Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e3132382e302f32342d3234203d3e203532323333.roa
File:                     3139302e38382e3132382e302f32342d3234203d3e203532323333.roa (raw, json)
Hash identifier:          CAb6GO+EITcPv8Z4xFcRYzUy6O7c7seJAsz7uFjelMs=
Subject key identifier:   30:C8:35:90:3C:FD:F7:08:09:4A:EA:B0:43:B2:08:2F:15:46:89:9E
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       4FD3020381054C24F5556C8BE1741E2098569DE4
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e3132382e302f32342d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:52 +0000
ROA not before:           Tue 04 Feb 2025 18:45:52 +0000
ROA not after:            Tue 03 Feb 2026 18:50:52 +0000
asID:                     52233
IP address blocks:        190.88.128.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:d3:02:03:81:05:4c:24:f5:55:6c:8b:e1:74:1e:20:98:56:9d:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:52 2025 GMT
            Not After : Feb  3 18:50:52 2026 GMT
        Subject: CN=30C835903CFDF708094AEAB043B2082F1546899E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ac:34:a3:b7:48:cd:ea:3f:2f:21:2e:e4:0b:
                    02:a8:cd:99:ab:90:7b:67:67:b3:d6:59:46:33:a1:
                    98:ce:88:f6:98:42:84:3f:c5:05:8d:d8:38:a5:d6:
                    6d:45:03:ca:57:8e:61:d4:65:fc:88:ca:aa:b1:fe:
                    9d:82:74:58:19:ef:2c:75:a1:62:5d:6c:e6:87:bd:
                    a7:21:1b:44:c0:2f:37:ab:b0:51:00:b3:7a:68:ca:
                    6c:b4:5b:88:66:f6:b7:9e:f0:cc:2e:a0:24:c4:d0:
                    c2:17:ae:45:42:56:37:67:32:8d:06:c7:b4:7a:7c:
                    43:1c:ac:bd:43:31:c4:b0:0b:72:cd:7b:e8:73:b9:
                    4c:b3:51:5d:32:1d:42:00:66:ef:9c:4f:65:bd:04:
                    70:ab:e1:fe:07:17:96:04:3e:68:59:dd:3c:b6:e0:
                    ca:40:ac:fb:78:db:b5:6d:18:01:56:2b:be:24:5b:
                    1a:c3:e0:b9:d3:c2:6a:05:2d:e6:c2:cd:b0:ae:a6:
                    58:1b:8c:9b:d7:bf:39:3e:50:b8:61:db:c4:25:94:
                    d9:ab:92:e6:79:f4:c9:5f:44:5e:3f:a8:e8:c2:a2:
                    d9:48:7d:e6:8d:99:55:4c:06:e7:a5:48:d8:69:4a:
                    a1:c8:f8:76:1e:d8:b9:b9:cb:e2:72:ca:25:20:81:
                    6d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:C8:35:90:3C:FD:F7:08:09:4A:EA:B0:43:B2:08:2F:15:46:89:9E
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e3132382e302f32342d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:d3:63:f1:c3:8d:ef:8c:54:cc:1f:c6:6f:5b:c7:03:c6:3e:
         b6:0a:dd:16:a9:de:27:86:3b:d3:1f:54:0f:e8:9f:ec:8f:c6:
         85:8b:f8:f4:55:21:ca:37:2d:7f:4d:6b:5d:e0:30:2a:fa:3a:
         68:f3:e9:6d:72:a8:24:45:fe:14:1a:28:42:c9:c0:1a:58:f5:
         ec:bb:67:2f:64:43:57:f3:16:ad:6e:13:8e:5b:14:fc:7e:99:
         37:0f:37:2e:2d:10:53:65:7e:c8:7a:52:6a:7b:f7:b2:71:a4:
         62:45:2f:3b:ad:4e:3e:8c:b4:95:18:64:85:7c:3e:a9:4a:c9:
         98:a1:fa:79:8d:55:40:d3:c2:53:3c:38:3c:ae:0e:b3:45:30:
         ef:b6:83:de:3f:09:fd:a6:f6:b6:e7:19:fa:be:66:6b:88:8b:
         16:6e:52:07:3f:d1:dc:db:76:f2:ea:8d:e2:10:8c:3d:1d:74:
         b5:05:6e:52:43:d0:e7:f9:cf:76:1a:6c:70:7d:3d:f6:10:4b:
         88:7c:8e:3e:bc:17:2c:72:62:e1:98:c7:82:75:8d:90:b5:75:
         10:1f:79:61:3e:b7:1b:41:ac:7f:96:dc:d4:44:15:10:76:3b:
         53:fa:cb:fc:d4:b3:e1:88:d5:b6:4a:e3:6b:5e:fe:86:09:bd:
         a6:17:6f:39
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUT9MCA4EFTCT1VWyL4XQeIJhWneQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NTJaFw0yNjAyMDMxODUwNTJaMDMxMTAvBgNV
BAMTKDMwQzgzNTkwM0NGREY3MDgwOTRBRUFCMDQzQjIwODJGMTU0Njg5OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNrDSjt0jN6j8vIS7kCwKozZmr
kHtnZ7PWWUYzoZjOiPaYQoQ/xQWN2Dil1m1FA8pXjmHUZfyIyqqx/p2CdFgZ7yx1
oWJdbOaHvachG0TALzersFEAs3poymy0W4hm9ree8MwuoCTE0MIXrkVCVjdnMo0G
x7R6fEMcrL1DMcSwC3LNe+hzuUyzUV0yHUIAZu+cT2W9BHCr4f4HF5YEPmhZ3Ty2
4MpArPt427VtGAFWK74kWxrD4LnTwmoFLebCzbCuplgbjJvXvzk+ULhh28QllNmr
kuZ59MlfRF4/qOjCotlIfeaNmVVMBuelSNhpSqHI+HYe2Lm5y+JyyiUggW2JAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUMMg1kDz99wgJSuqwQ7IILxVGiZ4wHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMxMzkzMDJlMzgzODJlMzEzMjM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMyMzMzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAL5YgDAN
BgkqhkiG9w0BAQsFAAOCAQEAA9Nj8cON74xUzB/Gb1vHA8Y+tgrdFqneJ4Y70x9U
D+if7I/GhYv49FUhyjctf01rXeAwKvo6aPPpbXKoJEX+FBooQsnAGlj17LtnL2RD
V/MWrW4TjlsU/H6ZNw83Li0QU2V+yHpSanv3snGkYkUvO61OPoy0lRhkhXw+qUrJ
mKH6eY1VQNPCUzw4PK4Os0Uw77aD3j8J/ab2tucZ+r5ma4iLFm5SBz/R3Nt28uqN
4hCMPR10tQVuUkPQ5/nPdhpscH099hBLiHyOPrwXLHJi4ZjHgnWNkLV1EB95YT63
G0Gsf5bc1EQVEHY7U/rL/NSz4YjVtkrja17+hgm9phdvOQ==
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:18:08 2025 by rpki-client