Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3134372e302f32342d3234203d3e203532323333.roa
File:                     3139302e342e3134372e302f32342d3234203d3e203532323333.roa (raw, json)
Hash identifier:          xbi+3ekkplEHfXi3bdlM2sjQrkujTN3QWtaKiJUm3y4=
Subject key identifier:   D4:02:19:31:89:97:C1:06:8F:87:3A:00:D8:50:A4:10:CB:40:97:C4
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       74EAA1A815419ECA8277406C312DF552FAEA894A
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3134372e302f32342d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:51:00 +0000
ROA not before:           Tue 04 Feb 2025 18:46:00 +0000
ROA not after:            Tue 03 Feb 2026 18:51:00 +0000
asID:                     52233
IP address blocks:        190.4.147.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:ea:a1:a8:15:41:9e:ca:82:77:40:6c:31:2d:f5:52:fa:ea:89:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:46:00 2025 GMT
            Not After : Feb  3 18:51:00 2026 GMT
        Subject: CN=D40219318997C1068F873A00D850A410CB4097C4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:4e:3b:31:63:1c:d8:a1:46:c5:9f:b8:d0:f7:
                    9d:c6:d8:36:38:6b:2f:67:b6:95:71:c0:6c:81:b6:
                    0e:c9:c1:ed:e6:b8:cd:df:4b:dc:29:a9:e5:6d:2f:
                    a8:1c:96:a7:32:2b:19:92:4f:b3:55:2c:9c:93:c9:
                    f8:f7:d5:64:6e:a4:26:f9:60:eb:e9:bd:38:81:2e:
                    2d:7c:81:11:11:16:a3:be:d8:15:56:31:d0:60:c8:
                    cd:e0:ad:de:c3:c3:57:ee:d1:65:4a:d2:21:16:c6:
                    50:99:5c:34:f0:17:2e:7e:9a:f0:af:36:45:ce:e8:
                    75:90:fc:b9:40:7f:cb:08:0f:d5:f1:49:66:44:5a:
                    0f:9e:91:87:d4:f8:12:68:11:f4:15:18:b4:b1:fa:
                    89:fb:69:26:22:45:5a:63:45:e7:88:c6:c2:40:0f:
                    e9:81:4a:2c:10:f0:54:4f:dd:ef:60:40:05:42:66:
                    7a:59:ba:7e:d3:1d:05:1d:06:1c:dd:40:15:86:67:
                    03:da:ad:f1:6c:af:7b:95:38:02:0b:7d:fa:fe:52:
                    fb:90:9b:5f:41:6d:88:46:1f:0f:d0:08:32:e9:81:
                    9e:1a:a2:37:7e:cc:da:26:2d:37:84:cc:9e:21:3a:
                    a5:43:4d:50:10:eb:1e:04:3a:31:52:ed:cf:b8:36:
                    b1:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:02:19:31:89:97:C1:06:8F:87:3A:00:D8:50:A4:10:CB:40:97:C4
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3134372e302f32342d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:06:1b:b5:24:61:f7:1a:0d:fd:98:9d:8c:f7:6a:a1:08:38:
         15:ab:c7:9f:f3:18:9f:63:60:67:7c:de:b0:5c:82:b7:6e:4d:
         28:7f:41:31:ec:a7:8f:cb:42:f1:ba:f6:6f:8b:67:ef:f2:8e:
         c7:41:75:12:74:17:a3:c6:d2:18:fd:56:c8:51:c3:9b:a8:07:
         16:a4:51:73:a9:d4:9f:43:4b:a2:16:14:4c:a1:5b:50:d1:17:
         87:f9:b6:80:cb:ee:a3:91:75:b8:9b:92:03:49:2d:d1:3e:29:
         cd:01:0b:74:2b:13:36:3e:31:51:1b:0b:31:e4:42:36:6b:04:
         29:18:24:39:8e:15:d9:96:fa:b6:be:9a:a1:f6:3a:9f:fa:e8:
         60:a6:c2:6a:ca:24:03:b9:97:43:cd:0e:d7:2a:b9:8f:fe:e4:
         70:51:2d:9d:09:32:ad:a6:f8:ec:76:75:79:05:b1:e0:d1:da:
         1a:6b:06:46:16:f7:0a:a7:8a:b4:f4:19:ce:ed:8f:98:e7:7a:
         fc:da:73:28:d0:b5:7e:30:cd:72:62:03:27:fa:d3:34:a7:44:
         56:7f:2b:50:87:fa:4c:f3:e3:82:55:d1:29:1b:1c:03:6c:2f:
         b5:c0:90:a7:4f:19:8c:05:52:dc:5c:8e:a5:e0:5b:37:42:d0:
         a6:8a:06:e8
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUdOqhqBVBnsqCd0BsMS31UvrqiUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ2MDBaFw0yNjAyMDMxODUxMDBaMDMxMTAvBgNV
BAMTKEQ0MDIxOTMxODk5N0MxMDY4Rjg3M0EwMEQ4NTBBNDEwQ0I0MDk3QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCTjsxYxzYoUbFn7jQ953G2DY4
ay9ntpVxwGyBtg7Jwe3muM3fS9wpqeVtL6gclqcyKxmST7NVLJyTyfj31WRupCb5
YOvpvTiBLi18gRERFqO+2BVWMdBgyM3grd7Dw1fu0WVK0iEWxlCZXDTwFy5+mvCv
NkXO6HWQ/LlAf8sID9XxSWZEWg+ekYfU+BJoEfQVGLSx+on7aSYiRVpjReeIxsJA
D+mBSiwQ8FRP3e9gQAVCZnpZun7THQUdBhzdQBWGZwParfFsr3uVOAILffr+UvuQ
m19BbYhGHw/QCDLpgZ4aojd+zNomLTeEzJ4hOqVDTVAQ6x4EOjFS7c+4NrHVAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU1AIZMYmXwQaPhzoA2FCkEMtAl8QwHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMxMzkzMDJlMzQyZTMxMzQzNzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzMjMzMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC+BJMwDQYJ
KoZIhvcNAQELBQADggEBABYGG7UkYfcaDf2YnYz3aqEIOBWrx5/zGJ9jYGd83rBc
grduTSh/QTHsp4/LQvG69m+LZ+/yjsdBdRJ0F6PG0hj9VshRw5uoBxakUXOp1J9D
S6IWFEyhW1DRF4f5toDL7qORdbibkgNJLdE+Kc0BC3QrEzY+MVEbCzHkQjZrBCkY
JDmOFdmW+ra+mqH2Op/66GCmwmrKJAO5l0PNDtcquY/+5HBRLZ0JMq2m+Ox2dXkF
seDR2hprBkYW9wqnirT0Gc7tj5jnevzacyjQtX4wzXJiAyf60zSnRFZ/K1CH+kzz
44JV0SkbHANsL7XAkKdPGYwFUtxcjqXgWzdC0KaKBug=
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:36:09 2025 by rpki-client