Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/947CF2F0ED33864F09153D6224E1FCF708034026D4A1FF0E00B41E2775ED029E/0/3230312e3231392e3235322e302f32322d3234203d3e203634313335.roa
File:                     3230312e3231392e3235322e302f32322d3234203d3e203634313335.roa (raw, json)
Hash identifier:          67f6VaiOBUwgywj9zIbdqGIGBozg8DY+pzjaPhU+b54=
Subject key identifier:   AD:78:82:F3:AF:3B:E8:AA:D4:2E:53:32:12:2C:E7:AD:C1:D7:B3:2F
Certificate issuer:       /CN=B5F100D6FEF4DD1887095595838207E669CA7479
Certificate serial:       56E50618C96B343B4254A7BFCE5278BB1EF40025
Authority key identifier: B5:F1:00:D6:FE:F4:DD:18:87:09:55:95:83:82:07:E6:69:CA:74:79
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B5F100D6FEF4DD1887095595838207E669CA7479.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/947CF2F0ED33864F09153D6224E1FCF708034026D4A1FF0E00B41E2775ED029E/0/3230312e3231392e3235322e302f32322d3234203d3e203634313335.roa
Signing time:             Fri 18 Oct 2024 15:45:00 +0000
ROA not before:           Fri 18 Oct 2024 15:40:00 +0000
ROA not after:            Fri 17 Oct 2025 15:45:00 +0000
asID:                     64135
IP address blocks:        201.219.252.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/947CF2F0ED33864F09153D6224E1FCF708034026D4A1FF0E00B41E2775ED029E/0/B5F100D6FEF4DD1887095595838207E669CA7479.crl
                          rsync://repository.lacnic.net/rpki/lacnic/947CF2F0ED33864F09153D6224E1FCF708034026D4A1FF0E00B41E2775ED029E/0/B5F100D6FEF4DD1887095595838207E669CA7479.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B5F100D6FEF4DD1887095595838207E669CA7479.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:e5:06:18:c9:6b:34:3b:42:54:a7:bf:ce:52:78:bb:1e:f4:00:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B5F100D6FEF4DD1887095595838207E669CA7479
        Validity
            Not Before: Oct 18 15:40:00 2024 GMT
            Not After : Oct 17 15:45:00 2025 GMT
        Subject: CN=AD7882F3AF3BE8AAD42E5332122CE7ADC1D7B32F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:f5:60:c0:a0:4f:7a:ec:f3:09:fa:cc:27:a9:
                    75:46:c1:72:72:d0:e7:b1:12:72:9d:dc:3b:bb:e8:
                    34:8d:17:eb:2e:1b:27:8b:6c:ac:03:24:22:5c:8c:
                    b2:aa:f9:98:ff:d3:69:bc:9a:02:34:c6:66:a1:0b:
                    d9:e1:b0:a1:59:48:0d:f1:2a:a3:2e:8c:c3:3b:da:
                    b7:fd:03:23:64:4c:09:f6:fa:e5:0b:59:88:4b:64:
                    7e:08:2c:6c:c2:61:05:4d:9d:f5:e2:65:94:d6:c9:
                    60:56:49:38:3f:0d:ca:8e:33:5b:50:02:b4:90:b0:
                    07:50:05:56:9a:27:2d:db:a4:19:8e:71:63:c5:a0:
                    e5:94:fd:6b:8c:f7:9e:33:96:3a:60:81:8a:e7:fe:
                    cd:f3:8c:96:a6:6c:35:83:fc:1a:fd:60:3c:83:3f:
                    32:82:48:42:0d:d7:75:d7:22:dc:60:13:64:96:ae:
                    ae:50:df:07:95:e5:67:16:74:62:32:88:e4:ba:b4:
                    c1:4f:84:d2:26:93:89:f2:c1:38:c8:7c:3e:61:ab:
                    84:c8:0a:d1:80:9f:af:d0:0e:38:70:4e:b1:56:3e:
                    b9:7f:44:06:d8:96:c8:b2:5d:9f:49:99:38:c3:d4:
                    4b:43:99:97:ca:45:ec:fd:80:bc:f2:f4:5a:a5:90:
                    db:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:78:82:F3:AF:3B:E8:AA:D4:2E:53:32:12:2C:E7:AD:C1:D7:B3:2F
            X509v3 Authority Key Identifier:
                keyid:B5:F1:00:D6:FE:F4:DD:18:87:09:55:95:83:82:07:E6:69:CA:74:79

