Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/955CBD754F01D5DF6E2E76F14624FDAC72BACD493A43F437D4BBC5E63EC26CAD/0/3139322e3138382e35312e302f32342d3235203d3e203532333433.roa
File:                     3139322e3138382e35312e302f32342d3235203d3e203532333433.roa (raw, json)
Hash identifier:          UYlV0bZp0LOyFejOnDQgsJng65SmYe8s6xGProqpgEs=
Subject key identifier:   86:B6:49:EF:4D:8E:B0:85:E7:E1:ED:74:65:13:D9:9E:5F:AB:2C:07
Certificate issuer:       /CN=0C73CD255F544CACBB58AFD1A29438B601CFFB06
Certificate serial:       44B696D71BD219C8B7227E13F40C0E72DC4B7707
Authority key identifier: 0C:73:CD:25:5F:54:4C:AC:BB:58:AF:D1:A2:94:38:B6:01:CF:FB:06
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0C73CD255F544CACBB58AFD1A29438B601CFFB06.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/955CBD754F01D5DF6E2E76F14624FDAC72BACD493A43F437D4BBC5E63EC26CAD/0/3139322e3138382e35312e302f32342d3235203d3e203532333433.roa
Signing time:             Tue 05 Mar 2024 17:46:49 +0000
ROA not before:           Tue 05 Mar 2024 17:41:49 +0000
ROA not after:            Tue 04 Mar 2025 17:46:49 +0000
asID:                     52343
IP address blocks:        192.188.51.0/24 maxlen: 25

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/955CBD754F01D5DF6E2E76F14624FDAC72BACD493A43F437D4BBC5E63EC26CAD/0/0C73CD255F544CACBB58AFD1A29438B601CFFB06.crl
                          rsync://repository.lacnic.net/rpki/lacnic/955CBD754F01D5DF6E2E76F14624FDAC72BACD493A43F437D4BBC5E63EC26CAD/0/0C73CD255F544CACBB58AFD1A29438B601CFFB06.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0C73CD255F544CACBB58AFD1A29438B601CFFB06.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:b6:96:d7:1b:d2:19:c8:b7:22:7e:13:f4:0c:0e:72:dc:4b:77:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0C73CD255F544CACBB58AFD1A29438B601CFFB06
        Validity
            Not Before: Mar  5 17:41:49 2024 GMT
            Not After : Mar  4 17:46:49 2025 GMT
        Subject: CN=86B649EF4D8EB085E7E1ED746513D99E5FAB2C07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:33:b5:64:6e:62:6b:0c:55:52:3c:e0:23:b3:
                    d9:2e:17:09:7c:3f:46:0b:b2:10:a7:5e:e7:90:49:
                    de:0e:ac:56:c0:c8:9f:e8:33:27:5d:5e:31:fd:bb:
                    86:1d:63:61:f2:7d:0e:c7:bf:3d:c6:a7:28:8b:f4:
                    b0:42:4b:0f:c3:92:da:2f:f5:55:db:cf:70:25:98:
                    5c:0a:9a:48:bd:47:f5:89:9e:7a:31:cc:28:be:fc:
                    3f:09:dc:74:cd:48:89:69:41:e5:65:b8:6c:42:bc:
                    be:ce:7a:c8:fa:92:5b:1b:43:bf:23:7d:7d:6d:e7:
                    b6:f0:ad:30:07:3f:8c:02:64:70:43:00:04:2e:d9:
                    32:a9:cf:4e:44:74:e4:f9:8a:46:fc:62:5f:c2:e0:
                    72:27:cb:2d:ed:88:25:f7:d1:21:1f:b7:ca:c4:6c:
                    28:f0:be:2d:5d:46:9b:0a:d4:f3:2f:83:1e:ef:e7:
                    73:1f:d0:15:5d:b8:cc:7e:14:e9:52:e2:ea:b5:0a:
                    a4:0d:6e:52:fe:ca:f4:40:c1:ba:e1:66:38:72:68:
                    c3:ae:bd:96:d8:eb:e4:1a:68:cf:52:68:98:b3:98:
                    b5:9b:2b:8e:65:c9:21:42:32:66:e3:8d:5d:88:f9:
                    d4:85:77:1a:c7:cf:11:6a:29:e2:b1:43:2a:6b:a6:
                    6c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:B6:49:EF:4D:8E:B0:85:E7:E1:ED:74:65:13:D9:9E:5F:AB:2C:07
            X509v3 Authority Key Identifier:
                keyid:0C:73:CD:25:5F:54:4C:AC:BB:58:AF:D1:A2:94:38:B6:01:CF:FB:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/955CBD754F01D5DF6E2E76F14624FDAC72BACD493A43F437D4BBC5E63EC26CAD/0/0C73CD255F544CACBB58AFD1A29438B601CFFB06.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0C73CD255F544CACBB58AFD1A29438B601CFFB06.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/955CBD754F01D5DF6E2E76F14624FDAC72BACD493A43F437D4BBC5E63EC26CAD/0/3139322e3138382e35312e302f32342d3235203d3e203532333433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.188.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:4e:fc:db:3a:71:2b:8c:29:ef:17:b7:60:f9:d8:9e:92:c2:
         68:a1:15:b5:56:98:4d:f7:f0:06:67:b9:df:b2:48:2c:72:0c:
         52:1a:e6:53:88:80:4d:e7:4e:5e:a5:e2:05:b7:5e:c6:c4:7a:
         64:b7:07:7f:c8:74:9e:c8:4c:bf:b5:66:ab:90:69:27:aa:d2:
         20:65:37:be:47:00:47:5a:c9:3f:bb:8d:ee:ff:22:82:73:75:
         f4:f2:73:de:09:cc:9a:58:83:bd:d2:46:bf:24:df:08:e1:e6:
         77:5f:0f:e6:22:b5:1b:2a:50:7b:04:24:4d:de:ae:df:aa:1c:
         d6:78:1c:e9:1a:a0:80:d3:8c:f4:58:e2:c9:8f:15:d5:2d:70:
         8b:a4:c5:eb:cd:4d:90:6f:f2:05:76:9b:fe:d2:d0:aa:28:cd:
         c1:d4:a9:93:44:2e:ee:67:6a:7f:07:0d:5d:df:a6:22:f4:a2:
         3c:ad:17:1a:25:89:23:8c:95:fd:01:99:64:82:24:48:6c:55:
         78:7b:94:dc:3d:95:68:37:4e:c2:e0:7f:6f:80:15:d5:61:5c:
         83:21:3a:82:53:0a:be:3d:e1:1c:f9:43:fb:9c:7c:dd:c8:ef:
         d4:1f:2d:b1:3d:79:cf:fe:17:26:17:6d:ef:13:24:7f:36:9d:
         9e:a0:28:6f
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIURLaW1xvSGci3In4T9AwOctxLdwcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEM3M0NEMjU1RjU0NENBQ0JCNThBRkQxQTI5NDM4QjYw
MUNGRkIwNjAeFw0yNDAzMDUxNzQxNDlaFw0yNTAzMDQxNzQ2NDlaMDMxMTAvBgNV
BAMTKDg2QjY0OUVGNEQ4RUIwODVFN0UxRUQ3NDY1MTNEOTlFNUZBQjJDMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyM7VkbmJrDFVSPOAjs9kuFwl8
P0YLshCnXueQSd4OrFbAyJ/oMyddXjH9u4YdY2HyfQ7Hvz3GpyiL9LBCSw/Dktov
9VXbz3AlmFwKmki9R/WJnnoxzCi+/D8J3HTNSIlpQeVluGxCvL7Oesj6klsbQ78j
fX1t57bwrTAHP4wCZHBDAAQu2TKpz05EdOT5ikb8Yl/C4HInyy3tiCX30SEft8rE
bCjwvi1dRpsK1PMvgx7v53Mf0BVduMx+FOlS4uq1CqQNblL+yvRAwbrhZjhyaMOu
vZbY6+QaaM9SaJizmLWbK45lySFCMmbjjV2I+dSFdxrHzxFqKeKxQyprpmyPAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUhrZJ702OsIXn4e10ZRPZnl+rLAcwHwYDVR0j
BBgwFoAUDHPNJV9UTKy7WK/RopQ4tgHP+wYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85NTVDQkQ3NTRGMDFENURGNkUyRTc2RjE0NjI0RkRBQzcy
QkFDRDQ5M0E0M0Y0MzdENEJCQzVFNjNFQzI2Q0FELzAvMEM3M0NEMjU1RjU0NENB
Q0JCNThBRkQxQTI5NDM4QjYwMUNGRkIwNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wQzczQ0QyNTVGNTQ0Q0FDQkI1
OEFGRDFBMjk0MzhCNjAxQ0ZGQjA2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTU1Q0JENzU0RjAxRDVERjZFMkU3NkYxNDYyNEZEQUM3MkJBQ0Q0OTNB
NDNGNDM3RDRCQkM1RTYzRUMyNkNBRC8wLzMxMzkzMjJlMzEzODM4MmUzNTMxMmUz
MDJmMzIzNDJkMzIzNTIwM2QzZTIwMzUzMjMzMzQzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMC8MzAN
BgkqhkiG9w0BAQsFAAOCAQEAgU782zpxK4wp7xe3YPnYnpLCaKEVtVaYTffwBme5
37JILHIMUhrmU4iATedOXqXiBbdexsR6ZLcHf8h0nshMv7Vmq5BpJ6rSIGU3vkcA
R1rJP7uN7v8ignN19PJz3gnMmliDvdJGvyTfCOHmd18P5iK1GypQewQkTd6u36oc
1ngc6RqggNOM9FjiyY8V1S1wi6TF681NkG/yBXab/tLQqijNwdSpk0Qu7mdqfwcN
Xd+mIvSiPK0XGiWJI4yV/QGZZIIkSGxVeHuU3D2VaDdOwuB/b4AV1WFcgyE6glMK
vj3hHPlD+5x83cjv1B8tsT15z/4XJhdt7xMkfzadnqAobw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:37:49 2024 by rpki-client on console-ams.rpki-client.org