Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/CD0E054623AC9043C0E299C2C90B143803BD89125B0E863855C49C3B73F7BAA1/0/3139302e3132342e32342e302f32332d3234203d3e203237363738.roa
File:                     3139302e3132342e32342e302f32332d3234203d3e203237363738.roa (raw, json)
Hash identifier:          ZxD0cQU5aMFiCiThAf5BRcgVIqAhntW0dD8vePjMGK0=
Subject key identifier:   82:B1:5C:65:D8:DB:A9:D4:6A:7A:62:67:2C:10:62:52:14:F0:B6:7C
Certificate issuer:       /CN=E35FC2646A9FC8929B694AAAE04D52023AA4680C
Certificate serial:       53BE7535322EBA9C92371FBDC895CF2D226A85DD
Authority key identifier: E3:5F:C2:64:6A:9F:C8:92:9B:69:4A:AA:E0:4D:52:02:3A:A4:68:0C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E35FC2646A9FC8929B694AAAE04D52023AA4680C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/CD0E054623AC9043C0E299C2C90B143803BD89125B0E863855C49C3B73F7BAA1/0/3139302e3132342e32342e302f32332d3234203d3e203237363738.roa
Signing time:             Tue 05 Mar 2024 18:13:06 +0000
ROA not before:           Tue 05 Mar 2024 18:08:06 +0000
ROA not after:            Tue 04 Mar 2025 18:13:06 +0000
asID:                     27678
IP address blocks:        190.124.24.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/CD0E054623AC9043C0E299C2C90B143803BD89125B0E863855C49C3B73F7BAA1/0/E35FC2646A9FC8929B694AAAE04D52023AA4680C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/CD0E054623AC9043C0E299C2C90B143803BD89125B0E863855C49C3B73F7BAA1/0/E35FC2646A9FC8929B694AAAE04D52023AA4680C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E35FC2646A9FC8929B694AAAE04D52023AA4680C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 13 Oct 2024 15:25:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:be:75:35:32:2e:ba:9c:92:37:1f:bd:c8:95:cf:2d:22:6a:85:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E35FC2646A9FC8929B694AAAE04D52023AA4680C
        Validity
            Not Before: Mar  5 18:08:06 2024 GMT
            Not After : Mar  4 18:13:06 2025 GMT
        Subject: CN=82B15C65D8DBA9D46A7A62672C10625214F0B67C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a6:25:ac:c8:df:29:fb:93:b7:72:b0:a6:3f:
                    cb:76:54:6c:8d:a2:fb:00:0a:41:18:b3:95:31:2b:
                    ac:8b:42:ec:8c:56:0e:2f:a8:0f:4d:7b:8c:3c:42:
                    58:a9:7f:5a:17:77:9c:3b:a3:4c:2b:24:1c:ae:0a:
                    a1:82:6f:ed:57:15:db:a6:ae:a7:87:23:1f:a6:0b:
                    f3:f9:4b:1f:f2:fe:9e:b1:43:92:5d:ce:32:0e:a8:
                    9b:16:d7:5d:09:19:2d:ca:f9:76:8f:27:51:75:52:
                    00:b5:c0:07:d6:b8:95:26:ae:e9:b7:14:99:97:e8:
                    e6:e1:e6:27:7c:a1:69:6e:53:51:cc:83:30:68:a1:
                    db:fc:44:d4:94:27:2d:f0:e6:ec:00:4b:88:39:71:
                    8e:1e:0e:97:31:d2:92:90:83:e3:d2:1d:dc:f4:2e:
                    ec:2f:b4:13:57:e8:b6:5e:bc:8c:1a:34:8c:30:b6:
                    4c:11:d5:58:6b:07:c4:5b:bb:41:a3:3d:3b:1a:5a:
                    7c:6f:8c:c9:cb:4e:b0:f3:5b:b7:0e:16:88:c0:5e:
                    08:81:72:a8:22:d7:7a:16:cd:fc:7b:19:64:03:f8:
                    9d:ee:4f:7a:59:73:98:2d:28:3a:83:8d:13:ac:82:
                    99:f8:24:a0:c7:64:51:0b:e6:45:5e:ea:e0:c1:51:
                    d3:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:B1:5C:65:D8:DB:A9:D4:6A:7A:62:67:2C:10:62:52:14:F0:B6:7C
            X509v3 Authority Key Identifier:
                keyid:E3:5F:C2:64:6A:9F:C8:92:9B:69:4A:AA:E0:4D:52:02:3A:A4:68:0C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/CD0E054623AC9043C0E299C2C90B143803BD89125B0E863855C49C3B73F7BAA1/0/E35FC2646A9FC8929B694AAAE04D52023AA4680C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E35FC2646A9FC8929B694AAAE04D52023AA4680C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/CD0E054623AC9043C0E299C2C90B143803BD89125B0E863855C49C3B73F7BAA1/0/3139302e3132342e32342e302f32332d3234203d3e203237363738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.124.24.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c3:03:ad:d0:ea:3e:ca:af:b8:cf:24:7b:6e:24:ab:f2:bf:c6:
         da:02:8a:76:2c:d6:19:9d:aa:37:97:5a:bb:ee:c2:da:95:b0:
         e5:ff:92:e6:8d:6b:82:6d:53:9f:90:68:63:b3:cb:9b:b0:1f:
         c0:8b:cb:5c:2c:f4:8c:92:de:2e:b0:b2:6d:28:40:b6:4f:a5:
         dd:40:93:15:f4:f3:85:54:f4:cc:2c:66:4e:17:34:5e:e4:b6:
         0d:c7:5d:f6:06:3b:20:d6:83:04:ad:65:9a:f0:06:c0:47:af:
         6a:5a:b6:de:8d:f5:71:14:dd:2c:95:e0:c0:50:01:9c:21:a5:
         d4:61:65:99:da:02:33:f2:60:86:66:fd:7c:f1:93:69:1a:36:
         c7:95:26:7f:42:5c:0d:88:92:bb:43:fb:5f:38:e2:33:73:dd:
         cc:ed:90:6d:db:82:07:cf:68:f9:b9:27:8a:64:4c:29:17:2f:
         b5:bd:15:5d:9d:d2:b3:6f:b2:41:fe:58:ba:0c:86:e3:67:f5:
         f1:2f:31:45:69:36:02:77:51:e5:16:3f:04:7e:6e:f7:69:57:
         73:48:79:ea:c6:3d:9c:4f:29:82:5e:ae:ec:04:7b:de:ce:27:
         97:df:90:e4:92:30:07:7d:e6:1b:fe:08:de:f1:15:d3:34:8c:
         ae:8d:34:95
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUU751NTIuupySNx+9yJXPLSJqhd0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTM1RkMyNjQ2QTlGQzg5MjlCNjk0QUFBRTA0RDUyMDIz
QUE0NjgwQzAeFw0yNDAzMDUxODA4MDZaFw0yNTAzMDQxODEzMDZaMDMxMTAvBgNV
BAMTKDgyQjE1QzY1RDhEQkE5RDQ2QTdBNjI2NzJDMTA2MjUyMTRGMEI2N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCupiWsyN8p+5O3crCmP8t2VGyN
ovsACkEYs5UxK6yLQuyMVg4vqA9Ne4w8Qlipf1oXd5w7o0wrJByuCqGCb+1XFdum
rqeHIx+mC/P5Sx/y/p6xQ5JdzjIOqJsW110JGS3K+XaPJ1F1UgC1wAfWuJUmrum3
FJmX6Obh5id8oWluU1HMgzBoodv8RNSUJy3w5uwAS4g5cY4eDpcx0pKQg+PSHdz0
LuwvtBNX6LZevIwaNIwwtkwR1VhrB8Rbu0GjPTsaWnxvjMnLTrDzW7cOFojAXgiB
cqgi13oWzfx7GWQD+J3uT3pZc5gtKDqDjROsgpn4JKDHZFEL5kVe6uDBUdNPAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUgrFcZdjbqdRqemJnLBBiUhTwtnwwHwYDVR0j
BBgwFoAU41/CZGqfyJKbaUqq4E1SAjqkaAwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DRDBFMDU0NjIzQUM5MDQzQzBFMjk5QzJDOTBCMTQzODAz
QkQ4OTEyNUIwRTg2Mzg1NUM0OUMzQjczRjdCQUExLzAvRTM1RkMyNjQ2QTlGQzg5
MjlCNjk0QUFBRTA0RDUyMDIzQUE0NjgwQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FMzVGQzI2NDZBOUZDODkyOUI2
OTRBQUFFMDRENTIwMjNBQTQ2ODBDLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQ0QwRTA1NDYyM0FDOTA0M0MwRTI5OUMyQzkwQjE0MzgwM0JEODkxMjVC
MEU4NjM4NTVDNDlDM0I3M0Y3QkFBMS8wLzMxMzkzMDJlMzEzMjM0MmUzMjM0MmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNzM2MzczOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAb58GDAN
BgkqhkiG9w0BAQsFAAOCAQEAwwOt0Oo+yq+4zyR7biSr8r/G2gKKdizWGZ2qN5da
u+7C2pWw5f+S5o1rgm1Tn5BoY7PLm7AfwIvLXCz0jJLeLrCybShAtk+l3UCTFfTz
hVT0zCxmThc0XuS2Dcdd9gY7INaDBK1lmvAGwEevalq23o31cRTdLJXgwFABnCGl
1GFlmdoCM/Jghmb9fPGTaRo2x5Umf0JcDYiSu0P7XzjiM3PdzO2QbduCB89o+bkn
imRMKRcvtb0VXZ3Ss2+yQf5YugyG42f18S8xRWk2AndR5RY/BH5u92lXc0h56sY9
nE8pgl6u7AR73s4nl9+Q5JIwB33mG/4I3vEV0zSMro00lQ==
-----END CERTIFICATE-----
Generated at Tue Oct 8 22:07:05 2024 by rpki-client on console-fra.rpki-client.org