Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9F7AC10DF03D4997A115601963AA2A8D838C64B914027DAECEF7156C562CFD60/0/3133382e3131382e34382e302f32322d3234203d3e203532343331.roa
File:                     3133382e3131382e34382e302f32322d3234203d3e203532343331.roa (raw, json)
Hash identifier:          ChJhaq0WwXgnzx3T23oFnhgkCuZuDc6/t/GlNnfRGGs=
Subject key identifier:   95:A5:96:D0:9E:04:89:68:C0:13:E2:8D:E5:8C:EB:FA:8C:62:F8:58
Certificate issuer:       /CN=3637361DE43FA7164FAE0E4817E4450F8942C23D
Certificate serial:       4DD46436E9299288166A9B81D951904D395CC6D4
Authority key identifier: 36:37:36:1D:E4:3F:A7:16:4F:AE:0E:48:17:E4:45:0F:89:42:C2:3D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3637361DE43FA7164FAE0E4817E4450F8942C23D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9F7AC10DF03D4997A115601963AA2A8D838C64B914027DAECEF7156C562CFD60/0/3133382e3131382e34382e302f32322d3234203d3e203532343331.roa
Signing time:             Tue 05 Mar 2024 18:16:37 +0000
ROA not before:           Tue 05 Mar 2024 18:11:37 +0000
ROA not after:            Tue 04 Mar 2025 18:16:37 +0000
asID:                     52431
IP address blocks:        138.118.48.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9F7AC10DF03D4997A115601963AA2A8D838C64B914027DAECEF7156C562CFD60/0/3637361DE43FA7164FAE0E4817E4450F8942C23D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9F7AC10DF03D4997A115601963AA2A8D838C64B914027DAECEF7156C562CFD60/0/3637361DE43FA7164FAE0E4817E4450F8942C23D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3637361DE43FA7164FAE0E4817E4450F8942C23D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 21 Jul 2024 04:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:d4:64:36:e9:29:92:88:16:6a:9b:81:d9:51:90:4d:39:5c:c6:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3637361DE43FA7164FAE0E4817E4450F8942C23D
        Validity
            Not Before: Mar  5 18:11:37 2024 GMT
            Not After : Mar  4 18:16:37 2025 GMT
        Subject: CN=95A596D09E048968C013E28DE58CEBFA8C62F858
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d7:28:b0:2c:4e:e9:a9:2e:f1:fe:4a:22:8e:
                    37:1e:1a:cf:6d:31:e2:83:43:24:ec:51:7a:11:02:
                    3a:db:a4:a7:d4:6c:7e:d1:b5:a5:d7:b5:dc:1d:92:
                    cc:f8:96:6e:d5:e3:f3:4d:e5:3e:81:4b:a2:3e:87:
                    f9:6f:10:f3:36:d4:33:de:c9:ad:5b:a7:fa:07:b9:
                    4c:93:78:7a:dc:a6:fe:a0:66:e6:7e:a3:4f:fb:be:
                    fc:e2:3d:25:1b:8b:72:36:e1:c8:65:0e:1d:e0:81:
                    87:1c:69:84:db:56:cc:ff:bd:fb:5a:dd:f1:3d:e8:
                    da:08:91:83:03:6d:f9:25:79:61:0b:cd:c5:e0:33:
                    b9:4b:1b:df:e6:ad:9d:3e:09:5e:a7:95:e9:40:22:
                    ac:4c:14:b0:64:70:d5:6d:fb:bd:59:5b:fd:15:64:
                    58:50:25:0f:58:96:72:c8:0d:b3:b9:c1:00:a1:bd:
                    83:98:6c:8e:f1:24:ad:a4:00:ff:7a:ae:1b:3f:e2:
                    a4:5e:d1:c6:79:cf:e3:1b:70:ad:19:d6:68:10:4a:
                    d5:5a:d5:44:00:5b:ce:75:3b:c1:f5:41:a6:93:f3:
                    21:47:29:c0:92:93:57:46:b0:29:7c:73:d3:b2:60:
                    0e:59:65:02:49:c5:0d:9a:f5:ce:b9:2e:f9:c1:98:
                    9a:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:A5:96:D0:9E:04:89:68:C0:13:E2:8D:E5:8C:EB:FA:8C:62:F8:58
            X509v3 Authority Key Identifier:
                keyid:36:37:36:1D:E4:3F:A7:16:4F:AE:0E:48:17:E4:45:0F:89:42:C2:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9F7AC10DF03D4997A115601963AA2A8D838C64B914027DAECEF7156C562CFD60/0/3637361DE43FA7164FAE0E4817E4450F8942C23D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3637361DE43FA7164FAE0E4817E4450F8942C23D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9F7AC10DF03D4997A115601963AA2A8D838C64B914027DAECEF7156C562CFD60/0/3133382e3131382e34382e302f32322d3234203d3e203532343331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.118.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a2:1d:bb:f6:5f:e6:f6:c4:b5:68:65:ba:db:15:04:4e:af:16:
         73:18:d1:16:9e:0c:27:8c:cb:3c:c6:09:fe:d5:b3:d4:04:7c:
         25:8f:25:39:7b:bc:b6:5e:9d:ef:46:ca:89:14:7f:b8:e6:1b:
         d6:6f:ce:cf:ba:aa:f8:01:a4:29:49:57:e9:32:ff:1a:cc:27:
         23:45:7b:44:36:8b:18:5e:a9:f4:80:bd:af:1e:96:27:84:f3:
         c5:cd:0d:80:42:75:c5:e7:2b:92:42:93:2d:c8:22:8c:58:08:
         0d:d0:b8:54:50:1f:32:35:84:ec:53:b7:6c:0c:0c:02:b5:41:
         14:a5:48:24:92:8d:21:d3:a0:c6:33:fa:8d:ad:84:17:f6:be:
         ad:9d:69:52:a1:a9:09:0a:96:b0:82:ad:a8:e4:e4:74:4c:16:
         11:96:d1:7f:d1:01:b1:25:9e:94:60:f0:1d:12:83:5a:65:2f:
         f9:1f:5b:fc:51:1e:a2:cb:0d:1f:d2:5e:71:24:b9:35:4b:b5:
         c9:e8:6e:d2:80:fc:79:a6:70:db:9c:5e:16:4c:08:bf:02:70:
         b6:f6:88:d7:36:6b:97:d7:6e:4d:98:76:f9:59:5d:d0:78:8d:
         16:1a:38:d6:bc:cf:99:70:2a:61:40:bb:08:c9:b2:99:c2:24:
         dd:2e:35:5e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUTdRkNukpkogWapuB2VGQTTlcxtQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzYzNzM2MURFNDNGQTcxNjRGQUUwRTQ4MTdFNDQ1MEY4
OTQyQzIzRDAeFw0yNDAzMDUxODExMzdaFw0yNTAzMDQxODE2MzdaMDMxMTAvBgNV
BAMTKDk1QTU5NkQwOUUwNDg5NjhDMDEzRTI4REU1OENFQkZBOEM2MkY4NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV1yiwLE7pqS7x/koijjceGs9t
MeKDQyTsUXoRAjrbpKfUbH7RtaXXtdwdksz4lm7V4/NN5T6BS6I+h/lvEPM21DPe
ya1bp/oHuUyTeHrcpv6gZuZ+o0/7vvziPSUbi3I24chlDh3ggYccaYTbVsz/vfta
3fE96NoIkYMDbfkleWELzcXgM7lLG9/mrZ0+CV6nlelAIqxMFLBkcNVt+71ZW/0V
ZFhQJQ9YlnLIDbO5wQChvYOYbI7xJK2kAP96rhs/4qRe0cZ5z+MbcK0Z1mgQStVa
1UQAW851O8H1QaaT8yFHKcCSk1dGsCl8c9OyYA5ZZQJJxQ2a9c65LvnBmJpfAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUlaWW0J4EiWjAE+KN5Yzr+oxi+FgwHwYDVR0j
BBgwFoAUNjc2HeQ/pxZPrg5IF+RFD4lCwj0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85RjdBQzEwREYwM0Q0OTk3QTExNTYwMTk2M0FBMkE4RDgz
OEM2NEI5MTQwMjdEQUVDRUY3MTU2QzU2MkNGRDYwLzAvMzYzNzM2MURFNDNGQTcx
NjRGQUUwRTQ4MTdFNDQ1MEY4OTQyQzIzRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zNjM3MzYxREU0M0ZBNzE2NEZB
RTBFNDgxN0U0NDUwRjg5NDJDMjNELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOUY3QUMxMERGMDNENDk5N0ExMTU2MDE5NjNBQTJBOEQ4MzhDNjRCOTE0
MDI3REFFQ0VGNzE1NkM1NjJDRkQ2MC8wLzMxMzMzODJlMzEzMTM4MmUzNDM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzUzMjM0MzMzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAop2MDAN
BgkqhkiG9w0BAQsFAAOCAQEAoh279l/m9sS1aGW62xUETq8WcxjRFp4MJ4zLPMYJ
/tWz1AR8JY8lOXu8tl6d70bKiRR/uOYb1m/Oz7qq+AGkKUlX6TL/GswnI0V7RDaL
GF6p9IC9rx6WJ4Tzxc0NgEJ1xecrkkKTLcgijFgIDdC4VFAfMjWE7FO3bAwMArVB
FKVIJJKNIdOgxjP6ja2EF/a+rZ1pUqGpCQqWsIKtqOTkdEwWEZbRf9EBsSWelGDw
HRKDWmUv+R9b/FEeossNH9JecSS5NUu1yehu0oD8eaZw25xeFkwIvwJwtvaI1zZr
l9duTZh2+Vld0HiNFho41rzPmXAqYUC7CMmymcIk3S41Xg==
-----END CERTIFICATE-----
Generated at Wed Jul 17 07:39:21 2024 by rpki-client on console-fra.rpki-client.org