Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D165758D14E0C972F8BA5603302507FE8A677E7223D72A8211AE62DBD5565E7D/0/3139302e3135312e3132382e302f32322d3232203d3e20323632323037.roa
File:                     3139302e3135312e3132382e302f32322d3232203d3e20323632323037.roa (raw, json)
Hash identifier:          QZ6II3wBjXJc/upnVchmFmMJJT6wlfL2V9CxUdtBhMQ=
Subject key identifier:   EB:AB:1B:3D:45:43:6A:50:68:00:12:FA:24:A4:2D:C5:9A:F8:AA:45
Certificate issuer:       /CN=89BE1B948EADFCFCFDF457A0A903F357865A2553
Certificate serial:       24AD290BD455DA770E2565D79FD3E46A24F96D85
Authority key identifier: 89:BE:1B:94:8E:AD:FC:FC:FD:F4:57:A0:A9:03:F3:57:86:5A:25:53
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/89BE1B948EADFCFCFDF457A0A903F357865A2553.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D165758D14E0C972F8BA5603302507FE8A677E7223D72A8211AE62DBD5565E7D/0/3139302e3135312e3132382e302f32322d3232203d3e20323632323037.roa
Signing time:             Tue 05 Mar 2024 18:19:41 +0000
ROA not before:           Tue 05 Mar 2024 18:14:41 +0000
ROA not after:            Tue 04 Mar 2025 18:19:41 +0000
asID:                     262207
IP address blocks:        190.151.128.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D165758D14E0C972F8BA5603302507FE8A677E7223D72A8211AE62DBD5565E7D/0/89BE1B948EADFCFCFDF457A0A903F357865A2553.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D165758D14E0C972F8BA5603302507FE8A677E7223D72A8211AE62DBD5565E7D/0/89BE1B948EADFCFCFDF457A0A903F357865A2553.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/89BE1B948EADFCFCFDF457A0A903F357865A2553.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:ad:29:0b:d4:55:da:77:0e:25:65:d7:9f:d3:e4:6a:24:f9:6d:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89BE1B948EADFCFCFDF457A0A903F357865A2553
        Validity
            Not Before: Mar  5 18:14:41 2024 GMT
            Not After : Mar  4 18:19:41 2025 GMT
        Subject: CN=EBAB1B3D45436A50680012FA24A42DC59AF8AA45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:7f:09:05:38:9b:b9:7e:2e:4c:70:8e:44:91:
                    f4:71:d9:e2:c8:d3:84:15:08:e5:89:78:aa:51:22:
                    d8:25:40:c4:cf:7f:cc:7a:62:66:78:a7:8f:4e:8c:
                    a9:5a:57:1e:30:84:40:98:07:3a:31:04:e2:a3:56:
                    b6:07:ff:05:80:b8:94:75:d9:d1:7f:a8:1a:31:af:
                    16:22:2f:85:f6:cc:19:3c:ed:29:2f:0a:6a:71:58:
                    ae:64:31:f0:a4:91:d3:44:e3:e2:64:7d:4f:d1:1e:
                    06:27:7c:2a:9a:3e:92:42:df:0f:78:f9:d8:52:76:
                    d7:bf:d9:48:64:09:65:4c:c9:93:ad:82:ea:3b:05:
                    79:f1:86:be:97:68:31:e9:72:d4:3d:13:8c:b2:31:
                    fc:71:ba:ea:7f:43:7c:80:9e:fa:25:c3:c2:7f:04:
                    b2:8e:f5:e7:8f:90:4d:0e:5d:9b:b1:6a:ed:6a:52:
                    0f:79:02:f5:57:a6:5a:49:a7:02:d8:0f:8c:f5:14:
                    ed:13:cf:c8:5f:33:a6:92:9a:86:9c:4f:a3:2e:59:
                    c5:da:bb:c4:6b:63:de:65:04:f5:91:1d:07:b3:ed:
                    8b:e1:2a:06:8d:b8:16:c1:51:00:b4:2f:07:e3:64:
                    05:d2:f1:cb:b8:e7:03:f6:14:a7:8b:ba:6b:99:be:
                    62:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:AB:1B:3D:45:43:6A:50:68:00:12:FA:24:A4:2D:C5:9A:F8:AA:45
            X509v3 Authority Key Identifier:
                keyid:89:BE:1B:94:8E:AD:FC:FC:FD:F4:57:A0:A9:03:F3:57:86:5A:25:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D165758D14E0C972F8BA5603302507FE8A677E7223D72A8211AE62DBD5565E7D/0/89BE1B948EADFCFCFDF457A0A903F357865A2553.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/89BE1B948EADFCFCFDF457A0A903F357865A2553.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D165758D14E0C972F8BA5603302507FE8A677E7223D72A8211AE62DBD5565E7D/0/3139302e3135312e3132382e302f32322d3232203d3e20323632323037.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.151.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0e:ff:f7:c8:f7:ae:0b:77:82:b6:d3:3b:61:77:f8:d3:5c:bd:
         17:0a:e9:77:35:fb:3e:93:ce:b7:63:82:b9:ec:67:11:1c:dd:
         86:19:81:71:19:ff:5d:54:94:84:df:c1:5c:58:86:48:c2:fa:
         23:ce:26:aa:bb:60:78:f0:d7:0b:a8:f7:28:13:dd:88:56:c8:
         32:ab:9d:3b:b7:e2:24:71:81:8e:78:ac:00:f1:3b:37:67:aa:
         96:e7:84:fe:7f:c6:22:53:46:f7:24:f1:74:b6:b2:a6:8b:6c:
         67:81:66:bf:76:0b:a5:e5:43:6a:22:2d:30:dc:10:ff:85:32:
         c2:84:3b:a2:00:82:c6:4a:1c:56:cc:bf:94:58:8a:1b:b4:13:
         92:37:f8:7e:31:fb:ea:ff:8d:5c:c4:df:08:1a:9a:24:01:32:
         f6:49:f2:9e:4e:fc:c4:15:1c:30:a4:61:9b:ce:6b:ed:a5:6e:
         b9:17:1c:a6:86:3a:b9:66:34:96:e9:b5:2b:bd:af:07:44:4d:
         6e:cb:da:e7:c4:d0:ad:02:d1:53:42:ed:95:55:2f:91:eb:ff:
         34:07:6c:a4:34:b9:f1:72:0a:1c:f9:19:88:d5:c8:8f:4d:ad:
         d5:eb:d1:9b:4d:88:39:31:73:31:ac:5b:06:36:e8:13:7f:b1:
         b0:cb:6f:e5
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUJK0pC9RV2ncOJWXXn9PkaiT5bYUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODlCRTFCOTQ4RUFERkNGQ0ZERjQ1N0EwQTkwM0YzNTc4
NjVBMjU1MzAeFw0yNDAzMDUxODE0NDFaFw0yNTAzMDQxODE5NDFaMDMxMTAvBgNV
BAMTKEVCQUIxQjNENDU0MzZBNTA2ODAwMTJGQTI0QTQyREM1OUFGOEFBNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCfwkFOJu5fi5McI5EkfRx2eLI
04QVCOWJeKpRItglQMTPf8x6YmZ4p49OjKlaVx4whECYBzoxBOKjVrYH/wWAuJR1
2dF/qBoxrxYiL4X2zBk87SkvCmpxWK5kMfCkkdNE4+JkfU/RHgYnfCqaPpJC3w94
+dhSdte/2UhkCWVMyZOtguo7BXnxhr6XaDHpctQ9E4yyMfxxuup/Q3yAnvolw8J/
BLKO9eePkE0OXZuxau1qUg95AvVXplpJpwLYD4z1FO0Tz8hfM6aSmoacT6MuWcXa
u8RrY95lBPWRHQez7YvhKgaNuBbBUQC0LwfjZAXS8cu45wP2FKeLumuZvmJHAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU66sbPUVDalBoABL6JKQtxZr4qkUwHwYDVR0j
BBgwFoAUib4blI6t/Pz99FegqQPzV4ZaJVMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMTY1NzU4RDE0RTBDOTcyRjhCQTU2MDMzMDI1MDdGRThB
Njc3RTcyMjNENzJBODIxMUFFNjJEQkQ1NTY1RTdELzAvODlCRTFCOTQ4RUFERkNG
Q0ZERjQ1N0EwQTkwM0YzNTc4NjVBMjU1My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84OUJFMUI5NDhFQURGQ0ZDRkRG
NDU3QTBBOTAzRjM1Nzg2NUEyNTUzLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDE2NTc1OEQxNEUwQzk3MkY4QkE1NjAzMzAyNTA3RkU4QTY3N0U3MjIz
RDcyQTgyMTFBRTYyREJENTU2NUU3RC8wLzMxMzkzMDJlMzEzNTMxMmUzMTMyMzgy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM2MzIzMjMwMzcucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK+
l4AwDQYJKoZIhvcNAQELBQADggEBAA7/98j3rgt3grbTO2F3+NNcvRcK6Xc1+z6T
zrdjgrnsZxEc3YYZgXEZ/11UlITfwVxYhkjC+iPOJqq7YHjw1wuo9ygT3YhWyDKr
nTu34iRxgY54rADxOzdnqpbnhP5/xiJTRvck8XS2sqaLbGeBZr92C6XlQ2oiLTDc
EP+FMsKEO6IAgsZKHFbMv5RYihu0E5I3+H4x++r/jVzE3wgamiQBMvZJ8p5O/MQV
HDCkYZvOa+2lbrkXHKaGOrlmNJbptSu9rwdETW7L2ufE0K0C0VNC7ZVVL5Hr/zQH
bKQ0ufFyChz5GYjVyI9NrdXr0ZtNiDkxczGsWwY26BN/sbDLb+U=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:47:01 2024 by rpki-client on console-ams.rpki-client.org