Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/CD96A10A651E01C032F7F25AA20AF311BFE36F04776606125D370A6277276F29/0/3136372e3234392e3235322e302f32322d3232203d3e203238343038.roa
File:                     3136372e3234392e3235322e302f32322d3232203d3e203238343038.roa (raw, json)
Hash identifier:          6dBFlAKTagpCUZTRks4gIuUpQPVgcsT+0oPT8b9BxGo=
Subject key identifier:   1C:5F:16:D0:FB:1B:95:D4:24:7D:DC:8A:85:B0:DE:C7:12:99:EE:70
Certificate issuer:       /CN=01ED585C7FF695D515C213CCD92F98A26AF818D7
Certificate serial:       38BDD0D8FAEEB40C82BF8153C118759BFA145D7D
Authority key identifier: 01:ED:58:5C:7F:F6:95:D5:15:C2:13:CC:D9:2F:98:A2:6A:F8:18:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/01ED585C7FF695D515C213CCD92F98A26AF818D7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/CD96A10A651E01C032F7F25AA20AF311BFE36F04776606125D370A6277276F29/0/3136372e3234392e3235322e302f32322d3232203d3e203238343038.roa
Signing time:             Tue 05 Mar 2024 18:03:34 +0000
ROA not before:           Tue 05 Mar 2024 17:58:34 +0000
ROA not after:            Tue 04 Mar 2025 18:03:34 +0000
asID:                     28408
IP address blocks:        167.249.252.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/CD96A10A651E01C032F7F25AA20AF311BFE36F04776606125D370A6277276F29/0/01ED585C7FF695D515C213CCD92F98A26AF818D7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/CD96A10A651E01C032F7F25AA20AF311BFE36F04776606125D370A6277276F29/0/01ED585C7FF695D515C213CCD92F98A26AF818D7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/01ED585C7FF695D515C213CCD92F98A26AF818D7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:bd:d0:d8:fa:ee:b4:0c:82:bf:81:53:c1:18:75:9b:fa:14:5d:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01ED585C7FF695D515C213CCD92F98A26AF818D7
        Validity
            Not Before: Mar  5 17:58:34 2024 GMT
            Not After : Mar  4 18:03:34 2025 GMT
        Subject: CN=1C5F16D0FB1B95D4247DDC8A85B0DEC71299EE70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:58:e9:b8:7a:f3:56:d0:5b:17:ae:15:4e:85:
                    97:5e:4b:85:76:8b:c3:8f:a9:1f:c9:fb:7e:08:85:
                    f4:4f:0e:b2:71:9b:03:64:3e:f6:e7:28:03:f7:20:
                    03:55:9c:8c:b5:11:7b:01:5b:91:e2:31:6b:16:be:
                    4e:8a:3a:93:f6:ab:e1:d7:4d:dc:ac:b7:b3:96:be:
                    b5:37:3d:78:13:aa:b0:a7:5c:9d:92:3b:bd:26:9e:
                    f2:f7:e8:11:e2:73:c2:8f:ea:98:75:74:77:47:f2:
                    11:21:82:e0:14:65:ff:83:9c:da:c4:46:4e:f7:77:
                    e3:8e:9b:69:dc:d0:14:0d:21:c5:63:8f:70:54:9b:
                    f6:a0:62:5b:d0:93:a6:ba:00:88:52:f3:17:79:c2:
                    42:73:d6:ef:f1:31:2f:4a:9e:a2:b1:59:13:ea:c5:
                    44:b8:62:1a:11:09:c0:ae:17:24:f3:1f:ba:b9:08:
                    0e:09:d3:6b:f6:dd:0a:9b:a5:72:27:1a:0c:83:e6:
                    81:63:33:a7:1e:ca:dd:42:88:74:a7:e7:cc:7e:82:
                    a6:d8:7f:c4:dd:e0:61:af:01:d7:68:40:0f:8d:08:
                    dc:9b:ad:be:c4:19:29:de:5b:39:06:11:b1:61:97:
                    4e:5e:73:45:13:ee:fb:dc:e9:24:a8:07:d4:cf:97:
                    d9:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:5F:16:D0:FB:1B:95:D4:24:7D:DC:8A:85:B0:DE:C7:12:99:EE:70
            X509v3 Authority Key Identifier:
