Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3139302e3130362e3132302e302f32312d3234203d3e203131383135.roa
File:                     3139302e3130362e3132302e302f32312d3234203d3e203131383135.roa (raw, json)
Hash identifier:          zx7s2111v9ejGhv4tJFJuiwFnhko9TPoybv4LkNGFdg=
Subject key identifier:   E6:BE:19:B7:32:53:38:3C:11:0F:89:78:6E:0F:86:CF:56:42:52:A6
Certificate issuer:       /CN=D2F5141990A0252C37D63112FB6ECA5DBC5686B6
Certificate serial:       7BD1F5F28DD4EB962AB2E674638A081162D015A9
Authority key identifier: D2:F5:14:19:90:A0:25:2C:37:D6:31:12:FB:6E:CA:5D:BC:56:86:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3139302e3130362e3132302e302f32312d3234203d3e203131383135.roa
Signing time:             Tue 05 Mar 2024 18:22:34 +0000
ROA not before:           Tue 05 Mar 2024 18:17:34 +0000
ROA not after:            Tue 04 Mar 2025 18:22:34 +0000
asID:                     11815
IP address blocks:        190.106.120.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 22 Jul 2024 13:18:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:d1:f5:f2:8d:d4:eb:96:2a:b2:e6:74:63:8a:08:11:62:d0:15:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2F5141990A0252C37D63112FB6ECA5DBC5686B6
        Validity
            Not Before: Mar  5 18:17:34 2024 GMT
            Not After : Mar  4 18:22:34 2025 GMT
        Subject: CN=E6BE19B73253383C110F89786E0F86CF564252A6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:0a:4b:7a:8d:79:c5:9a:3f:18:0b:01:df:38:
                    84:29:cb:b9:26:c0:f6:4f:20:fa:39:05:49:34:17:
                    19:cd:b2:2b:44:db:bf:2b:4c:d3:72:49:92:a0:7d:
                    69:29:81:2a:e3:bf:02:46:47:26:d7:ab:d3:45:da:
                    c3:5b:f5:29:13:94:4a:87:4f:b9:eb:6d:18:43:a7:
                    ce:ad:21:4b:40:9d:71:46:2c:95:67:6c:c8:d6:8e:
                    d7:02:93:9a:f0:b7:25:95:ec:6f:df:c0:88:eb:24:
                    cf:e9:47:4d:07:7d:c9:74:b0:a6:41:af:6e:4c:2b:
                    34:28:2f:62:aa:56:e3:8c:d7:73:44:ad:d8:d4:a6:
                    d9:3c:06:df:ec:58:12:43:b2:54:0d:d3:60:a5:64:
                    c7:53:5d:e2:76:08:2b:43:e7:7a:d3:a7:66:9c:b4:
                    66:69:53:5e:46:a5:cc:2a:b1:53:b8:8c:37:5d:43:
                    6f:c1:d7:97:62:fd:66:bd:d1:04:98:b6:8d:54:b4:
                    29:6b:49:bb:fc:95:98:e8:00:16:3e:0f:2f:8e:db:
                    dc:f8:7c:05:88:ab:fa:c0:ae:71:d5:e1:46:3c:cf:
                    6c:d9:a2:cc:9b:cb:64:f3:ea:ad:73:6d:65:80:00:
                    5c:02:59:c7:b1:d7:6d:16:d5:40:b9:05:bc:8f:c0:
                    75:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:BE:19:B7:32:53:38:3C:11:0F:89:78:6E:0F:86:CF:56:42:52:A6
            X509v3 Authority Key Identifier:
                keyid:D2:F5:14:19:90:A0:25:2C:37:D6:31:12:FB:6E:CA:5D:BC:56:86:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3139302e3130362e3132302e302f32312d3234203d3e203131383135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.106.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6e:8f:53:76:8c:c2:e3:1f:9a:67:cf:6d:35:b6:71:e7:66:1d:
