Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e35302e302f32332d3234203d3e203532323333.roa
File:                     3139302e38382e35302e302f32332d3234203d3e203532323333.roa (raw, json)
Hash identifier:          5M0wGYVwA6UxuaRFNZvIlASnBZWAP0cerxZal8tCWjI=
Subject key identifier:   C9:DD:9F:D4:F6:91:B8:91:B1:E0:EB:17:0E:5F:B8:DD:4D:D8:49:23
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       4B31DD8C18B76A69885726A350E3EAFD2F988D3B
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e35302e302f32332d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:56 +0000
ROA not before:           Tue 04 Feb 2025 18:45:56 +0000
ROA not after:            Tue 03 Feb 2026 18:50:56 +0000
asID:                     52233
IP address blocks:        190.88.50.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:31:dd:8c:18:b7:6a:69:88:57:26:a3:50:e3:ea:fd:2f:98:8d:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:56 2025 GMT
            Not After : Feb  3 18:50:56 2026 GMT
        Subject: CN=C9DD9FD4F691B891B1E0EB170E5FB8DD4DD84923
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:90:98:12:ef:cd:75:6b:f3:bf:d1:7d:e0:c4:
                    a1:d6:c9:85:33:d3:79:52:6d:70:8c:79:2a:c9:d0:
                    19:bd:66:f0:51:dd:dd:d1:a4:23:f9:38:78:be:d1:
                    36:06:77:6a:68:22:9c:16:15:8a:01:ab:42:b7:d3:
                    5d:e7:ea:96:95:ab:df:e7:29:a2:40:cd:26:e6:c2:
                    dc:93:0c:4d:08:fd:75:b0:7f:c1:2d:07:ff:71:2d:
                    a2:4d:b1:9f:fb:fe:e8:e8:7e:60:15:8f:0c:6e:3b:
                    0c:76:f8:23:81:21:df:e5:42:7d:38:1f:85:c2:2c:
                    da:af:cc:1f:33:4e:93:18:0c:7d:ba:d2:f9:91:da:
                    bc:94:85:dd:65:98:eb:cd:db:2a:2a:88:79:06:3c:
                    bc:78:43:95:9b:28:ad:88:a6:4e:65:12:8b:a1:34:
                    a7:8a:0e:70:1a:cd:a1:ac:eb:56:ef:c2:74:41:b1:
                    2a:fc:f0:e9:c8:98:b1:be:b5:16:a2:ed:6a:f4:af:
                    b6:43:2c:04:70:20:de:d6:b3:c8:08:30:b6:82:69:
                    0e:05:8f:ac:4d:31:00:07:d1:d1:9c:8f:0a:77:23:
                    a0:a5:0b:98:e5:a6:59:9c:12:33:e3:62:38:1e:3f:
                    f0:c1:d1:a9:b3:17:68:35:df:65:3d:a0:23:5f:53:
                    72:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:DD:9F:D4:F6:91:B8:91:B1:E0:EB:17:0E:5F:B8:DD:4D:D8:49:23
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e35302e302f32332d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.50.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6d:42:56:f4:b3:73:0c:33:67:78:e1:a8:38:fb:79:89:b3:aa:
         08:d6:c6:ed:25:6a:87:e8:8c:a6:08:a9:ea:dc:35:16:fb:b4:
         4b:d9:62:f8:70:11:97:b9:f0:9b:2b:50:4f:70:1b:3f:a5:d8:
         ce:0c:02:bb:e2:08:26:03:c5:87:50:dc:b0:60:65:7c:b2:dc:
         05:24:9f:c3:a3:b1:36:21:ab:d8:5b:e7:2d:cb:73:72:36:c3:
         b0:14:d4:ab:bc:ee:d8:12:97:aa:da:1e:13:85:d1:d4:dc:d3:
         ad:8d:41:0a:7e:a0:46:80:c7:af:87:4a:c6:75:bb:bb:f2:f0:
         92:40:26:48:67:af:0d:e8:09:14:7d:be:f6:31:26:1a:8e:c1:
         62:7f:18:21:d0:00:88:43:60:61:bd:dd:ac:23:bb:91:37:59:
         2a:b0:e5:98:97:87:35:73:2a:9a:1e:e4:bd:fe:9a:57:47:64:
         03:c8:03:f1:94:c6:c5:76:63:72:a7:07:15:15:79:71:85:c9:
         d4:cc:57:ed:27:62:9f:01:eb:7a:d5:fb:2f:d9:61:68:af:88:
         2f:da:3c:ac:aa:5c:8d:53:eb:f9:2e:84:42:bb:d6:54:ce:45:
         fe:10:a9:de:71:39:f1:89:b8:57:43:28:fa:5b:34:58:93:90:
         25:33:59:52
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUSzHdjBi3ammIVyajUOPq/S+YjTswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NTZaFw0yNjAyMDMxODUwNTZaMDMxMTAvBgNV
BAMTKEM5REQ5RkQ0RjY5MUI4OTFCMUUwRUIxNzBFNUZCOERENEREODQ5MjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvkJgS7811a/O/0X3gxKHWyYUz
03lSbXCMeSrJ0Bm9ZvBR3d3RpCP5OHi+0TYGd2poIpwWFYoBq0K3013n6paVq9/n
KaJAzSbmwtyTDE0I/XWwf8EtB/9xLaJNsZ/7/ujofmAVjwxuOwx2+COBId/lQn04
H4XCLNqvzB8zTpMYDH260vmR2ryUhd1lmOvN2yoqiHkGPLx4Q5WbKK2Ipk5lEouh
NKeKDnAazaGs61bvwnRBsSr88OnImLG+tRai7Wr0r7ZDLARwIN7Ws8gIMLaCaQ4F
j6xNMQAH0dGcjwp3I6ClC5jlplmcEjPjYjgeP/DB0amzF2g132U9oCNfU3K/AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUyd2f1PaRuJGx4OsXDl+43U3YSSMwHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMxMzkzMDJlMzgzODJlMzUzMDJlMzAy
ZjMyMzMyZDMyMzQyMDNkM2UyMDM1MzIzMjMzMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG+WDIwDQYJ
KoZIhvcNAQELBQADggEBAG1CVvSzcwwzZ3jhqDj7eYmzqgjWxu0laofojKYIqerc
NRb7tEvZYvhwEZe58JsrUE9wGz+l2M4MArviCCYDxYdQ3LBgZXyy3AUkn8OjsTYh
q9hb5y3Lc3I2w7AU1Ku87tgSl6raHhOF0dTc062NQQp+oEaAx6+HSsZ1u7vy8JJA
Jkhnrw3oCRR9vvYxJhqOwWJ/GCHQAIhDYGG93awju5E3WSqw5ZiXhzVzKpoe5L3+
mldHZAPIA/GUxsV2Y3KnBxUVeXGFydTMV+0nYp8B63rV+y/ZYWiviC/aPKyqXI1T
6/kuhEK71lTORf4Qqd5xOfGJuFdDKPpbNFiTkCUzWVI=
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:01:54 2025 by rpki-client