Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/CF8B87503A84E48F7652084EAC8AF0DE7CB357A55CDCA2F4B682724B356B877F/0/3230312e3133312e362e302f32332d3234203d3e203238333932.roa
File:                     3230312e3133312e362e302f32332d3234203d3e203238333932.roa (raw, json)
Hash identifier:          ejE7X0gFIGJa6nE//IXmQLegQ+EII5VLV1b4f4woXV8=
Subject key identifier:   CF:90:F2:56:BD:37:BB:A9:0A:75:7B:6C:F1:C8:DD:F9:2A:12:3A:4E
Certificate issuer:       /CN=4F43917327673645BD0B520BF95E9CA235CEFEB8
Certificate serial:       6F2B8D905A8B116C063441D829DF7DB0991B98F3
Authority key identifier: 4F:43:91:73:27:67:36:45:BD:0B:52:0B:F9:5E:9C:A2:35:CE:FE:B8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4F43917327673645BD0B520BF95E9CA235CEFEB8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/CF8B87503A84E48F7652084EAC8AF0DE7CB357A55CDCA2F4B682724B356B877F/0/3230312e3133312e362e302f32332d3234203d3e203238333932.roa
Signing time:             Tue 05 Mar 2024 17:43:15 +0000
ROA not before:           Tue 05 Mar 2024 17:38:15 +0000
ROA not after:            Tue 04 Mar 2025 17:43:15 +0000
asID:                     28392
IP address blocks:        201.131.6.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/CF8B87503A84E48F7652084EAC8AF0DE7CB357A55CDCA2F4B682724B356B877F/0/4F43917327673645BD0B520BF95E9CA235CEFEB8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/CF8B87503A84E48F7652084EAC8AF0DE7CB357A55CDCA2F4B682724B356B877F/0/4F43917327673645BD0B520BF95E9CA235CEFEB8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4F43917327673645BD0B520BF95E9CA235CEFEB8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:2b:8d:90:5a:8b:11:6c:06:34:41:d8:29:df:7d:b0:99:1b:98:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4F43917327673645BD0B520BF95E9CA235CEFEB8
        Validity
            Not Before: Mar  5 17:38:15 2024 GMT
            Not After : Mar  4 17:43:15 2025 GMT
        Subject: CN=CF90F256BD37BBA90A757B6CF1C8DDF92A123A4E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:f6:bc:71:fe:0e:a2:d9:2e:62:23:39:3d:3a:
                    1a:a9:db:46:94:0b:2f:f6:d6:83:d2:00:1c:51:74:
                    2e:4b:ae:c4:b0:c9:43:fe:6a:78:02:fa:05:92:1f:
                    78:02:c7:bf:5d:87:78:b9:22:6c:47:34:f5:42:a0:
                    c7:6f:f0:c9:1e:5f:df:ff:d1:f2:9b:33:88:c1:3c:
                    df:2c:73:4d:1c:19:aa:ed:08:7c:56:a5:b0:f8:31:
                    25:76:87:d1:53:08:41:31:bf:32:5d:fd:bd:f6:29:
                    57:be:0f:18:f4:ea:66:50:f6:74:a5:96:43:da:3b:
                    68:6b:80:23:77:01:f2:a2:c6:10:4f:d9:71:5c:17:
                    17:ed:44:dc:95:73:f9:57:90:2c:36:db:a2:48:de:
                    d0:ff:06:d7:6a:9b:6e:21:47:58:1b:3f:5b:5a:b1:
                    6a:1c:02:0d:05:af:6f:fa:ba:d5:22:8f:95:80:0e:
                    25:7d:fd:59:f8:9c:85:b2:f8:74:05:08:0f:bf:ff:
                    f8:2e:8f:ea:90:c9:fb:a4:03:ac:4a:79:e5:02:89:
                    14:39:15:02:62:c0:18:83:48:71:b6:36:0c:b6:8d:
                    fe:7c:21:b1:08:db:1a:b5:8d:92:2c:ba:a0:1c:c0:
                    19:f3:0c:5b:20:81:61:32:7d:8e:0c:0e:f3:6b:9e:
                    04:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:90:F2:56:BD:37:BB:A9:0A:75:7B:6C:F1:C8:DD:F9:2A:12:3A:4E
            X509v3 Authority Key Identifier:
                keyid:4F:43:91:73:27:67:36:45:BD:0B:52:0B:F9:5E:9C:A2:35:CE:FE:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/CF8B87503A84E48F7652084EAC8AF0DE7CB357A55CDCA2F4B682724B356B877F/0/4F43917327673645BD0B520BF95E9CA235CEFEB8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4F43917327673645BD0B520BF95E9CA235CEFEB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/CF8B87503A84E48F7652084EAC8AF0DE7CB357A55CDCA2F4B682724B356B877F/0/3230312e3133312e362e302f32332d3234203d3e203238333932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.131.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3f:a2:ad:5e:4c:e9:02:c4:02:7c:f0:b1:cd:31:ff:c2:b8:a8:
         77:86:7c:3c:f8:29:b3:b3:ef:60:91:09:04:da:83:69:77:85:
         c8:a8:84:b1:dc:cd:35:c7:a1:4a:36:af:33:4f:df:fa:94:24:
         b4:55:de:c9:61:0b:37:dc:4f:a0:d2:9a:69:d1:66:ff:8b:f6:
         85:1b:1e:47:e6:0f:66:69:b0:b1:ac:47:3e:58:32:0d:9d:bf:
         4f:94:dd:db:88:0f:b9:0d:12:f9:76:77:99:47:27:37:26:93:
         a5:f2:7e:1e:b8:b7:81:9f:64:c3:af:b6:2a:95:eb:aa:f3:12:
         b9:1a:8c:f3:44:18:60:75:eb:1b:45:f6:e0:b6:2b:30:52:58:
         d3:6e:89:c0:91:ef:8a:f4:09:4a:56:35:93:81:e0:95:67:d7:
         dd:a0:72:6d:5d:4c:0d:db:8e:ff:57:9c:ee:97:31:d2:2f:1e:
         bc:68:f2:55:67:5f:56:8d:a6:6d:1a:fb:ff:57:71:d0:0d:81:
         53:45:27:fd:d4:1e:3a:47:02:02:c7:d2:01:1c:3b:95:1a:84:
         72:a9:9b:6b:89:f4:62:f5:4c:16:93:a4:ec:f6:d9:64:49:cb:
         32:7b:f9:c3:e5:b2:73:16:45:e0:e5:62:5d:4a:b9:2a:aa:b4:
         fc:f1:5a:50
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUbyuNkFqLEWwGNEHYKd99sJkbmPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEY0MzkxNzMyNzY3MzY0NUJEMEI1MjBCRjk1RTlDQTIz
NUNFRkVCODAeFw0yNDAzMDUxNzM4MTVaFw0yNTAzMDQxNzQzMTVaMDMxMTAvBgNV
BAMTKENGOTBGMjU2QkQzN0JCQTkwQTc1N0I2Q0YxQzhEREY5MkExMjNBNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF9rxx/g6i2S5iIzk9Ohqp20aU
Cy/21oPSABxRdC5LrsSwyUP+angC+gWSH3gCx79dh3i5ImxHNPVCoMdv8MkeX9//
0fKbM4jBPN8sc00cGartCHxWpbD4MSV2h9FTCEExvzJd/b32KVe+Dxj06mZQ9nSl
lkPaO2hrgCN3AfKixhBP2XFcFxftRNyVc/lXkCw226JI3tD/Btdqm24hR1gbP1ta
sWocAg0Fr2/6utUij5WADiV9/Vn4nIWy+HQFCA+///guj+qQyfukA6xKeeUCiRQ5
FQJiwBiDSHG2Ngy2jf58IbEI2xq1jZIsuqAcwBnzDFsggWEyfY4MDvNrngRFAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUz5DyVr03u6kKdXts8cjd+SoSOk4wHwYDVR0j
BBgwFoAUT0ORcydnNkW9C1IL+V6cojXO/rgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DRjhCODc1MDNBODRFNDhGNzY1MjA4NEVBQzhBRjBERTdD
QjM1N0E1NUNEQ0EyRjRCNjgyNzI0QjM1NkI4NzdGLzAvNEY0MzkxNzMyNzY3MzY0
NUJEMEI1MjBCRjk1RTlDQTIzNUNFRkVCOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80RjQzOTE3MzI3NjczNjQ1QkQw
QjUyMEJGOTVFOUNBMjM1Q0VGRUI4LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQ0Y4Qjg3NTAzQTg0RTQ4Rjc2NTIwODRFQUM4QUYwREU3Q0IzNTdBNTVD
RENBMkY0QjY4MjcyNEIzNTZCODc3Ri8wLzMyMzAzMTJlMzEzMzMxMmUzNjJlMzAy
ZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzgzMzM5MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHJgwYwDQYJ
KoZIhvcNAQELBQADggEBAD+irV5M6QLEAnzwsc0x/8K4qHeGfDz4KbOz72CRCQTa
g2l3hciohLHczTXHoUo2rzNP3/qUJLRV3slhCzfcT6DSmmnRZv+L9oUbHkfmD2Zp
sLGsRz5YMg2dv0+U3duID7kNEvl2d5lHJzcmk6Xyfh64t4GfZMOvtiqV66rzErka
jPNEGGB16xtF9uC2KzBSWNNuicCR74r0CUpWNZOB4JVn192gcm1dTA3bjv9XnO6X
MdIvHrxo8lVnX1aNpm0a+/9XcdANgVNFJ/3UHjpHAgLH0gEcO5UahHKpm2uJ9GL1
TBaTpOz22WRJyzJ7+cPlsnMWReDlYl1KuSqqtPzxWlA=
-----END CERTIFICATE-----
Generated at Wed Nov 20 13:43:37 2024 by rpki-client on console-ams.rpki-client.org