Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B04A2DF34E4F232E4B89D386BCC8374360C42BB940E77DDD8B35800B6355CBB3/0/3136382e3139342e3139372e302f32342d3234203d3e203238303939.roa
File:                     3136382e3139342e3139372e302f32342d3234203d3e203238303939.roa (raw, json)
Hash identifier:          QPclcvt7dpxsXl0kHRRk6B/YgUwF8PvIPJ52xbDwcQ8=
Subject key identifier:   2F:0B:CC:A4:24:9B:09:3F:46:F2:A7:C0:EA:CC:3B:96:CB:56:79:2E
Certificate issuer:       /CN=4937097E14B869A93E421FF4BF07878F7FE1DB12
Certificate serial:       357D4326296E4BACB6EF27CAE96F4B837D0C9A62
Authority key identifier: 49:37:09:7E:14:B8:69:A9:3E:42:1F:F4:BF:07:87:8F:7F:E1:DB:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4937097E14B869A93E421FF4BF07878F7FE1DB12.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B04A2DF34E4F232E4B89D386BCC8374360C42BB940E77DDD8B35800B6355CBB3/0/3136382e3139342e3139372e302f32342d3234203d3e203238303939.roa
Signing time:             Tue 05 Mar 2024 18:01:42 +0000
ROA not before:           Tue 05 Mar 2024 17:56:42 +0000
ROA not after:            Tue 04 Mar 2025 18:01:42 +0000
asID:                     28099
IP address blocks:        168.194.197.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/B04A2DF34E4F232E4B89D386BCC8374360C42BB940E77DDD8B35800B6355CBB3/0/4937097E14B869A93E421FF4BF07878F7FE1DB12.crl
                          rsync://repository.lacnic.net/rpki/lacnic/B04A2DF34E4F232E4B89D386BCC8374360C42BB940E77DDD8B35800B6355CBB3/0/4937097E14B869A93E421FF4BF07878F7FE1DB12.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4937097E14B869A93E421FF4BF07878F7FE1DB12.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 29 Nov 2024 03:21:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:7d:43:26:29:6e:4b:ac:b6:ef:27:ca:e9:6f:4b:83:7d:0c:9a:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4937097E14B869A93E421FF4BF07878F7FE1DB12
        Validity
            Not Before: Mar  5 17:56:42 2024 GMT
            Not After : Mar  4 18:01:42 2025 GMT
        Subject: CN=2F0BCCA4249B093F46F2A7C0EACC3B96CB56792E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:c6:3a:99:08:ce:77:f8:4e:ea:68:80:26:58:
                    a0:40:e8:6d:7e:b7:19:6c:de:71:68:3d:93:5e:8b:
                    d0:c6:74:95:89:8d:e4:74:2a:a1:31:30:86:64:3f:
                    f2:79:ed:1a:cc:ca:26:c8:8e:85:ff:8e:99:9a:2d:
                    db:b4:06:81:a0:db:4d:f7:92:06:ce:cd:57:6f:2f:
                    bf:ef:b8:d2:0e:5f:0f:e8:bc:7c:da:2e:32:8d:96:
                    70:24:85:54:d1:69:e5:0c:11:0d:76:08:79:85:d6:
                    70:71:f8:20:dc:71:b6:35:fd:cd:85:54:3b:01:43:
                    ca:b4:99:ff:e9:2d:d3:22:fb:ba:a3:ce:57:b1:1c:
                    9e:56:9a:b1:68:df:6f:18:dc:b7:4f:01:3f:9d:18:
                    88:99:19:9a:3b:54:ed:cb:8a:77:a4:3b:01:31:41:
                    a9:e3:bb:fb:47:ed:d3:d9:0f:65:eb:24:0b:9e:3c:
                    d3:db:10:be:0c:93:5d:48:1b:45:57:a3:e7:e8:fc:
                    6b:43:f0:66:7c:72:1f:ff:9c:58:c9:90:8b:ca:e9:
                    fe:03:cf:e3:b5:83:12:8c:50:48:9b:fe:d4:12:cc:
                    81:08:b9:f7:53:01:06:33:52:1a:a5:95:9a:00:98:
                    4c:db:99:a5:d7:1b:fa:cc:25:eb:d1:ed:c6:61:ea:
                    38:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:0B:CC:A4:24:9B:09:3F:46:F2:A7:C0:EA:CC:3B:96:CB:56:79:2E
            X509v3 Authority Key Identifier:
                keyid:49:37:09:7E:14:B8:69:A9:3E:42:1F:F4:BF:07:87:8F:7F:E1:DB:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B04A2DF34E4F232E4B89D386BCC8374360C42BB940E77DDD8B35800B6355CBB3/0/4937097E14B869A93E421FF4BF07878F7FE1DB12.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4937097E14B869A93E421FF4BF07878F7FE1DB12.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B04A2DF34E4F232E4B89D386BCC8374360C42BB940E77DDD8B35800B6355CBB3/0/3136382e3139342e3139372e302f32342d3234203d3e203238303939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.194.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:54:dd:ed:fd:d4:46:a6:98:d6:1e:93:60:be:a3:22:44:cd:
         3d:10:d6:dc:b2:d1:21:e2:1c:c4:84:c5:b7:9a:61:35:8a:a6:
         a7:d6:c5:31:8f:02:62:96:31:8b:be:96:13:68:45:30:02:65:
         c1:bc:67:92:bb:8c:d0:c6:3b:28:e1:53:31:4f:b6:80:27:ae:
         1b:48:db:17:c0:c6:9f:43:48:49:30:61:f2:37:1b:4f:68:de:
         d7:bc:d3:a7:be:0d:05:a0:b2:ab:4e:b8:f9:8d:4c:94:73:f7:
         39:5b:89:a7:38:42:af:aa:6f:f1:ca:c7:45:f5:37:6c:92:cd:
         f2:8b:64:e9:1d:08:40:fe:60:6b:91:38:51:f1:24:8f:b3:b1:
         8d:23:39:00:18:dc:6c:15:98:55:15:fc:e9:05:e9:c4:fb:2a:
         58:fe:fc:25:3f:63:dd:1f:60:33:53:73:9c:ed:47:40:99:ca:
         1c:a5:c6:1b:5a:be:f8:a7:b7:5c:de:af:be:ec:6c:d0:2e:65:
         e3:0a:23:90:b3:5b:01:35:7d:a2:7e:35:69:8b:f1:a6:63:86:
         da:82:80:aa:d8:0a:3c:10:48:9f:de:e6:e8:a8:d1:91:f9:fe:
         5e:84:d9:1e:f3:b9:b1:a4:39:5f:7d:86:7b:79:a1:24:3c:3c:
         4e:90:94:a3
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUNX1DJiluS6y27yfK6W9Lg30MmmIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDkzNzA5N0UxNEI4NjlBOTNFNDIxRkY0QkYwNzg3OEY3
RkUxREIxMjAeFw0yNDAzMDUxNzU2NDJaFw0yNTAzMDQxODAxNDJaMDMxMTAvBgNV
BAMTKDJGMEJDQ0E0MjQ5QjA5M0Y0NkYyQTdDMEVBQ0MzQjk2Q0I1Njc5MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRxjqZCM53+E7qaIAmWKBA6G1+
txls3nFoPZNei9DGdJWJjeR0KqExMIZkP/J57RrMyibIjoX/jpmaLdu0BoGg2033
kgbOzVdvL7/vuNIOXw/ovHzaLjKNlnAkhVTRaeUMEQ12CHmF1nBx+CDccbY1/c2F
VDsBQ8q0mf/pLdMi+7qjzlexHJ5WmrFo328Y3LdPAT+dGIiZGZo7VO3LinekOwEx
Qanju/tH7dPZD2XrJAuePNPbEL4Mk11IG0VXo+fo/GtD8GZ8ch//nFjJkIvK6f4D
z+O1gxKMUEib/tQSzIEIufdTAQYzUhqllZoAmEzbmaXXG/rMJevR7cZh6jgPAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQULwvMpCSbCT9G8qfA6sw7lstWeS4wHwYDVR0j
BBgwFoAUSTcJfhS4aak+Qh/0vweHj3/h2xIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMDRBMkRGMzRFNEYyMzJFNEI4OUQzODZCQ0M4Mzc0MzYw
QzQyQkI5NDBFNzdEREQ4QjM1ODAwQjYzNTVDQkIzLzAvNDkzNzA5N0UxNEI4NjlB
OTNFNDIxRkY0QkYwNzg3OEY3RkUxREIxMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80OTM3MDk3RTE0Qjg2OUE5M0U0
MjFGRjRCRjA3ODc4RjdGRTFEQjEyLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjA0QTJERjM0RTRGMjMyRTRCODlEMzg2QkNDODM3NDM2MEM0MkJCOTQw
RTc3REREOEIzNTgwMEI2MzU1Q0JCMy8wLzMxMzYzODJlMzEzOTM0MmUzMTM5Mzcy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM4MzAzOTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqMLF
MA0GCSqGSIb3DQEBCwUAA4IBAQCrVN3t/dRGppjWHpNgvqMiRM09ENbcstEh4hzE
hMW3mmE1iqan1sUxjwJiljGLvpYTaEUwAmXBvGeSu4zQxjso4VMxT7aAJ64bSNsX
wMafQ0hJMGHyNxtPaN7XvNOnvg0FoLKrTrj5jUyUc/c5W4mnOEKvqm/xysdF9Tds
ks3yi2TpHQhA/mBrkThR8SSPs7GNIzkAGNxsFZhVFfzpBenE+ypY/vwlP2PdH2Az
U3Oc7UdAmcocpcYbWr74p7dc3q++7GzQLmXjCiOQs1sBNX2ifjVpi/GmY4bagoCq
2Ao8EEif3uboqNGR+f5ehNke87mxpDlffYZ7eaEkPDxOkJSj
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:07:42 2024 by rpki-client on console-ams.rpki-client.org