Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/CB47BEC5845FEF89B4F49F9AED43CA62E31AA56C53BA38AEC090599569E48945/0/3139302e3231312e3134352e302f32342d3234203d3e20323632323339.roa
File:                     3139302e3231312e3134352e302f32342d3234203d3e20323632323339.roa (raw, json)
Hash identifier:          AhlAIxR7yiPtFBsKnNzBJvREqTnqIl+Jo9lwuPKASR4=
Subject key identifier:   36:60:96:E7:D6:9C:93:69:F0:7D:14:3D:B3:3C:B6:BA:3B:DB:57:4D
Certificate issuer:       /CN=39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF
Certificate serial:       649C4576F10E0F33CDE0DC1F50556D30CFCED00E
Authority key identifier: 39:44:6F:5E:8A:4A:60:A5:A4:F4:26:FB:E7:E7:29:68:C1:6C:1E:FF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/CB47BEC5845FEF89B4F49F9AED43CA62E31AA56C53BA38AEC090599569E48945/0/3139302e3231312e3134352e302f32342d3234203d3e20323632323339.roa
Signing time:             Tue 04 Feb 2025 18:01:38 +0000
ROA not before:           Tue 04 Feb 2025 17:56:38 +0000
ROA not after:            Tue 03 Feb 2026 18:01:38 +0000
asID:                     262239
IP address blocks:        190.211.145.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/CB47BEC5845FEF89B4F49F9AED43CA62E31AA56C53BA38AEC090599569E48945/0/39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/CB47BEC5845FEF89B4F49F9AED43CA62E31AA56C53BA38AEC090599569E48945/0/39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 20 Feb 2025 16:28:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:9c:45:76:f1:0e:0f:33:cd:e0:dc:1f:50:55:6d:30:cf:ce:d0:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF
        Validity
            Not Before: Feb  4 17:56:38 2025 GMT
            Not After : Feb  3 18:01:38 2026 GMT
        Subject: CN=366096E7D69C9369F07D143DB33CB6BA3BDB574D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:32:d9:d3:ce:cc:cc:c4:d8:8c:84:be:e1:a3:
                    b8:05:e6:6e:55:a8:e6:91:46:cd:29:80:fc:a8:ca:
                    30:0c:cd:6c:ab:de:69:ba:5f:36:65:6f:bf:c5:fd:
                    54:15:b6:4f:21:18:7a:75:59:55:ce:7b:c0:22:08:
                    44:49:e7:f6:61:54:1a:a4:2e:29:97:bc:88:54:9b:
                    da:6e:84:76:c9:63:b8:4b:3d:15:c4:99:e8:4b:4e:
                    dc:4b:06:59:ff:5c:75:a3:0b:16:b5:df:e9:3a:59:
                    26:25:f1:f6:80:69:a3:76:34:e2:2d:3c:b1:96:28:
                    71:d8:2c:dc:1c:9c:55:0e:84:2f:20:d0:72:a9:02:
                    00:b0:9c:71:26:92:81:e8:f0:36:d1:fa:99:0e:e6:
                    15:0b:25:8a:46:29:07:d7:09:c6:c4:2e:04:c2:a5:
                    31:90:a8:ee:ce:8b:97:74:d2:2c:1d:d2:3c:9c:d4:
                    8a:77:16:dd:27:bd:e9:e1:fc:43:d7:c9:83:ed:1e:
                    99:d4:71:40:c5:b0:91:75:59:b3:36:27:a6:3c:c2:
                    bf:f4:0d:80:c7:e0:1e:dd:b1:e5:51:84:b2:73:4d:
                    e0:ba:34:f5:b8:ed:31:61:d5:8d:01:df:66:f2:da:
                    09:f3:fc:85:db:39:13:d7:66:8c:87:a2:e3:1e:de:
                    6e:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:60:96:E7:D6:9C:93:69:F0:7D:14:3D:B3:3C:B6:BA:3B:DB:57:4D
            X509v3 Authority Key Identifier:
