Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C38AF35C5E8EB73BE9024D79F51B5609D1F24098C8E322DA5382FE17B69155A1/0/3136302e32302e3136342e302f32322d3234203d3e20323634363638.roa
File:                     3136302e32302e3136342e302f32322d3234203d3e20323634363638.roa (raw, json)
Hash identifier:          YFw13zc4Zd7Po/kNOqkkPmS8v+lrNIziw5QUDwqAudU=
Subject key identifier:   4C:74:B0:80:1A:E1:48:02:EE:02:8E:59:EF:30:0D:30:01:A4:21:E0
Certificate issuer:       /CN=754E4BD73AEBBA082CF44FF7380173AEE9E5BF86
Certificate serial:       15342FA0F2E5BEB372300369A473861DC2ADFE6F
Authority key identifier: 75:4E:4B:D7:3A:EB:BA:08:2C:F4:4F:F7:38:01:73:AE:E9:E5:BF:86
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/754E4BD73AEBBA082CF44FF7380173AEE9E5BF86.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C38AF35C5E8EB73BE9024D79F51B5609D1F24098C8E322DA5382FE17B69155A1/0/3136302e32302e3136342e302f32322d3234203d3e20323634363638.roa
Signing time:             Tue 05 Mar 2024 18:20:41 +0000
ROA not before:           Tue 05 Mar 2024 18:15:41 +0000
ROA not after:            Tue 04 Mar 2025 18:20:41 +0000
asID:                     264668
IP address blocks:        160.20.164.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C38AF35C5E8EB73BE9024D79F51B5609D1F24098C8E322DA5382FE17B69155A1/0/754E4BD73AEBBA082CF44FF7380173AEE9E5BF86.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C38AF35C5E8EB73BE9024D79F51B5609D1F24098C8E322DA5382FE17B69155A1/0/754E4BD73AEBBA082CF44FF7380173AEE9E5BF86.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/754E4BD73AEBBA082CF44FF7380173AEE9E5BF86.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 20 Jun 2024 02:08:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:34:2f:a0:f2:e5:be:b3:72:30:03:69:a4:73:86:1d:c2:ad:fe:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=754E4BD73AEBBA082CF44FF7380173AEE9E5BF86
        Validity
            Not Before: Mar  5 18:15:41 2024 GMT
            Not After : Mar  4 18:20:41 2025 GMT
        Subject: CN=4C74B0801AE14802EE028E59EF300D3001A421E0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:9c:a3:16:7a:3d:03:bd:89:de:4e:6b:f1:54:
                    16:1d:ee:cd:d0:d8:75:1a:f4:75:3f:aa:03:88:19:
                    7f:b4:fb:10:d1:4b:79:b6:cb:f6:af:ae:c9:8b:dd:
                    66:09:d2:15:8d:dc:2b:3d:3e:37:ec:92:5e:39:97:
                    d9:28:c9:74:6b:61:14:dc:06:b5:57:19:56:67:cd:
                    b2:75:6b:dd:da:e3:8e:07:c0:4c:65:2a:df:57:63:
                    1c:55:9f:af:5f:3b:fa:2c:e5:67:5b:1c:17:7a:a9:
                    98:e6:75:b3:52:2e:d4:c3:ef:cb:6b:2b:d7:d0:01:
                    00:80:78:76:ee:1e:e5:92:df:a9:9f:ae:c3:d0:c4:
                    fc:72:f0:ea:a1:2f:6f:ec:64:05:f2:0d:1d:98:18:
                    87:ac:1f:e3:46:b4:cb:c6:69:93:48:1b:22:c5:eb:
                    d9:b5:a8:76:0b:6c:47:c7:d2:73:5d:d1:86:92:97:
                    3c:72:0d:ef:ff:bd:c9:ac:46:d7:2f:d7:a3:02:06:
                    20:7b:25:cf:00:df:bf:6d:ac:21:26:c4:b7:3b:cc:
                    49:93:d7:56:fd:49:5d:5d:9d:cc:7a:3a:74:c8:32:
                    4a:9a:be:39:84:57:ae:0d:cf:7d:44:3c:17:42:b8:
                    9d:b0:b7:b3:c7:6b:a4:f2:fd:fb:1d:a7:36:e9:95:
                    93:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:74:B0:80:1A:E1:48:02:EE:02:8E:59:EF:30:0D:30:01:A4:21:E0
            X509v3 Authority Key Identifier:
                keyid:75:4E:4B:D7:3A:EB:BA:08:2C:F4:4F:F7:38:01:73:AE:E9:E5:BF:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C38AF35C5E8EB73BE9024D79F51B5609D1F24098C8E322DA5382FE17B69155A1/0/754E4BD73AEBBA082CF44FF7380173AEE9E5BF86.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/754E4BD73AEBBA082CF44FF7380173AEE9E5BF86.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C38AF35C5E8EB73BE9024D79F51B5609D1F24098C8E322DA5382FE17B69155A1/0/3136302e32302e3136342e302f32322d3234203d3e20323634363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.20.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:4c:c1:57:53:f8:80:a1:a8:d9:05:1e:1f:86:98:70:8a:45:
         15:8c:0e:f4:a8:ad:fc:0e:79:9c:d8:0e:8e:05:7b:5e:36:c8:
         67:14:4c:82:1f:8c:79:9a:5f:2b:b0:27:2f:8d:bc:3b:9b:67:
         29:8a:44:e5:cd:f3:1e:42:25:44:d3:d8:e3:da:b8:91:e0:75:
         1c:c2:35:03:20:84:94:a3:ad:25:b7:e8:5a:3d:19:48:a2:0e:
         0c:59:8f:f3:ec:23:3e:f4:e5:c3:2f:f2:a1:e4:98:38:1a:90:
         72:cb:cb:ca:2e:77:19:42:29:aa:7d:e1:b8:74:0e:a2:1d:3d:
         85:14:68:83:1d:af:87:18:73:5a:9d:b8:56:09:58:55:f1:a4:
         e2:ca:b5:ed:d5:29:22:1d:14:7b:b2:eb:8b:71:73:83:92:ed:
         7b:bf:20:49:b9:80:d0:4e:f6:21:a1:78:99:40:80:ea:ee:a3:
         b3:ae:1d:15:0c:38:8c:41:15:29:52:29:f9:9d:a9:d6:fe:2f:
         ec:84:5d:1a:fc:2d:e8:99:89:53:ea:28:f1:b4:0b:82:87:02:
         98:2b:a1:cc:cd:e5:60:d5:44:47:9d:e2:43:fc:0e:1c:bd:a4:
         eb:e4:5f:ce:91:10:74:dd:8a:b4:dc:ab:6e:63:22:38:0c:dd:
         87:13:1f:11
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUFTQvoPLlvrNyMANppHOGHcKt/m8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzU0RTRCRDczQUVCQkEwODJDRjQ0RkY3MzgwMTczQUVF
OUU1QkY4NjAeFw0yNDAzMDUxODE1NDFaFw0yNTAzMDQxODIwNDFaMDMxMTAvBgNV
BAMTKDRDNzRCMDgwMUFFMTQ4MDJFRTAyOEU1OUVGMzAwRDMwMDFBNDIxRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+nKMWej0DvYneTmvxVBYd7s3Q
2HUa9HU/qgOIGX+0+xDRS3m2y/avrsmL3WYJ0hWN3Cs9Pjfskl45l9koyXRrYRTc
BrVXGVZnzbJ1a93a444HwExlKt9XYxxVn69fO/os5WdbHBd6qZjmdbNSLtTD78tr
K9fQAQCAeHbuHuWS36mfrsPQxPxy8OqhL2/sZAXyDR2YGIesH+NGtMvGaZNIGyLF
69m1qHYLbEfH0nNd0YaSlzxyDe//vcmsRtcv16MCBiB7Jc8A379trCEmxLc7zEmT
11b9SV1dncx6OnTIMkqavjmEV64Nz31EPBdCuJ2wt7PHa6Ty/fsdpzbplZNlAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUTHSwgBrhSALuAo5Z7zANMAGkIeAwHwYDVR0j
BBgwFoAUdU5L1zrruggs9E/3OAFzrunlv4YwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DMzhBRjM1QzVFOEVCNzNCRTkwMjRENzlGNTFCNTYwOUQx
RjI0MDk4QzhFMzIyREE1MzgyRkUxN0I2OTE1NUExLzAvNzU0RTRCRDczQUVCQkEw
ODJDRjQ0RkY3MzgwMTczQUVFOUU1QkY4Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83NTRFNEJENzNBRUJCQTA4MkNG
NDRGRjczODAxNzNBRUU5RTVCRjg2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzM4QUYzNUM1RThFQjczQkU5MDI0RDc5RjUxQjU2MDlEMUYyNDA5OEM4
RTMyMkRBNTM4MkZFMTdCNjkxNTVBMS8wLzMxMzYzMDJlMzIzMDJlMzEzNjM0MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM0MzYzNjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoBSk
MA0GCSqGSIb3DQEBCwUAA4IBAQBoTMFXU/iAoajZBR4fhphwikUVjA70qK38Dnmc
2A6OBXteNshnFEyCH4x5ml8rsCcvjbw7m2cpikTlzfMeQiVE09jj2riR4HUcwjUD
IISUo60lt+haPRlIog4MWY/z7CM+9OXDL/Kh5Jg4GpByy8vKLncZQimqfeG4dA6i
HT2FFGiDHa+HGHNanbhWCVhV8aTiyrXt1SkiHRR7suuLcXODku17vyBJuYDQTvYh
oXiZQIDq7qOzrh0VDDiMQRUpUin5nanW/i/shF0a/C3omYlT6ijxtAuChwKYK6HM
zeVg1URHneJD/A4cvaTr5F/OkRB03Yq03KtuYyI4DN2HEx8R
-----END CERTIFICATE-----
Generated at Sun Jun 16 20:28:14 2024 by rpki-client on console-ams.rpki-client.org