                keyid:01:ED:58:5C:7F:F6:95:D5:15:C2:13:CC:D9:2F:98:A2:6A:F8:18:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/CD96A10A651E01C032F7F25AA20AF311BFE36F04776606125D370A6277276F29/0/01ED585C7FF695D515C213CCD92F98A26AF818D7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/01ED585C7FF695D515C213CCD92F98A26AF818D7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/CD96A10A651E01C032F7F25AA20AF311BFE36F04776606125D370A6277276F29/0/3136372e3234392e3235322e302f32322d3232203d3e203238343038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.249.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         14:36:9e:9d:fc:83:57:e3:0b:6b:41:21:98:0d:5c:bf:b3:af:
         32:58:36:79:3c:b5:2d:0c:b8:40:d9:9c:11:5e:ff:ef:2f:44:
         e9:04:b2:5a:c0:cb:14:61:cc:29:e2:7a:98:a7:b0:c9:40:e7:
         06:49:2e:1e:71:8a:3b:7c:d9:d1:be:9c:2a:3e:aa:20:82:b6:
         b8:89:33:48:7e:0a:a3:f3:0f:78:d1:41:74:a1:54:17:3a:70:
         73:e4:f8:f0:a5:3f:25:b5:0c:17:75:f5:62:03:75:35:b3:d7:
         ff:cb:4d:7d:6e:f1:0e:a7:a2:67:a5:d9:25:13:56:73:f4:6a:
         88:4c:40:71:61:c1:d2:a8:dd:d2:04:6a:a8:0d:28:ce:56:c2:
         ef:44:5c:70:74:94:83:d6:06:45:4f:fd:8e:e8:39:fd:b0:c4:
         79:3c:74:2b:e2:27:45:b6:a9:79:3a:17:ca:68:ad:41:70:54:
         c2:3d:a7:d3:ee:8e:a5:3c:c0:5a:7f:c6:89:af:93:b8:c6:ed:
         9d:96:aa:26:a8:79:8c:e4:53:2d:a9:9c:9c:99:c7:2a:bb:f3:
         9a:85:f2:59:50:a4:e7:d4:05:a2:d9:62:ff:d1:f9:99:23:24:
         0c:d8:fc:24:3c:9f:18:e5:ee:22:56:51:43:27:8d:16:c9:dc:
         ff:53:cf:fb
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUOL3Q2PrutAyCv4FTwRh1m/oUXX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDFFRDU4NUM3RkY2OTVENTE1QzIxM0NDRDkyRjk4QTI2
QUY4MThENzAeFw0yNDAzMDUxNzU4MzRaFw0yNTAzMDQxODAzMzRaMDMxMTAvBgNV
BAMTKDFDNUYxNkQwRkIxQjk1RDQyNDdEREM4QTg1QjBERUM3MTI5OUVFNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtWOm4evNW0FsXrhVOhZdeS4V2
i8OPqR/J+34IhfRPDrJxmwNkPvbnKAP3IANVnIy1EXsBW5HiMWsWvk6KOpP2q+HX
Tdyst7OWvrU3PXgTqrCnXJ2SO70mnvL36BHic8KP6ph1dHdH8hEhguAUZf+DnNrE
Rk73d+OOm2nc0BQNIcVjj3BUm/agYlvQk6a6AIhS8xd5wkJz1u/xMS9KnqKxWRPq
xUS4YhoRCcCuFyTzH7q5CA4J02v23QqbpXInGgyD5oFjM6ceyt1CiHSn58x+gqbY
f8Td4GGvAddoQA+NCNybrb7EGSneWzkGEbFhl05ec0UT7vvc6SSoB9TPl9mzAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUHF8W0PsbldQkfdyKhbDexxKZ7nAwHwYDVR0j
BBgwFoAUAe1YXH/2ldUVwhPM2S+Yomr4GNcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DRDk2QTEwQTY1MUUwMUMwMzJGN0YyNUFBMjBBRjMxMUJG
RTM2RjA0Nzc2NjA2MTI1RDM3MEE2Mjc3Mjc2RjI5LzAvMDFFRDU4NUM3RkY2OTVE
NTE1QzIxM0NDRDkyRjk4QTI2QUY4MThENy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wMUVENTg1QzdGRjY5NUQ1MTVD
MjEzQ0NEOTJGOThBMjZBRjgxOEQ3LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQ0Q5NkExMEE2NTFFMDFDMDMyRjdGMjVBQTIwQUYzMTFCRkUzNkYwNDc3
NjYwNjEyNUQzNzBBNjI3NzI3NkYyOS8wLzMxMzYzNzJlMzIzNDM5MmUzMjM1MzIy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM4MzQzMDM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCp/n8
MA0GCSqGSIb3DQEBCwUAA4IBAQAUNp6d/INX4wtrQSGYDVy/s68yWDZ5PLUtDLhA
2ZwRXv/vL0TpBLJawMsUYcwp4nqYp7DJQOcGSS4ecYo7fNnRvpwqPqoggra4iTNI
fgqj8w940UF0oVQXOnBz5PjwpT8ltQwXdfViA3U1s9f/y019bvEOp6JnpdklE1Zz
9GqITEBxYcHSqN3SBGqoDSjOVsLvRFxwdJSD1gZFT/2O6Dn9sMR5PHQr4idFtql5
OhfKaK1BcFTCPafT7o6lPMBaf8aJr5O4xu2dlqomqHmM5FMtqZycmccqu/OahfJZ
UKTn1AWi2WL/0fmZIyQM2PwkPJ8Y5e4iVlFDJ40Wydz/U8/7
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:10:57 2024 by rpki-client on console-fra.rpki-client.org