Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3134382e302f32322d3234203d3e203532323333.roa
File:                     3139302e342e3134382e302f32322d3234203d3e203532323333.roa (raw, json)
Hash identifier:          SvYn6t4DoE1D3hO5uoZ0mP/OTjBoJk3SepykcE2MxFM=
Subject key identifier:   B1:AA:8E:37:D1:E9:C7:63:0E:7A:0A:EF:10:01:AA:D7:90:1E:DC:37
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       3035E348139F6596992D55D356F3599C374ABBE7
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3134382e302f32322d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:56 +0000
ROA not before:           Tue 04 Feb 2025 18:45:56 +0000
ROA not after:            Tue 03 Feb 2026 18:50:56 +0000
asID:                     52233
IP address blocks:        190.4.148.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:35:e3:48:13:9f:65:96:99:2d:55:d3:56:f3:59:9c:37:4a:bb:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:56 2025 GMT
            Not After : Feb  3 18:50:56 2026 GMT
        Subject: CN=B1AA8E37D1E9C7630E7A0AEF1001AAD7901EDC37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:b7:37:ca:eb:e1:3c:83:f6:e3:63:c8:48:6f:
                    d2:ae:59:91:53:af:4c:56:25:f2:61:55:a6:d5:13:
                    38:cd:2d:68:aa:0b:6a:2e:38:f5:4a:8c:50:f5:1b:
                    ce:ef:81:8e:49:24:c4:91:aa:95:5a:e2:1a:ce:e2:
                    65:d9:65:2c:a5:3a:ed:3e:f0:24:4b:23:9e:46:04:
                    a6:9a:cd:b9:5e:dc:45:30:01:c6:d3:fa:85:06:a4:
                    19:3c:58:d5:a1:3e:8c:8b:16:84:b4:a3:64:bd:14:
                    17:91:c8:f7:02:35:fd:03:7c:99:5d:0c:2d:ab:80:
                    e9:1d:6d:70:a7:2b:49:65:cf:9a:d0:06:0f:ad:e7:
                    43:56:6f:7b:14:85:18:5b:43:5b:93:e9:39:17:b7:
                    6b:67:30:7f:c9:25:ca:6e:23:2c:9c:9f:ab:65:ab:
                    ec:b9:f1:5b:9a:ea:72:4e:d0:a9:b2:e2:51:1e:ab:
                    0e:dd:1f:bc:86:f0:d9:c7:df:76:a1:4c:86:12:ef:
                    da:81:a1:f4:46:ff:6a:9f:c8:d1:67:e6:cc:80:5b:
                    0c:66:fc:f3:7d:8a:9e:cb:f0:0c:33:3a:8a:94:f5:
                    81:36:84:04:71:ab:ad:83:89:90:7f:81:d8:cc:46:
                    ba:17:e9:9f:da:26:ca:e2:a7:77:80:4b:72:ab:df:
                    86:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:AA:8E:37:D1:E9:C7:63:0E:7A:0A:EF:10:01:AA:D7:90:1E:DC:37
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3134382e302f32322d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3d:3a:26:b4:97:44:a5:27:c6:a1:4b:75:02:84:4e:89:87:2a:
         97:32:97:87:ff:6f:e3:70:9f:cd:2a:2d:c0:0a:31:2a:de:3c:
         a3:5c:75:a2:cc:3e:76:12:49:9f:2f:ff:f5:cb:a8:7a:ed:8e:
         a6:9d:54:62:66:26:58:85:94:fc:3c:24:99:5b:2f:d1:bc:c1:
         22:e0:ef:43:1a:45:f7:0e:5f:28:3d:49:4b:8f:70:1e:0e:fb:
         7a:ed:ff:b7:e8:00:51:ee:b2:4b:bf:bf:da:82:78:f4:40:00:
         ae:36:e3:f6:51:2b:04:32:94:9b:e4:92:00:87:df:14:17:76:
         fd:9d:22:0a:8f:a4:ba:96:a2:43:c2:1a:90:83:2d:ce:54:fd:
         17:35:48:30:ff:42:3c:72:68:08:fe:fe:2e:17:b3:ad:60:c1:
         12:2a:c3:d7:72:58:8d:83:ef:67:8a:e1:d3:f9:ea:3d:58:a8:
         1c:4d:c7:6f:01:80:be:d6:a7:53:79:62:75:93:c0:4c:8d:d4:
         36:2f:9a:e0:72:69:6d:4e:97:58:99:bf:f3:58:86:4e:64:b0:
         9d:d0:ad:61:95:e6:55:fe:4f:ef:44:7d:fa:98:08:64:ef:10:
         77:8e:35:c5:4f:19:30:4a:fd:f0:53:e7:b5:31:cd:7d:cd:b2:
         7d:ea:8e:e1
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUMDXjSBOfZZaZLVXTVvNZnDdKu+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NTZaFw0yNjAyMDMxODUwNTZaMDMxMTAvBgNV
BAMTKEIxQUE4RTM3RDFFOUM3NjMwRTdBMEFFRjEwMDFBQUQ3OTAxRURDMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrtzfK6+E8g/bjY8hIb9KuWZFT
r0xWJfJhVabVEzjNLWiqC2ouOPVKjFD1G87vgY5JJMSRqpVa4hrO4mXZZSylOu0+
8CRLI55GBKaazble3EUwAcbT+oUGpBk8WNWhPoyLFoS0o2S9FBeRyPcCNf0DfJld
DC2rgOkdbXCnK0llz5rQBg+t50NWb3sUhRhbQ1uT6TkXt2tnMH/JJcpuIyycn6tl
q+y58Vua6nJO0Kmy4lEeqw7dH7yG8NnH33ahTIYS79qBofRG/2qfyNFn5syAWwxm
/PN9ip7L8AwzOoqU9YE2hARxq62DiZB/gdjMRroX6Z/aJsrip3eAS3Kr34bPAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUsaqON9Hpx2MOegrvEAGq15Ae3DcwHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMxMzkzMDJlMzQyZTMxMzQzODJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDM1MzIzMjMzMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK+BJQwDQYJ
KoZIhvcNAQELBQADggEBAD06JrSXRKUnxqFLdQKETomHKpcyl4f/b+Nwn80qLcAK
MSrePKNcdaLMPnYSSZ8v//XLqHrtjqadVGJmJliFlPw8JJlbL9G8wSLg70MaRfcO
Xyg9SUuPcB4O+3rt/7foAFHusku/v9qCePRAAK424/ZRKwQylJvkkgCH3xQXdv2d
IgqPpLqWokPCGpCDLc5U/Rc1SDD/QjxyaAj+/i4Xs61gwRIqw9dyWI2D72eK4dP5
6j1YqBxNx28BgL7Wp1N5YnWTwEyN1DYvmuByaW1Ol1iZv/NYhk5ksJ3QrWGV5lX+
T+9EffqYCGTvEHeONcVPGTBK/fBT57UxzX3Nsn3qjuE=
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:01:12 2025 by rpki-client