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/947CF2F0ED33864F09153D6224E1FCF708034026D4A1FF0E00B41E2775ED029E/0/B5F100D6FEF4DD1887095595838207E669CA7479.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B5F100D6FEF4DD1887095595838207E669CA7479.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/947CF2F0ED33864F09153D6224E1FCF708034026D4A1FF0E00B41E2775ED029E/0/3230312e3231392e3235322e302f32322d3234203d3e203634313335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.219.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         83:58:e9:0b:81:43:ab:2e:d5:d6:53:fa:79:8b:60:fe:0f:3f:
         9b:59:fd:a9:3d:3b:68:c5:99:1e:2b:08:39:8f:e8:e9:b9:b0:
         00:3e:73:21:67:a8:21:4e:2a:b9:b0:83:ab:bc:4e:6f:1a:b1:
         35:d7:d0:e2:df:ee:1b:c6:36:bd:ab:5d:51:c0:b0:fd:6b:7a:
         c2:e7:44:2d:3a:1b:d5:8b:d4:a3:ad:5e:32:99:a8:ef:3a:0d:
         f5:e5:4a:b1:cd:7d:64:c0:a3:61:19:65:0e:17:01:7d:6b:34:
         ea:e9:52:71:16:ce:d4:d5:62:47:f0:6a:21:9f:42:c5:ee:8f:
         47:03:90:aa:6c:b7:a0:16:f3:96:f4:60:72:a4:5a:e4:ff:ee:
         8c:8c:0c:81:c2:7c:f0:4e:ec:63:73:cb:e1:2c:60:ff:fc:a1:
         e2:dd:76:02:40:38:04:33:53:7f:ce:e1:bd:e8:9f:a3:e8:0b:
         64:d4:c7:0a:ad:6f:5e:20:aa:13:78:0c:be:ea:16:7d:dc:93:
         08:32:bf:6d:67:28:75:51:37:a3:01:a1:c9:8b:61:8d:e3:53:
         f9:b1:3e:7c:d9:3c:0e:e2:bb:24:2a:91:af:0b:3a:aa:1e:63:
         29:58:b7:08:5d:75:c3:f6:fe:35:b7:07:ad:d5:82:c9:f9:64:
         c5:15:cf:7e
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUVuUGGMlrNDtCVKe/zlJ4ux70ACUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjVGMTAwRDZGRUY0REQxODg3MDk1NTk1ODM4MjA3RTY2
OUNBNzQ3OTAeFw0yNDEwMTgxNTQwMDBaFw0yNTEwMTcxNTQ1MDBaMDMxMTAvBgNV
BAMTKEFENzg4MkYzQUYzQkU4QUFENDJFNTMzMjEyMkNFN0FEQzFEN0IzMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU9WDAoE967PMJ+swnqXVGwXJy
0OexEnKd3Du76DSNF+suGyeLbKwDJCJcjLKq+Zj/02m8mgI0xmahC9nhsKFZSA3x
KqMujMM72rf9AyNkTAn2+uULWYhLZH4ILGzCYQVNnfXiZZTWyWBWSTg/DcqOM1tQ
ArSQsAdQBVaaJy3bpBmOcWPFoOWU/WuM954zljpggYrn/s3zjJambDWD/Br9YDyD
PzKCSEIN13XXItxgE2SWrq5Q3weV5WcWdGIyiOS6tMFPhNImk4nywTjIfD5hq4TI
CtGAn6/QDjhwTrFWPrl/RAbYlsiyXZ9JmTjD1EtDmZfKRez9gLzy9FqlkNsvAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUrXiC86876KrULlMyEiznrcHXsy8wHwYDVR0j
BBgwFoAUtfEA1v703RiHCVWVg4IH5mnKdHkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85NDdDRjJGMEVEMzM4NjRGMDkxNTNENjIyNEUxRkNGNzA4
MDM0MDI2RDRBMUZGMEUwMEI0MUUyNzc1RUQwMjlFLzAvQjVGMTAwRDZGRUY0REQx
ODg3MDk1NTk1ODM4MjA3RTY2OUNBNzQ3OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CNUYxMDBENkZFRjRERDE4ODcw
OTU1OTU4MzgyMDdFNjY5Q0E3NDc5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTQ3Q0YyRjBFRDMzODY0RjA5MTUzRDYyMjRFMUZDRjcwODAzNDAyNkQ0
QTFGRjBFMDBCNDFFMjc3NUVEMDI5RS8wLzMyMzAzMTJlMzIzMTM5MmUzMjM1MzIy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNjM0MzEzMzM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCydv8
MA0GCSqGSIb3DQEBCwUAA4IBAQCDWOkLgUOrLtXWU/p5i2D+Dz+bWf2pPTtoxZke
Kwg5j+jpubAAPnMhZ6ghTiq5sIOrvE5vGrE119Di3+4bxja9q11RwLD9a3rC50Qt
OhvVi9SjrV4ymajvOg315UqxzX1kwKNhGWUOFwF9azTq6VJxFs7U1WJH8Gohn0LF
7o9HA5CqbLegFvOW9GBypFrk/+6MjAyBwnzwTuxjc8vhLGD//KHi3XYCQDgEM1N/
zuG96J+j6Atk1McKrW9eIKoTeAy+6hZ93JMIMr9tZyh1UTejAaHJi2GN41P5sT58
2TwO4rskKpGvCzqqHmMpWLcIXXXD9v41twet1YLJ+WTFFc9+
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:37:49 2024 by rpki-client on console-ams.rpki-client.org