Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/BB20FF6CF92550E986AE22A9D697D4F917F9817C4D9BA54A4C692160005A3ECC/0/3136372e3234392e32382e302f32332d3234203d3e203634313339.roa
File:                     3136372e3234392e32382e302f32332d3234203d3e203634313339.roa (raw, json)
Hash identifier:          O937tgqMmLSD++NIPaGTQ7QGFY+CvmOkvIBDmo+g+b4=
Subject key identifier:   C2:16:E9:21:23:0F:65:AE:19:52:85:DC:A8:F2:90:45:66:80:94:2C
Certificate issuer:       /CN=E26827C02EA6431AE7B4F616C8625DC85A94F800
Certificate serial:       67BBD3F4BC49DBA80FEDA10F9EDD3A6ED24D39A2
Authority key identifier: E2:68:27:C0:2E:A6:43:1A:E7:B4:F6:16:C8:62:5D:C8:5A:94:F8:00
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E26827C02EA6431AE7B4F616C8625DC85A94F800.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/BB20FF6CF92550E986AE22A9D697D4F917F9817C4D9BA54A4C692160005A3ECC/0/3136372e3234392e32382e302f32332d3234203d3e203634313339.roa
Signing time:             Tue 05 Mar 2024 18:06:35 +0000
ROA not before:           Tue 05 Mar 2024 18:01:35 +0000
ROA not after:            Tue 04 Mar 2025 18:06:35 +0000
asID:                     64139
IP address blocks:        167.249.28.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/BB20FF6CF92550E986AE22A9D697D4F917F9817C4D9BA54A4C692160005A3ECC/0/E26827C02EA6431AE7B4F616C8625DC85A94F800.crl
                          rsync://repository.lacnic.net/rpki/lacnic/BB20FF6CF92550E986AE22A9D697D4F917F9817C4D9BA54A4C692160005A3ECC/0/E26827C02EA6431AE7B4F616C8625DC85A94F800.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E26827C02EA6431AE7B4F616C8625DC85A94F800.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 31 Oct 2024 16:16:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:bb:d3:f4:bc:49:db:a8:0f:ed:a1:0f:9e:dd:3a:6e:d2:4d:39:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E26827C02EA6431AE7B4F616C8625DC85A94F800
        Validity
            Not Before: Mar  5 18:01:35 2024 GMT
            Not After : Mar  4 18:06:35 2025 GMT
        Subject: CN=C216E921230F65AE195285DCA8F290456680942C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:3d:e2:31:5f:e1:6c:bb:d2:7f:a9:d7:19:91:
                    5e:1b:08:41:75:c8:ff:11:83:aa:3c:0d:46:bc:9b:
                    79:6c:47:75:d9:37:9c:d2:40:e2:f8:23:78:f7:0d:
                    c9:3b:6b:46:f2:a3:37:ef:e3:5c:ff:48:71:a6:e6:
                    96:39:11:ed:c6:2b:b5:b8:be:4a:d9:c6:30:44:21:
                    d9:6b:d6:4f:a2:04:a0:01:b7:4a:00:32:aa:8e:6d:
                    e2:89:d2:9b:89:ec:43:d4:dc:ef:89:8e:dd:30:63:
                    0b:36:4b:84:97:6a:c9:56:15:fe:3f:88:5c:07:9c:
                    01:c7:5e:3d:e1:09:dd:b4:65:dd:68:45:20:5b:50:
                    fb:28:e3:42:01:53:38:12:1b:ad:0a:aa:21:a1:86:
                    15:12:2e:6f:8b:31:51:58:3e:90:56:5d:22:e8:df:
                    15:2e:6f:b5:06:a1:31:29:81:78:28:b5:12:93:43:
                    a9:14:fe:5f:55:5e:c0:4e:c7:5e:bf:40:03:94:f1:
                    ca:aa:28:c3:0e:ee:01:24:3c:b4:2f:8f:ac:90:11:
                    f2:5f:4e:bf:66:29:34:4c:6f:84:a7:4b:6b:8c:5e:
                    9a:73:82:3e:41:24:48:1c:29:bc:19:d2:78:8c:6c:
                    11:53:7f:c0:54:6f:54:4a:a0:4b:23:24:0a:5d:3b:
                    77:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:16:E9:21:23:0F:65:AE:19:52:85:DC:A8:F2:90:45:66:80:94:2C
            X509v3 Authority Key Identifier:
                keyid:E2:68:27:C0:2E:A6:43:1A:E7:B4:F6:16:C8:62:5D:C8:5A:94:F8:00

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/BB20FF6CF92550E986AE22A9D697D4F917F9817C4D9BA54A4C692160005A3ECC/0/E26827C02EA6431AE7B4F616C8625DC85A94F800.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E26827C02EA6431AE7B4F616C8625DC85A94F800.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/BB20FF6CF92550E986AE22A9D697D4F917F9817C4D9BA54A4C692160005A3ECC/0/3136372e3234392e32382e302f32332d3234203d3e203634313339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.249.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3e:aa:a3:eb:7a:dc:12:43:52:a2:be:7b:ec:d4:ce:93:7a:14:
         17:23:3e:2b:b7:fd:fa:24:0e:ca:af:14:13:ce:87:28:e1:f0:
         bd:25:e8:0f:04:78:90:0e:85:c2:c5:0d:b1:13:e2:9a:ba:5a:
         6a:04:c5:49:f5:ca:05:b5:21:a7:6a:29:ca:8f:6b:25:83:22:
         79:c0:b4:45:06:8f:0f:9d:cb:4e:88:f3:6f:ef:03:ef:fc:ce:
         4e:47:e6:a0:7b:c6:42:6d:c0:b9:54:71:2b:81:d3:c2:02:7d:
         56:44:91:ab:e2:16:1e:d3:72:e8:61:2d:20:70:04:0c:4b:4f:
         26:66:da:7b:b0:ca:89:ea:b6:e1:88:78:d7:f9:2c:23:84:e4:
         5d:14:1d:fd:4b:c5:54:5f:4d:9c:85:3a:c1:78:38:c5:6b:a3:
         18:63:f6:34:e4:ee:02:56:7e:1e:00:02:7e:6a:9c:31:61:4c:
         8e:7b:66:76:b6:9e:f3:e4:e1:46:7f:3b:71:b9:d6:58:e9:8d:
         c2:10:bb:a4:4d:14:02:0d:3a:95:6f:b0:c9:6f:46:f2:22:10:
         d5:c5:dd:8f:da:56:fb:f9:d5:f0:71:cb:73:b6:c7:1f:e9:f2:
         62:73:09:03:4b:fa:52:6e:f2:4a:7b:40:be:4d:8e:ae:2c:7b:
         6b:9f:c1:eb
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUZ7vT9LxJ26gP7aEPnt06btJNOaIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTI2ODI3QzAyRUE2NDMxQUU3QjRGNjE2Qzg2MjVEQzg1
QTk0RjgwMDAeFw0yNDAzMDUxODAxMzVaFw0yNTAzMDQxODA2MzVaMDMxMTAvBgNV
BAMTKEMyMTZFOTIxMjMwRjY1QUUxOTUyODVEQ0E4RjI5MDQ1NjY4MDk0MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8PeIxX+Fsu9J/qdcZkV4bCEF1
yP8Rg6o8DUa8m3lsR3XZN5zSQOL4I3j3Dck7a0byozfv41z/SHGm5pY5Ee3GK7W4
vkrZxjBEIdlr1k+iBKABt0oAMqqObeKJ0puJ7EPU3O+Jjt0wYws2S4SXaslWFf4/
iFwHnAHHXj3hCd20Zd1oRSBbUPso40IBUzgSG60KqiGhhhUSLm+LMVFYPpBWXSLo
3xUub7UGoTEpgXgotRKTQ6kU/l9VXsBOx16/QAOU8cqqKMMO7gEkPLQvj6yQEfJf
Tr9mKTRMb4SnS2uMXppzgj5BJEgcKbwZ0niMbBFTf8BUb1RKoEsjJApdO3fDAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUwhbpISMPZa4ZUoXcqPKQRWaAlCwwHwYDVR0j
BBgwFoAU4mgnwC6mQxrntPYWyGJdyFqU+AAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CQjIwRkY2Q0Y5MjU1MEU5ODZBRTIyQTlENjk3RDRGOTE3
Rjk4MTdDNEQ5QkE1NEE0QzY5MjE2MDAwNUEzRUNDLzAvRTI2ODI3QzAyRUE2NDMx
QUU3QjRGNjE2Qzg2MjVEQzg1QTk0RjgwMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FMjY4MjdDMDJFQTY0MzFBRTdC
NEY2MTZDODYyNURDODVBOTRGODAwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQkIyMEZGNkNGOTI1NTBFOTg2QUUyMkE5RDY5N0Q0RjkxN0Y5ODE3QzRE
OUJBNTRBNEM2OTIxNjAwMDVBM0VDQy8wLzMxMzYzNzJlMzIzNDM5MmUzMjM4MmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzYzNDMxMzMzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAaf5HDAN
BgkqhkiG9w0BAQsFAAOCAQEAPqqj63rcEkNSor577NTOk3oUFyM+K7f9+iQOyq8U
E86HKOHwvSXoDwR4kA6FwsUNsRPimrpaagTFSfXKBbUhp2opyo9rJYMiecC0RQaP
D53LTojzb+8D7/zOTkfmoHvGQm3AuVRxK4HTwgJ9VkSRq+IWHtNy6GEtIHAEDEtP
Jmbae7DKieq24Yh41/ksI4TkXRQd/UvFVF9NnIU6wXg4xWujGGP2NOTuAlZ+HgAC
fmqcMWFMjntmdrae8+ThRn87cbnWWOmNwhC7pE0UAg06lW+wyW9G8iIQ1cXdj9pW
+/nV8HHLc7bHH+nyYnMJA0v6Um7ySntAvk2Orix7a5/B6w==
-----END CERTIFICATE-----
Generated at Sun Oct 27 21:21:49 2024 by rpki-client on console-ams.rpki-client.org