Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/BA0053DA603852AF61C84424FBFF9AC8A63288718996C633B6329A8C93C0671E/0/3138312e3230392e302e302f31372d3234203d3e203532333631.roa
File:                     3138312e3230392e302e302f31372d3234203d3e203532333631.roa (raw, json)
Hash identifier:          NyDyQY9mxn61+iYH5YI8JiN8ZjgwtTOzL68ZEKj2VGQ=
Subject key identifier:   61:7C:67:90:59:8C:40:BB:32:B9:D7:1E:0E:6C:63:39:ED:89:2A:8E
Certificate issuer:       /CN=05C9632C2BAF4CD4754DA6B446116C70FEF4D267
Certificate serial:       3D8712FE5F9C8E51FBB9B171F01E0EB6C3BAC3E1
Authority key identifier: 05:C9:63:2C:2B:AF:4C:D4:75:4D:A6:B4:46:11:6C:70:FE:F4:D2:67
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/05C9632C2BAF4CD4754DA6B446116C70FEF4D267.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/BA0053DA603852AF61C84424FBFF9AC8A63288718996C633B6329A8C93C0671E/0/3138312e3230392e302e302f31372d3234203d3e203532333631.roa
Signing time:             Tue 05 Mar 2024 18:04:35 +0000
ROA not before:           Tue 05 Mar 2024 17:59:35 +0000
ROA not after:            Tue 04 Mar 2025 18:04:35 +0000
asID:                     52361
IP address blocks:        181.209.0.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/BA0053DA603852AF61C84424FBFF9AC8A63288718996C633B6329A8C93C0671E/0/05C9632C2BAF4CD4754DA6B446116C70FEF4D267.crl
                          rsync://repository.lacnic.net/rpki/lacnic/BA0053DA603852AF61C84424FBFF9AC8A63288718996C633B6329A8C93C0671E/0/05C9632C2BAF4CD4754DA6B446116C70FEF4D267.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/05C9632C2BAF4CD4754DA6B446116C70FEF4D267.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:87:12:fe:5f:9c:8e:51:fb:b9:b1:71:f0:1e:0e:b6:c3:ba:c3:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05C9632C2BAF4CD4754DA6B446116C70FEF4D267
        Validity
            Not Before: Mar  5 17:59:35 2024 GMT
            Not After : Mar  4 18:04:35 2025 GMT
        Subject: CN=617C6790598C40BB32B9D71E0E6C6339ED892A8E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e1:5e:21:36:66:ac:07:e9:25:c1:aa:9e:b1:
                    88:a9:45:6a:7f:8f:97:f2:92:fd:85:3d:ec:fc:3b:
                    1b:c7:74:17:d3:fa:e5:c0:c0:b5:af:03:25:4c:6f:
                    c6:34:11:61:52:2d:d8:41:42:46:3a:86:e4:05:3f:
                    e9:a3:11:bd:7f:b6:ee:88:47:55:bc:df:ef:c2:a8:
                    d7:ef:02:2d:62:e1:ee:ef:47:8e:cf:1d:dc:b3:a5:
                    72:2b:5d:4e:41:d7:7e:27:1e:6e:82:3b:86:82:c5:
                    b5:d4:45:bb:83:cd:a5:ab:2b:82:0c:b5:29:39:21:
                    27:b1:0c:2b:ac:88:0d:88:76:be:89:94:93:05:c6:
                    00:30:bb:18:33:4b:92:46:40:6a:b6:79:ca:6f:0e:
                    d1:c9:02:5a:61:30:dd:ce:c3:c2:48:bc:73:98:3a:
                    3b:8a:aa:36:e1:1c:37:76:75:30:57:7e:a4:f3:9d:
                    d6:7f:24:89:c3:2c:19:0c:e8:87:cf:64:6d:e5:43:
                    ae:60:a7:f4:07:d5:5b:c3:20:b1:8e:6b:74:ec:8e:
                    1d:9d:37:46:c2:c3:de:b9:1d:a8:9e:39:e0:d1:61:
                    92:43:0b:e0:f6:94:45:93:31:7a:21:4e:92:c2:29:
                    83:03:f1:7f:ca:14:33:84:cc:aa:cf:fa:30:a6:12:
                    9a:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:7C:67:90:59:8C:40:BB:32:B9:D7:1E:0E:6C:63:39:ED:89:2A:8E
            X509v3 Authority Key Identifier:
