Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8B7F1D8F001197E124B9323A3182A9BFA43557616A2BC6D28F053268CAF0EA26/0/3133312e3235352e3138302e302f32322d3234203d3e20323633373135.roa
File:                     3133312e3235352e3138302e302f32322d3234203d3e20323633373135.roa (raw, json)
Hash identifier:          kC9YY8yBKU/DiUXSxalmCTyPP/XYhjFqqYvVPqTD0GU=
Subject key identifier:   21:90:11:7A:E1:D3:E4:37:CB:B3:2D:DB:25:9F:D4:A7:A3:30:81:53
Certificate issuer:       /CN=1EBD8A589075FC05F94517534250344AA37719DE
Certificate serial:       3F755D532BE4A210A95E71E3D7E2A6A6EC9850D6
Authority key identifier: 1E:BD:8A:58:90:75:FC:05:F9:45:17:53:42:50:34:4A:A3:77:19:DE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1EBD8A589075FC05F94517534250344AA37719DE.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8B7F1D8F001197E124B9323A3182A9BFA43557616A2BC6D28F053268CAF0EA26/0/3133312e3235352e3138302e302f32322d3234203d3e20323633373135.roa
Signing time:             Tue 05 Mar 2024 18:06:00 +0000
ROA not before:           Tue 05 Mar 2024 18:01:00 +0000
ROA not after:            Tue 04 Mar 2025 18:06:00 +0000
asID:                     263715
IP address blocks:        131.255.180.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8B7F1D8F001197E124B9323A3182A9BFA43557616A2BC6D28F053268CAF0EA26/0/1EBD8A589075FC05F94517534250344AA37719DE.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8B7F1D8F001197E124B9323A3182A9BFA43557616A2BC6D28F053268CAF0EA26/0/1EBD8A589075FC05F94517534250344AA37719DE.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1EBD8A589075FC05F94517534250344AA37719DE.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:75:5d:53:2b:e4:a2:10:a9:5e:71:e3:d7:e2:a6:a6:ec:98:50:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1EBD8A589075FC05F94517534250344AA37719DE
        Validity
            Not Before: Mar  5 18:01:00 2024 GMT
            Not After : Mar  4 18:06:00 2025 GMT
        Subject: CN=2190117AE1D3E437CBB32DDB259FD4A7A3308153
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:34:a4:a1:b1:6f:89:9c:25:7b:7f:75:28:ee:
                    12:bc:56:af:7e:d9:97:d7:76:0a:1f:30:f2:a0:d0:
                    ca:c5:20:65:73:eb:cd:e6:f7:ef:55:91:be:c2:c1:
                    fc:56:94:eb:b4:5e:3e:08:db:85:16:b1:5a:0c:2f:
                    59:f9:18:af:d3:cb:53:d0:41:72:cc:b5:ec:56:d5:
                    05:cc:fb:db:6c:eb:37:1c:71:44:b5:51:60:0e:dc:
                    f2:9a:a6:f1:21:bf:4b:86:19:d3:64:45:ec:ad:e9:
                    13:3a:55:82:d9:4a:62:a0:00:09:fa:77:46:e7:99:
                    c7:ed:7f:82:8c:40:1d:6f:c7:5d:45:a5:fa:b4:d6:
                    1c:ca:76:fd:45:fa:43:a9:c1:fe:15:33:18:5d:9b:
                    19:ed:06:1a:45:14:f5:46:73:21:3f:ac:eb:4f:bf:
                    75:e1:e6:8a:8a:83:40:30:52:51:b9:df:16:d5:d9:
                    6d:90:d7:42:35:b7:0a:18:52:c1:b3:fd:34:d7:81:
                    9e:ec:d7:18:b3:c6:08:ba:81:74:62:04:43:b9:ab:
                    47:69:9a:d1:6a:c6:b1:af:61:7a:3f:ae:9b:f6:f4:
                    cf:a0:53:19:19:af:5f:5b:95:15:58:a0:e5:4d:ba:
                    71:5c:76:9f:1a:01:6e:61:04:5a:9b:a3:c2:f0:87:
                    23:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:90:11:7A:E1:D3:E4:37:CB:B3:2D:DB:25:9F:D4:A7:A3:30:81:53
            X509v3 Authority Key Identifier:
                keyid:1E:BD:8A:58:90:75:FC:05:F9:45:17:53:42:50:34:4A:A3:77:19:DE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8B7F1D8F001197E124B9323A3182A9BFA43557616A2BC6D28F053268CAF0EA26/0/1EBD8A589075FC05F94517534250344AA37719DE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1EBD8A589075FC05F94517534250344AA37719DE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8B7F1D8F001197E124B9323A3182A9BFA43557616A2BC6D28F053268CAF0EA26/0/3133312e3235352e3138302e302f32322d3234203d3e20323633373135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.255.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6c:3e:aa:31:d1:70:e7:a2:f9:8e:4b:6c:a5:d1:d4:ce:03:16:
         a7:88:6b:66:d1:04:c2:f3:ae:10:b1:50:86:55:ee:c5:df:b9:
         08:06:c5:06:17:09:62:f4:12:a4:ea:1d:9f:d8:9f:63:8a:e9:
         08:87:39:84:81:20:f6:e0:8e:63:c8:7f:80:36:3c:3d:18:e0:
         5c:c5:18:58:f0:6d:36:08:0f:db:8b:ed:3d:bb:37:07:36:a7:
         b5:01:15:b9:c5:88:d0:c8:a9:f4:d8:25:ca:d7:a6:85:0e:f9:
         62:61:fe:c7:f2:28:35:32:92:2a:f1:e8:43:df:c2:b8:0e:f6:
         f8:49:b9:c9:1f:91:f0:2d:d8:11:75:d7:f1:22:53:35:e4:fb:
         ab:bd:ea:6d:f3:95:8d:8a:bd:df:a7:c2:90:9f:8d:aa:88:de:
         91:37:ee:24:e5:91:93:57:60:e5:56:7f:3e:d1:eb:01:5e:bc:
         49:29:02:2d:3f:c2:93:a8:12:c0:db:03:c5:8b:15:92:c9:0f:
         6e:e2:a9:b8:84:0e:23:b9:e1:fd:46:57:df:46:46:70:0f:59:
         b8:01:0c:3d:81:81:f9:9d:1b:2d:b5:50:3e:4e:3c:cc:88:06:
         32:01:6b:48:70:88:aa:9d:0d:12:72:82:1c:48:bc:91:6b:41:
         fd:60:49:15
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUP3VdUyvkohCpXnHj1+KmpuyYUNYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUVCRDhBNTg5MDc1RkMwNUY5NDUxNzUzNDI1MDM0NEFB
Mzc3MTlERTAeFw0yNDAzMDUxODAxMDBaFw0yNTAzMDQxODA2MDBaMDMxMTAvBgNV
BAMTKDIxOTAxMTdBRTFEM0U0MzdDQkIzMkREQjI1OUZENEE3QTMzMDgxNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoNKShsW+JnCV7f3Uo7hK8Vq9+
2ZfXdgofMPKg0MrFIGVz683m9+9Vkb7CwfxWlOu0Xj4I24UWsVoML1n5GK/Ty1PQ
QXLMtexW1QXM+9ts6zcccUS1UWAO3PKapvEhv0uGGdNkReyt6RM6VYLZSmKgAAn6
d0bnmcftf4KMQB1vx11Fpfq01hzKdv1F+kOpwf4VMxhdmxntBhpFFPVGcyE/rOtP
v3Xh5oqKg0AwUlG53xbV2W2Q10I1twoYUsGz/TTXgZ7s1xizxgi6gXRiBEO5q0dp
mtFqxrGvYXo/rpv29M+gUxkZr19blRVYoOVNunFcdp8aAW5hBFqbo8LwhyMPAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUIZAReuHT5DfLsy3bJZ/Up6MwgVMwHwYDVR0j
BBgwFoAUHr2KWJB1/AX5RRdTQlA0SqN3Gd4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84QjdGMUQ4RjAwMTE5N0UxMjRCOTMyM0EzMTgyQTlCRkE0
MzU1NzYxNkEyQkM2RDI4RjA1MzI2OENBRjBFQTI2LzAvMUVCRDhBNTg5MDc1RkMw
NUY5NDUxNzUzNDI1MDM0NEFBMzc3MTlERS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRUJEOEE1ODkwNzVGQzA1Rjk0
NTE3NTM0MjUwMzQ0QUEzNzcxOURFLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEI3RjFEOEYwMDExOTdFMTI0QjkzMjNBMzE4MkE5QkZBNDM1NTc2MTZB
MkJDNkQyOEYwNTMyNjhDQUYwRUEyNi8wLzMxMzMzMTJlMzIzNTM1MmUzMTM4MzAy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzMzNzMxMzUucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKD
/7QwDQYJKoZIhvcNAQELBQADggEBAGw+qjHRcOei+Y5LbKXR1M4DFqeIa2bRBMLz
rhCxUIZV7sXfuQgGxQYXCWL0EqTqHZ/Yn2OK6QiHOYSBIPbgjmPIf4A2PD0Y4FzF
GFjwbTYID9uL7T27Nwc2p7UBFbnFiNDIqfTYJcrXpoUO+WJh/sfyKDUykirx6EPf
wrgO9vhJuckfkfAt2BF11/EiUzXk+6u96m3zlY2Kvd+nwpCfjaqI3pE37iTlkZNX
YOVWfz7R6wFevEkpAi0/wpOoEsDbA8WLFZLJD27iqbiEDiO54f1GV99GRnAPWbgB
DD2BgfmdGy21UD5OPMyIBjIBa0hwiKqdDRJyghxIvJFrQf1gSRU=
-----END CERTIFICATE-----
Generated at Wed Nov 20 15:56:10 2024 by rpki-client on console-ams.rpki-client.org