Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C7B2A63D66F42CB6E50354A629BFB5A68A3FC6F96DC2A2043A751D3A9C9D4321/0/3139302e3132312e3136302e302f32302d3230203d3e203233323031.roa
File:                     3139302e3132312e3136302e302f32302d3230203d3e203233323031.roa (raw, json)
Hash identifier:          /fsLuEDsfWdp8sP7kRW7d9WqjdFhlFjH1eYV4s1pHmQ=
Subject key identifier:   71:29:50:58:BB:04:5D:AC:9C:7F:49:5A:E5:1B:EE:87:CF:52:D5:F9
Certificate issuer:       /CN=9857400AE42A0A22A3E618304A1502E0E0C01DCA
Certificate serial:       10251FC9C1F0169C36F5483E9F40C000D5166F8F
Authority key identifier: 98:57:40:0A:E4:2A:0A:22:A3:E6:18:30:4A:15:02:E0:E0:C0:1D:CA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9857400AE42A0A22A3E618304A1502E0E0C01DCA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C7B2A63D66F42CB6E50354A629BFB5A68A3FC6F96DC2A2043A751D3A9C9D4321/0/3139302e3132312e3136302e302f32302d3230203d3e203233323031.roa
Signing time:             Tue 05 Mar 2024 18:22:55 +0000
ROA not before:           Tue 05 Mar 2024 18:17:55 +0000
ROA not after:            Tue 04 Mar 2025 18:22:55 +0000
asID:                     23201
IP address blocks:        190.121.160.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C7B2A63D66F42CB6E50354A629BFB5A68A3FC6F96DC2A2043A751D3A9C9D4321/0/9857400AE42A0A22A3E618304A1502E0E0C01DCA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C7B2A63D66F42CB6E50354A629BFB5A68A3FC6F96DC2A2043A751D3A9C9D4321/0/9857400AE42A0A22A3E618304A1502E0E0C01DCA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9857400AE42A0A22A3E618304A1502E0E0C01DCA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:25:1f:c9:c1:f0:16:9c:36:f5:48:3e:9f:40:c0:00:d5:16:6f:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9857400AE42A0A22A3E618304A1502E0E0C01DCA
        Validity
            Not Before: Mar  5 18:17:55 2024 GMT
            Not After : Mar  4 18:22:55 2025 GMT
        Subject: CN=71295058BB045DAC9C7F495AE51BEE87CF52D5F9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:e5:e3:ae:0e:cf:37:ce:e3:43:a7:92:52:e0:
                    f1:c3:8f:f9:4f:17:4f:b9:55:61:d4:1b:34:a6:bc:
                    c4:27:05:c5:a9:07:5b:9a:43:88:34:e7:58:76:51:
                    4a:8d:4c:a9:c7:3b:22:8d:25:1c:b2:10:e3:c4:7b:
                    9e:1d:a9:9f:a7:05:81:2f:f1:1e:f3:1a:ce:19:09:
                    29:9e:e9:6e:2a:ad:46:ff:40:5b:f3:e1:8b:03:c9:
                    04:1c:02:db:b2:fa:ca:60:c5:fb:28:c1:d0:78:47:
                    af:e0:34:07:81:52:9d:04:82:8f:c3:71:83:a2:2e:
                    d1:d9:2e:87:9f:43:c0:0d:23:a4:96:48:28:41:34:
                    2e:d3:40:eb:84:81:8f:82:ee:c9:06:75:48:38:e1:
                    a7:bd:28:d9:b8:6a:e5:97:e6:91:bf:c3:dc:51:61:
                    ed:5b:c4:f0:59:2d:9d:52:7c:b5:0b:9c:aa:14:cc:
                    12:ca:ac:a6:13:46:f8:4f:a3:84:82:8c:f0:2a:c8:
                    32:af:b2:46:e1:29:ba:87:d1:00:7b:11:2c:a6:aa:
                    28:76:30:de:fa:78:c6:d1:45:08:84:03:b9:a5:6f:
                    bf:13:22:20:57:ba:a0:41:6f:5d:20:06:24:45:73:
                    98:7d:03:82:af:c3:9b:ec:3e:34:14:e1:e6:04:35:
                    79:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:29:50:58:BB:04:5D:AC:9C:7F:49:5A:E5:1B:EE:87:CF:52:D5:F9
            X509v3 Authority Key Identifier:
                keyid:98:57:40:0A:E4:2A:0A:22:A3:E6:18:30:4A:15:02:E0:E0:C0:1D:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C7B2A63D66F42CB6E50354A629BFB5A68A3FC6F96DC2A2043A751D3A9C9D4321/0/9857400AE42A0A22A3E618304A1502E0E0C01DCA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9857400AE42A0A22A3E618304A1502E0E0C01DCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C7B2A63D66F42CB6E50354A629BFB5A68A3FC6F96DC2A2043A751D3A9C9D4321/0/3139302e3132312e3136302e302f32302d3230203d3e203233323031.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.121.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         8a:82:f9:73:7a:5c:57:89:42:71:5f:f6:aa:1e:26:5f:26:a0:
         7e:46:b7:ac:16:f1:32:a3:6c:d5:cb:4f:5d:97:15:f6:b4:ca:
         18:5d:25:70:c1:2b:13:6d:e2:00:a2:fd:e1:cd:51:cc:8b:1b:
         7a:dd:bd:eb:be:36:0e:38:fb:8c:d6:f1:92:e9:59:ea:af:22:
         6f:55:3b:fa:de:82:d0:2d:31:11:17:a9:f2:53:a9:5a:1f:65:
         33:80:6a:c9:00:1f:58:f1:fa:eb:c9:9d:fd:7d:20:32:aa:2e:
         01:bd:88:79:9d:d6:4c:34:a9:f3:61:5c:ef:17:bb:bf:c4:6c:
         48:7d:2f:4d:16:dc:e9:4b:d5:35:c2:49:50:c9:3e:4d:e2:2e:
         25:a2:65:92:1d:9d:00:49:bc:85:b8:50:e9:6c:3f:3f:1e:d0:
         e5:4e:53:b8:a0:ab:21:7c:65:b3:9f:e9:61:21:8c:04:96:40:
         3b:f3:fb:d6:cb:86:61:38:0b:26:e1:7f:0b:cc:2f:62:48:2c:
         43:e4:f9:7a:e7:80:05:42:ec:28:b3:1e:37:06:68:38:7b:86:
         00:0e:03:d2:26:69:9d:59:bd:23:c2:f4:e8:03:d3:10:f1:ef:
         75:2b:2e:5a:f5:8c:bb:76:aa:e0:78:da:ee:af:a2:e1:b5:80:
         48:60:7f:a2
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUECUfycHwFpw29Ug+n0DAANUWb48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTg1NzQwMEFFNDJBMEEyMkEzRTYxODMwNEExNTAyRTBF
MEMwMURDQTAeFw0yNDAzMDUxODE3NTVaFw0yNTAzMDQxODIyNTVaMDMxMTAvBgNV
BAMTKDcxMjk1MDU4QkIwNDVEQUM5QzdGNDk1QUU1MUJFRTg3Q0Y1MkQ1RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ5eOuDs83zuNDp5JS4PHDj/lP
F0+5VWHUGzSmvMQnBcWpB1uaQ4g051h2UUqNTKnHOyKNJRyyEOPEe54dqZ+nBYEv
8R7zGs4ZCSme6W4qrUb/QFvz4YsDyQQcAtuy+spgxfsowdB4R6/gNAeBUp0Ego/D
cYOiLtHZLoefQ8ANI6SWSChBNC7TQOuEgY+C7skGdUg44ae9KNm4auWX5pG/w9xR
Ye1bxPBZLZ1SfLULnKoUzBLKrKYTRvhPo4SCjPAqyDKvskbhKbqH0QB7ESymqih2
MN76eMbRRQiEA7mlb78TIiBXuqBBb10gBiRFc5h9A4Kvw5vsPjQU4eYENXnfAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUcSlQWLsEXaycf0la5Rvuh89S1fkwHwYDVR0j
BBgwFoAUmFdACuQqCiKj5hgwShUC4ODAHcowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DN0IyQTYzRDY2RjQyQ0I2RTUwMzU0QTYyOUJGQjVBNjhB
M0ZDNkY5NkRDMkEyMDQzQTc1MUQzQTlDOUQ0MzIxLzAvOTg1NzQwMEFFNDJBMEEy
MkEzRTYxODMwNEExNTAyRTBFMEMwMURDQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85ODU3NDAwQUU0MkEwQTIyQTNF
NjE4MzA0QTE1MDJFMEUwQzAxRENBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzdCMkE2M0Q2NkY0MkNCNkU1MDM1NEE2MjlCRkI1QTY4QTNGQzZGOTZE
QzJBMjA0M0E3NTFEM0E5QzlENDMyMS8wLzMxMzkzMDJlMzEzMjMxMmUzMTM2MzAy
ZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzMjMzMzIzMDMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEvnmg
MA0GCSqGSIb3DQEBCwUAA4IBAQCKgvlzelxXiUJxX/aqHiZfJqB+RresFvEyo2zV
y09dlxX2tMoYXSVwwSsTbeIAov3hzVHMixt63b3rvjYOOPuM1vGS6VnqryJvVTv6
3oLQLTERF6nyU6laH2UzgGrJAB9Y8frryZ39fSAyqi4BvYh5ndZMNKnzYVzvF7u/
xGxIfS9NFtzpS9U1wklQyT5N4i4lomWSHZ0ASbyFuFDpbD8/HtDlTlO4oKshfGWz
n+lhIYwElkA78/vWy4ZhOAsm4X8LzC9iSCxD5Pl654AFQuwosx43Bmg4e4YADgPS
JmmdWb0jwvToA9MQ8e91Ky5a9Yy7dqrgeNrur6LhtYBIYH+i
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:07:55 2024 by rpki-client on console-ams.rpki-client.org