Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3137322e302f32332d3234203d3e203532323333.roa
File:                     3139302e342e3137322e302f32332d3234203d3e203532323333.roa (raw, json)
Hash identifier:          DGqchJ4okWG2uRkGmUnsNXGoIjfnEBadxe7eYhYR6z8=
Subject key identifier:   BC:88:CB:9C:5D:66:52:89:AC:66:CA:0A:15:54:8E:20:2B:AF:FD:10
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       120F488945E7E6A0BC6B04F09DBB2D64ACD1B83C
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3137322e302f32332d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:51:01 +0000
ROA not before:           Tue 04 Feb 2025 18:46:01 +0000
ROA not after:            Tue 03 Feb 2026 18:51:01 +0000
asID:                     52233
IP address blocks:        190.4.172.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:0f:48:89:45:e7:e6:a0:bc:6b:04:f0:9d:bb:2d:64:ac:d1:b8:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:46:01 2025 GMT
            Not After : Feb  3 18:51:01 2026 GMT
        Subject: CN=BC88CB9C5D665289AC66CA0A15548E202BAFFD10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:71:0c:f5:1a:f2:48:af:45:a4:a8:19:bc:a2:
                    86:6f:33:3b:12:3b:8a:fa:d3:01:75:ca:31:8e:d1:
                    13:1c:bb:a9:dc:9e:02:6b:7f:21:30:d9:ff:d5:6d:
                    ab:a5:8a:83:10:60:e9:60:b8:13:36:9d:9f:75:ea:
                    0f:9f:7f:2a:8d:bc:d5:13:2e:0e:f3:1a:72:0b:bb:
                    61:ff:a0:27:12:e8:39:6c:c3:44:74:64:14:7e:f8:
                    72:32:2b:e4:f6:19:fc:52:06:ba:5b:05:66:46:db:
                    e2:93:6e:62:cb:84:65:e1:ad:df:e9:00:e1:c8:9b:
                    d4:23:20:30:06:9f:b0:bd:06:6b:65:ed:ae:aa:1c:
                    9c:b8:d8:dc:04:a4:d8:ba:cb:29:2f:99:61:5e:43:
                    90:a8:f0:f7:d1:c7:38:b5:7e:8a:b6:8e:f7:56:e2:
                    6c:bc:49:72:f9:da:b4:a4:76:84:12:43:20:51:3f:
                    24:91:2c:21:d7:c5:5a:de:7f:2a:e2:4d:86:77:59:
                    89:26:97:ff:2d:c4:17:78:fe:7c:15:18:70:6b:a8:
                    b6:4f:f6:51:1a:ff:d0:c8:84:de:d8:02:c6:46:d5:
                    9b:e0:3b:8f:d7:fc:2d:68:7f:3c:47:a9:e5:51:a0:
                    63:e4:3e:d6:c6:6f:50:db:9c:a9:a6:ee:74:57:d2:
                    a1:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:88:CB:9C:5D:66:52:89:AC:66:CA:0A:15:54:8E:20:2B:AF:FD:10
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e342e3137322e302f32332d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.172.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2f:a3:e0:90:99:aa:d6:b8:79:1d:fa:80:8c:94:e6:54:05:c8:
         b0:33:00:2b:34:17:d7:a8:72:8b:ba:85:3a:68:fc:22:c5:6f:
         66:46:bf:a4:fc:24:b1:2f:ed:62:d5:c8:23:98:4f:26:4a:c5:
         61:95:4d:3d:f8:6b:15:d9:76:3b:c4:86:2d:be:9e:95:de:34:
         d0:71:96:d3:6f:42:ff:4d:5b:4f:80:f7:66:27:9b:47:25:5c:
         6f:73:02:c4:b8:a6:12:34:44:5b:07:39:e0:52:e2:a9:4a:43:
         de:ee:fe:8f:ed:3a:43:8d:fa:9c:03:dd:23:01:f6:9f:b7:d5:
         28:6a:67:f7:1b:ab:86:71:8e:74:1c:72:14:ee:36:37:97:ca:
         69:34:b5:ae:40:88:07:5b:e1:ca:d8:6a:4e:26:9c:32:34:8e:
         a7:6d:67:1f:ef:d2:e7:06:df:39:76:97:88:b9:27:4b:9c:8c:
         64:2e:62:3d:d8:30:17:e0:48:9b:5a:c6:e3:60:da:b9:bd:b9:
         30:14:4d:b6:75:44:ae:cb:17:e7:3a:6f:0e:53:80:17:59:85:
         20:2b:77:7d:ba:3b:2a:b9:43:a7:b2:ca:36:ea:e1:68:ed:9a:
         b3:b2:6d:05:98:9d:dc:d8:3f:d7:6c:86:d9:9d:b0:5d:d8:07:
         2b:76:5b:c7
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUEg9IiUXn5qC8awTwnbstZKzRuDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ2MDFaFw0yNjAyMDMxODUxMDFaMDMxMTAvBgNV
BAMTKEJDODhDQjlDNUQ2NjUyODlBQzY2Q0EwQTE1NTQ4RTIwMkJBRkZEMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZcQz1GvJIr0WkqBm8ooZvMzsS
O4r60wF1yjGO0RMcu6ncngJrfyEw2f/VbaulioMQYOlguBM2nZ916g+ffyqNvNUT
Lg7zGnILu2H/oCcS6Dlsw0R0ZBR++HIyK+T2GfxSBrpbBWZG2+KTbmLLhGXhrd/p
AOHIm9QjIDAGn7C9Bmtl7a6qHJy42NwEpNi6yykvmWFeQ5Co8PfRxzi1foq2jvdW
4my8SXL52rSkdoQSQyBRPySRLCHXxVrefyriTYZ3WYkml/8txBd4/nwVGHBrqLZP
9lEa/9DIhN7YAsZG1ZvgO4/X/C1ofzxHqeVRoGPkPtbGb1DbnKmm7nRX0qFJAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUvIjLnF1mUomsZsoKFVSOICuv/RAwHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMxMzkzMDJlMzQyZTMxMzczMjJlMzAy
ZjMyMzMyZDMyMzQyMDNkM2UyMDM1MzIzMjMzMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG+BKwwDQYJ
KoZIhvcNAQELBQADggEBAC+j4JCZqta4eR36gIyU5lQFyLAzACs0F9eocou6hTpo
/CLFb2ZGv6T8JLEv7WLVyCOYTyZKxWGVTT34axXZdjvEhi2+npXeNNBxltNvQv9N
W0+A92Ynm0clXG9zAsS4phI0RFsHOeBS4qlKQ97u/o/tOkON+pwD3SMB9p+31Shq
Z/cbq4ZxjnQcchTuNjeXymk0ta5AiAdb4crYak4mnDI0jqdtZx/v0ucG3zl2l4i5
J0ucjGQuYj3YMBfgSJtaxuNg2rm9uTAUTbZ1RK7LF+c6bw5TgBdZhSArd326Oyq5
Q6eyyjbq4WjtmrOybQWYndzYP9dshtmdsF3YByt2W8c=
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:53:28 2025 by rpki-client