Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e302e302f32302d3234203d3e203532323333.roa
File:                     3139302e38382e302e302f32302d3234203d3e203532323333.roa (raw, json)
Hash identifier:          5JrzC62FlLAo7a/iqoMOEIZ3wqmvKv+dnipDLRk04+4=
Subject key identifier:   55:46:40:89:FF:DC:6A:D3:6A:6E:85:5A:99:C6:84:F6:48:FA:DF:7D
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       6882A383534FA817C6C0F875975DE932BB2195D4
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e302e302f32302d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:53 +0000
ROA not before:           Tue 04 Feb 2025 18:45:53 +0000
ROA not after:            Tue 03 Feb 2026 18:50:53 +0000
asID:                     52233
IP address blocks:        190.88.0.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:82:a3:83:53:4f:a8:17:c6:c0:f8:75:97:5d:e9:32:bb:21:95:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:53 2025 GMT
            Not After : Feb  3 18:50:53 2026 GMT
        Subject: CN=55464089FFDC6AD36A6E855A99C684F648FADF7D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:8e:9e:24:6f:51:85:52:75:5f:ee:30:e0:81:
                    f4:d5:3e:76:88:3d:66:8a:ee:db:69:e6:33:ed:0a:
                    2f:8a:40:fa:09:47:3c:25:2f:a7:20:60:ae:cc:68:
                    dc:0d:10:60:2e:9e:83:6b:49:ce:cc:67:86:c1:4f:
                    62:e3:49:40:b1:de:70:ef:40:8c:5f:49:34:31:3b:
                    d8:14:54:be:c6:38:cd:4a:33:fb:32:96:9a:6a:de:
                    48:44:58:c6:a3:fe:52:4a:90:25:e9:b0:6d:74:a5:
                    5e:fe:c9:dd:d4:26:1c:93:e5:6f:14:8d:a4:9a:e6:
                    ab:5a:7a:5b:0a:98:7c:38:0d:f1:b3:96:72:37:96:
                    57:fc:1f:e9:c8:aa:e4:85:99:1e:60:26:5b:a5:06:
                    26:10:c1:7d:07:16:fc:66:26:0a:ef:3b:ce:11:2e:
                    78:b0:9e:3b:47:30:fe:77:d5:e6:4b:6c:6f:6b:16:
                    8a:ae:00:fc:a9:6e:c5:89:28:e9:19:ba:35:ce:84:
                    00:cb:98:9d:90:87:ec:a4:c7:8c:bb:d1:71:4b:11:
                    2e:42:26:65:b2:ff:9b:56:4a:2c:04:8d:67:0d:0f:
                    20:69:ac:08:8c:b5:80:1f:64:a6:0c:f6:20:44:b0:
                    77:15:46:c9:fd:e1:ae:f8:ea:c2:ed:21:39:95:9d:
                    e5:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:46:40:89:FF:DC:6A:D3:6A:6E:85:5A:99:C6:84:F6:48:FA:DF:7D
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e302e302f32302d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         01:e6:1b:27:e6:c4:4b:82:83:04:73:e4:75:9a:25:34:24:7e:
         2a:0f:4c:b1:b1:f0:3a:5f:85:a2:82:75:19:33:11:8d:41:1e:
         1b:19:fb:ee:f5:0f:55:1f:05:7e:25:b1:43:eb:4b:0d:40:0c:
         e0:85:bb:d3:ce:ec:95:43:60:ea:a1:89:52:5a:b1:73:ae:09:
         9a:df:7d:d9:07:0a:4e:ac:de:da:47:35:7f:e9:a2:6f:5a:34:
         97:37:15:ca:ec:80:c0:36:90:51:28:25:6f:46:55:a8:7f:5e:
         aa:cd:b5:91:11:1d:83:65:07:f0:48:b7:21:9e:4d:fa:94:18:
         33:3f:2e:9c:4d:07:48:cb:f3:ab:58:ce:0b:dc:37:25:17:9a:
         9c:0b:20:61:53:22:e7:78:06:ca:42:1b:d7:78:b5:53:fa:7b:
         44:39:6f:e4:d0:2a:aa:51:39:1c:fa:7f:a9:11:34:6e:c6:71:
         4c:06:84:ed:e6:f5:9b:a4:2d:0a:cb:c8:b8:90:f4:22:5b:91:
         de:ab:02:99:a3:45:93:30:d3:ac:82:cc:3e:96:83:5c:60:0c:
         ce:b3:ae:37:39:e9:4e:ba:b9:90:d0:8b:05:00:fa:ad:41:02:
         d5:bb:b3:a9:39:8e:e7:87:85:4d:3b:17:5e:75:38:12:5c:40:
         4e:6e:e1:a7
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUaIKjg1NPqBfGwPh1l13pMrshldQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NTNaFw0yNjAyMDMxODUwNTNaMDMxMTAvBgNV
BAMTKDU1NDY0MDg5RkZEQzZBRDM2QTZFODU1QTk5QzY4NEY2NDhGQURGN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMjp4kb1GFUnVf7jDggfTVPnaI
PWaK7ttp5jPtCi+KQPoJRzwlL6cgYK7MaNwNEGAunoNrSc7MZ4bBT2LjSUCx3nDv
QIxfSTQxO9gUVL7GOM1KM/sylppq3khEWMaj/lJKkCXpsG10pV7+yd3UJhyT5W8U
jaSa5qtaelsKmHw4DfGzlnI3llf8H+nIquSFmR5gJlulBiYQwX0HFvxmJgrvO84R
LniwnjtHMP531eZLbG9rFoquAPypbsWJKOkZujXOhADLmJ2Qh+ykx4y70XFLES5C
JmWy/5tWSiwEjWcNDyBprAiMtYAfZKYM9iBEsHcVRsn94a746sLtITmVneVVAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUVUZAif/catNqboVamcaE9kj6330wHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMxMzkzMDJlMzgzODJlMzAyZTMwMmYz
MjMwMmQzMjM0MjAzZDNlMjAzNTMyMzIzMzMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEvlgAMA0GCSqG
SIb3DQEBCwUAA4IBAQAB5hsn5sRLgoMEc+R1miU0JH4qD0yxsfA6X4WignUZMxGN
QR4bGfvu9Q9VHwV+JbFD60sNQAzghbvTzuyVQ2DqoYlSWrFzrgma333ZBwpOrN7a
RzV/6aJvWjSXNxXK7IDANpBRKCVvRlWof16qzbWRER2DZQfwSLchnk36lBgzPy6c
TQdIy/OrWM4L3DclF5qcCyBhUyLneAbKQhvXeLVT+ntEOW/k0CqqUTkc+n+pETRu
xnFMBoTt5vWbpC0Ky8i4kPQiW5HeqwKZo0WTMNOsgsw+loNcYAzOs643OelOurmQ
0IsFAPqtQQLVu7OpOY7nh4VNOxdedTgSXEBObuGn
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:31:42 2025 by rpki-client