Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9FBE2537717648BE4584E0F63E98CB75116E7872F1ED3854D24B7DEDEA94B5CE/0/3137302e38312e3231322e302f32322d3234203d3e20323633373638.roa
File:                     3137302e38312e3231322e302f32322d3234203d3e20323633373638.roa (raw, json)
Hash identifier:          LlcJXWffX4lRhPO3uvY8dOyP6h5M2y+HzZGvYfEnPSs=
Subject key identifier:   1E:AF:61:06:02:8B:F2:A8:F6:D3:0B:6F:06:E6:5B:F9:43:5B:B1:28
Certificate issuer:       /CN=EF3FFEAAA09A4CFCC635E48A4CFC0659BCBA4231
Certificate serial:       61C4F8065520462EEA836B8383285BF19E5A033E
Authority key identifier: EF:3F:FE:AA:A0:9A:4C:FC:C6:35:E4:8A:4C:FC:06:59:BC:BA:42:31
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EF3FFEAAA09A4CFCC635E48A4CFC0659BCBA4231.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9FBE2537717648BE4584E0F63E98CB75116E7872F1ED3854D24B7DEDEA94B5CE/0/3137302e38312e3231322e302f32322d3234203d3e20323633373638.roa
Signing time:             Tue 05 Mar 2024 17:53:43 +0000
ROA not before:           Tue 05 Mar 2024 17:48:43 +0000
ROA not after:            Tue 04 Mar 2025 17:53:43 +0000
asID:                     263768
IP address blocks:        170.81.212.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9FBE2537717648BE4584E0F63E98CB75116E7872F1ED3854D24B7DEDEA94B5CE/0/EF3FFEAAA09A4CFCC635E48A4CFC0659BCBA4231.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9FBE2537717648BE4584E0F63E98CB75116E7872F1ED3854D24B7DEDEA94B5CE/0/EF3FFEAAA09A4CFCC635E48A4CFC0659BCBA4231.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EF3FFEAAA09A4CFCC635E48A4CFC0659BCBA4231.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:c4:f8:06:55:20:46:2e:ea:83:6b:83:83:28:5b:f1:9e:5a:03:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EF3FFEAAA09A4CFCC635E48A4CFC0659BCBA4231
        Validity
            Not Before: Mar  5 17:48:43 2024 GMT
            Not After : Mar  4 17:53:43 2025 GMT
        Subject: CN=1EAF6106028BF2A8F6D30B6F06E65BF9435BB128
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:dd:30:06:99:73:1f:3d:c5:90:b0:06:cc:78:
                    23:5d:9c:4e:50:1b:41:a8:06:e5:e8:f0:7e:dc:6a:
                    33:06:58:a7:7a:86:75:79:78:74:0b:be:cd:14:0c:
                    45:43:45:45:82:0d:92:7a:12:87:2f:cc:d0:17:64:
                    e8:bc:5a:12:c8:e2:01:a0:a2:cf:06:78:37:d7:0e:
                    62:9c:c8:90:e2:41:0e:5e:b9:46:63:0b:aa:87:35:
                    65:1d:b5:d2:38:98:ee:57:ea:1f:a3:ed:fd:1c:17:
                    1f:77:15:3d:55:e3:24:d4:ae:5f:02:a6:40:a4:3b:
                    b3:02:17:a8:7d:72:c5:1e:d1:b8:fe:a1:1c:dd:d5:
                    ec:6f:ea:20:59:6c:e2:df:5b:56:87:68:b7:e1:7c:
                    f9:fe:4f:1e:75:38:f3:0f:85:5e:ff:9a:9f:c9:52:
                    93:b9:e3:a0:e1:81:36:5c:0b:da:47:1f:a9:8c:6a:
                    5b:b3:b1:64:b9:34:5a:b7:5c:ac:63:0e:1a:d7:80:
                    43:a4:b4:1c:ab:77:7e:d3:44:01:7c:ee:c1:fa:21:
                    bf:2c:5e:df:af:ca:7e:98:de:e7:69:76:16:f9:e7:
                    93:4a:ec:a6:84:8e:ab:7f:fd:83:52:1e:9f:d9:3b:
                    88:51:f5:f0:0b:ef:c9:b8:0e:4a:87:f5:19:34:b4:
                    f5:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:AF:61:06:02:8B:F2:A8:F6:D3:0B:6F:06:E6:5B:F9:43:5B:B1:28
            X509v3 Authority Key Identifier:
                keyid:EF:3F:FE:AA:A0:9A:4C:FC:C6:35:E4:8A:4C:FC:06:59:BC:BA:42:31

