Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8BFDD1555C8465C71EA51AF7C4CD118BC7FE6DC1EAA27054049776BBD68D9AAA/0/3138362e3230392e39322e302f32322d3232203d3e20323635353233.roa
File:                     3138362e3230392e39322e302f32322d3232203d3e20323635353233.roa (raw, json)
Hash identifier:          CnO9Yd7cbRVg7ntiP51aBn/V8yhv6b9G2ze6wwLIc/k=
Subject key identifier:   B8:68:50:8B:51:8C:8D:99:81:46:52:BF:3A:77:5C:0D:EC:1D:15:BE
Certificate issuer:       /CN=AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6
Certificate serial:       312F4CC4E4EEA86ABBCD86B240ACA50EEBB6EDCD
Authority key identifier: AA:EB:3F:98:55:C7:BF:65:86:9D:EB:D3:AA:FD:93:46:BF:C1:E6:F6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8BFDD1555C8465C71EA51AF7C4CD118BC7FE6DC1EAA27054049776BBD68D9AAA/0/3138362e3230392e39322e302f32322d3232203d3e20323635353233.roa
Signing time:             Tue 05 Mar 2024 17:45:46 +0000
ROA not before:           Tue 05 Mar 2024 17:40:46 +0000
ROA not after:            Tue 04 Mar 2025 17:45:46 +0000
asID:                     265523
IP address blocks:        186.209.92.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8BFDD1555C8465C71EA51AF7C4CD118BC7FE6DC1EAA27054049776BBD68D9AAA/0/AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8BFDD1555C8465C71EA51AF7C4CD118BC7FE6DC1EAA27054049776BBD68D9AAA/0/AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 25 Jul 2024 06:55:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:2f:4c:c4:e4:ee:a8:6a:bb:cd:86:b2:40:ac:a5:0e:eb:b6:ed:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6
        Validity
            Not Before: Mar  5 17:40:46 2024 GMT
            Not After : Mar  4 17:45:46 2025 GMT
        Subject: CN=B868508B518C8D99814652BF3A775C0DEC1D15BE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:63:e7:57:9f:25:ca:50:dc:d8:c7:9f:44:f6:
                    e2:4c:6c:5b:22:99:a6:15:6d:a5:40:4d:a7:ce:39:
                    ce:64:e3:fa:5c:45:b1:f8:ab:28:1c:3c:6f:d3:62:
                    b4:54:d5:27:52:4a:b6:c2:a7:45:34:cf:bb:40:e9:
                    19:6e:45:ff:2a:5e:04:c2:d0:74:da:50:32:61:0f:
                    3c:74:d8:62:8e:e0:11:c7:d4:01:c1:f4:1b:c8:63:
                    af:33:e4:9b:2f:2b:bb:b4:b2:33:5b:34:b2:2a:e1:
                    8a:30:17:f0:9d:c1:be:51:cc:c1:da:75:a4:73:4e:
                    ff:5c:81:84:f5:7a:22:d1:cb:e8:3d:ce:df:08:3b:
                    9e:0d:5f:0d:31:67:fa:7a:ff:df:4d:0f:24:16:0c:
                    20:a7:a4:56:6c:7a:6b:7e:fe:45:87:dc:11:33:7c:
                    ac:9a:b1:7b:26:0f:88:82:5c:7a:b4:24:2d:33:57:
                    5f:64:fb:07:1b:7c:b8:96:26:c8:e3:ca:67:79:e7:
                    a7:f6:a2:c6:ae:db:4e:09:9c:71:a9:2f:80:89:df:
                    d9:cb:ea:58:86:d9:d6:e6:81:91:3f:ca:31:36:86:
                    11:e9:ad:7c:eb:fe:1d:d1:3c:8d:57:3a:95:51:78:
                    04:f2:74:be:29:d7:79:da:3d:c2:68:32:54:91:16:
                    75:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:68:50:8B:51:8C:8D:99:81:46:52:BF:3A:77:5C:0D:EC:1D:15:BE
            X509v3 Authority Key Identifier:
                keyid:AA:EB:3F:98:55:C7:BF:65:86:9D:EB:D3:AA:FD:93:46:BF:C1:E6:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8BFDD1555C8465C71EA51AF7C4CD118BC7FE6DC1EAA27054049776BBD68D9AAA/0/AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AAEB3F9855C7BF65869DEBD3AAFD9346BFC1E6F6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8BFDD1555C8465C71EA51AF7C4CD118BC7FE6DC1EAA27054049776BBD68D9AAA/0/3138362e3230392e39322e302f32322d3232203d3e20323635353233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.209.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5b:58:74:ed:dc:34:62:c3:93:f2:b3:2a:40:82:15:74:5b:d6:
         57:14:a8:39:12:48:d6:c5:c1:ef:f7:85:99:b8:4d:74:20:e1:
         8f:e8:fd:86:ad:9e:0d:39:9e:08:22:bd:67:df:ac:94:44:2d:
         71:a0:68:69:e5:3d:f6:4c:5b:e0:f0:3c:f4:b0:ac:ef:b3:2e:
         2f:e7:f0:01:78:7b:9c:c3:23:c4:0a:76:30:56:1c:c3:56:a3:
         07:dc:f9:05:70:06:f2:2e:42:df:52:a4:0b:e7:35:53:2e:0a:
         ce:06:0d:6e:6a:b6:cd:a3:5a:e4:e3:97:d0:9c:98:cd:fa:b1:
         f4:59:c0:a7:bc:ff:58:e2:3e:87:c3:ea:84:76:ca:e7:73:1f:
         2b:97:9a:8b:22:a6:cc:ff:8b:ca:85:58:0a:3b:43:ff:49:bd:
         eb:c0:7b:18:67:ea:48:70:ec:a6:65:86:8e:40:cd:93:d9:48:
         8c:87:71:5a:2d:4c:68:30:62:e1:ce:d1:83:a1:ab:ac:57:26:
         24:fb:02:e4:09:16:51:cc:c7:f5:1f:03:5d:87:d2:61:34:52:
         70:03:d2:ff:05:e9:c3:38:d7:01:a9:dd:71:b8:57:08:2d:b8:
         01:a9:dc:3a:ba:dd:3a:65:6a:96:81:7d:d9:08:97:4f:52:2c:
         e2:b0:39:f9
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUMS9MxOTuqGq7zYayQKylDuu27c0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUFFQjNGOTg1NUM3QkY2NTg2OURFQkQzQUFGRDkzNDZC
RkMxRTZGNjAeFw0yNDAzMDUxNzQwNDZaFw0yNTAzMDQxNzQ1NDZaMDMxMTAvBgNV
BAMTKEI4Njg1MDhCNTE4QzhEOTk4MTQ2NTJCRjNBNzc1QzBERUMxRDE1QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Y+dXnyXKUNzYx59E9uJMbFsi
maYVbaVATafOOc5k4/pcRbH4qygcPG/TYrRU1SdSSrbCp0U0z7tA6RluRf8qXgTC
0HTaUDJhDzx02GKO4BHH1AHB9BvIY68z5JsvK7u0sjNbNLIq4YowF/Cdwb5RzMHa
daRzTv9cgYT1eiLRy+g9zt8IO54NXw0xZ/p6/99NDyQWDCCnpFZsemt+/kWH3BEz
fKyasXsmD4iCXHq0JC0zV19k+wcbfLiWJsjjymd556f2osau204JnHGpL4CJ39nL
6liG2dbmgZE/yjE2hhHprXzr/h3RPI1XOpVReATydL4p13naPcJoMlSRFnUvAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUuGhQi1GMjZmBRlK/OndcDewdFb4wHwYDVR0j
BBgwFoAUqus/mFXHv2WGnevTqv2TRr/B5vYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84QkZERDE1NTVDODQ2NUM3MUVBNTFBRjdDNENEMTE4QkM3
RkU2REMxRUFBMjcwNTQwNDk3NzZCQkQ2OEQ5QUFBLzAvQUFFQjNGOTg1NUM3QkY2
NTg2OURFQkQzQUFGRDkzNDZCRkMxRTZGNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BQUVCM0Y5ODU1QzdCRjY1ODY5
REVCRDNBQUZEOTM0NkJGQzFFNkY2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEJGREQxNTU1Qzg0NjVDNzFFQTUxQUY3QzRDRDExOEJDN0ZFNkRDMUVB
QTI3MDU0MDQ5Nzc2QkJENjhEOUFBQS8wLzMxMzgzNjJlMzIzMDM5MmUzOTMyMmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjM1MzUzMjMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCutFc
MA0GCSqGSIb3DQEBCwUAA4IBAQBbWHTt3DRiw5PysypAghV0W9ZXFKg5EkjWxcHv
94WZuE10IOGP6P2GrZ4NOZ4IIr1n36yURC1xoGhp5T32TFvg8Dz0sKzvsy4v5/AB
eHucwyPECnYwVhzDVqMH3PkFcAbyLkLfUqQL5zVTLgrOBg1uarbNo1rk45fQnJjN
+rH0WcCnvP9Y4j6Hw+qEdsrncx8rl5qLIqbM/4vKhVgKO0P/Sb3rwHsYZ+pIcOym
ZYaOQM2T2UiMh3FaLUxoMGLhztGDoausVyYk+wLkCRZRzMf1HwNdh9JhNFJwA9L/
BenDONcBqd1xuFcILbgBqdw6ut06ZWqWgX3ZCJdPUizisDn5
-----END CERTIFICATE-----
Generated at Sun Jul 21 16:27:52 2024 by rpki-client on console-fra.rpki-client.org