Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3134342e302f32342d3234203d3e203532323333.roa
File:                     3139302e342e3134342e302f32342d3234203d3e203532323333.roa (raw, json)
Hash identifier:          Yy0xQ1tS1YXLXsewzYdXI0NuGYHYbBVaaveMsv/dsSY=
Subject key identifier:   64:B9:35:62:BA:47:33:7C:7F:64:51:58:22:A4:AB:BF:17:98:5E:DF
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       14161311600FEEE037C26F29C05A0E5B94377DD5
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3134342e302f32342d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:55 +0000
ROA not before:           Tue 04 Feb 2025 18:45:55 +0000
ROA not after:            Tue 03 Feb 2026 18:50:55 +0000
asID:                     52233
IP address blocks:        190.4.144.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:16:13:11:60:0f:ee:e0:37:c2:6f:29:c0:5a:0e:5b:94:37:7d:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:55 2025 GMT
            Not After : Feb  3 18:50:55 2026 GMT
        Subject: CN=64B93562BA47337C7F64515822A4ABBF17985EDF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:26:b7:66:be:88:1b:48:d2:18:75:88:a8:1e:
                    c5:98:54:39:24:37:b5:9b:00:41:9e:ee:88:0d:14:
                    3a:cc:c1:21:5f:70:22:fa:7d:72:99:8a:25:ab:99:
                    1b:ec:b3:5d:48:b3:91:93:21:ba:a6:64:03:3f:8b:
                    7a:06:c0:42:c2:51:e9:7a:7f:0b:0c:93:f6:b0:4b:
                    74:e0:19:43:b2:74:c6:27:03:0d:e2:1a:74:59:d7:
                    b8:c5:9c:0c:3b:13:02:d4:cf:44:98:82:f4:ad:ac:
                    c6:74:b2:20:b8:94:37:c8:11:07:b0:b9:4b:3b:fe:
                    11:e5:47:44:3e:bd:03:09:04:f0:60:52:fe:41:d2:
                    2e:58:c4:c4:99:88:bd:0a:9f:ca:a8:92:fc:70:f0:
                    49:75:aa:b3:f9:7c:13:29:ae:42:18:59:f3:d0:a4:
                    d9:d3:ba:29:39:4b:bf:d6:48:b7:00:7d:c9:9f:88:
                    b9:85:7d:1c:0d:0d:61:6e:ae:85:19:11:e5:85:29:
                    52:c7:34:51:fc:41:41:04:e5:2e:04:65:02:37:0a:
                    ff:5d:8c:db:e1:5a:21:05:0c:31:d9:46:7a:24:06:
                    dd:49:75:ce:12:c1:72:9c:1b:fc:0d:88:69:38:d7:
                    e3:bd:32:0f:c7:6d:ca:6f:16:af:55:33:28:1b:22:
                    11:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:B9:35:62:BA:47:33:7C:7F:64:51:58:22:A4:AB:BF:17:98:5E:DF
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3134342e302f32342d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:ec:7c:a4:5b:0d:3e:7a:66:8d:44:5c:21:80:75:a5:d3:7b:
         29:bc:98:8f:96:a7:40:2f:4a:d2:62:3e:f9:f2:d0:21:65:2f:
         28:66:52:b1:b8:7f:57:79:fe:84:90:ba:52:d2:e6:e7:35:16:
         40:7b:3b:ea:b2:12:74:c1:57:81:b2:46:a3:f1:42:c5:6a:3c:
         a9:57:93:13:ba:b2:cc:42:5f:f0:a4:dc:ef:3c:3f:24:f2:96:
         fb:10:b1:af:a4:fc:70:88:6b:9f:06:c9:2f:72:5f:af:02:ec:
         ff:6a:30:0f:fd:1d:fe:75:05:2b:3c:84:75:ef:4c:5b:94:9c:
         78:93:82:20:48:34:ff:e3:1e:80:16:23:84:80:9c:f3:12:c8:
         00:5d:a8:c8:2a:8a:9e:e5:a0:9b:2b:e1:61:10:cd:87:d3:51:
         97:ca:d4:ed:ba:c3:93:0b:64:0c:4f:ae:90:fd:63:e4:21:84:
         bc:a8:00:28:12:71:b0:58:8b:e3:c0:9e:de:42:82:14:f7:a7:
         fe:d0:82:a7:16:a9:d0:83:cf:df:96:c6:e2:e1:ff:f8:5a:0e:
         20:8e:26:18:99:95:fc:94:78:b2:e4:c5:48:aa:a4:d4:8e:3f:
         d0:ea:83:22:ce:6d:7e:ac:f0:9a:10:3f:21:6e:68:c1:14:d3:
         51:6f:40:d6
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUFBYTEWAP7uA3wm8pwFoOW5Q3fdUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NTVaFw0yNjAyMDMxODUwNTVaMDMxMTAvBgNV
BAMTKDY0QjkzNTYyQkE0NzMzN0M3RjY0NTE1ODIyQTRBQkJGMTc5ODVFREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNJrdmvogbSNIYdYioHsWYVDkk
N7WbAEGe7ogNFDrMwSFfcCL6fXKZiiWrmRvss11Is5GTIbqmZAM/i3oGwELCUel6
fwsMk/awS3TgGUOydMYnAw3iGnRZ17jFnAw7EwLUz0SYgvStrMZ0siC4lDfIEQew
uUs7/hHlR0Q+vQMJBPBgUv5B0i5YxMSZiL0Kn8qokvxw8El1qrP5fBMprkIYWfPQ
pNnTuik5S7/WSLcAfcmfiLmFfRwNDWFuroUZEeWFKVLHNFH8QUEE5S4EZQI3Cv9d
jNvhWiEFDDHZRnokBt1Jdc4SwXKcG/wNiGk41+O9Mg/HbcpvFq9VMygbIhE9AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUZLk1YrpHM3x/ZFFYIqSrvxeYXt8wHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMxMzkzMDJlMzQyZTMxMzQzNDJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzMjMzMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC+BJAwDQYJ
KoZIhvcNAQELBQADggEBAI3sfKRbDT56Zo1EXCGAdaXTeym8mI+Wp0AvStJiPvny
0CFlLyhmUrG4f1d5/oSQulLS5uc1FkB7O+qyEnTBV4GyRqPxQsVqPKlXkxO6ssxC
X/Ck3O88PyTylvsQsa+k/HCIa58GyS9yX68C7P9qMA/9Hf51BSs8hHXvTFuUnHiT
giBINP/jHoAWI4SAnPMSyABdqMgqip7loJsr4WEQzYfTUZfK1O26w5MLZAxPrpD9
Y+QhhLyoACgScbBYi+PAnt5CghT3p/7QgqcWqdCDz9+WxuLh//haDiCOJhiZlfyU
eLLkxUiqpNSOP9DqgyLObX6s8JoQPyFuaMEU01FvQNY=
-----END CERTIFICATE-----
Generated at Fri Feb 14 15:28:57 2025 by rpki-client