Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e35382e302f32332d3234203d3e203532323333.roa
File:                     3139302e38382e35382e302f32332d3234203d3e203532323333.roa (raw, json)
Hash identifier:          LWRLwIfNU4gCgOOgKpNjffhy3vMignZFuE39plNpXEM=
Subject key identifier:   60:12:5E:38:1F:E0:7C:9A:C9:86:15:55:6A:21:01:25:38:0D:13:3E
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       1E8A4B4A3C13E583B9AAAC5A9F70DD77617079BB
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e35382e302f32332d3234203d3e203532323333.roa
Signing time:             Tue 05 Mar 2024 17:42:06 +0000
ROA not before:           Tue 05 Mar 2024 17:37:06 +0000
ROA not after:            Tue 04 Mar 2025 17:42:06 +0000
asID:                     52233
IP address blocks:        190.88.58.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:8a:4b:4a:3c:13:e5:83:b9:aa:ac:5a:9f:70:dd:77:61:70:79:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Mar  5 17:37:06 2024 GMT
            Not After : Mar  4 17:42:06 2025 GMT
        Subject: CN=60125E381FE07C9AC98615556A210125380D133E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:25:3d:04:29:29:ae:90:ed:4b:6b:a8:3f:d9:
                    da:04:c2:87:8f:fc:d7:54:02:a5:5e:9c:16:d5:15:
                    4f:ba:0f:50:9b:23:ea:85:80:bd:50:ea:ba:dd:47:
                    cb:b1:4e:aa:cf:37:22:55:7c:28:fd:65:98:61:ec:
                    2a:50:d1:7c:c5:af:48:ed:d5:f7:d0:ee:13:8a:e5:
                    88:1d:2f:17:56:b1:cf:17:72:3d:9a:14:b0:3f:44:
                    d8:8c:78:90:59:dd:50:7d:5e:a9:db:91:2f:8e:c3:
                    44:cd:87:2f:47:7c:fe:2f:56:d1:e8:5a:ef:20:df:
                    3d:c3:a6:78:8d:90:77:23:04:cf:40:4b:a4:3a:75:
                    2c:40:b9:be:e4:91:26:40:ae:c3:19:a9:81:95:88:
                    99:7a:89:06:c1:1f:8d:64:73:bd:9b:04:55:f7:62:
                    e5:af:e5:85:a8:32:6d:aa:31:eb:2c:40:7f:01:55:
                    07:cd:ce:43:1d:bb:5d:7c:e9:6b:c6:5c:48:c9:64:
                    06:88:56:ac:6f:01:4f:fd:67:31:32:df:2f:64:d8:
                    54:23:ac:0f:5d:ab:9b:30:60:4a:45:60:60:03:96:
                    dc:23:d9:8b:cf:bf:d9:20:f6:12:c7:d4:3e:45:b6:
                    5c:a5:e5:6e:d1:b7:4f:52:85:d1:0c:5d:6a:6b:6a:
                    10:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:12:5E:38:1F:E0:7C:9A:C9:86:15:55:6A:21:01:25:38:0D:13:3E
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3139302e38382e35382e302f32332d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         91:36:54:6d:e5:10:ab:dd:96:57:66:81:e2:4e:d9:98:6d:6b:
         96:17:1b:f4:e4:ca:8d:20:82:be:28:c8:50:56:e9:2a:a3:58:
         9e:48:c7:a9:08:73:01:21:cc:02:e3:06:a4:b5:92:1a:5b:1d:
         fe:a8:7d:7d:3b:11:b2:5d:2c:b6:41:c2:e7:27:90:f3:20:ba:
         8c:6b:ca:42:f6:08:54:4b:ea:33:fe:97:96:5f:36:e6:8e:51:
         80:24:f5:16:d4:79:ec:97:78:f1:6a:38:62:72:54:35:49:a1:
         ae:92:67:57:4d:00:d7:6f:60:7f:3f:65:d7:45:09:c2:6e:24:
         f1:33:3f:36:aa:2d:7a:9d:9c:4b:58:8b:01:4f:08:d3:3e:7b:
         69:03:ce:1d:2d:eb:82:86:f4:a4:54:de:a4:2f:a0:a3:a6:bd:
         6f:18:76:89:55:e6:7b:b9:89:87:f9:f8:9c:d5:1b:20:d1:4e:
         7b:0c:9a:4b:77:e7:b5:38:1d:cf:6f:9b:e1:86:20:3b:90:6d:
         c0:06:cd:e2:e4:ab:ea:b7:af:75:4b:40:30:27:e8:66:a9:43:
         ff:47:cc:8d:ec:2d:be:89:32:1d:e2:51:c7:ac:76:cc:2d:8f:
         a7:8d:d3:be:6e:ec:4b:82:58:8a:3c:9e:b6:b7:8f:38:fc:fa:
         6e:09:45:ee
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUHopLSjwT5YO5qqxan3Ddd2FwebswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNDAzMDUxNzM3MDZaFw0yNTAzMDQxNzQyMDZaMDMxMTAvBgNV
BAMTKDYwMTI1RTM4MUZFMDdDOUFDOTg2MTU1NTZBMjEwMTI1MzgwRDEzM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsJT0EKSmukO1La6g/2doEwoeP
/NdUAqVenBbVFU+6D1CbI+qFgL1Q6rrdR8uxTqrPNyJVfCj9ZZhh7CpQ0XzFr0jt
1ffQ7hOK5YgdLxdWsc8Xcj2aFLA/RNiMeJBZ3VB9XqnbkS+Ow0TNhy9HfP4vVtHo
Wu8g3z3DpniNkHcjBM9AS6Q6dSxAub7kkSZArsMZqYGViJl6iQbBH41kc72bBFX3
YuWv5YWoMm2qMessQH8BVQfNzkMdu1186WvGXEjJZAaIVqxvAU/9ZzEy3y9k2FQj
rA9dq5swYEpFYGADltwj2YvPv9kg9hLH1D5Ftlyl5W7Rt09ShdEMXWprahCHAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUYBJeOB/gfJrJhhVVaiEBJTgNEz4wHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMxMzkzMDJlMzgzODJlMzUzODJlMzAy
ZjMyMzMyZDMyMzQyMDNkM2UyMDM1MzIzMjMzMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG+WDowDQYJ
KoZIhvcNAQELBQADggEBAJE2VG3lEKvdlldmgeJO2Zhta5YXG/Tkyo0ggr4oyFBW
6SqjWJ5Ix6kIcwEhzALjBqS1khpbHf6ofX07EbJdLLZBwucnkPMguoxrykL2CFRL
6jP+l5ZfNuaOUYAk9RbUeeyXePFqOGJyVDVJoa6SZ1dNANdvYH8/ZddFCcJuJPEz
PzaqLXqdnEtYiwFPCNM+e2kDzh0t64KG9KRU3qQvoKOmvW8YdolV5nu5iYf5+JzV
GyDRTnsMmkt357U4Hc9vm+GGIDuQbcAGzeLkq+q3r3VLQDAn6GapQ/9HzI3sLb6J
Mh3iUcesdswtj6eN075u7EuCWIo8nra3jzj8+m4JRe4=
-----END CERTIFICATE-----
Generated at Tue Nov 19 17:52:31 2024 by rpki-client on console-ams.rpki-client.org