Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3136382e302f32322d3234203d3e203532323333.roa
File:                     3139302e342e3136382e302f32322d3234203d3e203532323333.roa (raw, json)
Hash identifier:          ob8GdOPLnZWHAki8MEkDZjhYcgousrX6nsShmN5kl0g=
Subject key identifier:   8F:D3:92:9B:65:5F:02:FA:9E:D9:AB:AE:E6:DB:16:11:F5:3B:3C:BE
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       25EC49B6D25E4E2BE5AF4B01046A45F02D882850
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3136382e302f32322d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:58 +0000
ROA not before:           Tue 04 Feb 2025 18:45:58 +0000
ROA not after:            Tue 03 Feb 2026 18:50:58 +0000
asID:                     52233
IP address blocks:        190.4.168.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:ec:49:b6:d2:5e:4e:2b:e5:af:4b:01:04:6a:45:f0:2d:88:28:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:58 2025 GMT
            Not After : Feb  3 18:50:58 2026 GMT
        Subject: CN=8FD3929B655F02FA9ED9ABAEE6DB1611F53B3CBE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a2:e5:f4:c1:e9:c6:43:20:c2:14:4f:78:fa:
                    3b:53:c8:27:10:b0:30:6f:1a:66:a6:2d:e5:b3:35:
                    8c:77:7f:19:b9:94:02:46:77:3d:b1:c5:ea:d5:01:
                    59:c9:36:2b:87:64:cd:99:f8:8c:f8:01:98:9f:2b:
                    8a:bd:19:38:93:d7:98:24:96:29:e0:81:12:81:21:
                    5e:6a:75:ef:52:7c:ae:29:04:55:65:42:2d:a0:27:
                    37:26:24:3f:e7:23:a1:08:d2:08:63:03:af:25:a2:
                    39:ce:0f:39:e1:59:6f:be:a3:97:52:c0:e6:37:37:
                    8e:36:80:f8:d1:5e:dc:f7:00:b0:6b:da:f6:f8:88:
                    b7:07:fb:ae:f6:ed:89:b0:9a:5c:08:ab:5f:e7:64:
                    e7:cf:44:95:db:47:c2:61:22:4a:af:b3:67:b3:b4:
                    1b:2a:ca:97:b8:59:ca:f9:fc:f0:e3:85:47:98:24:
                    5d:5e:d0:a0:2f:fb:84:d0:ec:4c:77:3a:fb:92:9f:
                    14:1a:18:e5:20:87:25:6d:f5:ba:27:2b:c7:a4:22:
                    c3:60:e3:19:c3:ce:84:b8:70:04:dc:b4:e6:53:fd:
                    61:58:df:c0:22:83:26:2c:f4:94:e2:d2:ad:76:ac:
                    98:af:71:6b:3a:98:f2:e8:7e:fc:52:ce:15:84:26:
                    c1:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:D3:92:9B:65:5F:02:FA:9E:D9:AB:AE:E6:DB:16:11:F5:3B:3C:BE
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3136382e302f32322d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         42:39:c8:a5:d2:c5:46:6f:97:b0:85:5b:cd:8d:b9:cb:4b:40:
         cc:ca:05:94:25:ab:4f:a6:64:28:d2:23:e5:89:66:b2:a2:3c:
         09:3e:ad:f5:c3:d5:99:11:a2:ab:35:46:c5:cc:0c:f0:fb:63:
         31:6c:5e:0b:a2:da:dd:30:40:d2:0b:17:60:c7:a0:13:58:da:
         39:3b:36:fe:5e:cd:f6:1c:4a:df:ae:09:55:9b:f6:8c:53:aa:
         f8:92:5e:0a:f2:8c:1a:b2:08:da:5e:b9:cf:e4:9e:3b:02:87:
         a5:0a:f2:fb:20:58:0d:ed:b4:ef:50:8b:76:de:52:6b:bc:f4:
         61:b1:f3:06:f7:ff:d4:9c:37:5c:4b:8f:5d:96:a1:28:0f:0d:
         c4:8c:15:7a:00:fc:6b:f4:dc:ca:93:6e:91:26:e2:74:78:ec:
         c0:f6:b6:a2:05:a4:96:f5:28:44:19:cf:0b:01:94:62:4f:ab:
         b2:ee:ab:69:0d:14:c1:fd:82:cc:ef:4e:e1:54:5f:cc:22:85:
         d3:80:e8:40:99:fd:28:a5:4d:63:93:2b:58:95:d5:42:78:2f:
         d8:bd:64:3f:c4:26:d9:3c:46:fe:ce:3c:94:25:9e:d3:90:36:
         ee:e3:f8:36:c5:ef:f6:82:47:b6:88:19:2e:d4:0d:b5:a9:1d:
         ca:07:2c:68
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUJexJttJeTivlr0sBBGpF8C2IKFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NThaFw0yNjAyMDMxODUwNThaMDMxMTAvBgNV
BAMTKDhGRDM5MjlCNjU1RjAyRkE5RUQ5QUJBRUU2REIxNjExRjUzQjNDQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxouX0wenGQyDCFE94+jtTyCcQ
sDBvGmamLeWzNYx3fxm5lAJGdz2xxerVAVnJNiuHZM2Z+Iz4AZifK4q9GTiT15gk
linggRKBIV5qde9SfK4pBFVlQi2gJzcmJD/nI6EI0ghjA68lojnODznhWW++o5dS
wOY3N442gPjRXtz3ALBr2vb4iLcH+6727YmwmlwIq1/nZOfPRJXbR8JhIkqvs2ez
tBsqype4Wcr5/PDjhUeYJF1e0KAv+4TQ7Ex3OvuSnxQaGOUghyVt9bonK8ekIsNg
4xnDzoS4cATctOZT/WFY38AigyYs9JTi0q12rJivcWs6mPLofvxSzhWEJsHfAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUj9OSm2VfAvqe2auu5tsWEfU7PL4wHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMxMzkzMDJlMzQyZTMxMzYzODJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDM1MzIzMjMzMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK+BKgwDQYJ
KoZIhvcNAQELBQADggEBAEI5yKXSxUZvl7CFW82NuctLQMzKBZQlq0+mZCjSI+WJ
ZrKiPAk+rfXD1ZkRoqs1RsXMDPD7YzFsXgui2t0wQNILF2DHoBNY2jk7Nv5ezfYc
St+uCVWb9oxTqviSXgryjBqyCNpeuc/knjsCh6UK8vsgWA3ttO9Qi3beUmu89GGx
8wb3/9ScN1xLj12WoSgPDcSMFXoA/Gv03MqTbpEm4nR47MD2tqIFpJb1KEQZzwsB
lGJPq7Luq2kNFMH9gszvTuFUX8wihdOA6ECZ/SilTWOTK1iV1UJ4L9i9ZD/EJtk8
Rv7OPJQlntOQNu7j+DbF7/aCR7aIGS7UDbWpHcoHLGg=
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:16:56 2025 by rpki-client