Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9B12F8A8F8A7520384EB4FE0F6AC8D6A63CF385341AE87BEEF7EDCD17D5CB05B/0/3136382e39302e3232302e302f32322d3234203d3e20323639393933.roa
File:                     3136382e39302e3232302e302f32322d3234203d3e20323639393933.roa (raw, json)
Hash identifier:          ZLwXOOe1SEXnEU1DWRFghHhzDO6s6TOTi++e1MCxAss=
Subject key identifier:   3B:2E:03:57:DD:13:D5:18:80:F6:66:8A:CF:56:F0:74:C7:89:85:CE
Certificate issuer:       /CN=A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A
Certificate serial:       0A1B117F1A3F90268D73A8FD22D7E8F162B281DB
Authority key identifier: A1:2F:D7:F3:F9:F4:70:03:0B:9F:CC:2C:F4:E7:EE:20:F8:2F:89:4A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9B12F8A8F8A7520384EB4FE0F6AC8D6A63CF385341AE87BEEF7EDCD17D5CB05B/0/3136382e39302e3232302e302f32322d3234203d3e20323639393933.roa
Signing time:             Tue 05 Mar 2024 18:09:25 +0000
ROA not before:           Tue 05 Mar 2024 18:04:25 +0000
ROA not after:            Tue 04 Mar 2025 18:09:25 +0000
asID:                     269993
IP address blocks:        168.90.220.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9B12F8A8F8A7520384EB4FE0F6AC8D6A63CF385341AE87BEEF7EDCD17D5CB05B/0/A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9B12F8A8F8A7520384EB4FE0F6AC8D6A63CF385341AE87BEEF7EDCD17D5CB05B/0/A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 17 Jul 2024 00:52:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:1b:11:7f:1a:3f:90:26:8d:73:a8:fd:22:d7:e8:f1:62:b2:81:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A
        Validity
            Not Before: Mar  5 18:04:25 2024 GMT
            Not After : Mar  4 18:09:25 2025 GMT
        Subject: CN=3B2E0357DD13D51880F6668ACF56F074C78985CE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:5c:68:d4:94:88:0f:5c:44:72:cc:12:f7:32:
                    7e:6b:ff:4c:b4:0f:ed:d1:5b:ae:73:05:2a:7d:7a:
                    22:55:c7:f3:f1:f3:ca:8f:9e:07:28:b5:42:44:3d:
                    04:34:01:38:ce:2d:8c:89:1c:1c:74:c7:72:97:b6:
                    92:de:79:e9:41:7b:3a:db:ef:77:af:15:f5:1d:d6:
                    b0:c4:c1:9f:1a:7f:1c:df:44:39:d1:c8:d7:d2:8e:
                    94:e6:5e:88:1a:e8:01:fd:0c:7e:ad:2f:7c:c2:e7:
                    6b:d9:4c:04:e2:a5:85:a0:56:c3:28:31:50:ac:78:
                    6e:5f:1d:3f:a9:d1:48:38:24:ae:ca:bf:fb:48:91:
                    fd:c0:bf:38:5f:70:de:f2:8a:43:4c:5b:78:91:e1:
                    04:8f:6a:d6:80:da:61:1d:c7:be:f4:96:1f:db:f3:
                    c5:c8:52:be:9b:0b:23:22:b6:e4:be:55:b4:00:3d:
                    0a:c5:ae:db:10:12:bc:05:bb:c8:89:9f:c0:05:b4:
                    d8:6e:99:73:81:b9:07:2c:3f:24:01:c1:de:56:35:
                    75:ad:72:7a:eb:1d:95:03:62:8c:6d:ae:ba:b3:c0:
                    35:c4:ec:44:61:b7:ce:c7:f3:cd:d6:de:4d:e2:4a:
                    f7:1b:70:c5:66:de:71:90:33:cc:cc:14:93:cb:ff:
                    51:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:2E:03:57:DD:13:D5:18:80:F6:66:8A:CF:56:F0:74:C7:89:85:CE
            X509v3 Authority Key Identifier:
