Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C7C0CEFC626A9497234DD7A29F57CA3F8FBAB5C6E605A40ADAB1E09A0393DA16/0/3135322e3137322e302e302f31362d3234203d3e2037343138.roa
File:                     3135322e3137322e302e302f31362d3234203d3e2037343138.roa (raw, json)
Hash identifier:          BN89CybBuVyGUn7hd+UnJUnWqToEHxqHClrx8YgUBtk=
Subject key identifier:   CB:9D:DB:E5:1D:1B:17:5E:09:E2:3B:E2:04:B6:5A:A1:B6:FD:AE:7E
Certificate issuer:       /CN=29B391F5577514E30F64EDF6E361905CA08CF572
Certificate serial:       4336B977C8232A5023CF5AC806A0B11FBF88ED11
Authority key identifier: 29:B3:91:F5:57:75:14:E3:0F:64:ED:F6:E3:61:90:5C:A0:8C:F5:72
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/29B391F5577514E30F64EDF6E361905CA08CF572.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C7C0CEFC626A9497234DD7A29F57CA3F8FBAB5C6E605A40ADAB1E09A0393DA16/0/3135322e3137322e302e302f31362d3234203d3e2037343138.roa
Signing time:             Tue 05 Mar 2024 17:44:50 +0000
ROA not before:           Tue 05 Mar 2024 17:39:50 +0000
ROA not after:            Tue 04 Mar 2025 17:44:50 +0000
asID:                     7418
IP address blocks:        152.172.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C7C0CEFC626A9497234DD7A29F57CA3F8FBAB5C6E605A40ADAB1E09A0393DA16/0/29B391F5577514E30F64EDF6E361905CA08CF572.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C7C0CEFC626A9497234DD7A29F57CA3F8FBAB5C6E605A40ADAB1E09A0393DA16/0/29B391F5577514E30F64EDF6E361905CA08CF572.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/29B391F5577514E30F64EDF6E361905CA08CF572.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:36:b9:77:c8:23:2a:50:23:cf:5a:c8:06:a0:b1:1f:bf:88:ed:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29B391F5577514E30F64EDF6E361905CA08CF572
        Validity
            Not Before: Mar  5 17:39:50 2024 GMT
            Not After : Mar  4 17:44:50 2025 GMT
        Subject: CN=CB9DDBE51D1B175E09E23BE204B65AA1B6FDAE7E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:d1:29:d2:3b:ec:c4:b5:62:8c:01:3e:e4:76:
                    93:23:44:96:fd:f8:8a:83:bc:a5:63:f1:7e:ff:fd:
                    49:54:e5:65:4b:2d:66:3b:12:69:db:b3:da:ff:62:
                    ff:2b:a9:5a:42:b4:fb:0d:f9:28:14:9b:e4:3d:9a:
                    dd:d0:b5:f3:22:d1:59:48:dc:64:c1:8f:45:60:68:
                    23:ba:46:00:26:df:69:ca:fb:74:d2:e2:73:dd:3a:
                    b1:79:f9:c9:89:5c:d7:20:c5:62:9c:cb:d6:ee:3c:
                    7a:a5:7d:eb:09:15:8c:29:e5:a8:d9:e7:d9:f6:6f:
                    91:f5:bc:63:e0:1a:d4:f1:dd:30:4c:45:fa:00:9a:
                    2a:b9:b2:68:f8:5c:d7:11:a8:8d:71:8d:aa:03:76:
                    de:a3:d3:5e:4b:d3:0c:d5:52:b0:07:e2:4c:83:a2:
                    f3:b0:8d:1c:dc:ee:0c:ff:66:95:46:cb:94:5c:2d:
                    fe:e6:61:1f:ef:ad:37:27:92:17:c6:cb:3e:d0:41:
                    1f:09:4c:20:5f:8e:4c:ff:c3:4f:c8:b5:68:7d:42:
                    e7:09:27:d2:84:8e:8d:fa:4d:1c:f0:00:74:f8:4a:
                    35:96:ad:25:f2:7a:82:6f:6a:70:04:bd:83:c4:c4:
                    4b:51:84:1e:e8:5d:f7:f3:04:d2:ff:2a:b8:33:e0:
                    d4:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:9D:DB:E5:1D:1B:17:5E:09:E2:3B:E2:04:B6:5A:A1:B6:FD:AE:7E
            X509v3 Authority Key Identifier:
                keyid:29:B3:91:F5:57:75:14:E3:0F:64:ED:F6:E3:61:90:5C:A0:8C:F5:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C7C0CEFC626A9497234DD7A29F57CA3F8FBAB5C6E605A40ADAB1E09A0393DA16/0/29B391F5577514E30F64EDF6E361905CA08CF572.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/29B391F5577514E30F64EDF6E361905CA08CF572.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C7C0CEFC626A9497234DD7A29F57CA3F8FBAB5C6E605A40ADAB1E09A0393DA16/0/3135322e3137322e302e302f31362d3234203d3e2037343138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.172.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8a:4d:86:e4:a4:b2:4e:5e:96:f1:a3:79:cc:f5:c3:49:cf:75:
         ee:38:68:4e:e4:fe:43:06:9d:2e:25:df:5e:ec:d7:2a:46:77:
         53:6e:a5:8e:74:9b:5d:16:5a:bd:90:dd:2b:17:24:96:cf:c1:
         ff:43:90:3e:32:9b:2e:3f:c6:98:8c:c0:a8:f1:45:4f:34:1a:
         8c:dd:da:d0:cc:f8:97:9e:21:1c:0f:2a:84:cf:e1:79:c3:9f:
         33:32:23:22:aa:d3:7e:89:18:3a:f7:cb:2f:c3:28:5e:ac:8c:
         2d:45:a3:da:1e:ab:9e:fc:4b:70:3e:1b:8e:76:ce:13:26:30:
         35:f8:01:95:f3:dc:1b:2b:68:a2:a1:22:fd:27:fc:bf:65:f7:
         2c:43:7d:df:35:5b:9b:80:ea:b0:f1:47:90:44:47:74:0a:94:
         48:fe:a0:20:20:bb:61:f1:a3:50:2d:7c:f2:c4:84:59:3a:81:
         b8:21:19:0b:66:23:27:c6:d8:4b:60:9b:c8:e5:b4:b2:09:f9:
         bf:02:17:da:0f:91:16:8c:31:9a:6c:82:89:26:01:b8:e9:fc:
         6f:77:84:26:c4:18:ee:37:7c:e9:f3:ec:68:03:cc:e0:c8:55:
         1e:04:18:41:53:68:08:82:31:a6:8e:ca:1a:e2:cf:e9:9a:52:
         2b:bb:2f:9f
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIUQza5d8gjKlAjz1rIBqCxH7+I7REwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjlCMzkxRjU1Nzc1MTRFMzBGNjRFREY2RTM2MTkwNUNB
MDhDRjU3MjAeFw0yNDAzMDUxNzM5NTBaFw0yNTAzMDQxNzQ0NTBaMDMxMTAvBgNV
BAMTKENCOUREQkU1MUQxQjE3NUUwOUUyM0JFMjA0QjY1QUExQjZGREFFN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC00SnSO+zEtWKMAT7kdpMjRJb9
+IqDvKVj8X7//UlU5WVLLWY7Emnbs9r/Yv8rqVpCtPsN+SgUm+Q9mt3QtfMi0VlI
3GTBj0VgaCO6RgAm32nK+3TS4nPdOrF5+cmJXNcgxWKcy9buPHqlfesJFYwp5ajZ
59n2b5H1vGPgGtTx3TBMRfoAmiq5smj4XNcRqI1xjaoDdt6j015L0wzVUrAH4kyD
ovOwjRzc7gz/ZpVGy5RcLf7mYR/vrTcnkhfGyz7QQR8JTCBfjkz/w0/ItWh9QucJ
J9KEjo36TRzwAHT4SjWWrSXyeoJvanAEvYPExEtRhB7oXffzBNL/Krgz4NRJAgMB
AAGjggLDMIICvzAdBgNVHQ4EFgQUy53b5R0bF14J4jviBLZaobb9rn4wHwYDVR0j
BBgwFoAUKbOR9Vd1FOMPZO3242GQXKCM9XIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DN0MwQ0VGQzYyNkE5NDk3MjM0REQ3QTI5RjU3Q0EzRjhG
QkFCNUM2RTYwNUE0MEFEQUIxRTA5QTAzOTNEQTE2LzAvMjlCMzkxRjU1Nzc1MTRF
MzBGNjRFREY2RTM2MTkwNUNBMDhDRjU3Mi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yOUIzOTFGNTU3NzUxNEUzMEY2
NEVERjZFMzYxOTA1Q0EwOENGNTcyLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzdDMENFRkM2MjZBOTQ5NzIzNEREN0EyOUY1N0NBM0Y4RkJBQjVDNkU2
MDVBNDBBREFCMUUwOUEwMzkzREExNi8wLzMxMzUzMjJlMzEzNzMyMmUzMDJlMzAy
ZjMxMzYyZDMyMzQyMDNkM2UyMDM3MzQzMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmKwwDQYJKoZI
hvcNAQELBQADggEBAIpNhuSksk5elvGjecz1w0nPde44aE7k/kMGnS4l317s1ypG
d1NupY50m10WWr2Q3SsXJJbPwf9DkD4ymy4/xpiMwKjxRU80Gozd2tDM+JeeIRwP
KoTP4XnDnzMyIyKq036JGDr3yy/DKF6sjC1Fo9oeq578S3A+G452zhMmMDX4AZXz
3BsraKKhIv0n/L9l9yxDfd81W5uA6rDxR5BER3QKlEj+oCAgu2Hxo1AtfPLEhFk6
gbghGQtmIyfG2Etgm8jltLIJ+b8CF9oPkRaMMZpsgokmAbjp/G93hCbEGO43fOnz
7GgDzODIVR4EGEFTaAiCMaaOyhriz+maUiu7L58=
-----END CERTIFICATE-----
Generated at Tue Nov 19 20:20:38 2024 by rpki-client on console-ams.rpki-client.org