Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/CD96A10A651E01C032F7F25AA20AF311BFE36F04776606125D370A6277276F29/0/3137302e3234342e3131312e302f32342d3234203d3e203238343038.roa
File:                     3137302e3234342e3131312e302f32342d3234203d3e203238343038.roa (raw, json)
Hash identifier:          jTJDsd0z/3LQuSwdrIul/QyVk4kwKlGUx9DS5ZjT5qA=
Subject key identifier:   EC:D0:D5:99:0E:FD:D6:A2:54:76:8B:46:77:AF:BA:DA:45:E0:42:BB
Certificate issuer:       /CN=01ED585C7FF695D515C213CCD92F98A26AF818D7
Certificate serial:       1E44DAC78631E6C085DA43EEC9E6C355D5087E2C
Authority key identifier: 01:ED:58:5C:7F:F6:95:D5:15:C2:13:CC:D9:2F:98:A2:6A:F8:18:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/01ED585C7FF695D515C213CCD92F98A26AF818D7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/CD96A10A651E01C032F7F25AA20AF311BFE36F04776606125D370A6277276F29/0/3137302e3234342e3131312e302f32342d3234203d3e203238343038.roa
Signing time:             Tue 05 Mar 2024 18:03:36 +0000
ROA not before:           Tue 05 Mar 2024 17:58:36 +0000
ROA not after:            Tue 04 Mar 2025 18:03:36 +0000
asID:                     28408
IP address blocks:        170.244.111.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/CD96A10A651E01C032F7F25AA20AF311BFE36F04776606125D370A6277276F29/0/01ED585C7FF695D515C213CCD92F98A26AF818D7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/CD96A10A651E01C032F7F25AA20AF311BFE36F04776606125D370A6277276F29/0/01ED585C7FF695D515C213CCD92F98A26AF818D7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/01ED585C7FF695D515C213CCD92F98A26AF818D7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:44:da:c7:86:31:e6:c0:85:da:43:ee:c9:e6:c3:55:d5:08:7e:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01ED585C7FF695D515C213CCD92F98A26AF818D7
        Validity
            Not Before: Mar  5 17:58:36 2024 GMT
            Not After : Mar  4 18:03:36 2025 GMT
        Subject: CN=ECD0D5990EFDD6A254768B4677AFBADA45E042BB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:76:f3:3d:a1:9a:2e:19:24:e9:73:aa:20:62:
                    2a:00:5a:db:15:82:03:38:c1:16:bd:e8:8a:0e:52:
                    ad:f0:a9:c8:0f:d2:3b:aa:58:06:f8:ba:9d:87:9c:
                    16:a8:7d:f4:3c:41:21:24:bb:1d:58:dd:1e:da:86:
                    97:7d:59:33:72:79:83:6d:41:86:56:e7:35:04:7c:
                    fa:58:e2:57:f9:2b:95:be:c5:3c:d8:41:c8:19:17:
                    a2:74:6c:9d:98:10:04:f0:be:a3:33:28:73:44:7f:
                    ca:18:87:27:53:a7:ab:fd:cc:a4:49:fb:51:2f:76:
                    45:22:02:8d:28:5b:37:53:68:85:4e:c0:af:1c:c2:
                    83:c1:87:8d:b6:bf:d8:10:c5:e7:92:b9:e9:e1:4a:
                    24:a4:b5:12:15:58:d3:c2:69:8e:ad:b0:1c:ea:13:
                    5c:97:c4:2a:59:8d:4b:0e:6b:87:8a:46:95:46:05:
                    2c:b0:e4:48:67:7b:60:36:76:ac:4f:1f:81:a4:af:
                    47:c6:35:1e:4f:7e:12:9d:88:c7:c3:53:96:8e:60:
                    58:5b:76:77:d4:66:bd:31:c5:6d:52:9a:99:9e:e8:
                    3f:a2:9b:cc:9d:d1:74:04:4b:d9:a1:9f:3d:ba:b0:
                    9c:c5:87:e6:82:d9:f6:dd:e0:85:1b:47:df:11:a5:
                    6a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:D0:D5:99:0E:FD:D6:A2:54:76:8B:46:77:AF:BA:DA:45:E0:42:BB
            X509v3 Authority Key Identifier:
