Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A2EF6BF03621B3ABFA492E138DFD0871A2D410AA7D3C4F6BAD917A271F88F989/0/3133312e3136312e3235342e302f32342d3234203d3e203238313033.roa
File:                     3133312e3136312e3235342e302f32342d3234203d3e203238313033.roa (raw, json)
Hash identifier:          2P7O5oBxuNOVoQ3+i55QJqyPem2wJOvqzMhP2Os0DTg=
Subject key identifier:   F7:F4:9F:83:13:33:1B:32:9A:EB:92:74:9D:6E:3B:BE:53:FD:7A:2E
Certificate issuer:       /CN=310B6E7E481FA87B7B29582BAD1348FE7F657C57
Certificate serial:       42B1C71D9A4E5B1D03DADF7EBBD031C01AA0687D
Authority key identifier: 31:0B:6E:7E:48:1F:A8:7B:7B:29:58:2B:AD:13:48:FE:7F:65:7C:57
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/310B6E7E481FA87B7B29582BAD1348FE7F657C57.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A2EF6BF03621B3ABFA492E138DFD0871A2D410AA7D3C4F6BAD917A271F88F989/0/3133312e3136312e3235342e302f32342d3234203d3e203238313033.roa
Signing time:             Mon 12 Aug 2024 12:45:00 +0000
ROA not before:           Mon 12 Aug 2024 12:40:00 +0000
ROA not after:            Mon 11 Aug 2025 12:45:00 +0000
asID:                     28103
IP address blocks:        131.161.254.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A2EF6BF03621B3ABFA492E138DFD0871A2D410AA7D3C4F6BAD917A271F88F989/0/310B6E7E481FA87B7B29582BAD1348FE7F657C57.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A2EF6BF03621B3ABFA492E138DFD0871A2D410AA7D3C4F6BAD917A271F88F989/0/310B6E7E481FA87B7B29582BAD1348FE7F657C57.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/310B6E7E481FA87B7B29582BAD1348FE7F657C57.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 07:58:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:b1:c7:1d:9a:4e:5b:1d:03:da:df:7e:bb:d0:31:c0:1a:a0:68:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=310B6E7E481FA87B7B29582BAD1348FE7F657C57
        Validity
            Not Before: Aug 12 12:40:00 2024 GMT
            Not After : Aug 11 12:45:00 2025 GMT
        Subject: CN=F7F49F8313331B329AEB92749D6E3BBE53FD7A2E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:2d:e8:90:d8:51:58:21:a7:28:28:7f:84:1e:
                    30:a3:d8:ae:0e:3b:a5:bf:28:ea:26:90:07:8c:b0:
                    b5:b8:28:93:ae:4f:e6:6f:0c:0d:57:16:0b:e0:52:
                    5e:36:6e:c1:a0:07:c1:fe:d3:0b:38:96:15:71:a4:
                    7c:eb:92:8f:ed:f0:8c:f9:81:f8:7c:82:30:50:7e:
                    55:78:45:ff:fa:b1:c3:45:a2:3f:ec:5d:0d:f8:5a:
                    e2:2b:c0:69:c1:ec:08:12:62:77:ef:66:15:2b:02:
                    21:dc:3a:ec:6d:b8:11:2c:8d:22:d3:64:06:e7:73:
                    4a:ab:cc:db:78:64:57:27:33:0b:a5:6f:a0:fe:98:
                    fa:80:b0:7c:d5:bd:ca:08:18:23:26:5f:1d:f5:46:
                    0e:34:e4:2d:6e:1a:8e:87:5f:79:42:fb:bd:31:b0:
                    b8:7e:ee:3c:0a:54:a5:36:14:e1:28:8d:aa:a6:05:
                    b6:75:2a:d2:3f:a1:6e:c5:2c:a0:a5:58:21:1e:78:
                    5d:88:b2:8b:ef:39:2e:34:48:dd:8f:0c:6d:93:8e:
                    c2:2f:02:c6:ee:99:a5:50:fa:5e:f9:78:76:20:98:
                    66:d3:12:44:12:b0:6b:9e:32:27:16:ad:0f:e7:94:
                    99:d0:41:a6:4d:65:f0:08:ec:01:ff:fd:04:56:49:
                    1d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:F4:9F:83:13:33:1B:32:9A:EB:92:74:9D:6E:3B:BE:53:FD:7A:2E
            X509v3 Authority Key Identifier:
                keyid:31:0B:6E:7E:48:1F:A8:7B:7B:29:58:2B:AD:13:48:FE:7F:65:7C:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A2EF6BF03621B3ABFA492E138DFD0871A2D410AA7D3C4F6BAD917A271F88F989/0/310B6E7E481FA87B7B29582BAD1348FE7F657C57.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/310B6E7E481FA87B7B29582BAD1348FE7F657C57.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A2EF6BF03621B3ABFA492E138DFD0871A2D410AA7D3C4F6BAD917A271F88F989/0/3133312e3136312e3235342e302f32342d3234203d3e203238313033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.161.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:0c:64:e2:0b:2b:67:f3:f7:8d:35:89:45:18:50:a2:89:11:
         72:97:b3:fb:a7:10:b2:ea:73:ce:06:62:3d:40:7f:10:e4:77:
         e3:fa:fa:4e:7b:e4:b2:b0:ae:a3:ce:e3:76:9f:ca:f3:dc:65:
         2c:22:5f:c7:28:21:b2:a5:03:5b:fb:a4:9f:a0:e1:42:87:57:
         e3:78:05:10:32:34:89:12:c6:23:81:39:90:cc:79:7c:93:06:
         fe:08:d3:f1:ab:51:b1:eb:7a:b4:2b:09:54:51:75:e8:6e:01:
         0e:ec:66:c5:e7:b5:1f:18:85:a5:d2:2a:30:b8:2d:33:c6:b7:
         a4:ae:c8:fc:b2:a7:36:5b:32:25:d2:96:85:a7:bd:7d:29:39:
         c4:99:56:45:14:7a:21:af:76:3f:41:69:5d:b6:a2:86:f2:0d:
         78:13:5a:eb:07:07:7e:95:c7:b7:da:8b:08:18:4f:ad:9c:8d:
         45:60:4e:1d:88:81:e6:6e:38:d0:ed:63:c0:84:bc:f9:66:cc:
         36:f3:f9:13:98:b6:6d:13:29:9a:63:76:7f:55:95:e9:a3:c6:
         6e:08:b8:52:48:ca:4f:48:3b:72:26:bb:34:94:20:41:f6:a6:
         44:0b:25:0b:04:c7:63:06:a5:23:b2:06:8e:3e:fd:d1:54:d3:
         1a:a6:72:ce
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUQrHHHZpOWx0D2t9+u9AxwBqgaH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEwQjZFN0U0ODFGQTg3QjdCMjk1ODJCQUQxMzQ4RkU3
RjY1N0M1NzAeFw0yNDA4MTIxMjQwMDBaFw0yNTA4MTExMjQ1MDBaMDMxMTAvBgNV
BAMTKEY3RjQ5RjgzMTMzMzFCMzI5QUVCOTI3NDlENkUzQkJFNTNGRDdBMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2LeiQ2FFYIacoKH+EHjCj2K4O
O6W/KOomkAeMsLW4KJOuT+ZvDA1XFgvgUl42bsGgB8H+0ws4lhVxpHzrko/t8Iz5
gfh8gjBQflV4Rf/6scNFoj/sXQ34WuIrwGnB7AgSYnfvZhUrAiHcOuxtuBEsjSLT
ZAbnc0qrzNt4ZFcnMwulb6D+mPqAsHzVvcoIGCMmXx31Rg405C1uGo6HX3lC+70x
sLh+7jwKVKU2FOEojaqmBbZ1KtI/oW7FLKClWCEeeF2IsovvOS40SN2PDG2TjsIv
AsbumaVQ+l75eHYgmGbTEkQSsGueMicWrQ/nlJnQQaZNZfAI7AH//QRWSR3PAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU9/SfgxMzGzKa65J0nW47vlP9ei4wHwYDVR0j
BBgwFoAUMQtufkgfqHt7KVgrrRNI/n9lfFcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMkVGNkJGMDM2MjFCM0FCRkE0OTJFMTM4REZEMDg3MUEy
RDQxMEFBN0QzQzRGNkJBRDkxN0EyNzFGODhGOTg5LzAvMzEwQjZFN0U0ODFGQTg3
QjdCMjk1ODJCQUQxMzQ4RkU3RjY1N0M1Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zMTBCNkU3RTQ4MUZBODdCN0Iy
OTU4MkJBRDEzNDhGRTdGNjU3QzU3LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTJFRjZCRjAzNjIxQjNBQkZBNDkyRTEzOERGRDA4NzFBMkQ0MTBBQTdE
M0M0RjZCQUQ5MTdBMjcxRjg4Rjk4OS8wLzMxMzMzMTJlMzEzNjMxMmUzMjM1MzQy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM4MzEzMDMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAg6H+
MA0GCSqGSIb3DQEBCwUAA4IBAQCWDGTiCytn8/eNNYlFGFCiiRFyl7P7pxCy6nPO
BmI9QH8Q5Hfj+vpOe+SysK6jzuN2n8rz3GUsIl/HKCGypQNb+6SfoOFCh1fjeAUQ
MjSJEsYjgTmQzHl8kwb+CNPxq1Gx63q0KwlUUXXobgEO7GbF57UfGIWl0iowuC0z
xrekrsj8sqc2WzIl0paFp719KTnEmVZFFHohr3Y/QWldtqKG8g14E1rrBwd+lce3
2osIGE+tnI1FYE4diIHmbjjQ7WPAhLz5Zsw28/kTmLZtEymaY3Z/VZXpo8ZuCLhS
SMpPSDtyJrs0lCBB9qZECyULBMdjBqUjsgaOPv3RVNMapnLO
-----END CERTIFICATE-----
Generated at Tue Oct 29 00:42:46 2024 by rpki-client on console-fra.rpki-client.org