Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/CFD39521CB70D37D1DC6CF48E552E2E079697CA08DC58A14FB418BF63263D4B8/0/3136312e32322e33332e302f32342d3234203d3e20323732383039.roa
File:                     3136312e32322e33332e302f32342d3234203d3e20323732383039.roa (raw, json)
Hash identifier:          q0tvHMPi9dh/anrb/YqOy1N6vQWhk3zDSQAiALF4DAg=
Subject key identifier:   89:1D:26:D9:E3:FE:4F:23:BC:3C:F0:84:67:12:B5:2D:BB:31:D3:67
Certificate issuer:       /CN=DA1057BCF67E7BD98DA8AF10B71F56CCCD2D4351
Certificate serial:       09198BC3394C5CA3D5D466DD5F15B95D4240851F
Authority key identifier: DA:10:57:BC:F6:7E:7B:D9:8D:A8:AF:10:B7:1F:56:CC:CD:2D:43:51
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA1057BCF67E7BD98DA8AF10B71F56CCCD2D4351.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/CFD39521CB70D37D1DC6CF48E552E2E079697CA08DC58A14FB418BF63263D4B8/0/3136312e32322e33332e302f32342d3234203d3e20323732383039.roa
Signing time:             Tue 05 Mar 2024 18:20:58 +0000
ROA not before:           Tue 05 Mar 2024 18:15:58 +0000
ROA not after:            Tue 04 Mar 2025 18:20:58 +0000
asID:                     272809
IP address blocks:        161.22.33.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/CFD39521CB70D37D1DC6CF48E552E2E079697CA08DC58A14FB418BF63263D4B8/0/DA1057BCF67E7BD98DA8AF10B71F56CCCD2D4351.crl
                          rsync://repository.lacnic.net/rpki/lacnic/CFD39521CB70D37D1DC6CF48E552E2E079697CA08DC58A14FB418BF63263D4B8/0/DA1057BCF67E7BD98DA8AF10B71F56CCCD2D4351.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA1057BCF67E7BD98DA8AF10B71F56CCCD2D4351.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:19:8b:c3:39:4c:5c:a3:d5:d4:66:dd:5f:15:b9:5d:42:40:85:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA1057BCF67E7BD98DA8AF10B71F56CCCD2D4351
        Validity
            Not Before: Mar  5 18:15:58 2024 GMT
            Not After : Mar  4 18:20:58 2025 GMT
        Subject: CN=891D26D9E3FE4F23BC3CF0846712B52DBB31D367
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:08:54:ae:65:7e:f1:96:92:0c:f5:69:7b:75:
                    9d:80:89:4e:9a:7f:d5:b9:bd:07:68:1a:eb:95:7c:
                    56:77:8e:df:11:7b:91:d2:c8:d2:ff:d4:90:6c:89:
                    c6:5c:43:d8:59:61:a0:3d:1f:88:cc:48:0c:68:95:
                    91:d6:9a:bf:b9:6d:7f:cd:13:c1:8b:32:d1:21:35:
                    7f:a0:df:ba:b7:a1:dd:e6:49:84:d0:5f:8d:86:47:
                    b3:c1:a9:9a:5e:59:cb:cb:56:ea:9f:9e:37:54:d1:
                    3b:3d:88:19:4e:ca:5e:81:0e:51:3d:6c:1d:5f:7e:
                    be:ef:3a:ec:b6:41:44:48:f4:ee:22:74:e6:95:90:
                    81:3e:08:c8:9b:68:32:ca:f2:57:6f:54:73:b4:2f:
                    eb:de:13:9e:de:e9:19:58:6a:5b:f2:93:d6:f0:f6:
                    ba:57:79:40:44:90:fa:52:93:2e:4c:88:f9:81:77:
                    3d:1c:5b:60:80:ca:77:81:75:ad:f7:ae:3d:5e:81:
                    b4:1a:e2:6f:83:d6:86:52:e4:71:a5:e4:dd:77:e4:
                    68:24:0c:b0:e1:87:ee:d9:05:98:65:29:c4:bd:07:
                    1d:4a:42:1d:a4:89:bf:0f:c6:bc:ac:c5:f7:b0:8c:
                    f1:bf:2d:43:2c:39:87:d3:71:51:1b:3a:a5:f4:32:
                    ed:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:1D:26:D9:E3:FE:4F:23:BC:3C:F0:84:67:12:B5:2D:BB:31:D3:67
            X509v3 Authority Key Identifier:
