Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/3137302e3234342e3230382e302f32342d3234203d3e20323731383832.roa
File:                     3137302e3234342e3230382e302f32342d3234203d3e20323731383832.roa (raw, json)
Hash identifier:          Mb5u4TrLMpl9xBqfXttksbU4jeLGJSbYp7EKnIv1Fws=
Subject key identifier:   66:F8:34:F2:86:CF:F3:76:D6:5E:37:3C:B1:78:28:0A:A6:49:A1:0C
Certificate issuer:       /CN=089B798E1BD051786195E5F9D02238D550A5EAD7
Certificate serial:       29FDFA21B646C0E632F0D380720E2D338A1B7E3D
Authority key identifier: 08:9B:79:8E:1B:D0:51:78:61:95:E5:F9:D0:22:38:D5:50:A5:EA:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/089B798E1BD051786195E5F9D02238D550A5EAD7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/3137302e3234342e3230382e302f32342d3234203d3e20323731383832.roa
Signing time:             Tue 05 Mar 2024 18:08:04 +0000
ROA not before:           Tue 05 Mar 2024 18:03:04 +0000
ROA not after:            Tue 04 Mar 2025 18:08:04 +0000
asID:                     271882
IP address blocks:        170.244.208.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/089B798E1BD051786195E5F9D02238D550A5EAD7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/089B798E1BD051786195E5F9D02238D550A5EAD7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/089B798E1BD051786195E5F9D02238D550A5EAD7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:fd:fa:21:b6:46:c0:e6:32:f0:d3:80:72:0e:2d:33:8a:1b:7e:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=089B798E1BD051786195E5F9D02238D550A5EAD7
        Validity
            Not Before: Mar  5 18:03:04 2024 GMT
            Not After : Mar  4 18:08:04 2025 GMT
        Subject: CN=66F834F286CFF376D65E373CB178280AA649A10C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:f1:4c:ea:ae:66:97:4f:26:5b:6f:72:5c:26:
                    ab:ef:e7:b4:84:e7:eb:d7:f9:29:f1:18:49:fb:3c:
                    f9:d3:8d:c7:30:1a:67:13:9a:c7:44:11:31:6c:c9:
                    6c:bd:56:7f:c8:6a:bd:13:23:8a:53:d4:e0:95:0b:
                    22:58:da:73:66:39:07:76:ac:f5:9b:21:40:55:99:
                    7c:d1:35:09:c1:d6:f9:2f:5f:8f:dc:ed:7a:c2:14:
                    64:94:73:29:b7:39:b7:40:bc:38:fe:e5:d2:8a:9f:
                    56:45:5b:29:3a:9c:6d:ed:bc:1c:47:cc:88:4d:6b:
                    1d:f2:01:6e:52:44:c0:c2:5c:8d:00:c7:ef:2b:54:
                    66:0d:02:32:bc:a8:59:ae:16:e8:05:5a:83:56:29:
                    59:03:e0:e5:13:b8:35:c7:e0:0e:54:ce:f3:de:2a:
                    5c:d9:dc:19:67:ed:ea:25:81:3f:a0:1b:36:fc:cb:
                    50:0e:85:ff:1b:8f:4a:10:05:00:91:0d:1e:c3:f3:
                    f3:38:da:59:d4:80:5a:42:0d:ce:d3:76:c5:ef:f9:
                    a1:fb:85:7b:07:2e:a9:83:82:09:9a:07:13:34:0c:
                    43:6a:e2:24:c9:24:3a:9b:d8:48:48:a1:fe:d5:52:
                    19:29:6f:b1:23:a8:bd:d2:49:0f:30:54:69:e9:50:
                    f6:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:F8:34:F2:86:CF:F3:76:D6:5E:37:3C:B1:78:28:0A:A6:49:A1:0C
            X509v3 Authority Key Identifier:
                keyid:08:9B:79:8E:1B:D0:51:78:61:95:E5:F9:D0:22:38:D5:50:A5:EA:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/089B798E1BD051786195E5F9D02238D550A5EAD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/089B798E1BD051786195E5F9D02238D550A5EAD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/3137302e3234342e3230382e302f32342d3234203d3e20323731383832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.244.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:35:e5:31:b9:1d:c6:6c:ee:7d:de:ba:fb:5b:b4:1e:8c:6c:
         9f:5b:37:df:f2:a2:cf:3f:bc:b6:85:3d:7b:30:6a:fc:fa:11:
         86:1c:ef:3c:26:73:0e:7c:44:33:34:66:bc:89:0d:d7:e2:04:
         77:7e:e9:ef:7e:e5:67:69:fa:b3:cc:65:8f:5a:cb:ac:1d:2d:
         0c:b6:4c:16:49:cc:52:ea:87:ec:0a:37:6a:6f:b2:6e:ae:d3:
         aa:76:d3:41:30:9e:ad:5f:60:ca:3c:c9:bb:07:0f:f9:82:66:
         ca:1a:cb:e8:c5:d5:ea:1a:80:04:2e:e9:93:7c:11:18:97:23:
         1f:64:14:57:55:28:d2:48:aa:db:05:16:b8:09:4d:8d:f0:b4:
         e5:a8:95:b3:72:a2:d7:bf:d4:3d:f9:6c:3a:81:6c:84:5d:34:
         04:67:c9:bd:84:5c:21:97:23:c4:43:86:55:d4:e9:ae:66:7e:
         f1:70:ba:5d:9c:dd:7d:4f:ea:38:e6:f5:ec:04:48:b5:e8:47:
         7c:aa:ad:62:a5:07:f8:62:7f:e7:82:0d:e0:f4:b0:82:e8:37:
         b3:4b:27:63:6a:a6:86:06:7e:e2:9e:84:5e:7c:59:0d:e1:09:
         14:f4:96:24:8d:df:fb:86:dd:16:fc:99:ae:11:5f:17:7f:d3:
         62:29:c5:79
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUKf36IbZGwOYy8NOAcg4tM4obfj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg5Qjc5OEUxQkQwNTE3ODYxOTVFNUY5RDAyMjM4RDU1
MEE1RUFENzAeFw0yNDAzMDUxODAzMDRaFw0yNTAzMDQxODA4MDRaMDMxMTAvBgNV
BAMTKDY2RjgzNEYyODZDRkYzNzZENjVFMzczQ0IxNzgyODBBQTY0OUExMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY8UzqrmaXTyZbb3JcJqvv57SE
5+vX+SnxGEn7PPnTjccwGmcTmsdEETFsyWy9Vn/Iar0TI4pT1OCVCyJY2nNmOQd2
rPWbIUBVmXzRNQnB1vkvX4/c7XrCFGSUcym3ObdAvDj+5dKKn1ZFWyk6nG3tvBxH
zIhNax3yAW5SRMDCXI0Ax+8rVGYNAjK8qFmuFugFWoNWKVkD4OUTuDXH4A5UzvPe
KlzZ3Bln7eolgT+gGzb8y1AOhf8bj0oQBQCRDR7D8/M42lnUgFpCDc7TdsXv+aH7
hXsHLqmDggmaBxM0DENq4iTJJDqb2EhIof7VUhkpb7EjqL3SSQ8wVGnpUPabAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUZvg08obP83bWXjc8sXgoCqZJoQwwHwYDVR0j
BBgwFoAUCJt5jhvQUXhhleX50CI41VCl6tcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85MUYzQzFFQ0Y4NzRBNDUzQTQ5NDdFNDBFOEYwNEE5OUY0
NjhBRDNCRjE3QTgxMzIzODA3MDJFRTg3NDg3MThDLzAvMDg5Qjc5OEUxQkQwNTE3
ODYxOTVFNUY5RDAyMjM4RDU1MEE1RUFENy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wODlCNzk4RTFCRDA1MTc4NjE5
NUU1RjlEMDIyMzhENTUwQTVFQUQ3LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTFGM0MxRUNGODc0QTQ1M0E0OTQ3RTQwRThGMDRBOTlGNDY4QUQzQkYx
N0E4MTMyMzgwNzAyRUU4NzQ4NzE4Qy8wLzMxMzczMDJlMzIzNDM0MmUzMjMwMzgy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzEzODM4MzIucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACq
9NAwDQYJKoZIhvcNAQELBQADggEBAE015TG5HcZs7n3euvtbtB6MbJ9bN9/yos8/
vLaFPXswavz6EYYc7zwmcw58RDM0ZryJDdfiBHd+6e9+5Wdp+rPMZY9ay6wdLQy2
TBZJzFLqh+wKN2pvsm6u06p200Ewnq1fYMo8ybsHD/mCZsoay+jF1eoagAQu6ZN8
ERiXIx9kFFdVKNJIqtsFFrgJTY3wtOWolbNyote/1D35bDqBbIRdNARnyb2EXCGX
I8RDhlXU6a5mfvFwul2c3X1P6jjm9ewESLXoR3yqrWKlB/hif+eCDeD0sILoN7NL
J2NqpoYGfuKehF58WQ3hCRT0liSN3/uG3Rb8ma4RXxd/02IpxXk=
-----END CERTIFICATE-----
Generated at Sun Jun 16 15:56:36 2024 by rpki-client on console-ams.rpki-client.org