Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9701C431A529EA20E951CCF098725BEC7F05D8173A405C1A9DEB640BA97BEE5A/0/3137302e3234362e35322e302f32322d3232203d3e20323633373430.roa
File:                     3137302e3234362e35322e302f32322d3232203d3e20323633373430.roa (raw, json)
Hash identifier:          eEtTuE3joE3K6sAyNGE1Qf/kTU49Qli7X90Qb7nLQUY=
Subject key identifier:   7D:D1:7D:0B:C3:55:74:68:AA:FB:BF:C6:DA:7F:9D:3A:47:23:4E:3E
Certificate issuer:       /CN=305370A1998C6AEF9B94283517F4B1E6BB5AD0BC
Certificate serial:       69B71BB7A30D669ADF6365106A5F34B5D20C6A7F
Authority key identifier: 30:53:70:A1:99:8C:6A:EF:9B:94:28:35:17:F4:B1:E6:BB:5A:D0:BC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/305370A1998C6AEF9B94283517F4B1E6BB5AD0BC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9701C431A529EA20E951CCF098725BEC7F05D8173A405C1A9DEB640BA97BEE5A/0/3137302e3234362e35322e302f32322d3232203d3e20323633373430.roa
Signing time:             Tue 05 Mar 2024 17:47:31 +0000
ROA not before:           Tue 05 Mar 2024 17:42:31 +0000
ROA not after:            Tue 04 Mar 2025 17:47:31 +0000
asID:                     263740
IP address blocks:        170.246.52.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9701C431A529EA20E951CCF098725BEC7F05D8173A405C1A9DEB640BA97BEE5A/0/305370A1998C6AEF9B94283517F4B1E6BB5AD0BC.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9701C431A529EA20E951CCF098725BEC7F05D8173A405C1A9DEB640BA97BEE5A/0/305370A1998C6AEF9B94283517F4B1E6BB5AD0BC.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/305370A1998C6AEF9B94283517F4B1E6BB5AD0BC.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:b7:1b:b7:a3:0d:66:9a:df:63:65:10:6a:5f:34:b5:d2:0c:6a:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=305370A1998C6AEF9B94283517F4B1E6BB5AD0BC
        Validity
            Not Before: Mar  5 17:42:31 2024 GMT
            Not After : Mar  4 17:47:31 2025 GMT
        Subject: CN=7DD17D0BC3557468AAFBBFC6DA7F9D3A47234E3E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:7b:48:56:da:d3:a4:57:4d:a3:5b:3e:de:40:
                    d7:c8:e4:3e:e8:b8:bd:03:fb:85:65:2c:08:86:d3:
                    29:35:d9:b7:e5:45:cf:16:1b:3a:38:4b:b9:5b:67:
                    d8:ef:b6:7b:f6:f1:0f:90:51:52:18:e1:b8:80:a3:
                    15:c5:c4:70:02:6d:fb:4d:9f:62:28:32:73:8a:db:
                    63:de:16:7c:5a:69:dd:dc:af:fa:bb:7f:ee:39:51:
                    b3:06:f2:57:d1:4a:e3:86:50:1a:c2:0b:5c:bd:0c:
                    b7:01:3f:7a:d8:0d:05:a3:a4:55:ae:51:94:f9:c4:
                    3a:87:0b:15:35:cc:54:76:be:88:17:02:97:e5:96:
                    a2:31:34:e2:8b:f7:d8:88:fc:eb:47:94:d3:7e:85:
                    d6:a2:d0:38:21:74:8a:ad:3a:ed:fb:15:00:6e:ce:
                    76:55:79:b9:a7:51:e1:c1:33:39:e4:48:c4:bb:c6:
                    c7:47:b1:c5:f6:4a:19:66:f1:e8:33:b8:19:67:ff:
                    b4:78:4d:ca:65:da:3f:49:d6:3b:a9:a8:62:85:c0:
                    aa:93:71:8a:b2:2d:c6:6f:61:1d:d1:14:03:f9:97:
                    5c:51:c7:57:46:41:24:5d:1f:51:55:2a:63:76:92:
                    e5:86:dc:5a:af:67:4c:32:cb:1f:80:9b:dc:f3:31:
                    f5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:D1:7D:0B:C3:55:74:68:AA:FB:BF:C6:DA:7F:9D:3A:47:23:4E:3E
            X509v3 Authority Key Identifier:
                keyid:30:53:70:A1:99:8C:6A:EF:9B:94:28:35:17:F4:B1:E6:BB:5A:D0:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9701C431A529EA20E951CCF098725BEC7F05D8173A405C1A9DEB640BA97BEE5A/0/305370A1998C6AEF9B94283517F4B1E6BB5AD0BC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/305370A1998C6AEF9B94283517F4B1E6BB5AD0BC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9701C431A529EA20E951CCF098725BEC7F05D8173A405C1A9DEB640BA97BEE5A/0/3137302e3234362e35322e302f32322d3232203d3e20323633373430.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.246.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:fd:f4:0f:ca:68:e0:a9:57:a5:91:9d:44:71:7a:9f:cd:bc:
         ee:99:a3:66:a5:ef:af:ad:a2:98:c9:ae:a9:73:ce:65:b8:e8:
         d9:e6:f5:f6:57:bb:2d:72:d7:b2:1b:b6:e8:6d:9c:90:7b:62:
         bc:69:9a:95:0b:e9:e4:a6:42:4d:94:be:42:1d:3d:95:e1:07:
         ae:77:3f:e1:0f:be:d6:d8:28:e2:99:eb:8e:7a:96:f8:8e:0c:
         fa:71:6d:54:3a:61:23:60:27:77:b0:9a:b5:9d:af:e9:10:c7:
         0b:8b:50:db:a7:9a:14:a9:80:db:b8:7d:c6:2d:23:17:3e:9a:
         6e:9d:e6:2e:52:9f:f1:0f:f7:51:35:d8:c5:1f:be:59:db:38:
         bf:d5:b3:14:9b:97:f1:10:eb:8a:5e:89:98:5e:4b:22:ae:46:
         06:8e:67:8b:03:aa:fe:cd:7e:c0:55:2a:cc:ce:40:cf:95:49:
         26:03:15:bd:13:80:dc:67:9d:fc:63:5f:c6:40:c2:50:8a:b0:
         73:aa:0f:99:6e:00:5c:e7:b0:80:f5:01:70:69:57:56:fc:fe:
         5f:5b:56:11:3a:ac:76:f8:6e:3b:87:8e:aa:45:f6:7e:e8:e3:
         a0:83:de:90:28:33:72:95:39:ca:25:ab:32:6a:21:23:2c:c6:
         2f:9a:54:24
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUabcbt6MNZprfY2UQal80tdIMan8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzA1MzcwQTE5OThDNkFFRjlCOTQyODM1MTdGNEIxRTZC
QjVBRDBCQzAeFw0yNDAzMDUxNzQyMzFaFw0yNTAzMDQxNzQ3MzFaMDMxMTAvBgNV
BAMTKDdERDE3RDBCQzM1NTc0NjhBQUZCQkZDNkRBN0Y5RDNBNDcyMzRFM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfe0hW2tOkV02jWz7eQNfI5D7o
uL0D+4VlLAiG0yk12bflRc8WGzo4S7lbZ9jvtnv28Q+QUVIY4biAoxXFxHACbftN
n2IoMnOK22PeFnxaad3cr/q7f+45UbMG8lfRSuOGUBrCC1y9DLcBP3rYDQWjpFWu
UZT5xDqHCxU1zFR2vogXApfllqIxNOKL99iI/OtHlNN+hdai0DghdIqtOu37FQBu
znZVebmnUeHBMznkSMS7xsdHscX2Shlm8egzuBln/7R4Tcpl2j9J1jupqGKFwKqT
cYqyLcZvYR3RFAP5l1xRx1dGQSRdH1FVKmN2kuWG3FqvZ0wyyx+Am9zzMfXdAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUfdF9C8NVdGiq+7/G2n+dOkcjTj4wHwYDVR0j
BBgwFoAUMFNwoZmMau+blCg1F/Sx5rta0LwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85NzAxQzQzMUE1MjlFQTIwRTk1MUNDRjA5ODcyNUJFQzdG
MDVEODE3M0E0MDVDMUE5REVCNjQwQkE5N0JFRTVBLzAvMzA1MzcwQTE5OThDNkFF
RjlCOTQyODM1MTdGNEIxRTZCQjVBRDBCQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zMDUzNzBBMTk5OEM2QUVGOUI5
NDI4MzUxN0Y0QjFFNkJCNUFEMEJDLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTcwMUM0MzFBNTI5RUEyMEU5NTFDQ0YwOTg3MjVCRUM3RjA1RDgxNzNB
NDA1QzFBOURFQjY0MEJBOTdCRUU1QS8wLzMxMzczMDJlMzIzNDM2MmUzNTMyMmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjMzMzczNDMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqvY0
MA0GCSqGSIb3DQEBCwUAA4IBAQCw/fQPymjgqVelkZ1EcXqfzbzumaNmpe+vraKY
ya6pc85luOjZ5vX2V7stcteyG7bobZyQe2K8aZqVC+nkpkJNlL5CHT2V4Qeudz/h
D77W2CjimeuOepb4jgz6cW1UOmEjYCd3sJq1na/pEMcLi1Dbp5oUqYDbuH3GLSMX
PppuneYuUp/xD/dRNdjFH75Z2zi/1bMUm5fxEOuKXomYXksirkYGjmeLA6r+zX7A
VSrMzkDPlUkmAxW9E4DcZ538Y1/GQMJQirBzqg+ZbgBc57CA9QFwaVdW/P5fW1YR
Oqx2+G47h46qRfZ+6OOgg96QKDNylTnKJasyaiEjLMYvmlQk
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:33:02 2024 by rpki-client on console-ams.rpki-client.org