                keyid:DA:10:57:BC:F6:7E:7B:D9:8D:A8:AF:10:B7:1F:56:CC:CD:2D:43:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/CFD39521CB70D37D1DC6CF48E552E2E079697CA08DC58A14FB418BF63263D4B8/0/DA1057BCF67E7BD98DA8AF10B71F56CCCD2D4351.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA1057BCF67E7BD98DA8AF10B71F56CCCD2D4351.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/CFD39521CB70D37D1DC6CF48E552E2E079697CA08DC58A14FB418BF63263D4B8/0/3136312e32322e33332e302f32342d3234203d3e20323732383039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.22.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:a4:5c:a5:2b:b4:69:dd:33:0f:bb:3c:25:25:b7:ad:8f:ba:
         ba:d5:a6:a8:4e:dc:d5:a0:a3:cc:f0:fe:35:7c:0f:83:b6:58:
         9b:74:66:7b:a4:1c:db:3a:c9:eb:4e:28:a4:a5:ad:06:30:e3:
         78:d5:9f:a1:02:82:21:5a:45:3f:9a:b8:47:97:0d:32:9b:3e:
         a5:07:11:1f:e7:7d:8c:49:31:90:91:59:a5:55:e4:fd:40:0c:
         6d:52:3f:39:12:b0:a4:ba:dc:a5:9b:cd:fc:d5:ad:7e:24:91:
         da:81:14:51:2f:f6:25:8f:ad:df:37:7e:ee:b0:9e:e1:6d:bd:
         24:bf:b5:2d:09:75:eb:f9:6a:61:ac:51:b3:7f:c2:90:74:19:
         40:fb:dd:7e:b8:27:47:45:35:cd:5c:52:1d:dd:94:c8:c5:4e:
         18:42:b6:10:fb:c6:0b:4f:ac:0b:9b:a8:ce:a2:49:74:f3:db:
         02:53:9f:b9:47:61:e7:32:cd:68:43:f1:05:03:23:3c:0c:9d:
         5f:e1:8c:8b:62:42:f7:e8:b7:1b:37:a8:c8:87:b4:2c:83:bc:
         de:16:6a:48:a8:3c:99:79:e2:6d:27:e3:d2:34:65:ae:e7:ac:
         66:73:81:44:6d:bd:8e:25:a9:99:3e:24:e3:7a:7a:77:eb:26:
         64:22:55:aa
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUCRmLwzlMXKPV1GbdXxW5XUJAhR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREExMDU3QkNGNjdFN0JEOThEQThBRjEwQjcxRjU2Q0ND
RDJENDM1MTAeFw0yNDAzMDUxODE1NThaFw0yNTAzMDQxODIwNThaMDMxMTAvBgNV
BAMTKDg5MUQyNkQ5RTNGRTRGMjNCQzNDRjA4NDY3MTJCNTJEQkIzMUQzNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpCFSuZX7xlpIM9Wl7dZ2AiU6a
f9W5vQdoGuuVfFZ3jt8Re5HSyNL/1JBsicZcQ9hZYaA9H4jMSAxolZHWmr+5bX/N
E8GLMtEhNX+g37q3od3mSYTQX42GR7PBqZpeWcvLVuqfnjdU0Ts9iBlOyl6BDlE9
bB1ffr7vOuy2QURI9O4idOaVkIE+CMibaDLK8ldvVHO0L+veE57e6RlYalvyk9bw
9rpXeUBEkPpSky5MiPmBdz0cW2CAyneBda33rj1egbQa4m+D1oZS5HGl5N135Ggk
DLDhh+7ZBZhlKcS9Bx1KQh2kib8PxrysxfewjPG/LUMsOYfTcVEbOqX0Mu3hAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUiR0m2eP+TyO8PPCEZxK1Lbsx02cwHwYDVR0j
BBgwFoAU2hBXvPZ+e9mNqK8Qtx9WzM0tQ1EwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DRkQzOTUyMUNCNzBEMzdEMURDNkNGNDhFNTUyRTJFMDc5
Njk3Q0EwOERDNThBMTRGQjQxOEJGNjMyNjNENEI4LzAvREExMDU3QkNGNjdFN0JE
OThEQThBRjEwQjcxRjU2Q0NDRDJENDM1MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQTEwNTdCQ0Y2N0U3QkQ5OERB
OEFGMTBCNzFGNTZDQ0NEMkQ0MzUxLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQ0ZEMzk1MjFDQjcwRDM3RDFEQzZDRjQ4RTU1MkUyRTA3OTY5N0NBMDhE
QzU4QTE0RkI0MThCRjYzMjYzRDRCOC8wLzMxMzYzMTJlMzIzMjJlMzMzMzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczMjM4MzAzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKEWITAN
BgkqhkiG9w0BAQsFAAOCAQEAK6RcpSu0ad0zD7s8JSW3rY+6utWmqE7c1aCjzPD+
NXwPg7ZYm3Rme6Qc2zrJ604opKWtBjDjeNWfoQKCIVpFP5q4R5cNMps+pQcRH+d9
jEkxkJFZpVXk/UAMbVI/ORKwpLrcpZvN/NWtfiSR2oEUUS/2JY+t3zd+7rCe4W29
JL+1LQl16/lqYaxRs3/CkHQZQPvdfrgnR0U1zVxSHd2UyMVOGEK2EPvGC0+sC5uo
zqJJdPPbAlOfuUdh5zLNaEPxBQMjPAydX+GMi2JC9+i3GzeoyIe0LIO83hZqSKg8
mXnibSfj0jRlruesZnOBRG29jiWpmT4k43p6d+smZCJVqg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:27:17 2024 by rpki-client on console-ams.rpki-client.org