Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9B12F8A8F8A7520384EB4FE0F6AC8D6A63CF385341AE87BEEF7EDCD17D5CB05B/0/3138312e3137372e3232302e302f32322d3234203d3e20323639393933.roa
File:                     3138312e3137372e3232302e302f32322d3234203d3e20323639393933.roa (raw, json)
Hash identifier:          Wexgq0Pn9NJxqSHnqarBLxpA1H/Up3NA3h4quWtvjUk=
Subject key identifier:   0C:5A:A0:8D:0D:30:1A:FE:DD:A5:BD:FE:18:07:22:2D:F7:91:FC:81
Certificate issuer:       /CN=A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A
Certificate serial:       608F2F2D6178C0AA6624A1814566A2C3E8259DB2
Authority key identifier: A1:2F:D7:F3:F9:F4:70:03:0B:9F:CC:2C:F4:E7:EE:20:F8:2F:89:4A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9B12F8A8F8A7520384EB4FE0F6AC8D6A63CF385341AE87BEEF7EDCD17D5CB05B/0/3138312e3137372e3232302e302f32322d3234203d3e20323639393933.roa
Signing time:             Tue 05 Mar 2024 18:09:25 +0000
ROA not before:           Tue 05 Mar 2024 18:04:25 +0000
ROA not after:            Tue 04 Mar 2025 18:09:25 +0000
asID:                     269993
IP address blocks:        181.177.220.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9B12F8A8F8A7520384EB4FE0F6AC8D6A63CF385341AE87BEEF7EDCD17D5CB05B/0/A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9B12F8A8F8A7520384EB4FE0F6AC8D6A63CF385341AE87BEEF7EDCD17D5CB05B/0/A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 17 Jul 2024 00:52:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:8f:2f:2d:61:78:c0:aa:66:24:a1:81:45:66:a2:c3:e8:25:9d:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A
        Validity
            Not Before: Mar  5 18:04:25 2024 GMT
            Not After : Mar  4 18:09:25 2025 GMT
        Subject: CN=0C5AA08D0D301AFEDDA5BDFE1807222DF791FC81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:09:37:7b:cb:12:ef:1b:ca:70:e5:e2:70:78:
                    d1:de:54:04:a7:2b:15:68:4f:36:26:d1:1a:42:88:
                    b5:ab:38:cf:f2:d3:fd:ea:59:68:74:5e:c4:df:e9:
                    91:dc:67:e0:8c:6b:2f:95:8f:bf:d5:25:7c:22:ad:
                    1c:8f:26:5e:68:ff:e4:25:6a:7e:14:f7:0d:de:87:
                    57:49:2e:8b:74:1f:8d:27:5e:11:04:f3:5d:cb:d9:
                    09:b9:08:72:2a:83:89:13:97:23:4c:28:c7:7f:ba:
                    78:8e:0a:2f:70:04:1c:15:1f:2b:d9:0f:86:e7:0e:
                    a6:ce:80:80:d2:4d:00:3b:40:89:81:b7:8b:98:a3:
                    13:74:e1:e9:bc:f1:79:28:84:d6:5a:66:3f:45:3d:
                    a1:d3:b9:ab:a1:c8:fd:1c:8f:f5:a6:d3:cf:5b:77:
                    39:01:c1:c1:3b:73:02:82:9a:af:68:64:07:82:ba:
                    16:d2:7f:46:a2:04:90:02:b3:43:36:89:60:a4:b3:
                    aa:2a:4a:bd:9f:b4:55:f2:3f:87:27:e9:dc:2f:32:
                    0c:f8:e5:d0:7b:1b:31:be:39:a6:8e:5f:4a:1f:81:
                    5e:b8:09:fd:1f:f5:20:93:7f:44:10:52:3d:73:c4:
                    8d:d2:6f:a1:28:8f:5e:32:62:d3:75:ed:70:3b:8f:
                    10:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:5A:A0:8D:0D:30:1A:FE:DD:A5:BD:FE:18:07:22:2D:F7:91:FC:81
            X509v3 Authority Key Identifier:
                keyid:A1:2F:D7:F3:F9:F4:70:03:0B:9F:CC:2C:F4:E7:EE:20:F8:2F:89:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9B12F8A8F8A7520384EB4FE0F6AC8D6A63CF385341AE87BEEF7EDCD17D5CB05B/0/A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A12FD7F3F9F470030B9FCC2CF4E7EE20F82F894A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9B12F8A8F8A7520384EB4FE0F6AC8D6A63CF385341AE87BEEF7EDCD17D5CB05B/0/3138312e3137372e3232302e302f32322d3234203d3e20323639393933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.177.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b9:d7:4c:9f:89:3a:ce:4c:51:4b:bd:c4:c1:d1:15:23:93:ad:
         5b:64:1d:21:dc:fd:8b:3e:82:9e:ec:b3:bf:2e:26:d5:55:de:
         a0:6c:07:2f:69:32:88:dd:33:49:84:49:f0:92:3f:58:18:ea:
         2f:8d:c6:e4:5c:f8:e2:94:0c:b7:92:dc:87:93:20:2b:91:5c:
         47:ea:a9:46:36:14:ac:d9:64:db:f8:cb:8c:34:19:f0:81:66:
         8e:32:c7:a3:e2:43:21:d6:a7:65:7c:7a:99:b1:95:15:bf:e1:
         38:08:b4:67:18:3d:4f:50:8d:a3:77:34:b1:17:b3:dd:c5:86:
         c7:6b:8b:77:bd:c5:7c:10:08:49:f0:2e:81:2f:a5:ad:4e:a1:
         9d:0d:39:97:cd:ab:e5:84:6b:d2:ca:c9:11:0f:ce:8f:87:d6:
         be:b4:7f:a1:b1:c8:15:53:67:57:6b:0e:a8:d4:ad:16:34:b3:
         16:0c:82:fe:e5:b8:c4:71:e8:4f:cd:cd:50:39:41:3a:28:17:
         33:12:cf:d3:20:0b:81:1d:d1:ba:82:c6:3c:60:5b:51:88:4b:
         6d:85:a3:50:dd:b0:78:8a:0d:12:69:31:29:c3:dd:a4:6e:1b:
         82:88:2e:25:ae:c4:09:db:f3:8d:56:06:f9:d3:8d:e1:bb:ee:
         0c:5c:1c:e4
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUYI8vLWF4wKpmJKGBRWaiw+glnbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTEyRkQ3RjNGOUY0NzAwMzBCOUZDQzJDRjRFN0VFMjBG
ODJGODk0QTAeFw0yNDAzMDUxODA0MjVaFw0yNTAzMDQxODA5MjVaMDMxMTAvBgNV
BAMTKDBDNUFBMDhEMEQzMDFBRkVEREE1QkRGRTE4MDcyMjJERjc5MUZDODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiCTd7yxLvG8pw5eJweNHeVASn
KxVoTzYm0RpCiLWrOM/y0/3qWWh0XsTf6ZHcZ+CMay+Vj7/VJXwirRyPJl5o/+Ql
an4U9w3eh1dJLot0H40nXhEE813L2Qm5CHIqg4kTlyNMKMd/uniOCi9wBBwVHyvZ
D4bnDqbOgIDSTQA7QImBt4uYoxN04em88XkohNZaZj9FPaHTuauhyP0cj/Wm089b
dzkBwcE7cwKCmq9oZAeCuhbSf0aiBJACs0M2iWCks6oqSr2ftFXyP4cn6dwvMgz4
5dB7GzG+OaaOX0ofgV64Cf0f9SCTf0QQUj1zxI3Sb6Eoj14yYtN17XA7jxDxAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUDFqgjQ0wGv7dpb3+GAciLfeR/IEwHwYDVR0j
BBgwFoAUoS/X8/n0cAMLn8ws9OfuIPgviUowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85QjEyRjhBOEY4QTc1MjAzODRFQjRGRTBGNkFDOEQ2QTYz
Q0YzODUzNDFBRTg3QkVFRjdFRENEMTdENUNCMDVCLzAvQTEyRkQ3RjNGOUY0NzAw
MzBCOUZDQzJDRjRFN0VFMjBGODJGODk0QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMTJGRDdGM0Y5RjQ3MDAzMEI5
RkNDMkNGNEU3RUUyMEY4MkY4OTRBLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOUIxMkY4QThGOEE3NTIwMzg0RUI0RkUwRjZBQzhENkE2M0NGMzg1MzQx
QUU4N0JFRUY3RURDRDE3RDVDQjA1Qi8wLzMxMzgzMTJlMzEzNzM3MmUzMjMyMzAy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzkzOTM5MzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK1
sdwwDQYJKoZIhvcNAQELBQADggEBALnXTJ+JOs5MUUu9xMHRFSOTrVtkHSHc/Ys+
gp7ss78uJtVV3qBsBy9pMojdM0mESfCSP1gY6i+NxuRc+OKUDLeS3IeTICuRXEfq
qUY2FKzZZNv4y4w0GfCBZo4yx6PiQyHWp2V8epmxlRW/4TgItGcYPU9QjaN3NLEX
s93Fhsdri3e9xXwQCEnwLoEvpa1OoZ0NOZfNq+WEa9LKyREPzo+H1r60f6GxyBVT
Z1drDqjUrRY0sxYMgv7luMRx6E/NzVA5QTooFzMSz9MgC4Ed0bqCxjxgW1GIS22F
o1DdsHiKDRJpMSnD3aRuG4KILiWuxAnb841WBvnTjeG77gxcHOQ=
-----END CERTIFICATE-----
Generated at Fri Jul 12 12:04:23 2024 by rpki-client on console-ams.rpki-client.org