                keyid:05:C9:63:2C:2B:AF:4C:D4:75:4D:A6:B4:46:11:6C:70:FE:F4:D2:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/BA0053DA603852AF61C84424FBFF9AC8A63288718996C633B6329A8C93C0671E/0/05C9632C2BAF4CD4754DA6B446116C70FEF4D267.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/05C9632C2BAF4CD4754DA6B446116C70FEF4D267.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/BA0053DA603852AF61C84424FBFF9AC8A63288718996C633B6329A8C93C0671E/0/3138312e3230392e302e302f31372d3234203d3e203532333631.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.209.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         4b:df:d9:11:05:d1:d1:d3:71:78:3b:57:1e:7b:6d:7d:ec:74:
         58:4d:80:f7:03:41:88:26:a5:74:0f:68:97:f9:33:2a:ab:f0:
         5e:86:d7:bb:69:4a:f4:14:19:c1:5f:32:ee:f2:4c:4a:e1:4a:
         dd:ca:c7:1e:5a:73:80:73:e7:ee:48:bf:0a:93:c9:a7:92:09:
         38:7a:a7:26:e5:e1:07:0b:74:f1:1a:aa:ff:a4:24:4b:4a:34:
         88:90:97:75:03:46:1a:f9:ff:89:ef:87:ab:37:a7:02:81:aa:
         53:86:d9:2a:68:f3:6d:f0:76:1b:7f:03:8e:6f:e1:ad:7c:f2:
         82:c7:5f:aa:ad:f5:2c:a2:cf:fe:7b:b7:6a:31:4b:40:cc:ab:
         98:9e:48:3c:d0:ca:55:ad:82:88:cc:0d:4a:9c:6b:53:1e:73:
         a7:d1:54:a2:f6:32:6d:bb:f8:59:99:50:b7:fd:c0:71:c4:71:
         88:ff:a1:c8:68:38:7c:e8:41:44:07:7e:a2:d5:67:7d:6d:0d:
         dd:88:67:56:38:02:0d:a7:eb:96:57:00:ec:58:e6:8e:84:05:
         fc:77:29:2e:ee:5c:4c:8e:66:ec:fd:ae:62:4a:d5:7a:dd:63:
         de:69:78:93:71:20:57:b1:29:4e:c7:1e:d4:91:09:24:c5:da:
         57:62:95:8a
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUPYcS/l+cjlH7ubFx8B4OtsO6w+EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDVDOTYzMkMyQkFGNENENDc1NERBNkI0NDYxMTZDNzBG
RUY0RDI2NzAeFw0yNDAzMDUxNzU5MzVaFw0yNTAzMDQxODA0MzVaMDMxMTAvBgNV
BAMTKDYxN0M2NzkwNTk4QzQwQkIzMkI5RDcxRTBFNkM2MzM5RUQ4OTJBOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/4V4hNmasB+klwaqesYipRWp/
j5fykv2FPez8OxvHdBfT+uXAwLWvAyVMb8Y0EWFSLdhBQkY6huQFP+mjEb1/tu6I
R1W83+/CqNfvAi1i4e7vR47PHdyzpXIrXU5B134nHm6CO4aCxbXURbuDzaWrK4IM
tSk5ISexDCusiA2Idr6JlJMFxgAwuxgzS5JGQGq2ecpvDtHJAlphMN3Ow8JIvHOY
OjuKqjbhHDd2dTBXfqTzndZ/JInDLBkM6IfPZG3lQ65gp/QH1VvDILGOa3Tsjh2d
N0bCw965HaieOeDRYZJDC+D2lEWTMXohTpLCKYMD8X/KFDOEzKrP+jCmEppdAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUYXxnkFmMQLsyudceDmxjOe2JKo4wHwYDVR0j
BBgwFoAUBcljLCuvTNR1Taa0RhFscP700mcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CQTAwNTNEQTYwMzg1MkFGNjFDODQ0MjRGQkZGOUFDOEE2
MzI4ODcxODk5NkM2MzNCNjMyOUE4QzkzQzA2NzFFLzAvMDVDOTYzMkMyQkFGNENE
NDc1NERBNkI0NDYxMTZDNzBGRUY0RDI2Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wNUM5NjMyQzJCQUY0Q0Q0NzU0
REE2QjQ0NjExNkM3MEZFRjREMjY3LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQkEwMDUzREE2MDM4NTJBRjYxQzg0NDI0RkJGRjlBQzhBNjMyODg3MTg5
OTZDNjMzQjYzMjlBOEM5M0MwNjcxRS8wLzMxMzgzMTJlMzIzMDM5MmUzMDJlMzAy
ZjMxMzcyZDMyMzQyMDNkM2UyMDM1MzIzMzM2MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAe10QAwDQYJ
KoZIhvcNAQELBQADggEBAEvf2REF0dHTcXg7Vx57bX3sdFhNgPcDQYgmpXQPaJf5
Myqr8F6G17tpSvQUGcFfMu7yTErhSt3Kxx5ac4Bz5+5IvwqTyaeSCTh6pybl4QcL
dPEaqv+kJEtKNIiQl3UDRhr5/4nvh6s3pwKBqlOG2Spo823wdht/A45v4a188oLH
X6qt9Syiz/57t2oxS0DMq5ieSDzQylWtgojMDUqca1Mec6fRVKL2Mm27+FmZULf9
wHHEcYj/ochoOHzoQUQHfqLVZ31tDd2IZ1Y4Ag2n65ZXAOxY5o6EBfx3KS7uXEyO
Zuz9rmJK1XrdY95peJNxIFexKU7HHtSRCSTF2ldilYo=
-----END CERTIFICATE-----
Generated at Sat Jun 15 12:14:22 2024 by rpki-client on console-fra.rpki-client.org