Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A9411291F93B87F981ABBDA5AAE5703988FD63C53C0D85DF413F28F442DB0292/0/3138312e3233322e3135372e302f32342d3234203d3e20323732303632.roa
File:                     3138312e3233322e3135372e302f32342d3234203d3e20323732303632.roa (raw, json)
Hash identifier:          J6FpGxbNZGoBLApFDxdG+FLrOnNW1lzPBCwCRVqFQqY=
Subject key identifier:   86:6B:4C:24:FE:01:84:99:4A:1E:BF:9F:FB:06:A4:77:13:F9:E5:9E
Certificate issuer:       /CN=E9A5288FFD963231D7A31DF358516C1DE9044850
Certificate serial:       576FE08A7D2900F4B879C7E4C8752E3C688AC9AF
Authority key identifier: E9:A5:28:8F:FD:96:32:31:D7:A3:1D:F3:58:51:6C:1D:E9:04:48:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9A5288FFD963231D7A31DF358516C1DE9044850.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A9411291F93B87F981ABBDA5AAE5703988FD63C53C0D85DF413F28F442DB0292/0/3138312e3233322e3135372e302f32342d3234203d3e20323732303632.roa
Signing time:             Tue 05 Mar 2024 18:12:56 +0000
ROA not before:           Tue 05 Mar 2024 18:07:56 +0000
ROA not after:            Tue 04 Mar 2025 18:12:56 +0000
asID:                     272062
IP address blocks:        181.232.157.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A9411291F93B87F981ABBDA5AAE5703988FD63C53C0D85DF413F28F442DB0292/0/E9A5288FFD963231D7A31DF358516C1DE9044850.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A9411291F93B87F981ABBDA5AAE5703988FD63C53C0D85DF413F28F442DB0292/0/E9A5288FFD963231D7A31DF358516C1DE9044850.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9A5288FFD963231D7A31DF358516C1DE9044850.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:6f:e0:8a:7d:29:00:f4:b8:79:c7:e4:c8:75:2e:3c:68:8a:c9:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E9A5288FFD963231D7A31DF358516C1DE9044850
        Validity
            Not Before: Mar  5 18:07:56 2024 GMT
            Not After : Mar  4 18:12:56 2025 GMT
        Subject: CN=866B4C24FE0184994A1EBF9FFB06A47713F9E59E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:8c:bb:2e:a1:5f:d3:65:fa:84:ae:60:ef:20:
                    e1:04:71:9f:84:ac:c7:2d:05:e3:b0:40:10:c8:93:
                    eb:77:b5:1b:bf:7b:6c:fa:eb:4f:66:22:34:5a:5c:
                    24:8f:71:5a:88:44:53:e0:54:ec:db:ad:e7:87:3d:
                    b6:44:8d:ce:dd:c9:60:1e:50:dc:ff:d8:81:a2:a7:
                    6e:5e:1a:b5:46:37:0b:da:1f:65:f6:6c:a0:b1:28:
                    1b:8b:0d:31:ff:0f:de:1a:1d:18:9a:df:72:9c:8b:
                    80:b9:19:ff:fe:d5:55:bd:c6:ef:52:5c:c6:cd:a1:
                    fe:1e:16:6c:30:2b:bf:a2:64:39:b2:da:62:30:b4:
                    b6:a9:8b:68:61:3d:58:6b:ec:1e:71:fa:93:e5:8d:
                    04:7c:99:20:e1:ba:f1:c0:49:e6:d9:60:59:48:ad:
                    47:3a:0b:78:7c:24:18:a4:21:c6:f5:8f:f8:a8:66:
                    a2:23:14:6c:bb:bd:af:a2:ee:0d:5e:b8:94:d2:fc:
                    be:1e:fd:f0:02:b7:5b:e5:3e:79:99:94:63:70:86:
                    4d:2a:16:ea:df:0d:b8:ca:85:8b:55:c0:07:0f:ab:
                    69:48:1e:42:e3:ef:ff:a1:cd:ca:c3:46:e5:34:10:
                    01:11:36:1b:c1:70:65:8d:8e:25:93:ef:b0:ee:49:
                    7d:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:6B:4C:24:FE:01:84:99:4A:1E:BF:9F:FB:06:A4:77:13:F9:E5:9E
            X509v3 Authority Key Identifier:
                keyid:E9:A5:28:8F:FD:96:32:31:D7:A3:1D:F3:58:51:6C:1D:E9:04:48:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A9411291F93B87F981ABBDA5AAE5703988FD63C53C0D85DF413F28F442DB0292/0/E9A5288FFD963231D7A31DF358516C1DE9044850.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9A5288FFD963231D7A31DF358516C1DE9044850.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A9411291F93B87F981ABBDA5AAE5703988FD63C53C0D85DF413F28F442DB0292/0/3138312e3233322e3135372e302f32342d3234203d3e20323732303632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.232.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:cd:41:2f:b1:56:23:f1:b1:29:f6:f7:7a:d1:67:a1:b6:28:
         26:0f:0e:fa:52:04:68:3f:66:03:7d:73:c0:90:68:bc:fd:8c:
         f4:6e:b5:90:cf:c9:45:08:6b:03:20:d7:e3:68:ce:67:43:35:
         37:3c:fd:b5:6e:cb:10:b0:74:a4:75:f1:61:bb:b7:47:6f:de:
         03:ff:79:6b:37:ba:f0:e9:df:ad:3c:50:34:aa:4d:f9:f2:fd:
         42:35:1c:69:77:69:f8:7f:00:3e:dc:81:8c:08:44:f1:f4:47:
         85:f5:85:e1:d7:c5:d1:9f:a5:03:c7:6d:c4:99:06:d4:4c:08:
         86:50:11:ff:e8:6f:62:cb:e8:b6:8a:de:b3:64:5e:bf:5d:c6:
         c9:ab:9e:82:d7:11:ff:ca:b7:af:33:8b:e4:3d:07:6e:5b:76:
         49:0a:d2:33:32:16:d6:26:a0:7f:ff:ce:75:c5:fa:4a:04:02:
         21:24:f9:f0:4d:fb:85:a4:b2:2e:52:90:a5:6b:3b:e0:b6:93:
         ae:91:d3:ba:3a:55:a8:75:2c:71:56:68:fd:9d:63:7c:52:c1:
         82:84:ab:24:4e:5e:1d:47:a2:7c:ea:45:8c:0d:38:7a:61:59:
         d8:93:16:a2:8c:8d:e4:0e:34:41:47:a0:de:41:11:2d:87:58:
         34:60:37:86
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUV2/gin0pAPS4ecfkyHUuPGiKya8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTlBNTI4OEZGRDk2MzIzMUQ3QTMxREYzNTg1MTZDMURF
OTA0NDg1MDAeFw0yNDAzMDUxODA3NTZaFw0yNTAzMDQxODEyNTZaMDMxMTAvBgNV
BAMTKDg2NkI0QzI0RkUwMTg0OTk0QTFFQkY5RkZCMDZBNDc3MTNGOUU1OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0jLsuoV/TZfqErmDvIOEEcZ+E
rMctBeOwQBDIk+t3tRu/e2z6609mIjRaXCSPcVqIRFPgVOzbreeHPbZEjc7dyWAe
UNz/2IGip25eGrVGNwvaH2X2bKCxKBuLDTH/D94aHRia33Kci4C5Gf/+1VW9xu9S
XMbNof4eFmwwK7+iZDmy2mIwtLapi2hhPVhr7B5x+pPljQR8mSDhuvHASebZYFlI
rUc6C3h8JBikIcb1j/ioZqIjFGy7va+i7g1euJTS/L4e/fACt1vlPnmZlGNwhk0q
FurfDbjKhYtVwAcPq2lIHkLj7/+hzcrDRuU0EAERNhvBcGWNjiWT77DuSX1ZAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUhmtMJP4BhJlKHr+f+wakdxP55Z4wHwYDVR0j
BBgwFoAU6aUoj/2WMjHXox3zWFFsHekESFAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BOTQxMTI5MUY5M0I4N0Y5ODFBQkJEQTVBQUU1NzAzOTg4
RkQ2M0M1M0MwRDg1REY0MTNGMjhGNDQyREIwMjkyLzAvRTlBNTI4OEZGRDk2MzIz
MUQ3QTMxREYzNTg1MTZDMURFOTA0NDg1MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FOUE1Mjg4RkZEOTYzMjMxRDdB
MzFERjM1ODUxNkMxREU5MDQ0ODUwLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTk0MTEyOTFGOTNCODdGOTgxQUJCREE1QUFFNTcwMzk4OEZENjNDNTND
MEQ4NURGNDEzRjI4RjQ0MkRCMDI5Mi8wLzMxMzgzMTJlMzIzMzMyMmUzMTM1Mzcy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzIzMDM2MzIucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC1
6J0wDQYJKoZIhvcNAQELBQADggEBAIHNQS+xViPxsSn293rRZ6G2KCYPDvpSBGg/
ZgN9c8CQaLz9jPRutZDPyUUIawMg1+NozmdDNTc8/bVuyxCwdKR18WG7t0dv3gP/
eWs3uvDp3608UDSqTfny/UI1HGl3afh/AD7cgYwIRPH0R4X1heHXxdGfpQPHbcSZ
BtRMCIZQEf/ob2LL6LaK3rNkXr9dxsmrnoLXEf/Kt68zi+Q9B25bdkkK0jMyFtYm
oH//znXF+koEAiEk+fBN+4Wksi5SkKVrO+C2k66R07o6Vah1LHFWaP2dY3xSwYKE
qyROXh1HonzqRYwNOHphWdiTFqKMjeQONEFHoN5BES2HWDRgN4Y=
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:24:18 2024 by rpki-client on console-ams.rpki-client.org