Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/BBFFBF6405F5FE441C4C5CCF0763F033426C3B473A8B887A4F3EA9F065235D4C/0/3139302e39322e3130382e302f32332d3234203d3e203532343235.roa
File:                     3139302e39322e3130382e302f32332d3234203d3e203532343235.roa (raw, json)
Hash identifier:          Rard/5P5MqMfijnNZehE86nvlbMo1JkJIRMTAMPAjdY=
Subject key identifier:   12:5D:B7:9B:36:C6:CF:B7:68:72:97:70:08:2A:8F:33:94:2A:ED:FA
Certificate issuer:       /CN=D663037914FA22285F5A90948270F4B18D3F2D85
Certificate serial:       1744895E0BF9356A3593A7445ADFA725D0F8AC21
Authority key identifier: D6:63:03:79:14:FA:22:28:5F:5A:90:94:82:70:F4:B1:8D:3F:2D:85
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D663037914FA22285F5A90948270F4B18D3F2D85.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/BBFFBF6405F5FE441C4C5CCF0763F033426C3B473A8B887A4F3EA9F065235D4C/0/3139302e39322e3130382e302f32332d3234203d3e203532343235.roa
Signing time:             Tue 05 Mar 2024 17:45:00 +0000
ROA not before:           Tue 05 Mar 2024 17:40:00 +0000
ROA not after:            Tue 04 Mar 2025 17:45:00 +0000
asID:                     52425
IP address blocks:        190.92.108.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/BBFFBF6405F5FE441C4C5CCF0763F033426C3B473A8B887A4F3EA9F065235D4C/0/D663037914FA22285F5A90948270F4B18D3F2D85.crl
                          rsync://repository.lacnic.net/rpki/lacnic/BBFFBF6405F5FE441C4C5CCF0763F033426C3B473A8B887A4F3EA9F065235D4C/0/D663037914FA22285F5A90948270F4B18D3F2D85.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D663037914FA22285F5A90948270F4B18D3F2D85.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:44:89:5e:0b:f9:35:6a:35:93:a7:44:5a:df:a7:25:d0:f8:ac:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D663037914FA22285F5A90948270F4B18D3F2D85
        Validity
            Not Before: Mar  5 17:40:00 2024 GMT
            Not After : Mar  4 17:45:00 2025 GMT
        Subject: CN=125DB79B36C6CFB768729770082A8F33942AEDFA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:53:df:2a:eb:b1:00:6e:5e:19:c5:60:4b:bd:
                    2f:bd:34:e3:65:bf:82:84:be:c2:95:3d:4e:cd:34:
                    c7:ff:06:ee:72:b5:f7:32:de:fb:00:3f:c6:40:f0:
                    c0:b6:85:a2:d2:87:a7:c8:cc:0f:01:a7:2a:42:6c:
                    85:21:97:2c:bd:83:35:c2:37:c9:9a:a8:9e:82:50:
                    a0:4b:3f:cf:b4:43:7f:3c:ad:4e:7a:61:df:c9:4d:
                    e6:c5:84:11:53:1c:f2:36:4b:1b:f3:dc:df:f0:d2:
                    8b:fb:39:d4:80:c6:c2:ff:b6:39:15:87:12:7e:c5:
                    a1:bd:59:8c:dc:b7:f6:c7:92:9d:18:20:4f:50:d6:
                    59:eb:04:62:85:61:7c:8c:79:9d:1f:03:00:27:bf:
                    ff:90:67:d8:88:00:87:8c:a4:e5:7e:43:1a:61:59:
                    9c:14:e4:3b:f3:fa:e4:7d:71:3c:3d:4e:03:9a:04:
                    85:34:8d:41:3b:c3:68:3a:0c:73:bc:44:9a:2c:81:
                    f3:00:a7:7d:f0:75:06:45:cd:b3:94:29:e1:89:78:
                    89:fc:18:7c:aa:6e:47:75:e4:30:13:a4:50:be:fa:
                    c2:0c:e5:c3:bc:b3:42:b1:c1:23:8b:fa:5d:f3:9b:
                    c4:d9:23:08:50:d4:a0:4c:b0:45:6d:cf:06:84:c7:
                    e2:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:5D:B7:9B:36:C6:CF:B7:68:72:97:70:08:2A:8F:33:94:2A:ED:FA
            X509v3 Authority Key Identifier:
