Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D19FB2BD0CD9787A5639651E8AC421160B51F312FBB6FD1A5A01D0DBC60E19E9/0/3134332e3235352e3134302e302f32322d3332203d3e20323032.roa
File:                     3134332e3235352e3134302e302f32322d3332203d3e20323032.roa (raw, json)
Hash identifier:          iELmHJwsG+l1ZasdyrShOYPUsPM1pBySWGoOb/dgvgg=
Subject key identifier:   B2:1F:92:FA:5F:FE:B0:18:0F:9C:5F:64:C7:B5:FF:6C:18:EB:7D:2C
Certificate issuer:       /CN=85BF38FA438F4F872458ED36423D1AA7F85DB52A
Certificate serial:       78FFE47689A1FF7D48E5654266F75B27E59C15A7
Authority key identifier: 85:BF:38:FA:43:8F:4F:87:24:58:ED:36:42:3D:1A:A7:F8:5D:B5:2A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85BF38FA438F4F872458ED36423D1AA7F85DB52A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D19FB2BD0CD9787A5639651E8AC421160B51F312FBB6FD1A5A01D0DBC60E19E9/0/3134332e3235352e3134302e302f32322d3332203d3e20323032.roa
Signing time:             Mon 14 Oct 2024 18:50:00 +0000
ROA not before:           Mon 14 Oct 2024 18:45:00 +0000
ROA not after:            Mon 13 Oct 2025 18:50:00 +0000
asID:                     202
IP address blocks:        143.255.140.0/22 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D19FB2BD0CD9787A5639651E8AC421160B51F312FBB6FD1A5A01D0DBC60E19E9/0/85BF38FA438F4F872458ED36423D1AA7F85DB52A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D19FB2BD0CD9787A5639651E8AC421160B51F312FBB6FD1A5A01D0DBC60E19E9/0/85BF38FA438F4F872458ED36423D1AA7F85DB52A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85BF38FA438F4F872458ED36423D1AA7F85DB52A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 07:58:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:ff:e4:76:89:a1:ff:7d:48:e5:65:42:66:f7:5b:27:e5:9c:15:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85BF38FA438F4F872458ED36423D1AA7F85DB52A
        Validity
            Not Before: Oct 14 18:45:00 2024 GMT
            Not After : Oct 13 18:50:00 2025 GMT
        Subject: CN=B21F92FA5FFEB0180F9C5F64C7B5FF6C18EB7D2C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:bd:99:93:78:ba:59:9a:e8:e6:1b:bb:55:21:
                    e1:2c:88:3d:3d:06:04:36:61:24:b4:5d:7a:97:52:
                    eb:5d:58:43:92:41:d0:aa:41:cb:f0:40:dc:c8:d1:
                    0e:4c:59:2e:00:04:96:0d:dc:af:1f:3b:92:8b:61:
                    27:8e:66:54:4b:fd:51:d3:9f:a5:7c:95:97:94:89:
                    f6:f7:7c:86:9a:67:25:ca:cd:dc:26:cb:3d:df:01:
                    4d:4e:fc:7d:c3:5d:1a:da:b0:f6:7a:70:d4:97:3f:
                    66:01:95:64:b8:b0:2c:93:ac:eb:36:c9:10:85:d0:
                    7b:0b:1a:c6:bc:4f:7b:47:02:a4:69:c5:b7:f6:ac:
                    9f:a6:55:4b:60:b6:a1:cc:63:1a:39:a2:61:d0:d8:
                    9c:42:68:e3:de:80:ea:28:ac:8c:e2:80:fe:98:4b:
                    91:23:9f:e4:e7:49:d6:b5:2d:64:d6:31:2c:08:c2:
                    7b:bd:18:c3:67:8d:5e:05:ed:c8:d7:a0:dc:e2:f5:
                    95:d5:67:15:3f:f5:28:d7:35:01:d3:3b:c1:12:88:
                    6b:d8:e4:72:d0:f8:20:30:c7:d7:2f:5c:da:8e:99:
                    79:4e:cc:de:71:ca:1a:dc:03:9d:6a:6b:69:01:63:
                    86:0a:b1:73:54:ed:d3:9c:96:4a:ef:ea:5f:45:42:
                    e2:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:1F:92:FA:5F:FE:B0:18:0F:9C:5F:64:C7:B5:FF:6C:18:EB:7D:2C
            X509v3 Authority Key Identifier:
                keyid:85:BF:38:FA:43:8F:4F:87:24:58:ED:36:42:3D:1A:A7:F8:5D:B5:2A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D19FB2BD0CD9787A5639651E8AC421160B51F312FBB6FD1A5A01D0DBC60E19E9/0/85BF38FA438F4F872458ED36423D1AA7F85DB52A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85BF38FA438F4F872458ED36423D1AA7F85DB52A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D19FB2BD0CD9787A5639651E8AC421160B51F312FBB6FD1A5A01D0DBC60E19E9/0/3134332e3235352e3134302e302f32322d3332203d3e20323032.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.255.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:2d:ab:f1:b1:89:07:be:6d:51:44:4f:a7:3a:64:3f:6e:32:
         54:e6:53:60:89:21:1d:24:76:d3:e3:a0:49:b7:fa:19:d2:2d:
         96:e1:ec:e5:a9:12:24:ad:a3:f7:63:71:6f:52:87:b5:45:80:
         92:36:86:0c:0b:24:1b:7b:04:6a:71:bc:52:04:85:b2:50:f5:
         85:ae:c2:88:58:d1:1a:5e:03:63:f2:d4:c8:66:d2:57:a0:15:
         3c:d0:63:3d:38:76:56:f6:e0:15:bc:6a:c5:69:a7:ae:47:c0:
         a5:4b:3b:11:1b:1d:d9:b7:52:d6:1e:46:47:8d:01:b4:07:cc:
         06:5e:e8:51:19:a2:d9:db:c2:44:42:1b:2c:fe:6a:5c:05:a1:
         bb:41:22:95:1b:51:c3:48:9e:8b:e3:8a:05:36:88:59:b5:02:
         ad:43:9b:52:65:13:df:eb:62:40:73:11:e8:9f:45:45:6c:5d:
         21:2b:cb:31:bc:3e:9c:12:aa:4e:2a:15:97:79:7b:d8:6b:f0:
         73:32:04:8a:bb:4c:3c:71:2d:c3:48:16:98:53:fe:9b:74:21:
         ad:70:2a:60:c3:bd:56:0b:dd:bb:18:52:11:00:8f:2e:0b:33:
         1e:26:28:2f:c3:17:b8:ca:14:5a:6a:01:df:cc:2b:63:b8:2b:
         dc:b0:52:15
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUeP/kdomh/31I5WVCZvdbJ+WcFacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVCRjM4RkE0MzhGNEY4NzI0NThFRDM2NDIzRDFBQTdG
ODVEQjUyQTAeFw0yNDEwMTQxODQ1MDBaFw0yNTEwMTMxODUwMDBaMDMxMTAvBgNV
BAMTKEIyMUY5MkZBNUZGRUIwMTgwRjlDNUY2NEM3QjVGRjZDMThFQjdEMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCavZmTeLpZmujmG7tVIeEsiD09
BgQ2YSS0XXqXUutdWEOSQdCqQcvwQNzI0Q5MWS4ABJYN3K8fO5KLYSeOZlRL/VHT
n6V8lZeUifb3fIaaZyXKzdwmyz3fAU1O/H3DXRrasPZ6cNSXP2YBlWS4sCyTrOs2
yRCF0HsLGsa8T3tHAqRpxbf2rJ+mVUtgtqHMYxo5omHQ2JxCaOPegOoorIzigP6Y
S5Ejn+TnSda1LWTWMSwIwnu9GMNnjV4F7cjXoNzi9ZXVZxU/9SjXNQHTO8ESiGvY
5HLQ+CAwx9cvXNqOmXlOzN5xyhrcA51qa2kBY4YKsXNU7dOclkrv6l9FQuKlAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUsh+S+l/+sBgPnF9kx7X/bBjrfSwwHwYDVR0j
BBgwFoAUhb84+kOPT4ckWO02Qj0ap/hdtSowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMTlGQjJCRDBDRDk3ODdBNTYzOTY1MUU4QUM0MjExNjBC
NTFGMzEyRkJCNkZEMUE1QTAxRDBEQkM2MEUxOUU5LzAvODVCRjM4RkE0MzhGNEY4
NzI0NThFRDM2NDIzRDFBQTdGODVEQjUyQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUJGMzhGQTQzOEY0Rjg3MjQ1
OEVEMzY0MjNEMUFBN0Y4NURCNTJBLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDE5RkIyQkQwQ0Q5Nzg3QTU2Mzk2NTFFOEFDNDIxMTYwQjUxRjMxMkZC
QjZGRDFBNUEwMUQwREJDNjBFMTlFOS8wLzMxMzQzMzJlMzIzNTM1MmUzMTM0MzAy
ZTMwMmYzMjMyMmQzMzMyMjAzZDNlMjAzMjMwMzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKP/4wwDQYJ
KoZIhvcNAQELBQADggEBAGotq/GxiQe+bVFET6c6ZD9uMlTmU2CJIR0kdtPjoEm3
+hnSLZbh7OWpEiSto/djcW9Sh7VFgJI2hgwLJBt7BGpxvFIEhbJQ9YWuwohY0Rpe
A2Py1Mhm0legFTzQYz04dlb24BW8asVpp65HwKVLOxEbHdm3UtYeRkeNAbQHzAZe
6FEZotnbwkRCGyz+alwFobtBIpUbUcNInovjigU2iFm1Aq1Dm1JlE9/rYkBzEeif
RUVsXSEryzG8PpwSqk4qFZd5e9hr8HMyBIq7TDxxLcNIFphT/pt0Ia1wKmDDvVYL
3bsYUhEAjy4LMx4mKC/DF7jKFFpqAd/MK2O4K9ywUhU=
-----END CERTIFICATE-----
Generated at Wed Oct 30 00:59:52 2024 by rpki-client on console-fra.rpki-client.org