Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8D75AA3199BFADD81E2FA56BEDC57BEDECD719BC9E063F9F77E6730C4C5CB4FD/0/3136342e3136332e3133322e302f32322d3234203d3e20323634363638.roa
File:                     3136342e3136332e3133322e302f32322d3234203d3e20323634363638.roa (raw, json)
Hash identifier:          T7VqTqa9RXB4I1QnUCIVssyHfdgR+X4hNFO+On0yQu8=
Subject key identifier:   2A:5F:C4:24:5A:8A:33:C8:32:7B:C7:C4:6F:91:89:97:08:94:64:79
Certificate issuer:       /CN=BA43CC9DA5DF2E86CDE276C6DD5F826F162A5886
Certificate serial:       168C3B36EE76E36F2CE463F8465290FBC60028A0
Authority key identifier: BA:43:CC:9D:A5:DF:2E:86:CD:E2:76:C6:DD:5F:82:6F:16:2A:58:86
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BA43CC9DA5DF2E86CDE276C6DD5F826F162A5886.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8D75AA3199BFADD81E2FA56BEDC57BEDECD719BC9E063F9F77E6730C4C5CB4FD/0/3136342e3136332e3133322e302f32322d3234203d3e20323634363638.roa
Signing time:             Tue 05 Mar 2024 18:04:03 +0000
ROA not before:           Tue 05 Mar 2024 17:59:03 +0000
ROA not after:            Tue 04 Mar 2025 18:04:03 +0000
asID:                     264668
IP address blocks:        164.163.132.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8D75AA3199BFADD81E2FA56BEDC57BEDECD719BC9E063F9F77E6730C4C5CB4FD/0/BA43CC9DA5DF2E86CDE276C6DD5F826F162A5886.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8D75AA3199BFADD81E2FA56BEDC57BEDECD719BC9E063F9F77E6730C4C5CB4FD/0/BA43CC9DA5DF2E86CDE276C6DD5F826F162A5886.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BA43CC9DA5DF2E86CDE276C6DD5F826F162A5886.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:8c:3b:36:ee:76:e3:6f:2c:e4:63:f8:46:52:90:fb:c6:00:28:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BA43CC9DA5DF2E86CDE276C6DD5F826F162A5886
        Validity
            Not Before: Mar  5 17:59:03 2024 GMT
            Not After : Mar  4 18:04:03 2025 GMT
        Subject: CN=2A5FC4245A8A33C8327BC7C46F91899708946479
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:d9:1b:f6:88:e1:1b:09:d7:89:96:2b:bb:e7:
                    3d:9e:38:e5:05:c5:75:56:75:48:5c:f6:f0:cf:96:
                    81:03:66:3e:f7:e8:d6:6b:1c:58:8c:06:6a:f7:61:
                    9d:08:36:c4:80:a6:70:2d:16:d5:a0:37:0f:18:86:
                    61:ee:41:6c:0b:e5:a3:f5:6c:ce:7c:dc:62:44:82:
                    2d:c3:fd:d9:db:7c:cf:e3:4f:60:42:0f:4a:0c:f0:
                    70:c8:cd:4a:3f:4e:af:2a:65:5d:71:50:9e:17:67:
                    68:80:df:7f:35:3b:6b:0a:f3:6c:28:f2:58:92:68:
                    a8:18:4e:ab:e4:bd:a0:f7:1c:5b:20:ae:d7:0d:ea:
                    84:7d:c4:e3:da:a4:8b:09:2a:f8:e0:37:5b:8a:63:
                    05:4d:23:34:59:ce:97:d8:43:22:32:c5:55:3d:13:
                    12:e2:66:4a:98:28:c3:2c:a3:52:da:3b:99:e0:6c:
                    71:76:01:15:21:e6:bf:01:5f:78:24:9b:ca:d8:c8:
                    d0:bd:e6:5c:3a:a3:78:52:46:68:7a:fa:f1:ea:c3:
                    e6:38:19:ee:05:ac:bd:69:e3:60:0e:d5:57:42:af:
                    70:28:d6:39:4b:93:72:34:c6:5e:0d:a9:42:a3:7a:
                    f0:ba:15:df:81:10:10:e3:59:c8:cf:1b:e5:6b:e2:
                    d4:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:5F:C4:24:5A:8A:33:C8:32:7B:C7:C4:6F:91:89:97:08:94:64:79
            X509v3 Authority Key Identifier:
                keyid:BA:43:CC:9D:A5:DF:2E:86:CD:E2:76:C6:DD:5F:82:6F:16:2A:58:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8D75AA3199BFADD81E2FA56BEDC57BEDECD719BC9E063F9F77E6730C4C5CB4FD/0/BA43CC9DA5DF2E86CDE276C6DD5F826F162A5886.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BA43CC9DA5DF2E86CDE276C6DD5F826F162A5886.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8D75AA3199BFADD81E2FA56BEDC57BEDECD719BC9E063F9F77E6730C4C5CB4FD/0/3136342e3136332e3133322e302f32322d3234203d3e20323634363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.163.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:b0:bb:10:32:22:4f:a0:d7:3c:6d:e3:dd:e3:67:66:8c:a7:
         65:05:e3:1b:c4:34:07:57:13:7c:10:8c:1b:0f:c0:08:d8:dd:
         b5:45:16:14:d4:f6:14:3e:47:7e:a9:67:ec:63:e3:9d:eb:cd:
         f2:28:2f:ab:fb:a4:2f:0b:38:ff:e2:89:34:9f:04:90:a4:b6:
         24:18:f0:05:1f:25:16:eb:c6:6c:20:57:36:b6:b1:d9:22:26:
         ea:e3:89:7d:7d:e5:58:3a:dc:a6:f4:49:6c:99:56:0b:2b:bf:
         76:e0:33:05:d2:16:e3:f4:ca:b5:cc:ad:eb:bf:a6:c4:aa:42:
         88:b6:ca:2d:11:8e:d5:42:12:85:02:d8:2f:d5:22:a0:4b:f0:
         fa:f0:18:3f:3d:6d:40:3c:48:63:c2:57:e9:2e:1f:88:83:b5:
         46:22:e5:63:51:43:42:31:05:ca:56:36:6d:ba:e4:85:8a:fa:
         cd:ec:df:14:2a:2b:7c:fa:4f:22:52:87:38:26:db:44:e7:1d:
         1c:9c:9d:6d:63:a7:41:00:cb:9b:f1:a0:87:da:b5:d2:82:e1:
         9f:d6:fa:e8:98:af:c8:3b:67:71:aa:4d:9c:a2:37:87:21:bd:
         05:d1:b9:4d:13:4c:18:8a:3e:a8:93:1c:87:16:6d:ff:f6:19:
         d9:c1:24:88
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUFow7Nu52428s5GP4RlKQ+8YAKKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkE0M0NDOURBNURGMkU4NkNERTI3NkM2REQ1RjgyNkYx
NjJBNTg4NjAeFw0yNDAzMDUxNzU5MDNaFw0yNTAzMDQxODA0MDNaMDMxMTAvBgNV
BAMTKDJBNUZDNDI0NUE4QTMzQzgzMjdCQzdDNDZGOTE4OTk3MDg5NDY0NzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCL2Rv2iOEbCdeJliu75z2eOOUF
xXVWdUhc9vDPloEDZj736NZrHFiMBmr3YZ0INsSApnAtFtWgNw8YhmHuQWwL5aP1
bM583GJEgi3D/dnbfM/jT2BCD0oM8HDIzUo/Tq8qZV1xUJ4XZ2iA3381O2sK82wo
8liSaKgYTqvkvaD3HFsgrtcN6oR9xOPapIsJKvjgN1uKYwVNIzRZzpfYQyIyxVU9
ExLiZkqYKMMso1LaO5ngbHF2ARUh5r8BX3gkm8rYyNC95lw6o3hSRmh6+vHqw+Y4
Ge4FrL1p42AO1VdCr3Ao1jlLk3I0xl4NqUKjevC6Fd+BEBDjWcjPG+Vr4tRTAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUKl/EJFqKM8gye8fEb5GJlwiUZHkwHwYDVR0j
BBgwFoAUukPMnaXfLobN4nbG3V+CbxYqWIYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84RDc1QUEzMTk5QkZBREQ4MUUyRkE1NkJFREM1N0JFREVD
RDcxOUJDOUUwNjNGOUY3N0U2NzMwQzRDNUNCNEZELzAvQkE0M0NDOURBNURGMkU4
NkNERTI3NkM2REQ1RjgyNkYxNjJBNTg4Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CQTQzQ0M5REE1REYyRTg2Q0RF
Mjc2QzZERDVGODI2RjE2MkE1ODg2LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEQ3NUFBMzE5OUJGQUREODFFMkZBNTZCRURDNTdCRURFQ0Q3MTlCQzlF
MDYzRjlGNzdFNjczMEM0QzVDQjRGRC8wLzMxMzYzNDJlMzEzNjMzMmUzMTMzMzIy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzQzNjM2Mzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKk
o4QwDQYJKoZIhvcNAQELBQADggEBAGOwuxAyIk+g1zxt493jZ2aMp2UF4xvENAdX
E3wQjBsPwAjY3bVFFhTU9hQ+R36pZ+xj453rzfIoL6v7pC8LOP/iiTSfBJCktiQY
8AUfJRbrxmwgVza2sdkiJurjiX195Vg63Kb0SWyZVgsrv3bgMwXSFuP0yrXMreu/
psSqQoi2yi0RjtVCEoUC2C/VIqBL8PrwGD89bUA8SGPCV+kuH4iDtUYi5WNRQ0Ix
BcpWNm265IWK+s3s3xQqK3z6TyJShzgm20TnHRycnW1jp0EAy5vxoIfatdKC4Z/W
+uiYr8g7Z3GqTZyiN4chvQXRuU0TTBiKPqiTHIcWbf/2GdnBJIg=
-----END CERTIFICATE-----
Generated at Sun Jun 16 09:16:20 2024 by rpki-client on console-ams.rpki-client.org