Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D0F288FE2D53A9C5DED4B2B22BA6363F98330063CDBE4E887469C592D2932D8F/0/3137302e37382e3131322e302f32322d3234203d3e20323636373736.roa
File:                     3137302e37382e3131322e302f32322d3234203d3e20323636373736.roa (raw, json)
Hash identifier:          6QTjn+3B1fhIReH4JEUrvF3ZItPwnRlrXUpamablTiI=
Subject key identifier:   56:AA:3A:11:86:31:B5:32:D9:43:A6:B6:54:14:3D:C6:37:6E:C4:04
Certificate issuer:       /CN=F6AC6286FF6357F056651F16EECA488E32411C7A
Certificate serial:       678722FC72B60606E881FE22B7BF277E18B287C0
Authority key identifier: F6:AC:62:86:FF:63:57:F0:56:65:1F:16:EE:CA:48:8E:32:41:1C:7A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F6AC6286FF6357F056651F16EECA488E32411C7A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D0F288FE2D53A9C5DED4B2B22BA6363F98330063CDBE4E887469C592D2932D8F/0/3137302e37382e3131322e302f32322d3234203d3e20323636373736.roa
Signing time:             Tue 05 Mar 2024 17:58:09 +0000
ROA not before:           Tue 05 Mar 2024 17:53:09 +0000
ROA not after:            Tue 04 Mar 2025 17:58:09 +0000
asID:                     266776
IP address blocks:        170.78.112.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D0F288FE2D53A9C5DED4B2B22BA6363F98330063CDBE4E887469C592D2932D8F/0/F6AC6286FF6357F056651F16EECA488E32411C7A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D0F288FE2D53A9C5DED4B2B22BA6363F98330063CDBE4E887469C592D2932D8F/0/F6AC6286FF6357F056651F16EECA488E32411C7A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F6AC6286FF6357F056651F16EECA488E32411C7A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:87:22:fc:72:b6:06:06:e8:81:fe:22:b7:bf:27:7e:18:b2:87:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F6AC6286FF6357F056651F16EECA488E32411C7A
        Validity
            Not Before: Mar  5 17:53:09 2024 GMT
            Not After : Mar  4 17:58:09 2025 GMT
        Subject: CN=56AA3A118631B532D943A6B654143DC6376EC404
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:35:d7:9c:83:cf:d2:e5:8f:1c:1b:fa:22:0e:
                    34:fa:9d:94:24:ed:f6:1c:2c:bf:0a:ed:bf:fd:c6:
                    77:11:fb:02:b1:6e:aa:31:e7:29:30:f4:3a:2f:24:
                    bc:8b:a2:3e:be:54:00:ef:14:e8:45:18:0b:5e:14:
                    e5:3c:a5:23:1f:37:6a:6c:66:9d:4f:a9:75:97:c5:
                    e8:ac:08:78:a2:40:20:84:e1:71:34:a1:0f:db:e3:
                    64:74:fb:be:da:f4:2d:19:24:9b:7d:de:1d:99:d6:
                    27:7c:8f:45:0b:33:00:90:35:71:f8:02:22:07:9c:
                    83:db:be:3c:6b:2b:a6:63:76:b3:03:cd:e7:53:63:
                    aa:3b:ea:dd:cd:fd:e3:08:43:7a:69:30:12:d6:a2:
                    24:86:58:67:37:cc:52:26:41:71:62:f2:42:6a:b7:
                    21:1b:55:b8:94:71:d4:d6:c1:60:6f:3e:3a:5f:4c:
                    4f:d2:3d:e8:2b:e2:88:dc:6c:98:0b:12:59:fe:96:
                    a4:fc:01:ea:58:e2:42:13:67:30:a6:56:4f:81:5d:
                    f7:68:ff:1f:c0:aa:5e:2e:f2:1e:a6:f4:e4:25:cc:
                    19:4e:19:19:f7:db:8c:6d:9f:75:31:3e:0f:e2:bf:
                    e2:10:b6:df:01:9c:eb:e2:a7:3a:cd:b7:b1:c1:d6:
                    86:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:AA:3A:11:86:31:B5:32:D9:43:A6:B6:54:14:3D:C6:37:6E:C4:04
            X509v3 Authority Key Identifier:
                keyid:F6:AC:62:86:FF:63:57:F0:56:65:1F:16:EE:CA:48:8E:32:41:1C:7A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D0F288FE2D53A9C5DED4B2B22BA6363F98330063CDBE4E887469C592D2932D8F/0/F6AC6286FF6357F056651F16EECA488E32411C7A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F6AC6286FF6357F056651F16EECA488E32411C7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D0F288FE2D53A9C5DED4B2B22BA6363F98330063CDBE4E887469C592D2932D8F/0/3137302e37382e3131322e302f32322d3234203d3e20323636373736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.78.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         13:22:bd:58:3a:c2:57:41:68:30:5e:29:f1:d3:77:0f:16:ee:
         ac:57:0f:b1:6e:a0:e3:f1:50:ca:dd:0b:d5:5f:e9:39:4b:e0:
         2f:46:68:af:a7:9a:3a:85:52:50:2b:1d:63:12:f6:c3:42:cb:
         5d:c6:48:5b:63:28:9d:da:7f:dc:61:2c:e2:54:26:93:21:f2:
         0b:61:6e:46:6d:85:dd:68:22:91:dd:b3:25:27:83:92:79:51:
         2f:4a:b5:0c:54:2a:9c:f0:28:d2:b7:d1:26:a4:c6:99:5a:a3:
         30:e6:17:c3:3c:48:d3:17:d6:52:13:3f:15:1b:e3:7c:d8:5f:
         6b:7b:5a:d1:2b:bd:ad:af:a6:f4:c7:2b:ad:46:09:35:08:ea:
         a5:ba:3a:8e:8b:1a:84:7e:ab:fc:bf:2c:57:b9:9d:be:ff:05:
         eb:18:ec:a2:e7:04:4d:58:4e:e2:f0:ed:12:c0:f2:27:bc:ab:
         fb:15:c1:36:d9:59:85:0f:64:3a:d0:51:1e:51:f5:3f:60:15:
         cb:be:40:c7:88:8e:cd:42:68:c1:3c:d9:ab:7e:17:65:da:47:
         7a:16:84:e6:ad:67:d7:72:18:93:6a:db:eb:fb:69:cf:4d:df:
         f4:77:ae:b1:b3:b2:52:41:c9:2a:89:9b:62:df:70:1e:bc:17:
         2b:3e:02:49
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUZ4ci/HK2Bgbogf4it78nfhiyh8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjZBQzYyODZGRjYzNTdGMDU2NjUxRjE2RUVDQTQ4OEUz
MjQxMUM3QTAeFw0yNDAzMDUxNzUzMDlaFw0yNTAzMDQxNzU4MDlaMDMxMTAvBgNV
BAMTKDU2QUEzQTExODYzMUI1MzJEOTQzQTZCNjU0MTQzREM2Mzc2RUM0MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxNdecg8/S5Y8cG/oiDjT6nZQk
7fYcLL8K7b/9xncR+wKxbqox5ykw9DovJLyLoj6+VADvFOhFGAteFOU8pSMfN2ps
Zp1PqXWXxeisCHiiQCCE4XE0oQ/b42R0+77a9C0ZJJt93h2Z1id8j0ULMwCQNXH4
AiIHnIPbvjxrK6ZjdrMDzedTY6o76t3N/eMIQ3ppMBLWoiSGWGc3zFImQXFi8kJq
tyEbVbiUcdTWwWBvPjpfTE/SPegr4ojcbJgLEln+lqT8AepY4kITZzCmVk+BXfdo
/x/Aql4u8h6m9OQlzBlOGRn324xtn3UxPg/iv+IQtt8BnOvipzrNt7HB1ob9AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUVqo6EYYxtTLZQ6a2VBQ9xjduxAQwHwYDVR0j
BBgwFoAU9qxihv9jV/BWZR8W7spIjjJBHHowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMEYyODhGRTJENTNBOUM1REVENEIyQjIyQkE2MzYzRjk4
MzMwMDYzQ0RCRTRFODg3NDY5QzU5MkQyOTMyRDhGLzAvRjZBQzYyODZGRjYzNTdG
MDU2NjUxRjE2RUVDQTQ4OEUzMjQxMUM3QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GNkFDNjI4NkZGNjM1N0YwNTY2
NTFGMTZFRUNBNDg4RTMyNDExQzdBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDBGMjg4RkUyRDUzQTlDNURFRDRCMkIyMkJBNjM2M0Y5ODMzMDA2M0NE
QkU0RTg4NzQ2OUM1OTJEMjkzMkQ4Ri8wLzMxMzczMDJlMzczODJlMzEzMTMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM2MzczNzM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqk5w
MA0GCSqGSIb3DQEBCwUAA4IBAQATIr1YOsJXQWgwXinx03cPFu6sVw+xbqDj8VDK
3QvVX+k5S+AvRmivp5o6hVJQKx1jEvbDQstdxkhbYyid2n/cYSziVCaTIfILYW5G
bYXdaCKR3bMlJ4OSeVEvSrUMVCqc8CjSt9EmpMaZWqMw5hfDPEjTF9ZSEz8VG+N8
2F9re1rRK72tr6b0xyutRgk1COqlujqOixqEfqv8vyxXuZ2+/wXrGOyi5wRNWE7i
8O0SwPInvKv7FcE22VmFD2Q60FEeUfU/YBXLvkDHiI7NQmjBPNmrfhdl2kd6FoTm
rWfXchiTatvr+2nPTd/0d66xs7JSQckqiZti33AevBcrPgJJ
-----END CERTIFICATE-----
Generated at Wed Nov 20 08:43:11 2024 by rpki-client on console-fra.rpki-client.org