                keyid:A1:2F:D7:F3:F9:F4:70:03:0B:9F:CC:2C:F4:E7:EE:20:F8:2F:89:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9B12F8A8F8A7520384EB4FE0F6AC8D6A63CF385341AE87BEEF7EDCD17D5CB05B/0/A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9B12F8A8F8A7520384EB4FE0F6AC8D6A63CF385341AE87BEEF7EDCD17D5CB05B/0/3136382e39302e3232302e302f32322d3234203d3e20323639393933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.90.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:d5:06:eb:d2:27:48:37:37:27:95:cb:f5:4b:cb:27:a4:0c:
         8b:ed:48:bd:5f:65:cd:23:20:fd:c8:43:b2:32:e1:ff:4a:d8:
         dc:94:02:1b:ee:0b:1b:02:39:e7:c3:94:5a:e3:c9:ef:5c:5c:
         5d:bf:41:81:e2:f7:1d:b6:74:17:b5:b1:10:c5:b5:2c:44:48:
         66:33:7e:a5:7e:01:01:35:bc:0c:be:e9:a9:a7:b5:1c:73:fd:
         b1:ba:31:a5:bf:73:8f:9a:09:34:26:f3:d7:4a:44:fa:19:3e:
         32:8c:77:80:2c:4f:fa:88:c3:fe:13:ce:e8:d4:ee:12:82:03:
         09:85:e2:87:f3:0a:40:c1:67:61:43:55:9e:fd:58:27:34:b4:
         9c:c1:3c:c8:33:01:58:72:e8:63:f2:6b:6d:17:e4:5e:42:e2:
         3d:69:7f:0f:85:42:86:90:91:e9:0e:f8:f3:65:89:43:b9:3d:
         8d:34:fd:d9:4a:f2:b4:d1:c9:89:29:31:9a:c3:e1:63:43:f9:
         f7:1e:f0:b9:10:ca:b9:cd:d5:1e:af:d4:ea:22:39:e7:87:c5:
         0a:f1:1e:dd:22:1f:85:8a:8e:4d:e1:1e:54:a7:30:c6:1a:68:
         8d:0b:18:51:3e:c3:f2:6f:e9:0a:9c:17:39:cc:68:e1:1c:36:
         b5:17:23:9b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUChsRfxo/kCaNc6j9Itfo8WKygdswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTEyRkQ3RjNGOUY0NzAwMzBCOUZDQzJDRjRFN0VFMjBG
ODJGODk0QTAeFw0yNDAzMDUxODA0MjVaFw0yNTAzMDQxODA5MjVaMDMxMTAvBgNV
BAMTKDNCMkUwMzU3REQxM0Q1MTg4MEY2NjY4QUNGNTZGMDc0Qzc4OTg1Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjXGjUlIgPXERyzBL3Mn5r/0y0
D+3RW65zBSp9eiJVx/Px88qPngcotUJEPQQ0ATjOLYyJHBx0x3KXtpLeeelBezrb
73evFfUd1rDEwZ8afxzfRDnRyNfSjpTmXoga6AH9DH6tL3zC52vZTATipYWgVsMo
MVCseG5fHT+p0Ug4JK7Kv/tIkf3AvzhfcN7yikNMW3iR4QSPataA2mEdx770lh/b
88XIUr6bCyMituS+VbQAPQrFrtsQErwFu8iJn8AFtNhumXOBuQcsPyQBwd5WNXWt
cnrrHZUDYoxtrrqzwDXE7ERht87H883W3k3iSvcbcMVm3nGQM8zMFJPL/1GVAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUOy4DV90T1RiA9maKz1bwdMeJhc4wHwYDVR0j
BBgwFoAUoS/X8/n0cAMLn8ws9OfuIPgviUowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85QjEyRjhBOEY4QTc1MjAzODRFQjRGRTBGNkFDOEQ2QTYz
Q0YzODUzNDFBRTg3QkVFRjdFRENEMTdENUNCMDVCLzAvQTEyRkQ3RjNGOUY0NzAw
MzBCOUZDQzJDRjRFN0VFMjBGODJGODk0QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMTJGRDdGM0Y5RjQ3MDAzMEI5
RkNDMkNGNEU3RUUyMEY4MkY4OTRBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOUIxMkY4QThGOEE3NTIwMzg0RUI0RkUwRjZBQzhENkE2M0NGMzg1MzQx
QUU4N0JFRUY3RURDRDE3RDVDQjA1Qi8wLzMxMzYzODJlMzkzMDJlMzIzMjMwMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM5MzkzOTMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqFrc
MA0GCSqGSIb3DQEBCwUAA4IBAQCI1Qbr0idINzcnlcv1S8snpAyL7Ui9X2XNIyD9
yEOyMuH/StjclAIb7gsbAjnnw5Ra48nvXFxdv0GB4vcdtnQXtbEQxbUsREhmM36l
fgEBNbwMvumpp7Ucc/2xujGlv3OPmgk0JvPXSkT6GT4yjHeALE/6iMP+E87o1O4S
ggMJheKH8wpAwWdhQ1We/VgnNLScwTzIMwFYcuhj8mttF+ReQuI9aX8PhUKGkJHp
DvjzZYlDuT2NNP3ZSvK00cmJKTGaw+FjQ/n3HvC5EMq5zdUer9TqIjnnh8UK8R7d
Ih+Fio5N4R5UpzDGGmiNCxhRPsPyb+kKnBc5zGjhHDa1FyOb
-----END CERTIFICATE-----
Generated at Fri Jul 12 12:36:31 2024 by rpki-client on console-fra.rpki-client.org