Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e35382e302f32332d3234203d3e203532323333.roa
File:                     3139302e38382e35382e302f32332d3234203d3e203532323333.roa (raw, json)
Hash identifier:          0jNj8y7S7U5XJADP1qpSleGZ6kMwOrxZOvESGQgYbZQ=
Subject key identifier:   41:4F:09:35:A4:39:A5:03:86:08:4B:62:4C:3D:60:F9:E0:01:77:0C
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       215C7F45166760EFD5080E59C790B74B7F857CB0
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e35382e302f32332d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:59 +0000
ROA not before:           Tue 04 Feb 2025 18:45:59 +0000
ROA not after:            Tue 03 Feb 2026 18:50:59 +0000
asID:                     52233
IP address blocks:        190.88.58.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:5c:7f:45:16:67:60:ef:d5:08:0e:59:c7:90:b7:4b:7f:85:7c:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:59 2025 GMT
            Not After : Feb  3 18:50:59 2026 GMT
        Subject: CN=414F0935A439A50386084B624C3D60F9E001770C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:b5:be:5d:51:cd:13:c3:46:a0:8c:03:c1:92:
                    a7:51:5b:fa:88:00:d6:fc:3f:fc:03:95:b9:38:70:
                    b9:98:2b:cc:9f:10:20:9f:98:22:21:7e:43:f1:55:
                    d2:28:fa:bc:9c:33:80:c7:1e:dc:36:76:2c:06:d3:
                    ce:9d:2a:3f:a2:0a:aa:7b:d8:9e:91:7d:d0:0d:50:
                    0e:02:c6:c4:0e:91:4e:97:7b:3a:7c:3a:72:48:95:
                    24:af:12:ad:b5:b1:d7:54:bf:a9:91:77:c1:0d:3e:
                    9b:70:5b:d5:84:af:7f:e2:f7:37:ca:0b:82:e6:66:
                    cb:36:b5:ad:b6:47:91:f3:5f:9d:90:9c:2f:f5:ba:
                    ed:a8:34:0c:d6:30:a2:6d:c9:dd:ed:1f:89:5f:51:
                    22:d8:7c:54:62:08:d1:d8:74:11:90:0b:f9:41:d8:
                    05:18:29:9a:3b:83:b5:01:32:41:16:19:ba:d8:3c:
                    5e:1d:7e:f0:13:8d:79:7b:74:95:74:02:18:bd:c4:
                    23:0c:c0:4a:cb:d8:c4:2e:31:d3:bb:fd:34:3f:43:
                    af:58:26:7f:bb:b7:36:c0:b4:38:1a:8d:ab:3d:56:
                    e4:a9:6f:f4:28:d0:2f:97:b2:5c:35:8a:bb:a7:c6:
                    2d:4c:1e:2e:e3:f6:24:dd:4d:b8:58:f2:75:32:73:
                    53:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:4F:09:35:A4:39:A5:03:86:08:4B:62:4C:3D:60:F9:E0:01:77:0C
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e35382e302f32332d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a6:8d:70:d1:ce:6e:3a:94:83:1f:6e:6c:0d:2f:ae:b7:28:fc:
         69:45:0d:8e:36:62:e4:ba:a5:fb:b9:c4:fd:17:d2:57:f9:63:
         ff:a7:7e:fc:63:3d:a6:d8:68:5e:36:b5:d2:e6:e8:a3:b7:f2:
         eb:4f:aa:3d:ad:83:ba:c8:24:25:8d:ea:a2:35:45:86:26:4b:
         5f:6c:c5:2c:ef:75:ad:ff:f8:d4:da:93:81:dc:b5:8d:ae:5c:
         67:0e:ca:98:d9:34:80:28:dc:fb:cd:c0:3b:7f:5e:6f:fa:b0:
         60:43:43:56:7b:18:ec:cd:68:a2:1e:65:39:af:51:c3:e9:5f:
         4c:7b:df:92:89:f0:8f:72:f8:06:06:c9:3b:20:4d:d6:89:b8:
         b1:5c:92:d1:ba:2a:b8:15:51:19:44:ff:31:f3:5f:a6:af:95:
         66:60:49:91:e7:93:24:c4:81:c7:91:91:5d:14:d2:4d:59:4e:
         68:35:82:f9:fb:30:a3:2a:c6:ca:ab:31:c2:3c:34:33:1b:20:
         64:00:93:1d:e1:49:04:e6:87:53:a5:d4:65:9d:2e:1c:0b:90:
         bb:d1:df:84:f5:ab:f5:33:ce:4e:5a:cb:d9:4d:8c:ec:04:3a:
         15:93:74:80:0a:d5:96:8d:47:5a:e0:09:96:ef:d8:38:a0:f9:
         a2:31:54:57
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUIVx/RRZnYO/VCA5Zx5C3S3+FfLAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NTlaFw0yNjAyMDMxODUwNTlaMDMxMTAvBgNV
BAMTKDQxNEYwOTM1QTQzOUE1MDM4NjA4NEI2MjRDM0Q2MEY5RTAwMTc3MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXtb5dUc0Tw0agjAPBkqdRW/qI
ANb8P/wDlbk4cLmYK8yfECCfmCIhfkPxVdIo+rycM4DHHtw2diwG086dKj+iCqp7
2J6RfdANUA4CxsQOkU6Xezp8OnJIlSSvEq21sddUv6mRd8ENPptwW9WEr3/i9zfK
C4LmZss2ta22R5HzX52QnC/1uu2oNAzWMKJtyd3tH4lfUSLYfFRiCNHYdBGQC/lB
2AUYKZo7g7UBMkEWGbrYPF4dfvATjXl7dJV0Ahi9xCMMwErL2MQuMdO7/TQ/Q69Y
Jn+7tzbAtDgajas9VuSpb/Qo0C+Xslw1irunxi1MHi7j9iTdTbhY8nUyc1MPAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUQU8JNaQ5pQOGCEtiTD1g+eABdwwwHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMxMzkzMDJlMzgzODJlMzUzODJlMzAy
ZjMyMzMyZDMyMzQyMDNkM2UyMDM1MzIzMjMzMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG+WDowDQYJ
KoZIhvcNAQELBQADggEBAKaNcNHObjqUgx9ubA0vrrco/GlFDY42YuS6pfu5xP0X
0lf5Y/+nfvxjPabYaF42tdLm6KO38utPqj2tg7rIJCWN6qI1RYYmS19sxSzvda3/
+NTak4HctY2uXGcOypjZNIAo3PvNwDt/Xm/6sGBDQ1Z7GOzNaKIeZTmvUcPpX0x7
35KJ8I9y+AYGyTsgTdaJuLFcktG6KrgVURlE/zHzX6avlWZgSZHnkyTEgceRkV0U
0k1ZTmg1gvn7MKMqxsqrMcI8NDMbIGQAkx3hSQTmh1Ol1GWdLhwLkLvR34T1q/Uz
zk5ay9lNjOwEOhWTdIAK1ZaNR1rgCZbv2Dig+aIxVFc=
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:59:09 2025 by rpki-client