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9FBE2537717648BE4584E0F63E98CB75116E7872F1ED3854D24B7DEDEA94B5CE/0/EF3FFEAAA09A4CFCC635E48A4CFC0659BCBA4231.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EF3FFEAAA09A4CFCC635E48A4CFC0659BCBA4231.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9FBE2537717648BE4584E0F63E98CB75116E7872F1ED3854D24B7DEDEA94B5CE/0/3137302e38312e3231322e302f32322d3234203d3e20323633373638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.81.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5a:a9:6a:a3:f8:2c:53:1f:a6:cc:9f:83:1e:18:cf:6a:23:0b:
         30:59:c3:49:48:06:59:7c:61:7b:b1:d4:60:61:57:98:8c:de:
         0f:f3:d1:cf:91:b4:7b:c5:c5:f8:e3:fa:82:d1:65:34:d2:97:
         be:91:06:ef:79:5d:b6:32:2c:f3:b9:b9:4e:df:6e:02:a0:71:
         17:04:66:cb:78:31:89:6c:37:68:f6:da:3e:10:42:a5:80:f9:
         c5:55:c8:ec:80:9f:9f:e6:c4:db:7a:0a:37:3a:47:11:ce:7a:
         50:f7:0d:6e:93:d6:b0:d0:2b:f5:54:7e:cd:9a:40:d8:da:a8:
         a4:ad:46:e3:53:4f:17:33:c5:54:ae:4f:74:cf:3a:7a:49:2f:
         a9:3a:f6:1a:5f:2a:5e:c1:bd:95:e8:79:c3:e9:d4:c1:15:32:
         ea:13:83:7c:94:91:fb:13:a8:4b:69:38:36:90:ac:19:0d:cd:
         1b:7c:58:45:ee:aa:23:b0:ec:fe:fe:c1:07:2d:2c:12:0e:12:
         a3:b7:2f:3c:c0:62:49:69:6a:0c:31:59:ef:3d:13:aa:49:f6:
         27:b6:15:78:6f:6f:bd:71:2e:76:47:6c:30:0e:77:0f:a9:99:
         dc:c8:1c:15:0c:bb:92:5a:42:52:fe:cd:c6:a0:2b:ba:6b:05:
         f3:28:22:34
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUYcT4BlUgRi7qg2uDgyhb8Z5aAz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUYzRkZFQUFBMDlBNENGQ0M2MzVFNDhBNENGQzA2NTlC
Q0JBNDIzMTAeFw0yNDAzMDUxNzQ4NDNaFw0yNTAzMDQxNzUzNDNaMDMxMTAvBgNV
BAMTKDFFQUY2MTA2MDI4QkYyQThGNkQzMEI2RjA2RTY1QkY5NDM1QkIxMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl3TAGmXMfPcWQsAbMeCNdnE5Q
G0GoBuXo8H7cajMGWKd6hnV5eHQLvs0UDEVDRUWCDZJ6EocvzNAXZOi8WhLI4gGg
os8GeDfXDmKcyJDiQQ5euUZjC6qHNWUdtdI4mO5X6h+j7f0cFx93FT1V4yTUrl8C
pkCkO7MCF6h9csUe0bj+oRzd1exv6iBZbOLfW1aHaLfhfPn+Tx51OPMPhV7/mp/J
UpO546DhgTZcC9pHH6mMaluzsWS5NFq3XKxjDhrXgEOktByrd37TRAF87sH6Ib8s
Xt+vyn6Y3udpdhb555NK7KaEjqt//YNSHp/ZO4hR9fAL78m4DkqH9Rk0tPUHAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUHq9hBgKL8qj20wtvBuZb+UNbsSgwHwYDVR0j
BBgwFoAU7z/+qqCaTPzGNeSKTPwGWby6QjEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85RkJFMjUzNzcxNzY0OEJFNDU4NEUwRjYzRTk4Q0I3NTEx
NkU3ODcyRjFFRDM4NTREMjRCN0RFREVBOTRCNUNFLzAvRUYzRkZFQUFBMDlBNENG
Q0M2MzVFNDhBNENGQzA2NTlCQ0JBNDIzMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FRjNGRkVBQUEwOUE0Q0ZDQzYz
NUU0OEE0Q0ZDMDY1OUJDQkE0MjMxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOUZCRTI1Mzc3MTc2NDhCRTQ1ODRFMEY2M0U5OENCNzUxMTZFNzg3MkYx
RUQzODU0RDI0QjdERURFQTk0QjVDRS8wLzMxMzczMDJlMzgzMTJlMzIzMTMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjMzMzczNjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqlHU
MA0GCSqGSIb3DQEBCwUAA4IBAQBaqWqj+CxTH6bMn4MeGM9qIwswWcNJSAZZfGF7
sdRgYVeYjN4P89HPkbR7xcX44/qC0WU00pe+kQbveV22MizzublO324CoHEXBGbL
eDGJbDdo9to+EEKlgPnFVcjsgJ+f5sTbego3OkcRznpQ9w1uk9aw0Cv1VH7NmkDY
2qikrUbjU08XM8VUrk90zzp6SS+pOvYaXypewb2V6HnD6dTBFTLqE4N8lJH7E6hL
aTg2kKwZDc0bfFhF7qojsOz+/sEHLSwSDhKjty88wGJJaWoMMVnvPROqSfYnthV4
b2+9cS52R2wwDncPqZncyBwVDLuSWkJS/s3GoCu6awXzKCI0
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:33:08 2024 by rpki-client on console-fra.rpki-client.org