                keyid:01:ED:58:5C:7F:F6:95:D5:15:C2:13:CC:D9:2F:98:A2:6A:F8:18:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/CD96A10A651E01C032F7F25AA20AF311BFE36F04776606125D370A6277276F29/0/01ED585C7FF695D515C213CCD92F98A26AF818D7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/01ED585C7FF695D515C213CCD92F98A26AF818D7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/CD96A10A651E01C032F7F25AA20AF311BFE36F04776606125D370A6277276F29/0/3137302e3234342e3131312e302f32342d3234203d3e203238343038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.244.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:1d:2b:6d:95:04:3d:ba:03:99:37:a2:29:7d:a7:96:16:89:
         67:df:87:79:ac:14:fb:c9:62:07:4a:4a:fb:1d:34:b7:a9:2b:
         ca:a4:d2:90:0a:5d:c2:3d:5d:da:02:a5:95:d7:3c:55:0a:c7:
         93:19:86:8e:74:7b:61:f0:b0:d1:34:75:9c:03:78:a1:43:4e:
         83:1f:c5:b2:72:19:c5:66:0c:76:85:b9:12:5b:50:9e:1f:37:
         c3:3b:cd:56:45:8f:ea:dd:4e:3d:8f:7c:e1:82:c3:08:80:7f:
         98:e7:4b:e6:7a:a1:b4:07:d6:fc:33:4f:3d:18:8f:67:5f:92:
         7c:a6:c0:84:77:99:9f:70:90:b3:42:a9:15:3e:80:fa:71:ed:
         65:c0:7c:9f:69:32:d3:f9:a7:ce:dd:5e:9c:32:b8:33:92:6f:
         f8:03:60:17:01:a3:63:61:2d:83:2a:b0:33:3b:b5:82:f5:ad:
         20:a8:57:d4:0d:ec:ff:62:d5:64:ee:c9:8e:6f:91:5a:61:e7:
         f6:e1:b1:d9:3b:94:88:67:10:60:a2:77:07:85:3b:e5:c3:be:
         09:65:a4:49:f4:fe:53:f3:fb:45:46:39:c8:c6:04:77:12:2f:
         2d:f2:fb:e1:c5:2a:08:d6:9c:b8:2c:5e:5a:15:d2:13:ba:ff:
         76:c1:3f:59
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUHkTax4Yx5sCF2kPuyebDVdUIfiwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDFFRDU4NUM3RkY2OTVENTE1QzIxM0NDRDkyRjk4QTI2
QUY4MThENzAeFw0yNDAzMDUxNzU4MzZaFw0yNTAzMDQxODAzMzZaMDMxMTAvBgNV
BAMTKEVDRDBENTk5MEVGREQ2QTI1NDc2OEI0Njc3QUZCQURBNDVFMDQyQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCydvM9oZouGSTpc6ogYioAWtsV
ggM4wRa96IoOUq3wqcgP0juqWAb4up2HnBaoffQ8QSEkux1Y3R7ahpd9WTNyeYNt
QYZW5zUEfPpY4lf5K5W+xTzYQcgZF6J0bJ2YEATwvqMzKHNEf8oYhydTp6v9zKRJ
+1EvdkUiAo0oWzdTaIVOwK8cwoPBh422v9gQxeeSuenhSiSktRIVWNPCaY6tsBzq
E1yXxCpZjUsOa4eKRpVGBSyw5Ehne2A2dqxPH4Gkr0fGNR5PfhKdiMfDU5aOYFhb
dnfUZr0xxW1Smpme6D+im8yd0XQES9mhnz26sJzFh+aC2fbd4IUbR98RpWpZAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU7NDVmQ791qJUdotGd6+62kXgQrswHwYDVR0j
BBgwFoAUAe1YXH/2ldUVwhPM2S+Yomr4GNcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DRDk2QTEwQTY1MUUwMUMwMzJGN0YyNUFBMjBBRjMxMUJG
RTM2RjA0Nzc2NjA2MTI1RDM3MEE2Mjc3Mjc2RjI5LzAvMDFFRDU4NUM3RkY2OTVE
NTE1QzIxM0NDRDkyRjk4QTI2QUY4MThENy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wMUVENTg1QzdGRjY5NUQ1MTVD
MjEzQ0NEOTJGOThBMjZBRjgxOEQ3LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQ0Q5NkExMEE2NTFFMDFDMDMyRjdGMjVBQTIwQUYzMTFCRkUzNkYwNDc3
NjYwNjEyNUQzNzBBNjI3NzI3NkYyOS8wLzMxMzczMDJlMzIzNDM0MmUzMTMxMzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM4MzQzMDM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqvRv
MA0GCSqGSIb3DQEBCwUAA4IBAQCFHSttlQQ9ugOZN6IpfaeWFoln34d5rBT7yWIH
Skr7HTS3qSvKpNKQCl3CPV3aAqWV1zxVCseTGYaOdHth8LDRNHWcA3ihQ06DH8Wy
chnFZgx2hbkSW1CeHzfDO81WRY/q3U49j3zhgsMIgH+Y50vmeqG0B9b8M089GI9n
X5J8psCEd5mfcJCzQqkVPoD6ce1lwHyfaTLT+afO3V6cMrgzkm/4A2AXAaNjYS2D
KrAzO7WC9a0gqFfUDez/YtVk7smOb5FaYef24bHZO5SIZxBgoncHhTvlw74JZaRJ
9P5T8/tFRjnIxgR3Ei8t8vvhxSoI1py4LF5aFdITuv92wT9Z
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:10:57 2024 by rpki-client on console-fra.rpki-client.org