Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C52E2D250F5BAABEF264E9E0A52FF71E8C9ACBDC87835A5BFBC5AFEE689C71EA/0/3133312e37322e3234302e302f32332d3234203d3e203532333237.roa
File:                     3133312e37322e3234302e302f32332d3234203d3e203532333237.roa (raw, json)
Hash identifier:          TdAYvMb9nErZjrLssGa549bKFXhJ0+VivWSkigO+tUc=
Subject key identifier:   7C:14:07:5C:71:76:52:00:96:CF:F7:66:6A:57:16:D9:9B:74:1D:38
Certificate issuer:       /CN=EC869BAFB5A3882FB7CB6D7F22FD36685961C5B7
Certificate serial:       40875858E3879AB7B7B7FC77FC91133B090497D4
Authority key identifier: EC:86:9B:AF:B5:A3:88:2F:B7:CB:6D:7F:22:FD:36:68:59:61:C5:B7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC869BAFB5A3882FB7CB6D7F22FD36685961C5B7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C52E2D250F5BAABEF264E9E0A52FF71E8C9ACBDC87835A5BFBC5AFEE689C71EA/0/3133312e37322e3234302e302f32332d3234203d3e203532333237.roa
Signing time:             Tue 05 Mar 2024 17:56:55 +0000
ROA not before:           Tue 05 Mar 2024 17:51:55 +0000
ROA not after:            Tue 04 Mar 2025 17:56:55 +0000
asID:                     52327
IP address blocks:        131.72.240.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C52E2D250F5BAABEF264E9E0A52FF71E8C9ACBDC87835A5BFBC5AFEE689C71EA/0/EC869BAFB5A3882FB7CB6D7F22FD36685961C5B7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C52E2D250F5BAABEF264E9E0A52FF71E8C9ACBDC87835A5BFBC5AFEE689C71EA/0/EC869BAFB5A3882FB7CB6D7F22FD36685961C5B7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC869BAFB5A3882FB7CB6D7F22FD36685961C5B7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 21 Jul 2024 04:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:87:58:58:e3:87:9a:b7:b7:b7:fc:77:fc:91:13:3b:09:04:97:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EC869BAFB5A3882FB7CB6D7F22FD36685961C5B7
        Validity
            Not Before: Mar  5 17:51:55 2024 GMT
            Not After : Mar  4 17:56:55 2025 GMT
        Subject: CN=7C14075C7176520096CFF7666A5716D99B741D38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:50:85:36:91:f6:2c:b0:b3:52:bf:40:28:a4:
                    72:7f:53:74:4f:e9:8e:c4:1d:98:d4:14:6d:5c:4f:
                    f1:99:fb:e4:41:7b:dd:cf:88:76:74:9c:f1:77:78:
                    5b:1d:30:8a:cf:65:9a:94:05:32:30:ba:ce:92:d9:
                    a1:3b:96:bc:62:19:45:9d:7f:90:a3:aa:a8:ff:eb:
                    08:e3:72:6f:f5:47:6f:34:d1:df:99:3c:92:e6:d2:
                    50:6b:da:dd:e9:78:37:7a:bb:a9:6e:bc:e4:65:e3:
                    4d:6f:dc:43:ef:0f:4d:c6:19:67:3f:de:0f:24:70:
                    5e:ae:bb:ed:62:d8:f4:3f:42:88:c7:96:23:8f:39:
                    62:02:21:1e:70:69:44:94:8f:2b:ce:5a:ad:eb:01:
                    98:03:43:fd:4e:f6:4a:cf:f5:94:f0:b2:82:5d:4b:
                    34:89:21:a9:74:b5:6e:de:4c:b3:06:82:eb:bd:20:
                    2e:e3:7d:84:ea:0d:42:50:eb:4e:5c:9d:d4:7e:0d:
                    6f:0a:14:81:8f:81:24:29:d7:a1:b2:01:f1:7d:24:
                    39:ea:d1:9a:fb:13:ba:07:a3:67:a4:6c:98:85:64:
                    fd:f2:31:90:53:f4:51:d8:bf:71:ff:b6:ee:49:ed:
                    8d:10:76:b6:09:b4:71:4e:c3:99:9c:e6:c5:25:e6:
                    16:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:14:07:5C:71:76:52:00:96:CF:F7:66:6A:57:16:D9:9B:74:1D:38
            X509v3 Authority Key Identifier:
                keyid:EC:86:9B:AF:B5:A3:88:2F:B7:CB:6D:7F:22:FD:36:68:59:61:C5:B7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C52E2D250F5BAABEF264E9E0A52FF71E8C9ACBDC87835A5BFBC5AFEE689C71EA/0/EC869BAFB5A3882FB7CB6D7F22FD36685961C5B7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC869BAFB5A3882FB7CB6D7F22FD36685961C5B7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C52E2D250F5BAABEF264E9E0A52FF71E8C9ACBDC87835A5BFBC5AFEE689C71EA/0/3133312e37322e3234302e302f32332d3234203d3e203532333237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.72.240.0/23

    Signature Algorithm: sha256WithRSAEncryption
         69:76:1a:61:97:eb:c6:82:ba:bb:dc:9a:2c:42:05:10:3f:04:
         c6:6f:9e:19:36:af:62:6d:53:3d:91:8a:32:7f:8c:ab:34:59:
         4c:c9:72:d7:aa:c4:8c:45:86:37:15:5c:78:4b:79:3d:58:7c:
         06:1c:83:4f:2a:3b:ba:ea:58:35:1c:c4:d4:6c:ec:0d:91:f7:
         41:da:f3:dd:6f:cf:a6:bb:35:53:a1:59:7f:86:2f:5c:07:c6:
         ce:67:54:0e:53:e5:3e:d1:1a:a1:9d:47:22:e2:d2:28:0d:f2:
         f7:de:42:b0:a0:3a:4c:87:21:08:90:bf:59:ce:95:27:dd:d7:
         e8:6b:d8:f6:a0:41:1e:78:96:eb:81:23:42:5a:08:5b:82:28:
         fe:ba:f2:5b:25:6e:1b:d0:ee:07:86:91:cf:57:11:78:30:6f:
         f8:12:fd:1d:7f:cb:a8:17:3b:03:fa:49:03:8c:a1:f7:91:da:
         47:eb:76:11:62:5a:a4:8b:bb:04:73:0d:d0:2f:fd:be:62:82:
         9f:4f:6a:98:34:9d:46:21:6c:40:74:e8:01:f9:e2:fb:1e:52:
         b0:b5:7b:e1:de:de:cb:35:6a:89:af:e4:54:0c:cf:82:51:77:
         60:e6:33:28:22:48:aa:2e:44:4d:7c:31:8d:98:26:32:38:16:
         2f:fc:60:a3
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUQIdYWOOHmre3t/x3/JETOwkEl9QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUM4NjlCQUZCNUEzODgyRkI3Q0I2RDdGMjJGRDM2Njg1
OTYxQzVCNzAeFw0yNDAzMDUxNzUxNTVaFw0yNTAzMDQxNzU2NTVaMDMxMTAvBgNV
BAMTKDdDMTQwNzVDNzE3NjUyMDA5NkNGRjc2NjZBNTcxNkQ5OUI3NDFEMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDUIU2kfYssLNSv0AopHJ/U3RP
6Y7EHZjUFG1cT/GZ++RBe93PiHZ0nPF3eFsdMIrPZZqUBTIwus6S2aE7lrxiGUWd
f5Cjqqj/6wjjcm/1R2800d+ZPJLm0lBr2t3peDd6u6luvORl401v3EPvD03GGWc/
3g8kcF6uu+1i2PQ/QojHliOPOWICIR5waUSUjyvOWq3rAZgDQ/1O9krP9ZTwsoJd
SzSJIal0tW7eTLMGguu9IC7jfYTqDUJQ605cndR+DW8KFIGPgSQp16GyAfF9JDnq
0Zr7E7oHo2ekbJiFZP3yMZBT9FHYv3H/tu5J7Y0QdrYJtHFOw5mc5sUl5hYlAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUfBQHXHF2UgCWz/dmalcW2Zt0HTgwHwYDVR0j
BBgwFoAU7Iabr7WjiC+3y21/Iv02aFlhxbcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DNTJFMkQyNTBGNUJBQUJFRjI2NEU5RTBBNTJGRjcxRThD
OUFDQkRDODc4MzVBNUJGQkM1QUZFRTY4OUM3MUVBLzAvRUM4NjlCQUZCNUEzODgy
RkI3Q0I2RDdGMjJGRDM2Njg1OTYxQzVCNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FQzg2OUJBRkI1QTM4ODJGQjdD
QjZEN0YyMkZEMzY2ODU5NjFDNUI3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzUyRTJEMjUwRjVCQUFCRUYyNjRFOUUwQTUyRkY3MUU4QzlBQ0JEQzg3
ODM1QTVCRkJDNUFGRUU2ODlDNzFFQS8wLzMxMzMzMTJlMzczMjJlMzIzNDMwMmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzUzMjMzMzIzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAYNI8DAN
BgkqhkiG9w0BAQsFAAOCAQEAaXYaYZfrxoK6u9yaLEIFED8Exm+eGTavYm1TPZGK
Mn+MqzRZTMly16rEjEWGNxVceEt5PVh8BhyDTyo7uupYNRzE1GzsDZH3Qdrz3W/P
prs1U6FZf4YvXAfGzmdUDlPlPtEaoZ1HIuLSKA3y995CsKA6TIchCJC/Wc6VJ93X
6GvY9qBBHniW64EjQloIW4Io/rryWyVuG9DuB4aRz1cReDBv+BL9HX/LqBc7A/pJ
A4yh95HaR+t2EWJapIu7BHMN0C/9vmKCn09qmDSdRiFsQHToAfni+x5SsLV74d7e
yzVqia/kVAzPglF3YOYzKCJIqi5ETXwxjZgmMjgWL/xgow==
-----END CERTIFICATE-----
Generated at Wed Jul 17 18:48:02 2024 by rpki-client on console-ams.rpki-client.org