Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/93FCEDB9F6E2C46A3F82B14D50AE8F334AC64287131F1FF475AB64EB7F96E10D/0/3139302e3231312e37312e302f32342d3234203d3e203532333238.roa
File:                     3139302e3231312e37312e302f32342d3234203d3e203532333238.roa (raw, json)
Hash identifier:          Gs2zeMZyO9HIUaJwyrE/9knGCE2lw+64/QH01UCnQFI=
Subject key identifier:   82:7C:BF:5D:D5:BC:2D:E3:7C:E4:85:90:6C:D1:09:B7:AB:AD:40:8E
Certificate issuer:       /CN=D3BEE2BC3DBF41E55940899128EEA1A38DD0778F
Certificate serial:       50E396DF63778C93D2F11261261CB6B234E9B1C4
Authority key identifier: D3:BE:E2:BC:3D:BF:41:E5:59:40:89:91:28:EE:A1:A3:8D:D0:77:8F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D3BEE2BC3DBF41E55940899128EEA1A38DD0778F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/93FCEDB9F6E2C46A3F82B14D50AE8F334AC64287131F1FF475AB64EB7F96E10D/0/3139302e3231312e37312e302f32342d3234203d3e203532333238.roa
Signing time:             Tue 05 Mar 2024 17:44:20 +0000
ROA not before:           Tue 05 Mar 2024 17:39:20 +0000
ROA not after:            Tue 04 Mar 2025 17:44:20 +0000
asID:                     52328
IP address blocks:        190.211.71.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/93FCEDB9F6E2C46A3F82B14D50AE8F334AC64287131F1FF475AB64EB7F96E10D/0/D3BEE2BC3DBF41E55940899128EEA1A38DD0778F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/93FCEDB9F6E2C46A3F82B14D50AE8F334AC64287131F1FF475AB64EB7F96E10D/0/D3BEE2BC3DBF41E55940899128EEA1A38DD0778F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D3BEE2BC3DBF41E55940899128EEA1A38DD0778F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:e3:96:df:63:77:8c:93:d2:f1:12:61:26:1c:b6:b2:34:e9:b1:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D3BEE2BC3DBF41E55940899128EEA1A38DD0778F
        Validity
            Not Before: Mar  5 17:39:20 2024 GMT
            Not After : Mar  4 17:44:20 2025 GMT
        Subject: CN=827CBF5DD5BC2DE37CE485906CD109B7ABAD408E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c5:66:f3:70:2c:e1:2b:a5:79:a3:37:90:bf:
                    58:37:fb:5b:32:4f:c1:21:9a:94:7b:51:88:dd:27:
                    69:d6:48:8e:41:d9:d1:03:23:e6:9f:56:41:57:dd:
                    86:1c:cc:dc:fa:54:5d:7b:23:93:ed:6b:be:31:67:
                    40:90:9e:62:c3:11:b0:39:eb:25:d1:d6:44:7a:ef:
                    9d:d7:f3:81:86:0a:b2:7e:25:cf:48:f0:df:11:79:
                    66:5a:bd:8a:25:be:6e:f3:e0:12:39:d7:06:18:20:
                    cf:8f:9f:8c:7a:d9:5c:91:84:ce:86:17:1f:64:d4:
                    98:ad:a8:37:b7:40:03:90:53:62:9e:47:6e:64:af:
                    0f:17:5a:c8:65:98:00:99:51:91:8f:13:99:19:f8:
                    e9:0c:f5:d0:f3:67:b1:64:22:f8:f1:a3:48:ae:e3:
                    6c:ed:51:26:92:d3:24:b2:a9:e1:ac:79:d5:4f:d5:
                    c3:4f:82:83:62:74:56:7f:2d:fc:82:48:97:83:cb:
                    f4:39:8f:e9:88:c2:98:8e:bb:5f:55:7d:79:b1:78:
                    61:7a:3f:b1:91:76:37:a6:5e:72:52:c8:b1:2b:2b:
                    33:b0:8f:2c:37:63:dd:31:61:df:9c:e8:d3:9c:9f:
                    ae:6d:c9:5e:5b:2d:e4:52:9c:5e:20:89:73:b4:24:
                    80:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:7C:BF:5D:D5:BC:2D:E3:7C:E4:85:90:6C:D1:09:B7:AB:AD:40:8E
            X509v3 Authority Key Identifier:
                keyid:D3:BE:E2:BC:3D:BF:41:E5:59:40:89:91:28:EE:A1:A3:8D:D0:77:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/93FCEDB9F6E2C46A3F82B14D50AE8F334AC64287131F1FF475AB64EB7F96E10D/0/D3BEE2BC3DBF41E55940899128EEA1A38DD0778F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D3BEE2BC3DBF41E55940899128EEA1A38DD0778F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/93FCEDB9F6E2C46A3F82B14D50AE8F334AC64287131F1FF475AB64EB7F96E10D/0/3139302e3231312e37312e302f32342d3234203d3e203532333238.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.211.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:60:36:60:d4:13:c4:21:10:d5:28:3d:68:62:3d:b2:c9:9e:
         2b:c6:fc:3c:6b:16:78:6e:d7:df:33:62:eb:01:f4:79:80:25:
         32:38:c2:13:2c:16:7d:d6:f4:e8:22:08:b2:78:a3:03:37:b2:
         ed:34:4e:49:7c:c8:0c:a3:ff:a2:36:f7:44:d9:61:34:bf:cc:
         68:04:8a:4d:a9:77:27:9c:77:4d:47:d7:96:a9:06:84:b7:65:
         89:18:36:a2:ab:13:9f:40:ad:97:8a:8a:04:e7:ce:e7:92:e4:
         68:8a:da:19:a5:7f:01:52:7b:c2:99:34:9d:27:84:c5:4c:7b:
         60:25:6c:d7:ac:e0:24:4f:00:b0:19:19:16:eb:05:3e:a0:7f:
         0c:11:5b:4b:eb:4a:55:c6:4f:68:03:b2:3d:0f:1c:2c:90:80:
         7e:49:f0:4c:2b:29:4c:06:c6:c0:33:fd:78:47:8a:d1:68:01:
         2e:fb:b2:88:68:f7:97:ae:0a:eb:91:9b:87:cf:a9:3d:0b:8a:
         97:c8:81:c3:28:2b:41:65:af:6a:e4:60:bb:75:71:c6:08:38:
         cf:6d:6b:43:fc:da:53:6f:b2:e1:fe:74:9c:b0:3e:9a:b0:e7:
         aa:19:44:f7:4b:9a:14:77:28:b7:6f:dd:38:81:b2:16:5e:bf:
         cc:42:9b:27
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUUOOW32N3jJPS8RJhJhy2sjTpscQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDNCRUUyQkMzREJGNDFFNTU5NDA4OTkxMjhFRUExQTM4
REQwNzc4RjAeFw0yNDAzMDUxNzM5MjBaFw0yNTAzMDQxNzQ0MjBaMDMxMTAvBgNV
BAMTKDgyN0NCRjVERDVCQzJERTM3Q0U0ODU5MDZDRDEwOUI3QUJBRDQwOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxxWbzcCzhK6V5ozeQv1g3+1sy
T8EhmpR7UYjdJ2nWSI5B2dEDI+afVkFX3YYczNz6VF17I5Pta74xZ0CQnmLDEbA5
6yXR1kR6753X84GGCrJ+Jc9I8N8ReWZavYolvm7z4BI51wYYIM+Pn4x62VyRhM6G
Fx9k1JitqDe3QAOQU2KeR25krw8XWshlmACZUZGPE5kZ+OkM9dDzZ7FkIvjxo0iu
42ztUSaS0ySyqeGsedVP1cNPgoNidFZ/LfyCSJeDy/Q5j+mIwpiOu19VfXmxeGF6
P7GRdjemXnJSyLErKzOwjyw3Y90xYd+c6NOcn65tyV5bLeRSnF4giXO0JIDrAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUgny/XdW8LeN85IWQbNEJt6utQI4wHwYDVR0j
BBgwFoAU077ivD2/QeVZQImRKO6ho43Qd48wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85M0ZDRURCOUY2RTJDNDZBM0Y4MkIxNEQ1MEFFOEYzMzRB
QzY0Mjg3MTMxRjFGRjQ3NUFCNjRFQjdGOTZFMTBELzAvRDNCRUUyQkMzREJGNDFF
NTU5NDA4OTkxMjhFRUExQTM4REQwNzc4Ri5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EM0JFRTJCQzNEQkY0MUU1NTk0
MDg5OTEyOEVFQTFBMzhERDA3NzhGLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTNGQ0VEQjlGNkUyQzQ2QTNGODJCMTRENTBBRThGMzM0QUM2NDI4NzEz
MUYxRkY0NzVBQjY0RUI3Rjk2RTEwRC8wLzMxMzkzMDJlMzIzMTMxMmUzNzMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMzMzIzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAL7TRzAN
BgkqhkiG9w0BAQsFAAOCAQEAR2A2YNQTxCEQ1Sg9aGI9ssmeK8b8PGsWeG7X3zNi
6wH0eYAlMjjCEywWfdb06CIIsnijAzey7TROSXzIDKP/ojb3RNlhNL/MaASKTal3
J5x3TUfXlqkGhLdliRg2oqsTn0Ctl4qKBOfO55LkaIraGaV/AVJ7wpk0nSeExUx7
YCVs16zgJE8AsBkZFusFPqB/DBFbS+tKVcZPaAOyPQ8cLJCAfknwTCspTAbGwDP9
eEeK0WgBLvuyiGj3l64K65Gbh8+pPQuKl8iBwygrQWWvauRgu3Vxxgg4z21rQ/za
U2+y4f50nLA+mrDnqhlE90uaFHcot2/dOIGyFl6/zEKbJw==
-----END CERTIFICATE-----
Generated at Wed Nov 20 12:07:53 2024 by rpki-client on console-fra.rpki-client.org