                keyid:D6:63:03:79:14:FA:22:28:5F:5A:90:94:82:70:F4:B1:8D:3F:2D:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/BBFFBF6405F5FE441C4C5CCF0763F033426C3B473A8B887A4F3EA9F065235D4C/0/D663037914FA22285F5A90948270F4B18D3F2D85.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D663037914FA22285F5A90948270F4B18D3F2D85.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/BBFFBF6405F5FE441C4C5CCF0763F033426C3B473A8B887A4F3EA9F065235D4C/0/3139302e39322e3130382e302f32332d3234203d3e203532343235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.92.108.0/23

    Signature Algorithm: sha256WithRSAEncryption
         85:38:62:b7:e4:ea:a7:e4:d6:2a:23:ff:b6:fa:a1:84:5f:b1:
         7f:27:44:20:50:70:d5:54:96:45:9c:84:8f:71:aa:89:63:3c:
         8c:2c:d4:ba:b7:df:5d:4a:20:1d:96:b3:86:db:9f:e7:c5:e5:
         64:42:04:1e:42:75:a6:ca:73:2f:6e:70:62:66:e4:57:22:81:
         da:96:c7:be:5e:ce:29:47:02:04:93:a1:11:87:81:1a:fb:f9:
         68:87:c9:dc:78:d6:8b:da:90:62:b2:01:70:c2:76:b8:8d:1d:
         14:d2:02:9f:5a:3c:8b:e9:39:0b:36:96:11:62:ac:a3:ee:75:
         6f:06:30:4d:96:15:fd:f3:32:3e:7c:cd:12:15:9c:fc:79:4f:
         30:79:76:f5:1a:8a:02:6b:8f:9f:2d:be:3e:af:16:99:38:96:
         b8:7d:37:19:cb:5a:76:88:b7:83:df:7d:98:be:e4:37:32:a2:
         68:d4:6e:56:d2:ed:dc:49:50:2c:23:5c:7e:d2:9c:f7:33:01:
         37:df:76:a8:69:75:a9:c4:e7:49:59:41:f5:51:08:d1:54:d7:
         a6:73:78:8e:1a:e9:86:81:90:f6:6c:e1:f3:48:0c:eb:56:3a:
         78:b1:75:7f:64:ae:07:86:a9:dd:85:8b:cd:f0:52:08:91:a6:
         ce:53:98:db
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUF0SJXgv5NWo1k6dEWt+nJdD4rCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDY2MzAzNzkxNEZBMjIyODVGNUE5MDk0ODI3MEY0QjE4
RDNGMkQ4NTAeFw0yNDAzMDUxNzQwMDBaFw0yNTAzMDQxNzQ1MDBaMDMxMTAvBgNV
BAMTKDEyNURCNzlCMzZDNkNGQjc2ODcyOTc3MDA4MkE4RjMzOTQyQUVERkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSU98q67EAbl4ZxWBLvS+9NONl
v4KEvsKVPU7NNMf/Bu5ytfcy3vsAP8ZA8MC2haLSh6fIzA8BpypCbIUhlyy9gzXC
N8maqJ6CUKBLP8+0Q388rU56Yd/JTebFhBFTHPI2Sxvz3N/w0ov7OdSAxsL/tjkV
hxJ+xaG9WYzct/bHkp0YIE9Q1lnrBGKFYXyMeZ0fAwAnv/+QZ9iIAIeMpOV+Qxph
WZwU5Dvz+uR9cTw9TgOaBIU0jUE7w2g6DHO8RJosgfMAp33wdQZFzbOUKeGJeIn8
GHyqbkd15DATpFC++sIM5cO8s0KxwSOL+l3zm8TZIwhQ1KBMsEVtzwaEx+KZAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUEl23mzbGz7docpdwCCqPM5Qq7fowHwYDVR0j
BBgwFoAU1mMDeRT6IihfWpCUgnD0sY0/LYUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CQkZGQkY2NDA1RjVGRTQ0MUM0QzVDQ0YwNzYzRjAzMzQy
NkMzQjQ3M0E4Qjg4N0E0RjNFQTlGMDY1MjM1RDRDLzAvRDY2MzAzNzkxNEZBMjIy
ODVGNUE5MDk0ODI3MEY0QjE4RDNGMkQ4NS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjYzMDM3OTE0RkEyMjI4NUY1
QTkwOTQ4MjcwRjRCMThEM0YyRDg1LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQkJGRkJGNjQwNUY1RkU0NDFDNEM1Q0NGMDc2M0YwMzM0MjZDM0I0NzNB
OEI4ODdBNEYzRUE5RjA2NTIzNUQ0Qy8wLzMxMzkzMDJlMzkzMjJlMzEzMDM4MmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzUzMjM0MzIzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAb5cbDAN
BgkqhkiG9w0BAQsFAAOCAQEAhThit+Tqp+TWKiP/tvqhhF+xfydEIFBw1VSWRZyE
j3GqiWM8jCzUurffXUogHZazhtuf58XlZEIEHkJ1pspzL25wYmbkVyKB2pbHvl7O
KUcCBJOhEYeBGvv5aIfJ3HjWi9qQYrIBcMJ2uI0dFNICn1o8i+k5CzaWEWKso+51
bwYwTZYV/fMyPnzNEhWc/HlPMHl29RqKAmuPny2+Pq8WmTiWuH03Gctadoi3g999
mL7kNzKiaNRuVtLt3ElQLCNcftKc9zMBN992qGl1qcTnSVlB9VEI0VTXpnN4jhrp
hoGQ9mzh80gM61Y6eLF1f2SuB4ap3YWLzfBSCJGmzlOY2w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:41:57 2024 by rpki-client on console-fra.rpki-client.org