Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A7E78F5A27E21658A040D41B16F6AC7D4AD5982A5B5E92C559FB0D9143E9172C/0/3137372e3132352e3133362e302f32322d3232203d3e20323635353233.roa
File:                     3137372e3132352e3133362e302f32322d3232203d3e20323635353233.roa (raw, json)
Hash identifier:          nYDhrPw96484EnUHH2IjC/pGSHWk77hxjbWBnWgVrPU=
Subject key identifier:   1F:FD:33:28:E5:FB:46:59:3E:3E:0F:B3:9A:A4:45:BB:E8:46:63:23
Certificate issuer:       /CN=914352F6071C82AE424F2740F43122F9D595BDB5
Certificate serial:       562FD5AAE35B56239B993144570455D73D875F74
Authority key identifier: 91:43:52:F6:07:1C:82:AE:42:4F:27:40:F4:31:22:F9:D5:95:BD:B5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/914352F6071C82AE424F2740F43122F9D595BDB5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A7E78F5A27E21658A040D41B16F6AC7D4AD5982A5B5E92C559FB0D9143E9172C/0/3137372e3132352e3133362e302f32322d3232203d3e20323635353233.roa
Signing time:             Tue 05 Mar 2024 17:40:22 +0000
ROA not before:           Tue 05 Mar 2024 17:35:22 +0000
ROA not after:            Tue 04 Mar 2025 17:40:22 +0000
asID:                     265523
IP address blocks:        177.125.136.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A7E78F5A27E21658A040D41B16F6AC7D4AD5982A5B5E92C559FB0D9143E9172C/0/914352F6071C82AE424F2740F43122F9D595BDB5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A7E78F5A27E21658A040D41B16F6AC7D4AD5982A5B5E92C559FB0D9143E9172C/0/914352F6071C82AE424F2740F43122F9D595BDB5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/914352F6071C82AE424F2740F43122F9D595BDB5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 25 Jul 2024 06:55:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:2f:d5:aa:e3:5b:56:23:9b:99:31:44:57:04:55:d7:3d:87:5f:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=914352F6071C82AE424F2740F43122F9D595BDB5
        Validity
            Not Before: Mar  5 17:35:22 2024 GMT
            Not After : Mar  4 17:40:22 2025 GMT
        Subject: CN=1FFD3328E5FB46593E3E0FB39AA445BBE8466323
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:db:69:4a:1c:e3:86:53:94:01:0a:36:1f:0e:
                    e1:7b:45:7c:f3:ac:bd:9c:bb:31:f3:af:cf:18:be:
                    12:ab:42:55:ea:bd:2d:9e:f7:ac:c3:a3:0f:48:40:
                    49:9d:de:47:be:17:f1:6c:bf:28:22:2b:46:a3:8b:
                    32:cf:ab:04:41:24:81:38:16:e1:33:55:40:8b:9e:
                    bf:04:6d:f8:b5:a9:f1:6b:3b:ef:8a:35:0d:ee:c2:
                    ea:52:48:c9:e2:02:98:05:ad:e0:c6:f7:83:95:e2:
                    5f:0a:bc:5e:0e:ee:23:fb:bc:c7:e2:46:5a:ec:d6:
                    e5:48:b3:f4:9b:62:08:aa:7d:89:00:ce:46:e0:70:
                    79:72:1c:37:f7:14:28:11:fd:e1:db:9f:fc:12:f8:
                    27:65:58:f9:8b:05:c0:01:d8:ee:08:37:91:7d:ea:
                    12:d8:12:e3:18:14:39:53:84:c9:3a:77:12:99:a7:
                    21:13:df:13:c7:ff:12:b0:ae:f0:4c:bb:13:14:dc:
                    73:21:82:f9:29:f8:5c:50:dd:d1:ec:5f:89:e4:ab:
                    fe:72:91:8e:ba:1a:69:d0:aa:a7:4a:b0:86:8f:a0:
                    b3:68:b7:18:66:cc:2e:9f:6d:da:93:85:73:08:a1:
                    44:35:f9:e2:ad:b7:67:1b:7d:ca:94:7c:f6:a3:71:
                    02:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:FD:33:28:E5:FB:46:59:3E:3E:0F:B3:9A:A4:45:BB:E8:46:63:23
            X509v3 Authority Key Identifier:
                keyid:91:43:52:F6:07:1C:82:AE:42:4F:27:40:F4:31:22:F9:D5:95:BD:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A7E78F5A27E21658A040D41B16F6AC7D4AD5982A5B5E92C559FB0D9143E9172C/0/914352F6071C82AE424F2740F43122F9D595BDB5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/914352F6071C82AE424F2740F43122F9D595BDB5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A7E78F5A27E21658A040D41B16F6AC7D4AD5982A5B5E92C559FB0D9143E9172C/0/3137372e3132352e3133362e302f32322d3232203d3e20323635353233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.125.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9d:32:3e:ec:1a:1c:ff:20:57:58:2d:0c:00:7a:fb:60:af:ac:
         e2:9d:57:16:d7:00:33:dc:64:f0:9b:d1:08:e9:35:cc:21:ef:
         a8:7e:60:5f:11:c7:5e:c0:17:a7:1b:3c:ee:db:c5:0f:9b:db:
         53:70:32:23:07:0b:52:23:db:da:9f:46:3b:f8:93:38:af:8e:
         3d:5b:49:63:8e:07:82:50:69:6e:d0:88:5b:f3:76:1a:a5:42:
         cd:d5:35:bd:ea:b3:b6:92:3a:78:d0:48:73:0e:b3:ff:49:d3:
         41:96:9f:b7:20:e3:39:8f:38:57:21:a2:ea:5c:7e:aa:7a:42:
         bb:0f:3c:e6:a5:0b:28:c5:bc:8d:53:65:71:fb:5c:f2:69:2d:
         79:0b:e2:71:cb:52:a9:08:07:09:b4:d8:bf:05:2f:4b:27:a0:
         08:97:a7:f5:ac:da:17:99:bd:f2:c8:35:26:86:86:f2:45:ff:
         10:ee:f8:07:84:e9:21:be:60:91:6d:6b:bc:14:be:47:6e:f5:
         7e:e2:3d:2f:1d:91:8b:2e:a5:85:64:2c:8c:c6:30:38:8d:ee:
         72:3f:34:9d:eb:c6:fb:ef:84:3c:36:8b:be:b6:df:14:46:84:
         be:65:86:c7:04:96:9d:32:22:0c:9e:15:57:fc:08:22:ae:f1:
         5f:f7:df:c8
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUVi/VquNbViObmTFEVwRV1z2HX3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTE0MzUyRjYwNzFDODJBRTQyNEYyNzQwRjQzMTIyRjlE
NTk1QkRCNTAeFw0yNDAzMDUxNzM1MjJaFw0yNTAzMDQxNzQwMjJaMDMxMTAvBgNV
BAMTKDFGRkQzMzI4RTVGQjQ2NTkzRTNFMEZCMzlBQTQ0NUJCRTg0NjYzMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCL22lKHOOGU5QBCjYfDuF7RXzz
rL2cuzHzr88YvhKrQlXqvS2e96zDow9IQEmd3ke+F/FsvygiK0ajizLPqwRBJIE4
FuEzVUCLnr8Ebfi1qfFrO++KNQ3uwupSSMniApgFreDG94OV4l8KvF4O7iP7vMfi
Rlrs1uVIs/SbYgiqfYkAzkbgcHlyHDf3FCgR/eHbn/wS+CdlWPmLBcAB2O4IN5F9
6hLYEuMYFDlThMk6dxKZpyET3xPH/xKwrvBMuxMU3HMhgvkp+FxQ3dHsX4nkq/5y
kY66GmnQqqdKsIaPoLNotxhmzC6fbdqThXMIoUQ1+eKtt2cbfcqUfPajcQITAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUH/0zKOX7Rlk+Pg+zmqRFu+hGYyMwHwYDVR0j
BBgwFoAUkUNS9gccgq5CTydA9DEi+dWVvbUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BN0U3OEY1QTI3RTIxNjU4QTA0MEQ0MUIxNkY2QUM3RDRB
RDU5ODJBNUI1RTkyQzU1OUZCMEQ5MTQzRTkxNzJDLzAvOTE0MzUyRjYwNzFDODJB
RTQyNEYyNzQwRjQzMTIyRjlENTk1QkRCNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85MTQzNTJGNjA3MUM4MkFFNDI0
RjI3NDBGNDMxMjJGOUQ1OTVCREI1LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTdFNzhGNUEyN0UyMTY1OEEwNDBENDFCMTZGNkFDN0Q0QUQ1OTgyQTVC
NUU5MkM1NTlGQjBEOTE0M0U5MTcyQy8wLzMxMzczNzJlMzEzMjM1MmUzMTMzMzYy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM2MzUzNTMyMzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKx
fYgwDQYJKoZIhvcNAQELBQADggEBAJ0yPuwaHP8gV1gtDAB6+2CvrOKdVxbXADPc
ZPCb0QjpNcwh76h+YF8Rx17AF6cbPO7bxQ+b21NwMiMHC1Ij29qfRjv4kzivjj1b
SWOOB4JQaW7QiFvzdhqlQs3VNb3qs7aSOnjQSHMOs/9J00GWn7cg4zmPOFchoupc
fqp6QrsPPOalCyjFvI1TZXH7XPJpLXkL4nHLUqkIBwm02L8FL0snoAiXp/Ws2heZ
vfLINSaGhvJF/xDu+AeE6SG+YJFta7wUvkdu9X7iPS8dkYsupYVkLIzGMDiN7nI/
NJ3rxvvvhDw2i7623xRGhL5lhscElp0yIgyeFVf8CCKu8V/338g=
-----END CERTIFICATE-----
Generated at Sun Jul 21 14:12:37 2024 by rpki-client on console-fra.rpki-client.org