Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e34302e302f32312d3234203d3e203532323333.roa
File:                     3139302e38382e34302e302f32312d3234203d3e203532323333.roa (raw, json)
Hash identifier:          sVf1f7NwAmvsZJjLYvfPiPkHy4LN4XcFcvJxQFS+QjU=
Subject key identifier:   A0:81:6D:2A:E1:FE:13:2B:AB:F4:F9:39:99:B7:49:DF:80:B8:83:59
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       394213FEABA7941B6EA41CD8B9FDB639F9B2F7A5
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e34302e302f32312d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:58 +0000
ROA not before:           Tue 04 Feb 2025 18:45:58 +0000
ROA not after:            Tue 03 Feb 2026 18:50:58 +0000
asID:                     52233
IP address blocks:        190.88.40.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:42:13:fe:ab:a7:94:1b:6e:a4:1c:d8:b9:fd:b6:39:f9:b2:f7:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:58 2025 GMT
            Not After : Feb  3 18:50:58 2026 GMT
        Subject: CN=A0816D2AE1FE132BABF4F93999B749DF80B88359
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a4:a1:90:05:bb:77:2f:10:b7:0c:db:a0:a1:
                    d7:e2:e9:c9:73:01:a1:ab:60:78:68:a4:4e:1d:9c:
                    57:c7:80:54:0b:8a:61:33:a9:e0:9d:c2:95:80:19:
                    0a:19:e8:1f:f0:d3:35:e2:7f:b3:4f:cb:3a:84:4a:
                    ab:e7:ad:87:02:2b:ab:85:a1:5c:88:04:43:b5:31:
                    67:02:4b:47:37:c5:b1:eb:7d:22:3b:23:7f:fe:3f:
                    de:94:d2:97:0d:c9:6f:20:78:0e:3e:a4:a1:3c:c4:
                    d6:c3:40:53:bb:72:7f:62:69:67:ed:37:09:10:fc:
                    ba:e7:02:96:46:18:26:25:bf:69:88:62:da:f4:0e:
                    5e:3d:26:60:dc:a9:c8:93:fa:24:e7:91:a0:73:9d:
                    c0:cd:45:f5:f6:17:8a:55:0c:ba:50:72:02:d5:c5:
                    d9:aa:fb:96:f9:9d:a5:38:42:38:d3:82:fc:6d:1f:
                    e9:ea:54:46:18:b2:9b:f7:c4:7e:ee:09:8e:ac:d5:
                    b8:1c:f7:8e:41:97:f5:fb:ab:6a:4b:7a:d1:ce:a6:
                    f4:23:a8:83:01:b9:32:41:bc:ee:14:9c:e0:99:1f:
                    61:7d:03:c5:62:e0:f5:a0:61:70:96:3a:a3:6a:b7:
                    9a:59:8b:af:67:dc:81:14:30:1d:ed:ae:df:51:7e:
                    ae:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:81:6D:2A:E1:FE:13:2B:AB:F4:F9:39:99:B7:49:DF:80:B8:83:59
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e34302e302f32312d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.40.0/21

    Signature Algorithm: sha256WithRSAEncryption
         ba:1e:5b:e7:9c:8a:f6:f4:dd:de:6f:78:45:e2:02:a5:47:8a:
         10:1a:cb:ec:af:00:19:21:83:c4:0d:bb:9e:a4:4f:3c:1e:26:
         3f:ad:ac:6d:b6:a1:86:75:c1:7d:ba:83:9d:00:34:cd:f5:39:
         09:03:7c:8b:df:13:50:22:1a:c8:96:50:ec:6d:3e:b3:1b:23:
         26:f6:5e:61:4a:cc:7d:bc:50:e5:84:7f:f4:84:5c:34:e5:20:
         00:d5:ce:6f:9c:40:8b:02:8d:3d:ee:b8:68:7e:05:d9:90:23:
         05:c4:84:ed:fa:70:cc:ba:a4:35:b8:bc:be:1e:f1:f3:d1:23:
         31:40:90:56:62:8b:31:16:3f:5c:ef:a4:5c:91:fd:e8:52:f9:
         3c:ea:6d:c0:47:66:52:70:24:ed:b7:76:bc:c9:ef:52:a7:9c:
         5f:49:89:93:c7:01:44:86:50:74:96:83:f4:e8:65:63:00:a9:
         b2:d2:63:c1:06:40:4f:81:a3:27:c6:2c:1a:7f:fa:38:37:32:
         6e:0d:2a:2b:32:09:59:e7:53:c4:f3:16:6f:c1:be:98:f6:92:
         88:74:16:1d:3b:48:92:a2:f8:a1:61:5d:17:02:4e:6c:43:61:
         1e:e3:57:ce:33:ca:08:d0:9a:74:25:10:3a:a6:15:1d:75:ba:
         95:fd:c3:91
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUOUIT/qunlBtupBzYuf22Ofmy96UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NThaFw0yNjAyMDMxODUwNThaMDMxMTAvBgNV
BAMTKEEwODE2RDJBRTFGRTEzMkJBQkY0RjkzOTk5Qjc0OURGODBCODgzNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2pKGQBbt3LxC3DNugodfi6clz
AaGrYHhopE4dnFfHgFQLimEzqeCdwpWAGQoZ6B/w0zXif7NPyzqESqvnrYcCK6uF
oVyIBEO1MWcCS0c3xbHrfSI7I3/+P96U0pcNyW8geA4+pKE8xNbDQFO7cn9iaWft
NwkQ/LrnApZGGCYlv2mIYtr0Dl49JmDcqciT+iTnkaBzncDNRfX2F4pVDLpQcgLV
xdmq+5b5naU4QjjTgvxtH+nqVEYYspv3xH7uCY6s1bgc945Bl/X7q2pLetHOpvQj
qIMBuTJBvO4UnOCZH2F9A8Vi4PWgYXCWOqNqt5pZi69n3IEUMB3trt9Rfq5RAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUoIFtKuH+Eyur9Pk5mbdJ34C4g1kwHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMxMzkzMDJlMzgzODJlMzQzMDJlMzAy
ZjMyMzEyZDMyMzQyMDNkM2UyMDM1MzIzMjMzMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO+WCgwDQYJ
KoZIhvcNAQELBQADggEBALoeW+ecivb03d5veEXiAqVHihAay+yvABkhg8QNu56k
TzweJj+trG22oYZ1wX26g50ANM31OQkDfIvfE1AiGsiWUOxtPrMbIyb2XmFKzH28
UOWEf/SEXDTlIADVzm+cQIsCjT3uuGh+BdmQIwXEhO36cMy6pDW4vL4e8fPRIzFA
kFZiizEWP1zvpFyR/ehS+TzqbcBHZlJwJO23drzJ71KnnF9JiZPHAUSGUHSWg/To
ZWMAqbLSY8EGQE+BoyfGLBp/+jg3Mm4NKisyCVnnU8TzFm/Bvpj2koh0Fh07SJKi
+KFhXRcCTmxDYR7jV84zygjQmnQlEDqmFR11upX9w5E=
-----END CERTIFICATE-----
Generated at Fri Feb 14 15:26:30 2025 by rpki-client