Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/3137302e3234342e3230382e302f32322d3234203d3e20323634363638.roa
File:                     3137302e3234342e3230382e302f32322d3234203d3e20323634363638.roa (raw, json)
Hash identifier:          1Z7ryqsZSvi2os04M6Dm265zgx5x7CbM13OWKkf0Qyw=
Subject key identifier:   D0:8C:9E:7E:8F:2E:FB:3E:BA:77:FE:5F:EB:B9:9F:90:4B:68:90:CC
Certificate issuer:       /CN=089B798E1BD051786195E5F9D02238D550A5EAD7
Certificate serial:       74F5D40B40853678CEE1A184CF46602686E77030
Authority key identifier: 08:9B:79:8E:1B:D0:51:78:61:95:E5:F9:D0:22:38:D5:50:A5:EA:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/089B798E1BD051786195E5F9D02238D550A5EAD7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/3137302e3234342e3230382e302f32322d3234203d3e20323634363638.roa
Signing time:             Tue 05 Mar 2024 18:08:03 +0000
ROA not before:           Tue 05 Mar 2024 18:03:03 +0000
ROA not after:            Tue 04 Mar 2025 18:08:03 +0000
asID:                     264668
IP address blocks:        170.244.208.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/089B798E1BD051786195E5F9D02238D550A5EAD7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/089B798E1BD051786195E5F9D02238D550A5EAD7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/089B798E1BD051786195E5F9D02238D550A5EAD7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:f5:d4:0b:40:85:36:78:ce:e1:a1:84:cf:46:60:26:86:e7:70:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=089B798E1BD051786195E5F9D02238D550A5EAD7
        Validity
            Not Before: Mar  5 18:03:03 2024 GMT
            Not After : Mar  4 18:08:03 2025 GMT
        Subject: CN=D08C9E7E8F2EFB3EBA77FE5FEBB99F904B6890CC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:79:69:45:6b:0f:b8:27:87:ee:9c:a9:4e:d3:
                    19:bd:4d:f8:46:e3:4c:d9:20:d9:ca:6f:db:5a:c3:
                    b1:ae:01:0e:9c:58:e3:1f:db:00:10:a3:ad:97:ef:
                    a2:98:ab:f5:9e:6b:47:1c:52:ca:90:8a:00:40:c0:
                    5b:82:02:57:d0:00:c5:7e:6d:80:61:81:01:a5:ac:
                    1d:b9:4e:1c:bd:85:b4:b5:7d:2d:b2:5e:38:55:de:
                    a7:37:08:e6:c4:37:13:03:c7:a6:bf:c9:49:90:a0:
                    91:a1:72:db:4d:92:ed:4c:3d:54:f7:db:ad:f2:8b:
                    b1:f9:e1:e4:04:5f:8a:2c:2a:09:69:30:19:e1:b7:
                    b5:49:c2:f0:7c:bf:f3:c5:a9:1f:3c:b4:4f:d0:ea:
                    61:ae:f5:06:9c:3b:a2:f7:7d:90:40:78:08:70:18:
                    db:b9:6d:f3:a1:ba:66:1b:07:f9:be:49:2e:54:b2:
                    27:29:2e:5b:75:ba:78:7b:50:65:37:0c:0c:cf:b0:
                    5b:95:cc:df:fe:7b:38:ca:6b:be:5f:0f:21:df:89:
                    48:5f:09:f3:f4:f9:c6:c4:a3:e5:91:d3:4a:b7:ac:
                    0c:4b:cf:3b:14:ed:c7:fa:f2:d9:96:da:81:69:26:
                    17:e2:da:ac:27:84:2c:56:47:fd:58:28:55:b5:94:
                    92:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:8C:9E:7E:8F:2E:FB:3E:BA:77:FE:5F:EB:B9:9F:90:4B:68:90:CC
            X509v3 Authority Key Identifier:
                keyid:08:9B:79:8E:1B:D0:51:78:61:95:E5:F9:D0:22:38:D5:50:A5:EA:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/089B798E1BD051786195E5F9D02238D550A5EAD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/089B798E1BD051786195E5F9D02238D550A5EAD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/3137302e3234342e3230382e302f32322d3234203d3e20323634363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.244.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         19:fc:41:1b:49:1e:ed:31:d7:81:02:10:94:07:7f:fb:18:a8:
         bd:5d:5b:ae:e2:b0:2e:80:bf:77:f1:28:40:04:c9:dd:97:93:
         6a:a0:13:66:db:98:4c:e7:38:5a:3b:c7:dc:9e:9d:6b:1f:a4:
         2e:53:4f:eb:61:4b:76:e1:74:16:64:65:aa:e1:7f:65:55:ec:
         a8:39:2a:c2:d7:41:dc:6b:66:61:8a:5e:65:82:91:6f:aa:e2:
         84:75:af:ed:ea:e6:14:1b:13:10:4d:6b:4d:44:28:e6:1b:8b:
         d9:7a:6d:67:8b:b1:ad:72:2a:17:db:eb:bb:1a:63:dc:f2:41:
         5c:a0:35:7f:00:10:0e:a8:0b:ba:11:e4:da:52:96:3e:d2:3c:
         e5:71:0f:e2:d2:e9:a8:de:88:71:b2:ea:2d:fc:eb:06:b6:50:
         8d:91:cd:b4:3d:2a:c2:ea:de:1e:87:51:aa:c5:bd:3c:e9:17:
         84:86:00:fb:e5:e4:06:e8:f1:ab:ba:9c:10:76:bc:9e:17:5f:
         43:4d:32:d1:65:19:69:e5:ef:19:78:b2:a4:0b:88:10:72:ca:
         4d:78:7f:89:c8:a2:68:42:87:04:0a:fc:85:15:dd:5c:3f:df:
         7a:66:a2:75:98:d3:75:5e:5d:51:f9:a7:18:f1:3b:7f:00:6b:
         51:57:78:05
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUdPXUC0CFNnjO4aGEz0ZgJobncDAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg5Qjc5OEUxQkQwNTE3ODYxOTVFNUY5RDAyMjM4RDU1
MEE1RUFENzAeFw0yNDAzMDUxODAzMDNaFw0yNTAzMDQxODA4MDNaMDMxMTAvBgNV
BAMTKEQwOEM5RTdFOEYyRUZCM0VCQTc3RkU1RkVCQjk5RjkwNEI2ODkwQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoeWlFaw+4J4funKlO0xm9TfhG
40zZINnKb9taw7GuAQ6cWOMf2wAQo62X76KYq/Wea0ccUsqQigBAwFuCAlfQAMV+
bYBhgQGlrB25Thy9hbS1fS2yXjhV3qc3CObENxMDx6a/yUmQoJGhcttNku1MPVT3
263yi7H54eQEX4osKglpMBnht7VJwvB8v/PFqR88tE/Q6mGu9QacO6L3fZBAeAhw
GNu5bfOhumYbB/m+SS5UsicpLlt1unh7UGU3DAzPsFuVzN/+ezjKa75fDyHfiUhf
CfP0+cbEo+WR00q3rAxLzzsU7cf68tmW2oFpJhfi2qwnhCxWR/1YKFW1lJLZAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU0Iyefo8u+z66d/5f67mfkEtokMwwHwYDVR0j
BBgwFoAUCJt5jhvQUXhhleX50CI41VCl6tcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85MUYzQzFFQ0Y4NzRBNDUzQTQ5NDdFNDBFOEYwNEE5OUY0
NjhBRDNCRjE3QTgxMzIzODA3MDJFRTg3NDg3MThDLzAvMDg5Qjc5OEUxQkQwNTE3
ODYxOTVFNUY5RDAyMjM4RDU1MEE1RUFENy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wODlCNzk4RTFCRDA1MTc4NjE5
NUU1RjlEMDIyMzhENTUwQTVFQUQ3LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTFGM0MxRUNGODc0QTQ1M0E0OTQ3RTQwRThGMDRBOTlGNDY4QUQzQkYx
N0E4MTMyMzgwNzAyRUU4NzQ4NzE4Qy8wLzMxMzczMDJlMzIzNDM0MmUzMjMwMzgy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzQzNjM2Mzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKq
9NAwDQYJKoZIhvcNAQELBQADggEBABn8QRtJHu0x14ECEJQHf/sYqL1dW67isC6A
v3fxKEAEyd2Xk2qgE2bbmEznOFo7x9yenWsfpC5TT+thS3bhdBZkZarhf2VV7Kg5
KsLXQdxrZmGKXmWCkW+q4oR1r+3q5hQbExBNa01EKOYbi9l6bWeLsa1yKhfb67sa
Y9zyQVygNX8AEA6oC7oR5NpSlj7SPOVxD+LS6ajeiHGy6i386wa2UI2RzbQ9KsLq
3h6HUarFvTzpF4SGAPvl5Abo8au6nBB2vJ4XX0NNMtFlGWnl7xl4sqQLiBByyk14
f4nIomhChwQK/IUV3Vw/33pmonWY03VeXVH5pxjxO38Aa1FXeAU=
-----END CERTIFICATE-----
Generated at Sun Jun 16 15:20:15 2024 by rpki-client on console-fra.rpki-client.org