Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3139302e32302e302e302f31362d3234203d3e203136363239.roa
File:                     3139302e32302e302e302f31362d3234203d3e203136363239.roa (raw, json)
Hash identifier:          4KTvzwpN/rl+d/KYvinBt85J1gEJel/thOHpKdtDG4A=
Subject key identifier:   1D:E9:61:83:22:57:84:2B:3F:48:A9:F8:A3:49:5D:25:9A:B1:78:98
Certificate issuer:       /CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
Certificate serial:       77770EFDB2491EEF45CD24E4E67A18E69BBDDF67
Authority key identifier: 25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3139302e32302e302e302f31362d3234203d3e203136363239.roa
Signing time:             Tue 05 Mar 2024 17:52:11 +0000
ROA not before:           Tue 05 Mar 2024 17:47:11 +0000
ROA not after:            Tue 04 Mar 2025 17:52:11 +0000
asID:                     16629
IP address blocks:        190.20.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:77:0e:fd:b2:49:1e:ef:45:cd:24:e4:e6:7a:18:e6:9b:bd:df:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
        Validity
            Not Before: Mar  5 17:47:11 2024 GMT
            Not After : Mar  4 17:52:11 2025 GMT
        Subject: CN=1DE961832257842B3F48A9F8A3495D259AB17898
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:36:6a:90:0e:65:52:bf:51:7e:f8:14:16:50:
                    ae:eb:9c:7b:05:dd:88:fa:f0:66:23:50:9b:fc:5d:
                    c9:71:82:11:01:4f:87:23:47:52:ca:4a:23:ed:b2:
                    47:0a:78:58:65:d7:47:15:64:29:44:80:5a:97:6b:
                    6a:08:5b:00:ea:8e:b2:90:03:42:fd:74:85:33:7d:
                    da:32:35:26:c3:7e:ef:36:32:12:ef:f9:57:4b:2a:
                    ef:8e:f0:43:ba:5a:7a:8b:f2:f5:77:7b:9e:3c:1d:
                    66:6e:ae:24:19:d0:39:ef:be:0e:f2:c0:54:9b:70:
                    73:54:c4:a0:cd:30:ed:cf:92:98:21:c1:70:b8:17:
                    17:45:26:14:73:75:fe:7d:b4:f4:6d:d5:fc:ab:c3:
                    6b:bb:e9:d0:95:3e:b3:6d:be:6c:4f:c5:0a:c5:b5:
                    46:c3:dc:3d:03:56:d9:d9:08:69:1c:9a:c6:fa:64:
                    7e:c8:da:1f:52:59:5c:11:dc:01:27:59:ab:f8:8c:
                    76:b0:29:cb:f3:06:3d:7a:20:2a:00:1a:f8:53:9d:
                    96:ad:3d:0b:00:74:09:1f:b9:08:7d:71:13:29:d1:
                    c9:3b:c0:28:43:80:8f:68:08:b7:8b:a8:a6:34:73:
                    ba:84:a7:90:e5:af:e8:f4:3b:b4:c2:5f:16:61:b5:
                    dd:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:E9:61:83:22:57:84:2B:3F:48:A9:F8:A3:49:5D:25:9A:B1:78:98
            X509v3 Authority Key Identifier:
                keyid:25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3139302e32302e302e302f31362d3234203d3e203136363239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.20.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         08:07:0e:b7:c2:d1:db:b0:af:7e:bf:1d:34:c7:71:f3:aa:d3:
         d8:12:68:99:94:ed:f2:ec:de:44:17:b8:ed:62:6e:59:c4:96:
         51:88:fb:aa:dc:a7:87:04:5b:62:b6:5d:d6:29:8e:bf:8e:5f:
         33:37:80:e8:1b:4f:eb:63:ea:b2:99:d3:3e:b1:0b:6e:5d:21:
         be:9a:52:2a:7f:5a:4a:d3:01:34:05:79:1e:d6:11:40:20:e3:
         bf:a4:73:b2:34:27:19:19:64:26:28:d5:5a:ee:b1:4a:c9:c1:
         32:18:6b:cc:38:aa:ec:11:bb:85:8c:9f:e1:52:a3:cb:d3:cd:
         c7:8e:ac:19:b3:7a:02:be:bf:4f:15:9f:f5:d7:4d:45:4e:73:
         9e:75:f2:f4:a2:4e:0e:c8:37:2c:00:44:01:03:3e:50:83:bc:
         2a:99:b5:f7:ad:1c:84:14:84:3b:16:eb:da:14:90:10:5c:2c:
         91:f6:f1:ba:d2:6b:ef:6b:fb:c0:96:73:f0:75:43:2f:f9:19:
         62:d9:74:83:57:03:a6:d7:56:5a:e0:ac:b5:a0:5b:77:ae:3a:
         8c:29:a6:04:a3:aa:50:07:5a:4e:eb:68:a5:ca:f0:68:91:cd:
         66:07:4a:10:b2:5c:64:06:3c:3d:d2:e1:03:dd:c6:ea:05:0d:
         9e:60:4a:32
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIUd3cO/bJJHu9FzSTk5noY5pu932cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjVDRDZBNEZCQzhCRUUzNEEyREMzNzE3OTNBMDlFMjc0
RTBFMzY2MTAeFw0yNDAzMDUxNzQ3MTFaFw0yNTAzMDQxNzUyMTFaMDMxMTAvBgNV
BAMTKDFERTk2MTgzMjI1Nzg0MkIzRjQ4QTlGOEEzNDk1RDI1OUFCMTc4OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdNmqQDmVSv1F++BQWUK7rnHsF
3Yj68GYjUJv8XclxghEBT4cjR1LKSiPtskcKeFhl10cVZClEgFqXa2oIWwDqjrKQ
A0L9dIUzfdoyNSbDfu82MhLv+VdLKu+O8EO6WnqL8vV3e548HWZuriQZ0Dnvvg7y
wFSbcHNUxKDNMO3PkpghwXC4FxdFJhRzdf59tPRt1fyrw2u76dCVPrNtvmxPxQrF
tUbD3D0DVtnZCGkcmsb6ZH7I2h9SWVwR3AEnWav4jHawKcvzBj16ICoAGvhTnZat
PQsAdAkfuQh9cRMp0ck7wChDgI9oCLeLqKY0c7qEp5Dlr+j0O7TCXxZhtd2rAgMB
AAGjggLDMIICvzAdBgNVHQ4EFgQUHelhgyJXhCs/SKn4o0ldJZqxeJgwHwYDVR0j
BBgwFoAUJc1qT7yL7jSi3DcXk6CeJ04ONmEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EOTUyQkFDQjZEMjdFNDgyNjcwMzZGN0NCRDZDQzRBREVF
NjBCQTFEMUNGRjVFRjU5NDgxQTkwQkEyMDcxREQ3LzAvMjVDRDZBNEZCQzhCRUUz
NEEyREMzNzE3OTNBMDlFMjc0RTBFMzY2MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNUNENkE0RkJDOEJFRTM0QTJE
QzM3MTc5M0EwOUUyNzRFMEUzNjYxLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDk1MkJBQ0I2RDI3RTQ4MjY3MDM2RjdDQkQ2Q0M0QURFRTYwQkExRDFD
RkY1RUY1OTQ4MUE5MEJBMjA3MURENy8wLzMxMzkzMDJlMzIzMDJlMzAyZTMwMmYz
MTM2MmQzMjM0MjAzZDNlMjAzMTM2MzYzMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAvhQwDQYJKoZI
hvcNAQELBQADggEBAAgHDrfC0duwr36/HTTHcfOq09gSaJmU7fLs3kQXuO1iblnE
llGI+6rcp4cEW2K2XdYpjr+OXzM3gOgbT+tj6rKZ0z6xC25dIb6aUip/WkrTATQF
eR7WEUAg47+kc7I0JxkZZCYo1VrusUrJwTIYa8w4quwRu4WMn+FSo8vTzceOrBmz
egK+v08Vn/XXTUVOc5518vSiTg7INywARAEDPlCDvCqZtfetHIQUhDsW69oUkBBc
LJH28brSa+9r+8CWc/B1Qy/5GWLZdINXA6bXVlrgrLWgW3euOowppgSjqlAHWk7r
aKXK8GiRzWYHShCyXGQGPD3S4QPdxuoFDZ5gSjI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:17:41 2024 by rpki-client on console-fra.rpki-client.org