Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3132382e302f32302d3234203d3e203532323333.roa
File:                     3139302e342e3132382e302f32302d3234203d3e203532323333.roa (raw, json)
Hash identifier:          GFphlqfOODf0P8qtcX2N2gPnqwbHtGaVy5/hG7Ji79I=
Subject key identifier:   61:98:32:B3:41:19:68:C5:EB:81:09:5D:51:0F:9D:CA:5F:AA:2D:CE
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       297A76E74A49BF30BABFABE190C06F3B13D6D277
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3132382e302f32302d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:52 +0000
ROA not before:           Tue 04 Feb 2025 18:45:52 +0000
ROA not after:            Tue 03 Feb 2026 18:50:52 +0000
asID:                     52233
IP address blocks:        190.4.128.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:7a:76:e7:4a:49:bf:30:ba:bf:ab:e1:90:c0:6f:3b:13:d6:d2:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:52 2025 GMT
            Not After : Feb  3 18:50:52 2026 GMT
        Subject: CN=619832B3411968C5EB81095D510F9DCA5FAA2DCE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:52:a9:aa:c4:29:ef:a2:75:af:0b:a2:f6:ec:
                    e1:12:4a:de:b5:2a:98:f4:fd:d3:ed:87:3e:34:62:
                    25:2a:1a:b8:45:a9:11:80:14:e6:48:17:59:cd:15:
                    79:51:9c:ed:27:9d:cc:a5:12:b4:e7:bf:35:11:77:
                    50:5f:53:97:55:8c:7a:16:42:ae:ec:a4:04:a2:90:
                    ae:a8:59:4d:23:b9:b7:eb:81:c9:e8:22:64:62:a0:
                    10:f6:84:25:fb:e5:fd:2d:b9:e8:e5:a2:de:23:13:
                    39:88:d5:fa:a8:7f:a6:e5:2f:c4:2a:07:a0:50:0e:
                    b4:48:a1:9f:fa:74:6d:a6:49:3d:79:ca:33:ad:13:
                    ef:3d:da:55:f7:24:05:56:8c:c9:cf:70:91:46:c7:
                    22:3f:7f:ea:ad:02:cc:c2:ac:a5:cf:c9:fa:3e:f9:
                    d2:19:2d:28:51:1b:06:96:ef:e9:b7:7d:f9:4b:4e:
                    61:a0:67:2f:7c:46:e2:a6:48:01:de:15:23:2d:38:
                    29:11:01:5a:0e:c0:06:bf:1b:b2:8d:7f:7b:f7:81:
                    0f:0d:3f:c5:d0:35:58:5f:76:ba:07:3e:d0:a3:e0:
                    96:66:fa:6f:d7:63:80:9b:db:7a:e6:ab:d9:d7:31:
                    ba:13:17:e2:e7:df:4c:6a:e6:29:6e:f7:50:04:55:
                    23:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:98:32:B3:41:19:68:C5:EB:81:09:5D:51:0F:9D:CA:5F:AA:2D:CE
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3132382e302f32302d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         0a:a1:44:df:b1:c4:fc:49:9b:e1:8f:e3:bf:7c:d8:8c:b7:ab:
         6d:9a:95:b5:4a:42:ba:a9:fb:0a:e6:b9:a9:f3:33:46:23:ba:
         f2:eb:55:bf:34:55:a9:dd:2c:d9:14:5a:a4:ee:10:55:d0:3b:
         57:ba:16:6b:be:2a:1c:82:22:16:f1:c7:5e:2e:7c:e4:f2:c0:
         9e:b4:84:5a:83:2b:ca:48:63:11:c4:45:8c:c4:81:80:6f:4d:
         73:89:de:e2:7f:0f:0b:4f:b1:87:80:1a:c0:cf:dd:b3:d9:2a:
         83:c1:40:33:f5:f1:b1:f4:d1:da:60:dd:f0:9d:e4:1e:a8:6c:
         1c:75:d3:a9:36:4b:be:7f:a7:e6:c3:e3:cc:31:27:69:74:5e:
         47:ef:c6:37:38:7e:c0:69:27:19:8a:76:aa:c9:b7:09:e8:b5:
         7f:00:b5:47:a7:26:30:d5:73:90:5b:7d:fb:73:47:b2:bd:a1:
         8e:f9:8b:12:79:d4:f6:44:28:a4:c2:0a:10:cc:35:b4:76:be:
         b5:3e:e8:77:ff:a2:0c:d1:51:ec:b3:b2:a4:42:bd:c0:07:aa:
         1e:85:45:21:84:76:a0:5d:30:dd:a5:c1:a4:0e:a7:f2:0c:3f:
         24:c2:81:40:61:6d:b8:8b:01:1c:f4:4c:42:38:28:ea:c5:ce:
         aa:70:95:7c
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUKXp250pJvzC6v6vhkMBvOxPW0ncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NTJaFw0yNjAyMDMxODUwNTJaMDMxMTAvBgNV
BAMTKDYxOTgzMkIzNDExOTY4QzVFQjgxMDk1RDUxMEY5RENBNUZBQTJEQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXUqmqxCnvonWvC6L27OESSt61
Kpj0/dPthz40YiUqGrhFqRGAFOZIF1nNFXlRnO0nncylErTnvzURd1BfU5dVjHoW
Qq7spASikK6oWU0jubfrgcnoImRioBD2hCX75f0tuejlot4jEzmI1fqof6blL8Qq
B6BQDrRIoZ/6dG2mST15yjOtE+892lX3JAVWjMnPcJFGxyI/f+qtAszCrKXPyfo+
+dIZLShRGwaW7+m3fflLTmGgZy98RuKmSAHeFSMtOCkRAVoOwAa/G7KNf3v3gQ8N
P8XQNVhfdroHPtCj4JZm+m/XY4Cb23rmq9nXMboTF+Ln30xq5ilu91AEVSMHAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUYZgys0EZaMXrgQldUQ+dyl+qLc4wHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMxMzkzMDJlMzQyZTMxMzIzODJlMzAy
ZjMyMzAyZDMyMzQyMDNkM2UyMDM1MzIzMjMzMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAS+BIAwDQYJ
KoZIhvcNAQELBQADggEBAAqhRN+xxPxJm+GP47982Iy3q22albVKQrqp+wrmuanz
M0YjuvLrVb80VandLNkUWqTuEFXQO1e6Fmu+KhyCIhbxx14ufOTywJ60hFqDK8pI
YxHERYzEgYBvTXOJ3uJ/DwtPsYeAGsDP3bPZKoPBQDP18bH00dpg3fCd5B6obBx1
06k2S75/p+bD48wxJ2l0Xkfvxjc4fsBpJxmKdqrJtwnotX8AtUenJjDVc5Bbfftz
R7K9oY75ixJ51PZEKKTCChDMNbR2vrU+6Hf/ogzRUeyzsqRCvcAHqh6FRSGEdqBd
MN2lwaQOp/IMPyTCgUBhbbiLARz0TEI4KOrFzqpwlXw=
-----END CERTIFICATE-----
Generated at Fri Feb 14 15:22:15 2025 by rpki-client