Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DB12907E027AF40E1C6DB641E5A62803E834083F17E5175F4C9E4CE0FC03CD54/0/3136382e3233322e3234392e302f32342d3234203d3e20323634373031.roa
File:                     3136382e3233322e3234392e302f32342d3234203d3e20323634373031.roa (raw, json)
Hash identifier:          pCRnw4CjN1ivmQ9I8eoJIQwWK1vNfy/aRBwfEPfHtnI=
Subject key identifier:   99:D0:DF:8A:70:22:99:1A:43:4F:05:2F:02:D8:3F:4C:F9:3E:7A:5D
Certificate issuer:       /CN=15C3449293AE91B65244E89A1B4AEEC7DC01935D
Certificate serial:       15BBD3E1DCB9BC276D7D2729BA03D1694ED9CA0A
Authority key identifier: 15:C3:44:92:93:AE:91:B6:52:44:E8:9A:1B:4A:EE:C7:DC:01:93:5D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/15C3449293AE91B65244E89A1B4AEEC7DC01935D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DB12907E027AF40E1C6DB641E5A62803E834083F17E5175F4C9E4CE0FC03CD54/0/3136382e3233322e3234392e302f32342d3234203d3e20323634373031.roa
Signing time:             Tue 05 Mar 2024 17:59:07 +0000
ROA not before:           Tue 05 Mar 2024 17:54:07 +0000
ROA not after:            Tue 04 Mar 2025 17:59:07 +0000
asID:                     264701
IP address blocks:        168.232.249.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DB12907E027AF40E1C6DB641E5A62803E834083F17E5175F4C9E4CE0FC03CD54/0/15C3449293AE91B65244E89A1B4AEEC7DC01935D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DB12907E027AF40E1C6DB641E5A62803E834083F17E5175F4C9E4CE0FC03CD54/0/15C3449293AE91B65244E89A1B4AEEC7DC01935D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/15C3449293AE91B65244E89A1B4AEEC7DC01935D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:bb:d3:e1:dc:b9:bc:27:6d:7d:27:29:ba:03:d1:69:4e:d9:ca:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15C3449293AE91B65244E89A1B4AEEC7DC01935D
        Validity
            Not Before: Mar  5 17:54:07 2024 GMT
            Not After : Mar  4 17:59:07 2025 GMT
        Subject: CN=99D0DF8A7022991A434F052F02D83F4CF93E7A5D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:b8:79:9a:0b:b3:b6:16:00:8f:bc:04:e6:d4:
                    18:58:78:aa:a0:4c:35:05:9c:7f:e0:ea:b7:0c:b7:
                    f2:06:e0:df:d9:6a:1e:e4:54:8d:92:a0:eb:19:ad:
                    a2:24:f1:17:2d:2b:c9:30:08:93:6d:07:85:03:50:
                    d7:cc:59:ca:da:ff:39:36:e6:43:e1:5c:84:55:68:
                    90:68:3e:b1:35:72:a8:3b:8e:a1:97:aa:77:37:e6:
                    30:9e:2e:69:98:fd:21:96:e6:c2:a2:a2:51:67:0b:
                    54:fe:e6:31:ad:92:be:5f:69:c9:51:36:86:4e:4c:
                    16:b7:ab:af:e7:15:41:67:12:51:79:ea:98:d6:41:
                    d4:c7:8f:b7:f3:61:d7:90:26:d2:93:32:e8:d7:5b:
                    3c:a2:e5:7f:72:47:6d:11:a9:e0:dd:91:5e:db:b1:
                    f2:66:b9:22:9f:46:b9:a9:5f:d6:e7:b0:1d:5d:8d:
                    37:04:a3:8d:c6:24:80:dc:8e:ac:72:8e:00:04:05:
                    e8:c8:7a:e6:29:4b:af:cd:d9:18:7f:16:0c:09:ae:
                    a6:03:1c:df:23:17:1d:d2:75:3f:69:9c:5b:1f:8c:
                    2b:4b:a5:be:9c:23:de:37:bb:2e:c5:5b:92:7f:d9:
                    ed:ad:cf:ba:93:e9:97:b3:be:c0:01:f3:06:ca:2a:
                    65:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:D0:DF:8A:70:22:99:1A:43:4F:05:2F:02:D8:3F:4C:F9:3E:7A:5D
            X509v3 Authority Key Identifier:
                keyid:15:C3:44:92:93:AE:91:B6:52:44:E8:9A:1B:4A:EE:C7:DC:01:93:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DB12907E027AF40E1C6DB641E5A62803E834083F17E5175F4C9E4CE0FC03CD54/0/15C3449293AE91B65244E89A1B4AEEC7DC01935D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/15C3449293AE91B65244E89A1B4AEEC7DC01935D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DB12907E027AF40E1C6DB641E5A62803E834083F17E5175F4C9E4CE0FC03CD54/0/3136382e3233322e3234392e302f32342d3234203d3e20323634373031.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.232.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:98:b1:8c:0d:8a:9a:6b:f1:1f:01:f8:b2:5b:d9:d2:70:d8:
         0e:2c:41:ca:50:6f:f9:22:d8:2e:81:42:7e:f7:cd:1c:08:57:
         01:20:6d:54:63:c3:1c:62:54:5d:9b:00:48:88:be:95:f7:6d:
         e6:63:bc:d6:2e:88:ef:3e:ec:68:1c:ee:8b:2a:87:9b:89:43:
         8b:c8:cb:f0:c9:08:bf:0f:c9:ff:eb:8b:e1:0b:c9:2b:16:ca:
         73:e5:61:f9:df:ba:7a:33:a4:bb:57:63:91:9b:a9:e9:9e:85:
         fa:73:d9:1d:0e:b4:a5:5c:7a:c8:49:e1:67:be:af:2a:6a:f3:
         bc:71:ed:9b:4d:58:6f:13:a9:78:4a:20:dd:32:98:23:44:b9:
         2d:8c:2d:8d:98:05:02:db:8d:24:f0:79:17:df:0a:ef:a0:e4:
         d5:e9:e6:af:f7:1b:05:74:53:1c:e8:7c:1d:65:d4:92:e8:8f:
         01:0a:bc:cd:a7:42:07:fb:a8:14:86:f5:c0:e0:ae:12:7d:98:
         d2:79:ba:32:f1:1c:9e:da:74:63:0d:3e:65:6f:8e:c1:1a:38:
         02:2e:f0:52:19:b2:a7:1f:7f:50:70:d2:35:d8:0f:f8:9e:ba:
         9d:34:fe:88:76:3e:3e:6d:2f:eb:b5:49:98:1e:9f:d8:79:f9:
         5a:68:47:03
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUFbvT4dy5vCdtfScpugPRaU7ZygowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTVDMzQ0OTI5M0FFOTFCNjUyNDRFODlBMUI0QUVFQzdE
QzAxOTM1RDAeFw0yNDAzMDUxNzU0MDdaFw0yNTAzMDQxNzU5MDdaMDMxMTAvBgNV
BAMTKDk5RDBERjhBNzAyMjk5MUE0MzRGMDUyRjAyRDgzRjRDRjkzRTdBNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUuHmaC7O2FgCPvATm1BhYeKqg
TDUFnH/g6rcMt/IG4N/Zah7kVI2SoOsZraIk8RctK8kwCJNtB4UDUNfMWcra/zk2
5kPhXIRVaJBoPrE1cqg7jqGXqnc35jCeLmmY/SGW5sKiolFnC1T+5jGtkr5faclR
NoZOTBa3q6/nFUFnElF56pjWQdTHj7fzYdeQJtKTMujXWzyi5X9yR20RqeDdkV7b
sfJmuSKfRrmpX9bnsB1djTcEo43GJIDcjqxyjgAEBejIeuYpS6/N2Rh/FgwJrqYD
HN8jFx3SdT9pnFsfjCtLpb6cI943uy7FW5J/2e2tz7qT6ZezvsAB8wbKKmXlAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUmdDfinAimRpDTwUvAtg/TPk+el0wHwYDVR0j
BBgwFoAUFcNEkpOukbZSROiaG0rux9wBk10wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQjEyOTA3RTAyN0FGNDBFMUM2REI2NDFFNUE2MjgwM0U4
MzQwODNGMTdFNTE3NUY0QzlFNENFMEZDMDNDRDU0LzAvMTVDMzQ0OTI5M0FFOTFC
NjUyNDRFODlBMUI0QUVFQzdEQzAxOTM1RC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNUMzNDQ5MjkzQUU5MUI2NTI0
NEU4OUExQjRBRUVDN0RDMDE5MzVELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREIxMjkwN0UwMjdBRjQwRTFDNkRCNjQxRTVBNjI4MDNFODM0MDgzRjE3
RTUxNzVGNEM5RTRDRTBGQzAzQ0Q1NC8wLzMxMzYzODJlMzIzMzMyMmUzMjM0Mzky
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzQzNzMwMzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACo
6PkwDQYJKoZIhvcNAQELBQADggEBABCYsYwNippr8R8B+LJb2dJw2A4sQcpQb/ki
2C6BQn73zRwIVwEgbVRjwxxiVF2bAEiIvpX3beZjvNYuiO8+7Ggc7osqh5uJQ4vI
y/DJCL8Pyf/ri+ELySsWynPlYfnfunozpLtXY5Gbqemehfpz2R0OtKVceshJ4We+
rypq87xx7ZtNWG8TqXhKIN0ymCNEuS2MLY2YBQLbjSTweRffCu+g5NXp5q/3GwV0
UxzofB1l1JLojwEKvM2nQgf7qBSG9cDgrhJ9mNJ5ujLxHJ7adGMNPmVvjsEaOAIu
8FIZsqcff1Bw0jXYD/ieup00/oh2Pj5tL+u1SZgen9h5+VpoRwM=
-----END CERTIFICATE-----
Generated at Wed Nov 20 08:43:11 2024 by rpki-client on console-fra.rpki-client.org