D1CF08FDA245B0A3088B0249CA1F629FA2EC30BEE800680995C/0/3139312e3234312e3134302e302f32322d3232203d3e20323730313036.roa
Signing time:             Thu 08 May 2025 17:35:00 +0000
ROA not before:           Thu 08 May 2025 17:30:00 +0000
ROA not after:            Thu 07 May 2026 17:35:00 +0000
asID:                     270106
IP address blocks:        191.241.140.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/84E9CFD0BCC44D1CF08FDA245B0A3088B0249CA1F629FA2EC30BEE800680995C/0/8F3AF6492C8FEF731CBFEDBFD08A6B918FDA4D83.crl
                          rsync://repository.lacnic.net/rpki/lacnic/84E9CFD0BCC44D1CF08FDA245B0A3088B0249CA1F629FA2EC30BEE800680995C/0/8F3AF6492C8FEF731CBFEDBFD08A6B918FDA4D83.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8F3AF6492C8FEF731CBFEDBFD08A6B918FDA4D83.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 08:43:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:05:d3:6f:15:fe:7f:c2:13:89:04:92:9e:7f:b6:04:08:03:dd:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8F3AF6492C8FEF731CBFEDBFD08A6B918FDA4D83
        Validity
            Not Before: May  8 17:30:00 2025 GMT
            Not After : May  7 17:35:00 2026 GMT
        Subject: CN=59BAB48ECE107FF23812808492D58F6992C6A5B4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:cd:d8:64:f1:09:d8:1c:d1:36:5d:30:c4:28:
                    76:1c:08:06:6e:c9:6b:9d:d2:fa:24:cc:0c:9b:a6:
                    bc:d2:5c:a0:41:9c:2c:91:a6:a8:0c:74:e2:d9:d9:
                    4b:49:64:88:1c:9e:e6:08:b8:13:7d:24:f3:e4:f9:
                    52:58:93:1a:5d:8b:c3:75:da:d2:cc:1f:b9:26:6f:
                    74:31:33:7c:f2:a4:1f:d8:09:63:dc:17:e7:4b:75:
                    69:b1:d7:50:bc:c2:31:5e:48:b2:cd:32:32:8f:b4:
                    cd:54:35:7e:11:f0:14:a9:41:ff:7a:86:cc:c2:e9:
                    97:e2:20:e7:c7:87:9f:8e:b9:ed:b1:64:45:68:b8:
                    ab:61:21:05:45:81:c6:f4:ee:ee:c5:1c:ea:e3:ec:
                    0f:22:f8:6f:82:b7:a9:42:b9:10:59:07:9a:d0:bc:
                    38:12:0f:25:f7:27:e6:b0:05:87:f0:43:f5:30:69:
                    85:06:8b:88:ff:a9:29:0a:ee:5a:bc:0c:f0:13:44:
                    b8:95:b2:2e:d5:d2:7c:ce:3d:6b:aa:53:aa:88:e2:
                    fe:c2:ac:07:af:d6:9e:4f:3a:c6:6a:4c:ce:72:21:
                    f9:53:fc:3c:fc:32:49:dc:8d:61:f9:d3:d8:7c:b9:
                    fd:73:dd:e3:5f:ea:f5:e3:96:89:cd:2c:76:ae:24:
                    3b:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:BA:B4:8E:CE:10:7F:F2:38:12:80:84:92:D5:8F:69:92:C6:A5:B4
            X509v3 Authority Key Identifier:
                keyid:8F:3A:F6:49:2C:8F:EF:73:1C:BF:ED:BF:D0:8A:6B:91:8F:DA:4D:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/84E9CFD0BCC44D1CF08FDA245B0A3088B0249CA1F629FA2EC30BEE800680995C/0/8F3AF6492C8FEF731CBFEDBFD08A6B918FDA4D83.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8F3AF6492C8FEF731CBFEDBFD08A6B918FDA4D83.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/84E9CFD0BCC44D1CF08FDA245B0A3088B0249CA1F629FA2EC30BEE800680995C/0/3139312e3234312e3134302e302f32322d3232203d3e20323730313036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.241.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         09:4f:fe:68:6f:70:7f:f2:16:c2:3f:97:97:b0:5f:6d:38:8d:
         a4:2f:e3:02:8b:82:66:b2:a2:91:0b:b3:f5:8a:72:ce:df:b7:
         36:1b:e6:a9:2a:fa:59:47:bd:67:19:ed:d5:fe:80:08:b0:d4:
         4a:5e:3b:40:96:c5:3b:99:d3:50:2c:cd:3e:25:bc:f3:7c:67:
         48:74:9d:1e:7b:65:a5:54:d3:82:8c:5f:a0:69:7f:f0:5c:ec:
         86:ac:d1:eb:09:b3:ac:ec:4a:82:f0:a5:9b:7d:57:52:19:71:
         50:07:45:9e:c4:ba:6e:3d:3b:89:02:a7:22:2e:fb:a1:e2:0f:
         52:30:a3:03:a1:81:37:bf:b1:37:2a:34:42:f2:c2:66:16:75:
         50:06:4f:33:4f:07:14:d5:c2:bd:f8:cf:56:8c:8a:e0:e8:b7:
         be:1b:6e:d9:ca:1d:f2:2b:5b:ba:72:10:68:ff:3b:5f:7d:ae:
         b0:c7:bc:57:d3:c5:43:cd:c9:f7:00:c3:24:1d:ed:73:11:0d:
         d7:9b:5e:e6:dd:97:6b:8a:b5:5a:d9:03:c3:71:a5:e2:7b:3d:
         c5:fc:2f:53:7d:ee:a9:19:67:f1:cb:dd:9d:73:c8:5e:b6:aa:
         f9:f3:d0:5c:cc:c8:5c:ba:51:24:f4:56:6c:21:5f:a1:65:63:
         00:65:04:7f
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUBgXTbxX+f8ITiQSSnn+2BAgD3VowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEYzQUY2NDkyQzhGRUY3MzFDQkZFREJGRDA4QTZCOTE4
RkRBNEQ4MzAeFw0yNTA1MDgxNzMwMDBaFw0yNjA1MDcxNzM1MDBaMDMxMTAvBgNV
BAMTKDU5QkFCNDhFQ0UxMDdGRjIzODEyODA4NDkyRDU4RjY5OTJDNkE1QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpzdhk8QnYHNE2XTDEKHYcCAZu
yWud0vokzAybprzSXKBBnCyRpqgMdOLZ2UtJZIgcnuYIuBN9JPPk+VJYkxpdi8N1
2tLMH7kmb3QxM3zypB/YCWPcF+dLdWmx11C8wjFeSLLNMjKPtM1UNX4R8BSpQf96
hszC6ZfiIOfHh5+Oue2xZEVouKthIQVFgcb07u7FHOrj7A8i+G+Ct6lCuRBZB5rQ
vDgSDyX3J+awBYfwQ/UwaYUGi4j/qSkK7lq8DPATRLiVsi7V0nzOPWuqU6qI4v7C
rAev1p5POsZqTM5yIflT/Dz8MkncjWH509h8uf1z3eNf6vXjlonNLHauJDvLAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUWbq0js4Qf/I4EoCEktWPaZLGpbQwHwYDVR0j
BBgwFoAUjzr2SSyP73Mcv+2/0IprkY/aTYMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84NEU5Q0ZEMEJDQzQ0RDFDRjA4RkRBMjQ1QjBBMzA4OEIw
MjQ5Q0ExRjYyOUZBMkVDMzBCRUU4MDA2ODA5OTVDLzAvOEYzQUY2NDkyQzhGRUY3
MzFDQkZFREJGRDA4QTZCOTE4RkRBNEQ4My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RjNBRjY0OTJDOEZFRjczMUNC
RkVEQkZEMDhBNkI5MThGREE0RDgzLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODRFOUNGRDBCQ0M0NEQxQ0YwOEZEQTI0NUIwQTMwODhCMDI0OUNBMUY2
MjlGQTJFQzMwQkVFODAwNjgwOTk1Qy8wLzMxMzkzMTJlMzIzNDMxMmUzMTM0MzAy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM3MzAzMTMwMzYucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK/
8YwwDQYJKoZIhvcNAQELBQADggEBAAlP/mhvcH/yFsI/l5ewX204jaQv4wKLgmay
opELs/WKcs7ftzYb5qkq+llHvWcZ7dX+gAiw1EpeO0CWxTuZ01AszT4lvPN8Z0h0
nR57ZaVU04KMX6Bpf/Bc7Ias0esJs6zsSoLwpZt9V1IZcVAHRZ7Eum49O4kCpyIu
+6HiD1IwowOhgTe/sTcqNELywmYWdVAGTzNPBxTVwr34z1aMiuDot74bbtnKHfIr
W7pyEGj/O199rrDHvFfTxUPNyfcAwyQd7XMRDdebXubdl2uKtVrZA8NxpeJ7PcX8
L1N97qkZZ/HL3Z1zyF62qvnz0FzMyFy6UST0VmwhX6FlYwBlBH8=
-----END CERTIFICATE-----
Generated at Tue Jun 10 05:58:56 2025 by rpki-client