Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/95C752E1AD4889BB7EB545A6B7EF81F8AEC58D8B21E81C3C996103FAED7C1798/0/3137302e37392e3131312e302f32342d3234203d3e20323632323138.roa
File:                     3137302e37392e3131312e302f32342d3234203d3e20323632323138.roa (raw, json)
Hash identifier:          5Tcle6XTdgN9qTwiD4bmxhKjfIO88z/9IIYPCPXv8R0=
Subject key identifier:   D0:35:E8:29:C7:9C:97:0F:07:5A:73:57:2C:B2:35:8D:7C:CE:67:61
Certificate issuer:       /CN=37309EBD13954CA35EC58986AEFEF579DA52A9BD
Certificate serial:       6AF4821C2FD89817DA18EEC5E86EA3AD8DC4BA36
Authority key identifier: 37:30:9E:BD:13:95:4C:A3:5E:C5:89:86:AE:FE:F5:79:DA:52:A9:BD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/37309EBD13954CA35EC58986AEFEF579DA52A9BD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/95C752E1AD4889BB7EB545A6B7EF81F8AEC58D8B21E81C3C996103FAED7C1798/0/3137302e37392e3131312e302f32342d3234203d3e20323632323138.roa
Signing time:             Tue 05 Mar 2024 18:08:41 +0000
ROA not before:           Tue 05 Mar 2024 18:03:41 +0000
ROA not after:            Tue 04 Mar 2025 18:08:41 +0000
asID:                     262218
IP address blocks:        170.79.111.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/95C752E1AD4889BB7EB545A6B7EF81F8AEC58D8B21E81C3C996103FAED7C1798/0/37309EBD13954CA35EC58986AEFEF579DA52A9BD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/95C752E1AD4889BB7EB545A6B7EF81F8AEC58D8B21E81C3C996103FAED7C1798/0/37309EBD13954CA35EC58986AEFEF579DA52A9BD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/37309EBD13954CA35EC58986AEFEF579DA52A9BD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:f4:82:1c:2f:d8:98:17:da:18:ee:c5:e8:6e:a3:ad:8d:c4:ba:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37309EBD13954CA35EC58986AEFEF579DA52A9BD
        Validity
            Not Before: Mar  5 18:03:41 2024 GMT
            Not After : Mar  4 18:08:41 2025 GMT
        Subject: CN=D035E829C79C970F075A73572CB2358D7CCE6761
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:89:b1:44:dd:89:3a:e4:c2:2b:b3:26:39:c9:
                    7e:e2:d9:be:b1:d8:8a:e9:c4:bf:89:96:1c:c8:10:
                    a8:49:0e:80:b7:b0:8d:94:d0:42:6c:d0:7b:1a:76:
                    16:bc:8c:5a:ea:22:ca:64:29:c0:b1:58:45:fe:78:
                    2d:1d:0c:a8:b2:93:9b:48:cd:eb:ce:62:4d:47:47:
                    85:25:d0:ed:8a:86:45:1f:d9:6a:88:b4:a1:9f:5f:
                    22:e0:e9:c8:8e:05:60:ab:c7:38:2a:74:59:15:f0:
                    02:00:ef:69:ac:b2:5f:32:f2:02:f0:2f:32:2e:3d:
                    4a:bc:21:f5:e6:70:05:ee:66:39:03:ec:2a:78:d1:
                    08:28:76:67:35:82:51:1a:2b:9d:4b:ba:ba:07:11:
                    f6:03:a2:8b:b1:8f:94:ab:ca:12:c9:d1:b3:e3:1c:
                    5c:48:62:7f:c9:d9:72:27:0c:7f:d2:85:00:df:bd:
                    c8:40:03:c6:45:e5:99:f9:3b:ef:33:9a:02:c2:67:
                    5d:38:e3:78:9d:7c:c6:b2:33:4a:e7:54:74:46:2f:
                    00:e0:2a:cf:86:d3:91:5a:67:9f:fe:75:97:c0:37:
                    40:ce:bb:17:5b:14:0e:ea:05:aa:c3:67:a0:1f:4d:
                    dd:bd:0a:50:19:94:97:af:2b:8c:ca:31:0b:30:97:
                    a2:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:35:E8:29:C7:9C:97:0F:07:5A:73:57:2C:B2:35:8D:7C:CE:67:61
            X509v3 Authority Key Identifier:
                keyid:37:30:9E:BD:13:95:4C:A3:5E:C5:89:86:AE:FE:F5:79:DA:52:A9:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/95C752E1AD4889BB7EB545A6B7EF81F8AEC58D8B21E81C3C996103FAED7C1798/0/37309EBD13954CA35EC58986AEFEF579DA52A9BD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/37309EBD13954CA35EC58986AEFEF579DA52A9BD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/95C752E1AD4889BB7EB545A6B7EF81F8AEC58D8B21E81C3C996103FAED7C1798/0/3137302e37392e3131312e302f32342d3234203d3e20323632323138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.79.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:ac:45:9d:85:b9:b4:d7:40:95:35:ea:87:d0:7f:07:4c:95:
         1d:81:2c:d3:55:af:45:f8:67:41:09:a8:2c:f7:91:dd:5b:b6:
         c1:80:dd:5f:4b:98:ba:29:cd:cb:b6:53:a3:b8:66:d3:d3:e5:
         25:9b:f3:53:df:80:24:7d:f6:a3:09:1a:6d:4f:99:b1:f2:d9:
         9f:14:3b:0a:b0:6d:7b:90:d3:3c:3e:5d:21:21:d5:b6:14:5e:
         ab:ee:e4:f3:34:b2:a6:3a:b1:4f:60:fb:71:2f:8a:69:0f:86:
         30:ea:af:4c:5e:51:f7:b5:1c:2d:58:6c:2a:50:72:24:7d:2b:
         05:0f:52:04:9b:d1:d1:68:61:3e:7a:76:68:bd:51:38:85:9f:
         70:f7:63:60:ec:7e:8a:9a:a2:4e:48:e9:5d:0a:5f:b3:ef:20:
         47:a8:d6:f3:5c:fb:f9:3c:66:b3:3a:8e:4d:c0:d4:cf:55:7e:
         4c:a5:dd:b8:0f:ae:c5:fb:80:01:11:2d:de:c3:54:ec:78:62:
         f6:84:00:55:8f:49:6a:a9:55:50:38:26:bd:df:1a:27:db:72:
         71:ce:6f:c2:a4:ef:46:d2:d9:51:71:53:10:d6:15:db:98:86:
         e7:ac:51:3c:5d:3c:96:e1:76:95:9b:e0:c2:f3:e2:5e:68:a7:
         bd:ff:dc:5f
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUavSCHC/YmBfaGO7F6G6jrY3EujYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzczMDlFQkQxMzk1NENBMzVFQzU4OTg2QUVGRUY1NzlE
QTUyQTlCRDAeFw0yNDAzMDUxODAzNDFaFw0yNTAzMDQxODA4NDFaMDMxMTAvBgNV
BAMTKEQwMzVFODI5Qzc5Qzk3MEYwNzVBNzM1NzJDQjIzNThEN0NDRTY3NjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZibFE3Yk65MIrsyY5yX7i2b6x
2IrpxL+JlhzIEKhJDoC3sI2U0EJs0Hsadha8jFrqIspkKcCxWEX+eC0dDKiyk5tI
zevOYk1HR4Ul0O2KhkUf2WqItKGfXyLg6ciOBWCrxzgqdFkV8AIA72mssl8y8gLw
LzIuPUq8IfXmcAXuZjkD7Cp40Qgodmc1glEaK51LuroHEfYDoouxj5SryhLJ0bPj
HFxIYn/J2XInDH/ShQDfvchAA8ZF5Zn5O+8zmgLCZ10443idfMayM0rnVHRGLwDg
Ks+G05FaZ5/+dZfAN0DOuxdbFA7qBarDZ6AfTd29ClAZlJevK4zKMQswl6LdAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU0DXoKceclw8HWnNXLLI1jXzOZ2EwHwYDVR0j
BBgwFoAUNzCevROVTKNexYmGrv71edpSqb0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85NUM3NTJFMUFENDg4OUJCN0VCNTQ1QTZCN0VGODFGOEFF
QzU4RDhCMjFFODFDM0M5OTYxMDNGQUVEN0MxNzk4LzAvMzczMDlFQkQxMzk1NENB
MzVFQzU4OTg2QUVGRUY1NzlEQTUyQTlCRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zNzMwOUVCRDEzOTU0Q0EzNUVD
NTg5ODZBRUZFRjU3OURBNTJBOUJELmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTVDNzUyRTFBRDQ4ODlCQjdFQjU0NUE2QjdFRjgxRjhBRUM1OEQ4QjIx
RTgxQzNDOTk2MTAzRkFFRDdDMTc5OC8wLzMxMzczMDJlMzczOTJlMzEzMTMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMyMzIzMTM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqk9v
MA0GCSqGSIb3DQEBCwUAA4IBAQCHrEWdhbm010CVNeqH0H8HTJUdgSzTVa9F+GdB
Cags95HdW7bBgN1fS5i6Kc3LtlOjuGbT0+Ulm/NT34AkffajCRptT5mx8tmfFDsK
sG17kNM8Pl0hIdW2FF6r7uTzNLKmOrFPYPtxL4ppD4Yw6q9MXlH3tRwtWGwqUHIk
fSsFD1IEm9HRaGE+enZovVE4hZ9w92Ng7H6KmqJOSOldCl+z7yBHqNbzXPv5PGaz
Oo5NwNTPVX5Mpd24D67F+4ABES3ew1TseGL2hABVj0lqqVVQOCa93xon23Jxzm/C
pO9G0tlRcVMQ1hXbmIbnrFE8XTyW4XaVm+DC8+JeaKe9/9xf
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:59:50 2024 by rpki-client on console-ams.rpki-client.org