Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/BFF9744E64C56E138AEC517D910F61D895CAD645CCF21CB7C16A278D5C2F944C/0/3138362e3138382e302e302f31372d3234203d3e203231383236.roa
File:                     3138362e3138382e302e302f31372d3234203d3e203231383236.roa (raw, json)
Hash identifier:          8S8F1SKJ5MnMQ1K4OVbWGZP2dGkBxElwLEwRdceUHUo=
Subject key identifier:   4D:D5:9C:3C:0D:58:78:F6:28:2E:DB:FB:F9:E1:2F:43:08:83:FB:DE
Certificate issuer:       /CN=165E0F133EF8A6DF2ECCBFDD6E915964893A4324
Certificate serial:       65597E9D9B2FC909E15DCB4FB5561E5932A5FC01
Authority key identifier: 16:5E:0F:13:3E:F8:A6:DF:2E:CC:BF:DD:6E:91:59:64:89:3A:43:24
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/165E0F133EF8A6DF2ECCBFDD6E915964893A4324.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/BFF9744E64C56E138AEC517D910F61D895CAD645CCF21CB7C16A278D5C2F944C/0/3138362e3138382e302e302f31372d3234203d3e203231383236.roa
Signing time:             Tue 05 Mar 2024 17:49:44 +0000
ROA not before:           Tue 05 Mar 2024 17:44:44 +0000
ROA not after:            Tue 04 Mar 2025 17:49:44 +0000
asID:                     21826
IP address blocks:        186.188.0.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/BFF9744E64C56E138AEC517D910F61D895CAD645CCF21CB7C16A278D5C2F944C/0/165E0F133EF8A6DF2ECCBFDD6E915964893A4324.crl
                          rsync://repository.lacnic.net/rpki/lacnic/BFF9744E64C56E138AEC517D910F61D895CAD645CCF21CB7C16A278D5C2F944C/0/165E0F133EF8A6DF2ECCBFDD6E915964893A4324.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/165E0F133EF8A6DF2ECCBFDD6E915964893A4324.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:59:7e:9d:9b:2f:c9:09:e1:5d:cb:4f:b5:56:1e:59:32:a5:fc:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=165E0F133EF8A6DF2ECCBFDD6E915964893A4324
        Validity
            Not Before: Mar  5 17:44:44 2024 GMT
            Not After : Mar  4 17:49:44 2025 GMT
        Subject: CN=4DD59C3C0D5878F6282EDBFBF9E12F430883FBDE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:bc:b9:0f:3c:e8:10:c6:b9:0d:d8:a8:fb:e4:
                    e8:b1:54:60:10:77:7a:8f:1c:e5:76:3b:23:9c:ac:
                    fc:8c:e5:72:84:66:13:e0:30:37:56:f7:e9:64:c0:
                    7a:36:de:13:79:64:b2:0b:a1:34:18:51:5e:60:f7:
                    a1:4c:29:f6:9e:12:54:07:49:95:ea:b7:00:c0:38:
                    34:c9:85:2a:d0:4a:d5:06:62:77:d0:d9:b8:3e:7d:
                    c2:ad:75:e5:ed:cd:7b:54:58:01:9a:36:9f:20:fa:
                    fc:14:9b:0f:e3:2c:f0:ec:18:df:34:ef:ad:78:24:
                    91:e3:02:7c:a3:41:a2:ca:9a:19:8b:a8:61:e4:9e:
                    41:fd:a8:f9:7c:70:85:b8:54:73:a8:3c:0f:2f:1e:
                    8e:bc:30:c8:d1:f8:02:e2:0d:bb:ba:b7:dd:34:76:
                    13:6e:e5:70:bc:8d:22:68:3d:66:90:27:6f:dd:14:
                    38:8a:33:08:b7:e2:a7:7a:11:c3:aa:6b:be:f5:6b:
                    e8:1f:88:a9:d6:fd:e2:d5:63:32:03:b8:a9:26:8f:
                    39:1b:71:3b:c5:f0:45:37:37:30:a1:c5:3b:03:c6:
                    21:e3:01:0d:cc:06:0b:d5:86:9c:36:8e:89:1d:89:
                    c4:05:7e:de:7b:65:31:5e:d4:37:51:1a:73:b2:a3:
                    96:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:D5:9C:3C:0D:58:78:F6:28:2E:DB:FB:F9:E1:2F:43:08:83:FB:DE
            X509v3 Authority Key Identifier:
                keyid:16:5E:0F:13:3E:F8:A6:DF:2E:CC:BF:DD:6E:91:59:64:89:3A:43:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/BFF9744E64C56E138AEC517D910F61D895CAD645CCF21CB7C16A278D5C2F944C/0/165E0F133EF8A6DF2ECCBFDD6E915964893A4324.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/165E0F133EF8A6DF2ECCBFDD6E915964893A4324.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/BFF9744E64C56E138AEC517D910F61D895CAD645CCF21CB7C16A278D5C2F944C/0/3138362e3138382e302e302f31372d3234203d3e203231383236.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.188.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         6b:07:42:dd:3a:52:38:9b:3c:fd:a5:c3:9f:18:fd:5a:7e:7f:
         41:10:6d:33:39:6f:41:a5:f2:a5:0a:63:dd:fc:7f:37:eb:55:
         56:f4:e2:37:49:e7:12:c6:1b:c3:38:14:1d:e4:33:7e:04:6f:
         7a:bb:9a:da:e4:b3:1f:68:52:02:d0:b8:3b:29:00:d1:dc:33:
         03:93:46:26:16:a2:d6:86:10:ab:7a:03:6f:b6:82:c3:53:07:
         3e:0b:1a:c1:94:b0:b8:f9:06:df:75:87:5a:e0:6c:ba:22:76:
         fd:b2:3b:3a:31:87:48:80:9d:36:09:11:7f:93:70:e3:3a:4e:
         c1:30:74:49:b7:41:d3:75:a1:df:0c:72:b5:4f:89:a7:fd:58:
         e1:50:56:98:40:da:2b:ae:30:74:6b:dd:bd:c5:be:1b:af:25:
         d6:9f:14:64:fc:e8:0e:c7:9d:a9:4f:ca:08:bc:a5:ec:b1:d1:
         6e:4d:1a:9a:ed:b1:cf:c9:1b:61:ac:3e:af:20:68:57:38:5b:
         22:e7:8c:5b:ef:b4:87:38:a6:2c:ca:f8:d5:91:ab:53:65:a7:
         cb:59:ab:dd:45:3f:3e:6e:69:92:3f:17:f0:51:85:59:f9:dd:
         d9:24:61:84:15:15:b9:23:5b:66:5b:b1:fb:4d:0f:28:95:a1:
         b2:ac:9a:1a
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUZVl+nZsvyQnhXctPtVYeWTKl/AEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTY1RTBGMTMzRUY4QTZERjJFQ0NCRkRENkU5MTU5NjQ4
OTNBNDMyNDAeFw0yNDAzMDUxNzQ0NDRaFw0yNTAzMDQxNzQ5NDRaMDMxMTAvBgNV
BAMTKDRERDU5QzNDMEQ1ODc4RjYyODJFREJGQkY5RTEyRjQzMDg4M0ZCREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfvLkPPOgQxrkN2Kj75OixVGAQ
d3qPHOV2OyOcrPyM5XKEZhPgMDdW9+lkwHo23hN5ZLILoTQYUV5g96FMKfaeElQH
SZXqtwDAODTJhSrQStUGYnfQ2bg+fcKtdeXtzXtUWAGaNp8g+vwUmw/jLPDsGN80
7614JJHjAnyjQaLKmhmLqGHknkH9qPl8cIW4VHOoPA8vHo68MMjR+ALiDbu6t900
dhNu5XC8jSJoPWaQJ2/dFDiKMwi34qd6EcOqa771a+gfiKnW/eLVYzIDuKkmjzkb
cTvF8EU3NzChxTsDxiHjAQ3MBgvVhpw2jokdicQFft57ZTFe1DdRGnOyo5ZfAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUTdWcPA1YePYoLtv7+eEvQwiD+94wHwYDVR0j
BBgwFoAUFl4PEz74pt8uzL/dbpFZZIk6QyQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CRkY5NzQ0RTY0QzU2RTEzOEFFQzUxN0Q5MTBGNjFEODk1
Q0FENjQ1Q0NGMjFDQjdDMTZBMjc4RDVDMkY5NDRDLzAvMTY1RTBGMTMzRUY4QTZE
RjJFQ0NCRkRENkU5MTU5NjQ4OTNBNDMyNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNjVFMEYxMzNFRjhBNkRGMkVD
Q0JGREQ2RTkxNTk2NDg5M0E0MzI0LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQkZGOTc0NEU2NEM1NkUxMzhBRUM1MTdEOTEwRjYxRDg5NUNBRDY0NUND
RjIxQ0I3QzE2QTI3OEQ1QzJGOTQ0Qy8wLzMxMzgzNjJlMzEzODM4MmUzMDJlMzAy
ZjMxMzcyZDMyMzQyMDNkM2UyMDMyMzEzODMyMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAe6vAAwDQYJ
KoZIhvcNAQELBQADggEBAGsHQt06UjibPP2lw58Y/Vp+f0EQbTM5b0Gl8qUKY938
fzfrVVb04jdJ5xLGG8M4FB3kM34Eb3q7mtrksx9oUgLQuDspANHcMwOTRiYWotaG
EKt6A2+2gsNTBz4LGsGUsLj5Bt91h1rgbLoidv2yOzoxh0iAnTYJEX+TcOM6TsEw
dEm3QdN1od8McrVPiaf9WOFQVphA2iuuMHRr3b3FvhuvJdafFGT86A7HnalPygi8
peyx0W5NGprtsc/JG2GsPq8gaFc4WyLnjFvvtIc4pizK+NWRq1Nlp8tZq91FPz5u
aZI/F/BRhVn53dkkYYQVFbkjW2ZbsftNDyiVobKsmho=
-----END CERTIFICATE-----
Generated at Wed Nov 20 14:21:31 2024 by rpki-client on console-fra.rpki-client.org