Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8F24110CFB8EE0818D70EE66E175D28A6A71C2778464BC67C97214214BC0F41A/0/3139322e3138382e35372e302f32342d3234203d3e20323632323132.roa
File:                     3139322e3138382e35372e302f32342d3234203d3e20323632323132.roa (raw, json)
Hash identifier:          yMPEpnfwmU6v/CPtJYJOO6HyxNf/gZhrprKfqHwdFbw=
Subject key identifier:   9A:EA:D5:9C:56:83:CC:AE:EC:60:9A:2B:74:45:20:8A:DA:DD:6D:11
Certificate issuer:       /CN=C74171B033E063E7EA4A449BA4F4401ED0F4FFBF
Certificate serial:       75A77962D28B873A74734F0EE514B1890DEADC68
Authority key identifier: C7:41:71:B0:33:E0:63:E7:EA:4A:44:9B:A4:F4:40:1E:D0:F4:FF:BF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C74171B033E063E7EA4A449BA4F4401ED0F4FFBF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8F24110CFB8EE0818D70EE66E175D28A6A71C2778464BC67C97214214BC0F41A/0/3139322e3138382e35372e302f32342d3234203d3e20323632323132.roa
Signing time:             Tue 05 Mar 2024 18:23:03 +0000
ROA not before:           Tue 05 Mar 2024 18:18:03 +0000
ROA not after:            Tue 04 Mar 2025 18:23:03 +0000
asID:                     262212
IP address blocks:        192.188.57.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8F24110CFB8EE0818D70EE66E175D28A6A71C2778464BC67C97214214BC0F41A/0/C74171B033E063E7EA4A449BA4F4401ED0F4FFBF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8F24110CFB8EE0818D70EE66E175D28A6A71C2778464BC67C97214214BC0F41A/0/C74171B033E063E7EA4A449BA4F4401ED0F4FFBF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C74171B033E063E7EA4A449BA4F4401ED0F4FFBF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:a7:79:62:d2:8b:87:3a:74:73:4f:0e:e5:14:b1:89:0d:ea:dc:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C74171B033E063E7EA4A449BA4F4401ED0F4FFBF
        Validity
            Not Before: Mar  5 18:18:03 2024 GMT
            Not After : Mar  4 18:23:03 2025 GMT
        Subject: CN=9AEAD59C5683CCAEEC609A2B7445208ADADD6D11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:36:d8:49:bf:00:93:ae:5e:9e:14:e4:d5:21:
                    6f:6c:1e:bf:78:7b:f2:d4:67:4f:b0:05:89:5c:84:
                    fa:ef:49:f5:78:03:34:0b:f9:55:7c:2d:00:9c:af:
                    d0:f0:2f:3a:a1:a5:4a:8a:ae:26:21:6e:79:76:ee:
                    85:19:4e:b7:e3:44:98:ff:dd:1d:38:2a:39:39:54:
                    69:76:6b:0f:ae:a9:a7:16:b6:51:b7:c2:0f:f4:eb:
                    43:f7:f6:7c:76:68:e0:0a:37:5f:80:4d:75:2f:82:
                    32:73:fa:4b:c6:2f:fd:6a:72:74:5a:99:d4:e2:5b:
                    30:83:26:4f:4f:de:12:24:47:8b:13:d0:f0:db:29:
                    b8:96:2d:fb:ff:33:a8:0d:c2:1f:a6:bb:e2:93:b0:
                    eb:2f:7c:d5:cd:fe:32:75:62:e3:79:a5:29:ec:0d:
                    5c:ac:55:ab:b7:97:ac:95:1c:ff:b5:f5:0f:38:7c:
                    68:a0:8a:15:bc:15:46:c3:97:96:ba:9c:9c:6d:0c:
                    fd:62:d4:88:68:76:9d:ac:11:78:0a:f6:1a:34:9e:
                    f0:6f:cc:72:b5:33:97:f0:fc:d3:35:e3:bd:4a:02:
                    f4:5a:0c:3d:f3:9b:57:1f:db:42:00:5d:d1:ac:ad:
                    13:35:37:9c:d7:e6:66:9e:93:f4:49:b0:64:40:27:
                    d7:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:EA:D5:9C:56:83:CC:AE:EC:60:9A:2B:74:45:20:8A:DA:DD:6D:11
            X509v3 Authority Key Identifier:
                keyid:C7:41:71:B0:33:E0:63:E7:EA:4A:44:9B:A4:F4:40:1E:D0:F4:FF:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8F24110CFB8EE0818D70EE66E175D28A6A71C2778464BC67C97214214BC0F41A/0/C74171B033E063E7EA4A449BA4F4401ED0F4FFBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C74171B033E063E7EA4A449BA4F4401ED0F4FFBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8F24110CFB8EE0818D70EE66E175D28A6A71C2778464BC67C97214214BC0F41A/0/3139322e3138382e35372e302f32342d3234203d3e20323632323132.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.188.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:a2:22:c7:c0:eb:b9:52:ba:2f:93:e6:23:bb:9b:2f:8a:6c:
         74:c0:49:06:a4:4b:ce:04:07:a1:dc:3e:0a:5b:5b:19:28:6d:
         c4:30:48:a7:e8:08:02:fa:f6:4b:8e:13:17:69:ee:73:bf:dd:
         23:ab:35:ac:2f:ec:61:27:e2:fb:f8:22:f1:a8:7d:84:24:43:
         95:bc:23:12:02:59:cb:ad:fb:c7:14:b5:e3:04:50:0b:bd:bb:
         62:35:9e:6a:f8:77:07:f0:4d:07:f4:a6:d5:1d:de:97:b7:ca:
         a4:5a:e0:43:11:71:e6:00:fa:bb:7e:bc:9d:65:74:78:d4:0c:
         8f:d3:3c:1a:b0:03:95:40:8a:a0:81:d7:b9:5b:a4:c2:76:03:
         45:f4:82:24:e1:32:2e:13:a8:1e:93:11:b3:94:ac:3b:14:d1:
         5b:33:51:b4:19:34:68:69:c2:38:93:c1:b6:b2:b8:2a:24:9e:
         fb:20:a0:64:95:e8:8c:6d:b2:5f:e3:15:dc:eb:10:1c:8a:f9:
         13:78:74:69:73:60:df:a2:5a:96:4a:54:c1:7b:35:d3:7e:71:
         72:71:b9:db:ae:f7:4d:96:e5:22:35:31:90:fe:f6:b0:72:e0:
         e1:c5:d5:ad:cf:14:b6:1c:92:5c:00:a0:fe:31:26:89:2f:c2:
         78:87:0c:b3
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUdad5YtKLhzp0c08O5RSxiQ3q3GgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzc0MTcxQjAzM0UwNjNFN0VBNEE0NDlCQTRGNDQwMUVE
MEY0RkZCRjAeFw0yNDAzMDUxODE4MDNaFw0yNTAzMDQxODIzMDNaMDMxMTAvBgNV
BAMTKDlBRUFENTlDNTY4M0NDQUVFQzYwOUEyQjc0NDUyMDhBREFERDZEMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqNthJvwCTrl6eFOTVIW9sHr94
e/LUZ0+wBYlchPrvSfV4AzQL+VV8LQCcr9DwLzqhpUqKriYhbnl27oUZTrfjRJj/
3R04Kjk5VGl2aw+uqacWtlG3wg/060P39nx2aOAKN1+ATXUvgjJz+kvGL/1qcnRa
mdTiWzCDJk9P3hIkR4sT0PDbKbiWLfv/M6gNwh+mu+KTsOsvfNXN/jJ1YuN5pSns
DVysVau3l6yVHP+19Q84fGigihW8FUbDl5a6nJxtDP1i1Ihodp2sEXgK9ho0nvBv
zHK1M5fw/NM1471KAvRaDD3zm1cf20IAXdGsrRM1N5zX5maek/RJsGRAJ9chAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUmurVnFaDzK7sYJordEUgitrdbREwHwYDVR0j
BBgwFoAUx0FxsDPgY+fqSkSbpPRAHtD0/78wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84RjI0MTEwQ0ZCOEVFMDgxOEQ3MEVFNjZFMTc1RDI4QTZB
NzFDMjc3ODQ2NEJDNjdDOTcyMTQyMTRCQzBGNDFBLzAvQzc0MTcxQjAzM0UwNjNF
N0VBNEE0NDlCQTRGNDQwMUVEMEY0RkZCRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DNzQxNzFCMDMzRTA2M0U3RUE0
QTQ0OUJBNEY0NDAxRUQwRjRGRkJGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEYyNDExMENGQjhFRTA4MThENzBFRTY2RTE3NUQyOEE2QTcxQzI3Nzg0
NjRCQzY3Qzk3MjE0MjE0QkMwRjQxQS8wLzMxMzkzMjJlMzEzODM4MmUzNTM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMyMzIzMTMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwLw5
MA0GCSqGSIb3DQEBCwUAA4IBAQBDoiLHwOu5Urovk+Yju5svimx0wEkGpEvOBAeh
3D4KW1sZKG3EMEin6AgC+vZLjhMXae5zv90jqzWsL+xhJ+L7+CLxqH2EJEOVvCMS
AlnLrfvHFLXjBFALvbtiNZ5q+HcH8E0H9KbVHd6Xt8qkWuBDEXHmAPq7frydZXR4
1AyP0zwasAOVQIqggde5W6TCdgNF9IIk4TIuE6gekxGzlKw7FNFbM1G0GTRoacI4
k8G2srgqJJ77IKBkleiMbbJf4xXc6xAcivkTeHRpc2DfolqWSlTBezXTfnFycbnb
rvdNluUiNTGQ/vawcuDhxdWtzxS2HJJcAKD+MSaJL8J4hwyz
-----END CERTIFICATE-----
Generated at Wed Nov 20 03:14:23 2024 by rpki-client on console-fra.rpki-client.org