Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3139302e31312e33322e302f31392d3234203d3e203131383135.roa
File:                     3139302e31312e33322e302f31392d3234203d3e203131383135.roa (raw, json)
Hash identifier:          GAZF3nxJ9aSsssvc3p7GxGYsY8YJMhKvx+vCDNiDjPc=
Subject key identifier:   93:F3:78:47:3C:D7:95:56:64:30:9C:E8:FA:45:BE:CD:D5:77:11:93
Certificate issuer:       /CN=D2F5141990A0252C37D63112FB6ECA5DBC5686B6
Certificate serial:       60D1DA50F30B169DFB5C56DFD467F33EEEB99BDD
Authority key identifier: D2:F5:14:19:90:A0:25:2C:37:D6:31:12:FB:6E:CA:5D:BC:56:86:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3139302e31312e33322e302f31392d3234203d3e203131383135.roa
Signing time:             Tue 05 Mar 2024 18:22:31 +0000
ROA not before:           Tue 05 Mar 2024 18:17:31 +0000
ROA not after:            Tue 04 Mar 2025 18:22:31 +0000
asID:                     11815
IP address blocks:        190.11.32.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 22 Jul 2024 13:18:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:d1:da:50:f3:0b:16:9d:fb:5c:56:df:d4:67:f3:3e:ee:b9:9b:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2F5141990A0252C37D63112FB6ECA5DBC5686B6
        Validity
            Not Before: Mar  5 18:17:31 2024 GMT
            Not After : Mar  4 18:22:31 2025 GMT
        Subject: CN=93F378473CD7955664309CE8FA45BECDD5771193
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:5e:d2:1a:c2:7c:5d:6d:3e:47:5a:17:23:3d:
                    5d:f1:35:68:2a:f6:b5:ba:99:02:4b:85:c5:99:8e:
                    a3:cc:03:04:9f:5f:e8:95:cc:63:fc:4d:e4:38:5b:
                    69:b3:9c:76:3d:19:db:54:35:7f:43:de:62:8e:b1:
                    02:9b:dd:c1:bd:dc:55:d5:41:dc:b9:56:ec:b6:5e:
                    6a:73:4d:a6:c2:41:7c:1c:50:f7:fa:f0:8e:68:f4:
                    66:a6:73:e8:d9:36:65:01:6b:ca:81:ca:98:44:ce:
                    ca:d7:65:c8:52:89:7f:20:52:58:d7:4f:b4:6e:f1:
                    c3:4c:09:73:41:68:89:96:a6:a5:b7:f8:e5:8c:15:
                    76:1b:78:c0:e9:44:fe:e8:ee:ff:4f:8e:66:8d:72:
                    c5:0a:47:65:0a:19:bb:54:2d:8b:ef:d8:3f:5a:0f:
                    5c:5b:78:f8:51:41:54:0a:b1:23:be:b2:f2:6e:22:
                    3c:90:93:6b:82:42:60:8b:41:fa:cf:5f:20:a4:d4:
                    62:d8:57:b4:6b:90:86:06:e2:af:db:db:a0:95:cd:
                    8b:8a:ec:aa:58:cc:78:6b:19:9b:e8:38:1c:77:f6:
                    71:8c:96:7b:6e:52:65:56:35:f5:d1:32:a0:6b:16:
                    96:3f:50:c1:2d:be:f5:91:95:e2:11:53:ab:32:68:
                    ec:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:F3:78:47:3C:D7:95:56:64:30:9C:E8:FA:45:BE:CD:D5:77:11:93
            X509v3 Authority Key Identifier:
                keyid:D2:F5:14:19:90:A0:25:2C:37:D6:31:12:FB:6E:CA:5D:BC:56:86:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3139302e31312e33322e302f31392d3234203d3e203131383135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.11.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         62:0e:f6:1e:5b:e2:25:1e:bf:9e:86:bf:40:de:b0:06:20:04:
         f8:e5:2f:6d:94:fc:6c:cf:93:c7:ba:e5:5b:72:1b:31:ac:e8:
         40:ba:90:4a:49:b8:fb:68:fa:d8:1b:47:f4:c5:aa:0e:ad:99:
         d9:5c:28:b5:2d:b3:df:90:05:43:2f:3a:9a:d0:64:1d:6f:0c:
         41:74:cb:a8:62:bc:64:66:b2:46:bf:4d:15:42:ae:cd:78:db:
         18:7b:ea:d3:02:88:e8:0c:84:0f:de:4e:2d:25:d3:27:cc:d5:
         ad:a0:57:1d:df:fc:ae:cf:7e:25:6d:60:74:93:62:f4:03:2c:
         36:29:db:87:1f:fc:f3:90:5a:b0:23:11:b5:9b:15:7f:2d:f1:
         69:2b:4d:c2:19:3f:0e:ac:8f:34:c9:2f:f5:56:38:85:f5:a4:
         8c:4a:f3:ed:af:70:da:e7:a6:5e:22:8c:e9:a7:05:bf:c2:69:
         e3:2b:cb:18:cf:53:ff:90:b0:53:f4:69:4b:c8:d0:04:39:c0:
         bd:bd:47:f3:54:9f:4e:7d:ae:36:a8:c0:5d:19:21:0a:56:8e:
         54:63:00:1a:05:72:51:3e:38:1f:0c:75:11:90:eb:c2:df:07:
         bc:e9:2a:8e:42:32:19:fb:4d:9c:ba:fe:0c:09:c4:bb:2b:2d:
         0f:d4:e1:41
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUYNHaUPMLFp37XFbf1GfzPu65m90wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDJGNTE0MTk5MEEwMjUyQzM3RDYzMTEyRkI2RUNBNURC
QzU2ODZCNjAeFw0yNDAzMDUxODE3MzFaFw0yNTAzMDQxODIyMzFaMDMxMTAvBgNV
BAMTKDkzRjM3ODQ3M0NENzk1NTY2NDMwOUNFOEZBNDVCRUNERDU3NzExOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPXtIawnxdbT5HWhcjPV3xNWgq
9rW6mQJLhcWZjqPMAwSfX+iVzGP8TeQ4W2mznHY9GdtUNX9D3mKOsQKb3cG93FXV
Qdy5Vuy2XmpzTabCQXwcUPf68I5o9Gamc+jZNmUBa8qByphEzsrXZchSiX8gUljX
T7Ru8cNMCXNBaImWpqW3+OWMFXYbeMDpRP7o7v9PjmaNcsUKR2UKGbtULYvv2D9a
D1xbePhRQVQKsSO+svJuIjyQk2uCQmCLQfrPXyCk1GLYV7RrkIYG4q/b26CVzYuK
7KpYzHhrGZvoOBx39nGMlntuUmVWNfXRMqBrFpY/UMEtvvWRleIRU6syaOydAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUk/N4RzzXlVZkMJzo+kW+zdV3EZMwHwYDVR0j
BBgwFoAU0vUUGZCgJSw31jES+27KXbxWhrYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMkZGRENBMzBDMTVDRDU5OTcwQTdFN0FGQUVDM0E5MUFG
NDMwMUFDOTAwOEIwRkZDM0I4Rjk3NzVGNTZGMkZELzAvRDJGNTE0MTk5MEEwMjUy
QzM3RDYzMTEyRkI2RUNBNURCQzU2ODZCNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMkY1MTQxOTkwQTAyNTJDMzdE
NjMxMTJGQjZFQ0E1REJDNTY4NkI2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjJGRkRDQTMwQzE1Q0Q1OTk3MEE3RTdBRkFFQzNBOTFBRjQzMDFBQzkw
MDhCMEZGQzNCOEY5Nzc1RjU2RjJGRC8wLzMxMzkzMDJlMzEzMTJlMzMzMjJlMzAy
ZjMxMzkyZDMyMzQyMDNkM2UyMDMxMzEzODMxMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAW+CyAwDQYJ
KoZIhvcNAQELBQADggEBAGIO9h5b4iUev56Gv0DesAYgBPjlL22U/GzPk8e65Vty
GzGs6EC6kEpJuPto+tgbR/TFqg6tmdlcKLUts9+QBUMvOprQZB1vDEF0y6hivGRm
ska/TRVCrs142xh76tMCiOgMhA/eTi0l0yfM1a2gVx3f/K7PfiVtYHSTYvQDLDYp
24cf/POQWrAjEbWbFX8t8WkrTcIZPw6sjzTJL/VWOIX1pIxK8+2vcNrnpl4ijOmn
Bb/CaeMryxjPU/+QsFP0aUvI0AQ5wL29R/NUn059rjaowF0ZIQpWjlRjABoFclE+
OB8MdRGQ68LfB7zpKo5CMhn7TZy6/gwJxLsrLQ/U4UE=
-----END CERTIFICATE-----
Generated at Thu Jul 18 20:01:53 2024 by rpki-client on console-fra.rpki-client.org