Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D2F3C520B16F36A3CD65033D6705BDEF2711280BEF3F2A03A238DDEF2D567FD4/0/3138312e3233332e3138302e302f32332d3234203d3e203532333733.roa
File:                     3138312e3233332e3138302e302f32332d3234203d3e203532333733.roa (raw, json)
Hash identifier:          3s1WUZkQMQ1JzPERBqvOnHGGg5gZDitFeWqfHgF6waw=
Subject key identifier:   8F:AF:22:66:7F:61:73:8A:82:4E:E1:85:4E:6F:F1:EA:BA:E3:67:48
Certificate issuer:       /CN=FDA5A352F4B8A15FDA0AC9ED2B3289C3222CBACF
Certificate serial:       68B03D7B8B4A57436CD71D44B21437C8CEABFF95
Authority key identifier: FD:A5:A3:52:F4:B8:A1:5F:DA:0A:C9:ED:2B:32:89:C3:22:2C:BA:CF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FDA5A352F4B8A15FDA0AC9ED2B3289C3222CBACF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D2F3C520B16F36A3CD65033D6705BDEF2711280BEF3F2A03A238DDEF2D567FD4/0/3138312e3233332e3138302e302f32332d3234203d3e203532333733.roa
Signing time:             Tue 05 Mar 2024 18:13:01 +0000
ROA not before:           Tue 05 Mar 2024 18:08:01 +0000
ROA not after:            Tue 04 Mar 2025 18:13:01 +0000
asID:                     52373
IP address blocks:        181.233.180.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D2F3C520B16F36A3CD65033D6705BDEF2711280BEF3F2A03A238DDEF2D567FD4/0/FDA5A352F4B8A15FDA0AC9ED2B3289C3222CBACF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D2F3C520B16F36A3CD65033D6705BDEF2711280BEF3F2A03A238DDEF2D567FD4/0/FDA5A352F4B8A15FDA0AC9ED2B3289C3222CBACF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FDA5A352F4B8A15FDA0AC9ED2B3289C3222CBACF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:b0:3d:7b:8b:4a:57:43:6c:d7:1d:44:b2:14:37:c8:ce:ab:ff:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FDA5A352F4B8A15FDA0AC9ED2B3289C3222CBACF
        Validity
            Not Before: Mar  5 18:08:01 2024 GMT
            Not After : Mar  4 18:13:01 2025 GMT
        Subject: CN=8FAF22667F61738A824EE1854E6FF1EABAE36748
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:57:c2:8f:d0:1f:f4:7e:4f:31:0c:58:ec:6f:
                    63:ef:76:4b:f9:40:59:ad:40:30:02:e3:32:ca:b6:
                    0f:44:02:de:26:82:63:fe:66:d6:9f:a2:d0:12:85:
                    df:2a:18:14:11:33:75:2e:d8:d5:a1:ee:7a:7d:02:
                    76:5d:78:be:c9:89:0c:70:91:bd:d3:b5:86:9a:3b:
                    ac:d2:f3:8e:ba:13:bf:fd:a2:28:6a:50:a6:18:0d:
                    47:1e:ab:81:94:34:89:55:f4:95:21:95:13:e0:1b:
                    e7:48:6c:27:4f:8f:53:a8:1c:dc:09:4d:c4:92:df:
                    42:fb:5e:e4:48:83:87:84:70:72:19:df:3a:0a:3a:
                    55:74:f1:36:3d:b3:4c:06:2f:71:86:48:73:00:3d:
                    dd:f7:7c:e2:a2:6e:de:65:74:2d:cc:28:8f:2b:b4:
                    d9:e6:6e:62:45:f8:c1:2f:59:b0:b1:4d:81:76:66:
                    c7:11:86:6f:19:2c:ac:c5:b5:60:1e:88:cb:2f:80:
                    88:4b:69:07:11:b1:2f:cc:42:a1:e7:b5:96:66:e1:
                    10:e1:b4:53:3d:59:92:98:79:83:cc:8b:d0:06:e8:
                    17:43:8b:ab:da:e7:7b:cf:b6:22:a3:08:5e:48:c1:
                    18:d1:0c:d7:8a:57:0e:35:5c:16:5d:2b:45:81:48:
                    39:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:AF:22:66:7F:61:73:8A:82:4E:E1:85:4E:6F:F1:EA:BA:E3:67:48
            X509v3 Authority Key Identifier:
                keyid:FD:A5:A3:52:F4:B8:A1:5F:DA:0A:C9:ED:2B:32:89:C3:22:2C:BA:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D2F3C520B16F36A3CD65033D6705BDEF2711280BEF3F2A03A238DDEF2D567FD4/0/FDA5A352F4B8A15FDA0AC9ED2B3289C3222CBACF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FDA5A352F4B8A15FDA0AC9ED2B3289C3222CBACF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D2F3C520B16F36A3CD65033D6705BDEF2711280BEF3F2A03A238DDEF2D567FD4/0/3138312e3233332e3138302e302f32332d3234203d3e203532333733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.233.180.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7c:dd:9b:fb:03:48:24:62:08:c0:96:69:1c:eb:07:aa:7f:c1:
         80:b6:80:5b:71:74:20:04:2e:f7:7b:41:b6:0d:cc:b6:f7:a2:
         2e:7f:5d:d4:7d:85:c6:dd:26:d9:3b:a2:af:c0:ac:1c:b3:2f:
         c3:96:c7:e1:25:64:9c:d3:76:b8:3c:56:8f:b3:e3:b4:af:9e:
         e2:b3:f9:c2:68:4b:28:36:7c:09:01:af:de:e2:e5:1a:0d:46:
         03:69:29:15:69:65:4d:b3:a5:be:d4:79:d4:27:0b:3a:c4:40:
         82:4f:5a:05:a7:99:2e:34:9e:c5:4c:92:cf:b0:c7:68:ac:0b:
         08:f3:8e:99:50:b9:29:11:ee:d2:45:e2:fe:ca:6e:ae:ff:e0:
         0e:1f:74:fc:93:32:0f:42:31:86:2b:b8:f1:18:60:ed:61:f7:
         04:4e:2f:cf:8c:cb:21:e6:6b:74:d4:f7:41:3c:dd:e0:47:11:
         a7:99:46:83:4b:5e:68:f5:5a:18:7c:bd:7d:23:27:01:4a:03:
         5d:77:d9:66:fb:bb:4a:e8:a6:7e:08:9b:e5:c8:c0:ae:6c:d3:
         e8:78:89:41:57:b7:36:63:ff:70:c6:09:0c:1d:5f:30:cb:70:
         28:ca:37:9e:a7:d7:03:ee:48:bd:18:64:9b:d7:8b:35:f1:40:
         24:d5:24:58
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUaLA9e4tKV0Ns1x1EshQ3yM6r/5UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkRBNUEzNTJGNEI4QTE1RkRBMEFDOUVEMkIzMjg5QzMy
MjJDQkFDRjAeFw0yNDAzMDUxODA4MDFaFw0yNTAzMDQxODEzMDFaMDMxMTAvBgNV
BAMTKDhGQUYyMjY2N0Y2MTczOEE4MjRFRTE4NTRFNkZGMUVBQkFFMzY3NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1V8KP0B/0fk8xDFjsb2Pvdkv5
QFmtQDAC4zLKtg9EAt4mgmP+ZtafotAShd8qGBQRM3Uu2NWh7np9AnZdeL7JiQxw
kb3TtYaaO6zS8466E7/9oihqUKYYDUceq4GUNIlV9JUhlRPgG+dIbCdPj1OoHNwJ
TcSS30L7XuRIg4eEcHIZ3zoKOlV08TY9s0wGL3GGSHMAPd33fOKibt5ldC3MKI8r
tNnmbmJF+MEvWbCxTYF2ZscRhm8ZLKzFtWAeiMsvgIhLaQcRsS/MQqHntZZm4RDh
tFM9WZKYeYPMi9AG6BdDi6va53vPtiKjCF5IwRjRDNeKVw41XBZdK0WBSDnhAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUj68iZn9hc4qCTuGFTm/x6rrjZ0gwHwYDVR0j
BBgwFoAU/aWjUvS4oV/aCsntKzKJwyIsus8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMkYzQzUyMEIxNkYzNkEzQ0Q2NTAzM0Q2NzA1QkRFRjI3
MTEyODBCRUYzRjJBMDNBMjM4RERFRjJENTY3RkQ0LzAvRkRBNUEzNTJGNEI4QTE1
RkRBMEFDOUVEMkIzMjg5QzMyMjJDQkFDRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GREE1QTM1MkY0QjhBMTVGREEw
QUM5RUQyQjMyODlDMzIyMkNCQUNGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDJGM0M1MjBCMTZGMzZBM0NENjUwMzNENjcwNUJERUYyNzExMjgwQkVG
M0YyQTAzQTIzOERERUYyRDU2N0ZENC8wLzMxMzgzMTJlMzIzMzMzMmUzMTM4MzAy
ZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNTMyMzMzNzMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBtem0
MA0GCSqGSIb3DQEBCwUAA4IBAQB83Zv7A0gkYgjAlmkc6weqf8GAtoBbcXQgBC73
e0G2Dcy296Iuf13UfYXG3SbZO6KvwKwcsy/DlsfhJWSc03a4PFaPs+O0r57is/nC
aEsoNnwJAa/e4uUaDUYDaSkVaWVNs6W+1HnUJws6xECCT1oFp5kuNJ7FTJLPsMdo
rAsI846ZULkpEe7SReL+ym6u/+AOH3T8kzIPQjGGK7jxGGDtYfcETi/PjMsh5mt0
1PdBPN3gRxGnmUaDS15o9VoYfL19IycBSgNdd9lm+7tK6KZ+CJvlyMCubNPoeIlB
V7c2Y/9wxgkMHV8wy3Aoyjeep9cD7ki9GGSb14s18UAk1SRY
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:24:19 2024 by rpki-client on console-ams.rpki-client.org