Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e3133312e302f32342d3234203d3e203532323333.roa
File:                     3139302e38382e3133312e302f32342d3234203d3e203532323333.roa (raw, json)
Hash identifier:          zdgeGl+uYp8uo/BW2jPBh2IJYMBctvNYnz/it0xklUY=
Subject key identifier:   A1:8C:B1:59:25:7F:58:D9:F5:6B:95:8F:BF:37:2C:67:E9:02:F2:C2
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       24A78CEE278A69B609BCBD2C9C691E65F2819AF7
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e3133312e302f32342d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:51:01 +0000
ROA not before:           Tue 04 Feb 2025 18:46:01 +0000
ROA not after:            Tue 03 Feb 2026 18:51:01 +0000
asID:                     52233
IP address blocks:        190.88.131.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:a7:8c:ee:27:8a:69:b6:09:bc:bd:2c:9c:69:1e:65:f2:81:9a:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:46:01 2025 GMT
            Not After : Feb  3 18:51:01 2026 GMT
        Subject: CN=A18CB159257F58D9F56B958FBF372C67E902F2C2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:dc:43:f2:e1:1b:58:3c:15:27:2f:d4:91:8a:
                    c9:cc:f4:ed:89:72:99:4b:1f:b2:04:9e:d8:e5:ce:
                    58:8c:3d:8e:54:51:b7:4f:c9:bc:7b:c5:5b:02:03:
                    91:8e:ef:6f:ea:41:96:8a:b1:f5:95:e9:6b:f9:21:
                    15:27:e9:7e:46:d3:02:b0:b9:3e:8c:03:0d:35:71:
                    ef:79:35:06:6b:fd:62:59:de:e2:a2:c9:6e:96:c7:
                    a8:7b:8e:59:51:7e:b7:15:cf:7c:30:ad:57:3e:14:
                    14:e3:fd:e7:25:b2:02:d6:39:7e:fa:24:87:12:4a:
                    cd:93:45:70:a6:c5:06:65:78:17:11:78:cc:51:f1:
                    ca:fd:09:49:3f:e4:87:ad:27:d8:a0:9c:25:09:e7:
                    a8:8a:cf:64:c3:44:bd:f9:61:22:52:00:14:84:9d:
                    a9:21:b9:7d:3a:55:48:f3:ad:f6:62:5f:64:f4:a2:
                    a2:71:de:bf:0f:a2:c3:50:c1:3c:a9:19:ec:48:c5:
                    57:22:3c:f2:f6:eb:4c:27:e4:b3:b0:66:04:c5:6d:
                    0b:bf:7a:fb:be:88:c6:ff:14:7c:58:39:b9:12:19:
                    e0:98:95:8a:07:08:9e:2e:92:52:9f:0c:96:28:39:
                    18:2c:90:e6:53:d1:34:6d:03:28:d9:1e:cc:f2:87:
                    79:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:8C:B1:59:25:7F:58:D9:F5:6B:95:8F:BF:37:2C:67:E9:02:F2:C2
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e3133312e302f32342d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:eb:82:84:67:fe:11:e8:7a:a0:08:01:a5:b1:5b:a7:69:46:
         82:45:56:e3:6c:01:29:30:21:83:c6:3c:db:85:49:59:0f:97:
         70:d3:2b:63:f1:5b:7f:0e:fe:fb:b3:6f:75:2a:db:e5:d5:73:
         9d:28:ea:40:8a:43:d1:26:b2:c9:63:68:c5:55:a7:90:26:e4:
         b3:43:47:31:8e:50:bd:3d:4d:6d:45:6f:ee:a1:8f:0a:ef:bc:
         50:bf:f4:45:93:02:fc:35:93:c6:c6:64:b7:ab:4d:3b:8b:a0:
         90:07:47:12:98:45:74:b3:4d:3f:8d:ec:63:72:82:49:c0:3d:
         b3:63:ef:de:0e:59:da:9f:05:b9:84:4e:3f:6f:42:e9:cf:69:
         f2:78:52:14:bf:db:16:7f:0c:bb:99:01:56:44:4a:f2:d6:b6:
         c6:79:9d:0e:31:18:ea:75:51:ca:e1:6e:54:96:43:c8:7f:99:
         c8:d7:7f:4d:c1:ec:64:c1:71:5e:b0:7c:0c:0f:0d:62:b0:23:
         40:b1:92:fd:6d:f7:e4:f0:aa:47:ed:21:4e:9b:f3:d2:ff:56:
         f0:14:1c:a0:41:51:81:ab:2b:85:36:9a:18:40:6f:e2:ce:ef:
         ee:3c:98:34:9e:0e:1c:9f:20:0b:6d:95:d5:6f:11:78:d8:55:
         c1:6c:84:bd
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUJKeM7ieKabYJvL0snGkeZfKBmvcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ2MDFaFw0yNjAyMDMxODUxMDFaMDMxMTAvBgNV
BAMTKEExOENCMTU5MjU3RjU4RDlGNTZCOTU4RkJGMzcyQzY3RTkwMkYyQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC63EPy4RtYPBUnL9SRisnM9O2J
cplLH7IEntjlzliMPY5UUbdPybx7xVsCA5GO72/qQZaKsfWV6Wv5IRUn6X5G0wKw
uT6MAw01ce95NQZr/WJZ3uKiyW6Wx6h7jllRfrcVz3wwrVc+FBTj/eclsgLWOX76
JIcSSs2TRXCmxQZleBcReMxR8cr9CUk/5IetJ9ignCUJ56iKz2TDRL35YSJSABSE
nakhuX06VUjzrfZiX2T0oqJx3r8PosNQwTypGexIxVciPPL260wn5LOwZgTFbQu/
evu+iMb/FHxYObkSGeCYlYoHCJ4uklKfDJYoORgskOZT0TRtAyjZHszyh3lLAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUoYyxWSV/WNn1a5WPvzcsZ+kC8sIwHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMxMzkzMDJlMzgzODJlMzEzMzMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMyMzMzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAL5YgzAN
BgkqhkiG9w0BAQsFAAOCAQEAAeuChGf+Eeh6oAgBpbFbp2lGgkVW42wBKTAhg8Y8
24VJWQ+XcNMrY/Fbfw7++7NvdSrb5dVznSjqQIpD0SayyWNoxVWnkCbks0NHMY5Q
vT1NbUVv7qGPCu+8UL/0RZMC/DWTxsZkt6tNO4ugkAdHEphFdLNNP43sY3KCScA9
s2Pv3g5Z2p8FuYROP29C6c9p8nhSFL/bFn8Mu5kBVkRK8ta2xnmdDjEY6nVRyuFu
VJZDyH+ZyNd/TcHsZMFxXrB8DA8NYrAjQLGS/W335PCqR+0hTpvz0v9W8BQcoEFR
gasrhTaaGEBv4s7v7jyYNJ4OHJ8gC22V1W8ReNhVwWyEvQ==
-----END CERTIFICATE-----
Generated at Fri Feb 14 15:03:00 2025 by rpki-client