         46:30:77:c6:91:fc:9c:05:69:16:fe:9e:6c:eb:e6:b9:95:8f:
         1b:4e:2e:5e:6e:3e:0d:be:49:b6:8b:f7:a1:ec:6a:e6:22:b9:
         f4:16:96:75:63:eb:f3:8c:c8:82:f5:b5:97:c3:0c:ca:f3:c8:
         27:12:12:14:9e:43:10:ec:3b:c9:47:bc:55:9b:be:22:ed:c8:
         6a:9b:7c:dc:2d:19:d2:3a:c3:56:36:2c:da:91:9a:59:c4:53:
         8f:e8:69:35:4b:ff:c2:fb:99:ba:05:80:99:d3:e2:aa:70:8c:
         b5:a9:81:e1:28:69:13:ac:a6:2c:2e:73:e9:bc:11:7f:c7:76:
         9d:5e:15:44:99:46:b3:2e:d5:bd:5f:b8:6e:e1:d4:29:07:09:
         07:27:a2:06:02:25:ec:b1:e0:93:58:57:33:32:fc:f1:ab:88:
         32:0c:51:3c:3b:3e:52:92:dd:fc:d0:23:d9:c0:93:ea:fd:9e:
         6f:38:4d:03:a4:de:b4:49:c9:6c:94:3e:97:3b:fe:e0:2e:fc:
         d9:71:aa:04:0c:d5:cd:77:01:ea:9e:ae:af:00:67:cb:eb:75:
         4b:92:aa:ee:04:0d:07:31:2a:c7:f8:86:0b:3f:8b:7c:ab:b2:
         ef:d3:20:cd
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUe9H18o3U65YqsuZ0Y4oIEWLQFakwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDJGNTE0MTk5MEEwMjUyQzM3RDYzMTEyRkI2RUNBNURC
QzU2ODZCNjAeFw0yNDAzMDUxODE3MzRaFw0yNTAzMDQxODIyMzRaMDMxMTAvBgNV
BAMTKEU2QkUxOUI3MzI1MzM4M0MxMTBGODk3ODZFMEY4NkNGNTY0MjUyQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8Ckt6jXnFmj8YCwHfOIQpy7km
wPZPIPo5BUk0FxnNsitE278rTNNySZKgfWkpgSrjvwJGRybXq9NF2sNb9SkTlEqH
T7nrbRhDp86tIUtAnXFGLJVnbMjWjtcCk5rwtyWV7G/fwIjrJM/pR00Hfcl0sKZB
r25MKzQoL2KqVuOM13NErdjUptk8Bt/sWBJDslQN02ClZMdTXeJ2CCtD53rTp2ac
tGZpU15GpcwqsVO4jDddQ2/B15di/Wa90QSYto1UtClrSbv8lZjoABY+Dy+O29z4
fAWIq/rArnHV4UY8z2zZosyby2Tz6q1zbWWAAFwCWcex120W1UC5BbyPwHXnAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU5r4ZtzJTODwRD4l4bg+Gz1ZCUqYwHwYDVR0j
BBgwFoAU0vUUGZCgJSw31jES+27KXbxWhrYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMkZGRENBMzBDMTVDRDU5OTcwQTdFN0FGQUVDM0E5MUFG
NDMwMUFDOTAwOEIwRkZDM0I4Rjk3NzVGNTZGMkZELzAvRDJGNTE0MTk5MEEwMjUy
QzM3RDYzMTEyRkI2RUNBNURCQzU2ODZCNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMkY1MTQxOTkwQTAyNTJDMzdE
NjMxMTJGQjZFQ0E1REJDNTY4NkI2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjJGRkRDQTMwQzE1Q0Q1OTk3MEE3RTdBRkFFQzNBOTFBRjQzMDFBQzkw
MDhCMEZGQzNCOEY5Nzc1RjU2RjJGRC8wLzMxMzkzMDJlMzEzMDM2MmUzMTMyMzAy
ZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzMTMxMzgzMTM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvmp4
MA0GCSqGSIb3DQEBCwUAA4IBAQBuj1N2jMLjH5pnz201tnHnZh1GMHfGkfycBWkW
/p5s6+a5lY8bTi5ebj4Nvkm2i/eh7GrmIrn0FpZ1Y+vzjMiC9bWXwwzK88gnEhIU
nkMQ7DvJR7xVm74i7chqm3zcLRnSOsNWNizakZpZxFOP6Gk1S//C+5m6BYCZ0+Kq
cIy1qYHhKGkTrKYsLnPpvBF/x3adXhVEmUazLtW9X7hu4dQpBwkHJ6IGAiXsseCT
WFczMvzxq4gyDFE8Oz5Skt380CPZwJPq/Z5vOE0DpN60SclslD6XO/7gLvzZcaoE
DNXNdwHqnq6vAGfL63VLkqruBA0HMSrH+IYLP4t8q7Lv0yDN
-----END CERTIFICATE-----
Generated at Thu Jul 18 20:01:53 2024 by rpki-client on console-fra.rpki-client.org