                keyid:39:44:6F:5E:8A:4A:60:A5:A4:F4:26:FB:E7:E7:29:68:C1:6C:1E:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/CB47BEC5845FEF89B4F49F9AED43CA62E31AA56C53BA38AEC090599569E48945/0/39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/39446F5E8A4A60A5A4F426FBE7E72968C16C1EFF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/CB47BEC5845FEF89B4F49F9AED43CA62E31AA56C53BA38AEC090599569E48945/0/3139302e3231312e3134352e302f32342d3234203d3e20323632323339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.211.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:fb:4e:86:53:02:ba:82:bb:46:11:7e:15:5c:f8:be:12:9a:
         cd:96:38:ae:66:c7:c1:08:81:87:f2:d6:8b:86:0d:2d:90:85:
         4c:df:84:ec:38:a6:8c:52:d2:2b:df:d5:62:f4:0f:ac:f0:7f:
         86:6b:aa:72:04:83:80:dc:81:87:a8:fc:d9:b8:e0:ff:0b:8f:
         35:e5:13:36:4b:19:3e:2b:45:90:c6:e6:9a:55:0d:11:e0:e3:
         0f:8e:99:eb:74:f0:0d:cd:dd:a9:88:98:96:23:e1:bb:42:44:
         8e:6d:81:5f:78:2a:f2:76:98:c2:ff:e6:12:b3:f7:52:0f:ce:
         78:d2:6f:7e:e5:9d:0c:95:9c:ff:cf:9d:b3:3c:f1:89:25:dd:
         81:d8:ae:33:ee:d5:df:cb:11:f5:a8:ec:34:2b:66:fe:f1:64:
         dc:f5:be:76:cb:c3:f6:96:28:dd:16:98:9e:16:39:74:1a:9c:
         c7:bf:69:6d:3e:a9:a1:ad:cc:42:c5:68:c0:97:a9:79:ae:5b:
         d8:8f:a6:98:61:8b:6c:03:b7:f3:e7:60:b7:34:f0:f4:0d:b8:
         32:92:61:be:33:c6:74:d2:51:e7:33:a5:f6:a8:f9:86:5a:dc:
         f8:d0:d8:93:8a:41:73:f0:51:60:6b:0d:8c:03:a2:5f:a5:9f:
         d1:6c:02:20
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUZJxFdvEODzPN4NwfUFVtMM/O0A4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzk0NDZGNUU4QTRBNjBBNUE0RjQyNkZCRTdFNzI5NjhD
MTZDMUVGRjAeFw0yNTAyMDQxNzU2MzhaFw0yNjAyMDMxODAxMzhaMDMxMTAvBgNV
BAMTKDM2NjA5NkU3RDY5QzkzNjlGMDdEMTQzREIzM0NCNkJBM0JEQjU3NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3MtnTzszMxNiMhL7ho7gF5m5V
qOaRRs0pgPyoyjAMzWyr3mm6XzZlb7/F/VQVtk8hGHp1WVXOe8AiCERJ5/ZhVBqk
LimXvIhUm9puhHbJY7hLPRXEmehLTtxLBln/XHWjCxa13+k6WSYl8faAaaN2NOIt
PLGWKHHYLNwcnFUOhC8g0HKpAgCwnHEmkoHo8DbR+pkO5hULJYpGKQfXCcbELgTC
pTGQqO7Oi5d00iwd0jyc1Ip3Ft0nvenh/EPXyYPtHpnUcUDFsJF1WbM2J6Y8wr/0
DYDH4B7dseVRhLJzTeC6NPW47TFh1Y0B32by2gnz/IXbORPXZoyHouMe3m5vAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUNmCW59ack2nwfRQ9szy2ujvbV00wHwYDVR0j
BBgwFoAUOURvXopKYKWk9Cb75+cpaMFsHv8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DQjQ3QkVDNTg0NUZFRjg5QjRGNDlGOUFFRDQzQ0E2MkUz
MUFBNTZDNTNCQTM4QUVDMDkwNTk5NTY5RTQ4OTQ1LzAvMzk0NDZGNUU4QTRBNjBB
NUE0RjQyNkZCRTdFNzI5NjhDMTZDMUVGRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zOTQ0NkY1RThBNEE2MEE1QTRG
NDI2RkJFN0U3Mjk2OEMxNkMxRUZGLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQ0I0N0JFQzU4NDVGRUY4OUI0RjQ5RjlBRUQ0M0NBNjJFMzFBQTU2QzUz
QkEzOEFFQzA5MDU5OTU2OUU0ODk0NS8wLzMxMzkzMDJlMzIzMTMxMmUzMTM0MzUy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzIzMjMzMzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC+
05EwDQYJKoZIhvcNAQELBQADggEBAAX7ToZTArqCu0YRfhVc+L4Sms2WOK5mx8EI
gYfy1ouGDS2QhUzfhOw4poxS0ivf1WL0D6zwf4ZrqnIEg4DcgYeo/Nm44P8LjzXl
EzZLGT4rRZDG5ppVDRHg4w+Omet08A3N3amImJYj4btCRI5tgV94KvJ2mML/5hKz
91IPznjSb37lnQyVnP/PnbM88Ykl3YHYrjPu1d/LEfWo7DQrZv7xZNz1vnbLw/aW
KN0WmJ4WOXQanMe/aW0+qaGtzELFaMCXqXmuW9iPpphhi2wDt/PnYLc08PQNuDKS
Yb4zxnTSUeczpfao+YZa3PjQ2JOKQXPwUWBrDYwDol+ln9FsAiA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 00:17:36 2025 by rpki-client