Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C731D1608DF84461D8D6892BF824F47311CDD3BD0C8BD89A4DFE8D66B9C1F8A4/0/3137392e302e3139362e302f32322d3234203d3e20323635353234.roa
File:                     3137392e302e3139362e302f32322d3234203d3e20323635353234.roa (raw, json)
Hash identifier:          61JNQZte4QGv6xAq6GAuOqm7g3wy4z+BVmhnvRuJDu8=
Subject key identifier:   E6:CE:BA:72:44:85:B4:60:8C:43:C2:6F:34:5B:B1:C8:EC:76:05:60
Certificate issuer:       /CN=2901A096C59DC3A27E514C8163A5215B8F72629A
Certificate serial:       360DE295C1E1205C8BFB9A3B8506D8FA5006C4B4
Authority key identifier: 29:01:A0:96:C5:9D:C3:A2:7E:51:4C:81:63:A5:21:5B:8F:72:62:9A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2901A096C59DC3A27E514C8163A5215B8F72629A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C731D1608DF84461D8D6892BF824F47311CDD3BD0C8BD89A4DFE8D66B9C1F8A4/0/3137392e302e3139362e302f32322d3234203d3e20323635353234.roa
Signing time:             Wed 06 Mar 2024 06:55:03 +0000
ROA not before:           Wed 06 Mar 2024 06:50:03 +0000
ROA not after:            Wed 05 Mar 2025 06:55:03 +0000
asID:                     265524
IP address blocks:        179.0.196.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C731D1608DF84461D8D6892BF824F47311CDD3BD0C8BD89A4DFE8D66B9C1F8A4/0/2901A096C59DC3A27E514C8163A5215B8F72629A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C731D1608DF84461D8D6892BF824F47311CDD3BD0C8BD89A4DFE8D66B9C1F8A4/0/2901A096C59DC3A27E514C8163A5215B8F72629A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2901A096C59DC3A27E514C8163A5215B8F72629A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:0d:e2:95:c1:e1:20:5c:8b:fb:9a:3b:85:06:d8:fa:50:06:c4:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2901A096C59DC3A27E514C8163A5215B8F72629A
        Validity
            Not Before: Mar  6 06:50:03 2024 GMT
            Not After : Mar  5 06:55:03 2025 GMT
        Subject: CN=E6CEBA724485B4608C43C26F345BB1C8EC760560
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ee:8e:51:7a:9f:e8:1c:f1:ba:d9:b7:ba:05:
                    1a:28:75:40:15:18:0e:92:30:d8:27:88:00:ca:b2:
                    78:c0:4d:41:4e:22:c7:4c:38:ea:db:75:b5:c2:45:
                    2c:a5:ff:26:fd:1a:45:1a:4f:43:fb:38:a5:35:6e:
                    d8:28:b1:b6:20:89:ca:4e:39:3e:39:9c:4d:df:2d:
                    2b:7d:a1:23:db:74:18:d0:b7:9b:84:a4:9d:2b:e2:
                    f0:e6:06:f6:66:e0:62:71:8d:7e:a9:e4:a3:d8:04:
                    f1:b0:f6:d4:25:78:d7:ef:60:ae:5e:60:f4:b0:59:
                    df:7f:a2:cd:6b:6c:60:88:84:2d:8c:58:1a:a6:30:
                    3d:f3:6a:99:30:f9:2d:7c:ca:51:d8:2e:45:76:6d:
                    f1:a3:e1:a9:27:51:37:e8:f2:4d:ee:ea:ae:5f:27:
                    73:c4:fc:64:d7:42:45:04:89:f5:35:31:e6:68:d2:
                    36:d3:d5:9d:72:3c:6f:d9:78:22:d3:94:83:25:d9:
                    ef:8a:41:7b:24:ef:0c:a0:f7:4d:a9:e6:63:4c:c0:
                    26:bd:20:34:21:04:7e:52:38:0e:40:17:03:98:d5:
                    11:72:ee:c6:a0:da:c2:7c:27:28:db:6a:cd:5f:e0:
                    fd:a2:97:14:f1:08:34:07:ad:fc:c3:a7:63:38:75:
                    19:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:CE:BA:72:44:85:B4:60:8C:43:C2:6F:34:5B:B1:C8:EC:76:05:60
            X509v3 Authority Key Identifier:
                keyid:29:01:A0:96:C5:9D:C3:A2:7E:51:4C:81:63:A5:21:5B:8F:72:62:9A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C731D1608DF84461D8D6892BF824F47311CDD3BD0C8BD89A4DFE8D66B9C1F8A4/0/2901A096C59DC3A27E514C8163A5215B8F72629A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2901A096C59DC3A27E514C8163A5215B8F72629A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C731D1608DF84461D8D6892BF824F47311CDD3BD0C8BD89A4DFE8D66B9C1F8A4/0/3137392e302e3139362e302f32322d3234203d3e20323635353234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.0.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:55:73:16:f5:a2:14:fe:54:6a:2a:5f:3e:78:f8:5e:42:1c:
         2d:94:e6:b6:9e:45:f4:6e:47:2a:e4:06:19:ff:95:64:ec:be:
         b9:7e:04:12:3b:fa:e1:03:05:04:84:ad:7b:60:25:fe:1d:57:
         31:36:44:7b:7f:1e:24:66:20:e4:17:59:64:4e:b4:eb:2d:d8:
         36:5c:a8:b9:72:7c:21:98:04:54:1f:fc:38:73:03:e5:98:74:
         01:4c:8d:e9:c9:96:f9:29:49:15:ee:6d:03:39:97:a0:e6:e1:
         6c:08:f4:9b:0f:5b:31:e8:9b:8f:03:bd:8b:b7:51:ac:fc:77:
         a1:c9:8d:9c:3a:72:9a:b8:e9:29:24:1a:90:36:51:1c:08:69:
         26:ee:b5:15:ee:00:42:a5:88:0e:35:71:3d:e8:96:c1:9d:f6:
         ca:5a:f6:23:9b:93:86:c3:0c:33:6a:a3:50:55:2f:70:2c:24:
         bf:8e:db:c8:ba:96:15:d1:22:21:0d:f5:06:b0:e5:a8:90:26:
         9d:4a:ab:94:f7:6f:4b:1e:31:2e:62:ad:e9:64:bd:d5:f7:cf:
         f3:60:1a:78:d3:3f:ed:b9:a8:bd:58:92:7b:81:09:49:f3:41:
         ed:be:dd:e9:be:6e:12:7e:cf:f0:48:a6:cd:4e:b8:f0:22:87:
         ca:11:1e:21
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUNg3ilcHhIFyL+5o7hQbY+lAGxLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjkwMUEwOTZDNTlEQzNBMjdFNTE0QzgxNjNBNTIxNUI4
RjcyNjI5QTAeFw0yNDAzMDYwNjUwMDNaFw0yNTAzMDUwNjU1MDNaMDMxMTAvBgNV
BAMTKEU2Q0VCQTcyNDQ4NUI0NjA4QzQzQzI2RjM0NUJCMUM4RUM3NjA1NjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL7o5Rep/oHPG62be6BRoodUAV
GA6SMNgniADKsnjATUFOIsdMOOrbdbXCRSyl/yb9GkUaT0P7OKU1btgosbYgicpO
OT45nE3fLSt9oSPbdBjQt5uEpJ0r4vDmBvZm4GJxjX6p5KPYBPGw9tQleNfvYK5e
YPSwWd9/os1rbGCIhC2MWBqmMD3zapkw+S18ylHYLkV2bfGj4aknUTfo8k3u6q5f
J3PE/GTXQkUEifU1MeZo0jbT1Z1yPG/ZeCLTlIMl2e+KQXsk7wyg902p5mNMwCa9
IDQhBH5SOA5AFwOY1RFy7sag2sJ8Jyjbas1f4P2ilxTxCDQHrfzDp2M4dRlxAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU5s66ckSFtGCMQ8JvNFuxyOx2BWAwHwYDVR0j
BBgwFoAUKQGglsWdw6J+UUyBY6UhW49yYpowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DNzMxRDE2MDhERjg0NDYxRDhENjg5MkJGODI0RjQ3MzEx
Q0REM0JEMEM4QkQ4OUE0REZFOEQ2NkI5QzFGOEE0LzAvMjkwMUEwOTZDNTlEQzNB
MjdFNTE0QzgxNjNBNTIxNUI4RjcyNjI5QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yOTAxQTA5NkM1OURDM0EyN0U1
MTRDODE2M0E1MjE1QjhGNzI2MjlBLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzczMUQxNjA4REY4NDQ2MUQ4RDY4OTJCRjgyNEY0NzMxMUNERDNCRDBD
OEJEODlBNERGRThENjZCOUMxRjhBNC8wLzMxMzczOTJlMzAyZTMxMzkzNjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNTM1MzIzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArMAxDAN
BgkqhkiG9w0BAQsFAAOCAQEAsFVzFvWiFP5UaipfPnj4XkIcLZTmtp5F9G5HKuQG
Gf+VZOy+uX4EEjv64QMFBISte2Al/h1XMTZEe38eJGYg5BdZZE606y3YNlyouXJ8
IZgEVB/8OHMD5Zh0AUyN6cmW+SlJFe5tAzmXoObhbAj0mw9bMeibjwO9i7dRrPx3
ocmNnDpymrjpKSQakDZRHAhpJu61Fe4AQqWIDjVxPeiWwZ32ylr2I5uThsMMM2qj
UFUvcCwkv47byLqWFdEiIQ31BrDlqJAmnUqrlPdvSx4xLmKt6WS91ffP82AaeNM/
7bmovViSe4EJSfNB7b7d6b5uEn7P8EimzU648CKHyhEeIQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:02:29 2024 by rpki-client on console-fra.rpki-client.org