Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DE025ADE63A9177898D7E1EF1103089E82D18CE0541050F4C849516A60F77423/0/3137302e3233332e3139322e302f32342d3234203d3e203532353130.roa
File:                     3137302e3233332e3139322e302f32342d3234203d3e203532353130.roa (raw, json)
Hash identifier:          8TIEJes3Smc23htniffuIzvBcEAS1lYYcdAdHPoHmOw=
Subject key identifier:   B5:58:10:16:A6:CE:28:DC:C6:D2:5A:2B:01:9F:73:0B:80:ED:E2:0D
Certificate issuer:       /CN=2636D4CBEDBE7A0F4D43DC1621DE3D1936645F3D
Certificate serial:       04045B96318975EA3FB9E6107749038DC76D95E8
Authority key identifier: 26:36:D4:CB:ED:BE:7A:0F:4D:43:DC:16:21:DE:3D:19:36:64:5F:3D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2636D4CBEDBE7A0F4D43DC1621DE3D1936645F3D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DE025ADE63A9177898D7E1EF1103089E82D18CE0541050F4C849516A60F77423/0/3137302e3233332e3139322e302f32342d3234203d3e203532353130.roa
Signing time:             Tue 05 Mar 2024 17:52:44 +0000
ROA not before:           Tue 05 Mar 2024 17:47:44 +0000
ROA not after:            Tue 04 Mar 2025 17:52:44 +0000
asID:                     52510
IP address blocks:        170.233.192.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DE025ADE63A9177898D7E1EF1103089E82D18CE0541050F4C849516A60F77423/0/2636D4CBEDBE7A0F4D43DC1621DE3D1936645F3D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DE025ADE63A9177898D7E1EF1103089E82D18CE0541050F4C849516A60F77423/0/2636D4CBEDBE7A0F4D43DC1621DE3D1936645F3D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2636D4CBEDBE7A0F4D43DC1621DE3D1936645F3D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:04:5b:96:31:89:75:ea:3f:b9:e6:10:77:49:03:8d:c7:6d:95:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2636D4CBEDBE7A0F4D43DC1621DE3D1936645F3D
        Validity
            Not Before: Mar  5 17:47:44 2024 GMT
            Not After : Mar  4 17:52:44 2025 GMT
        Subject: CN=B5581016A6CE28DCC6D25A2B019F730B80EDE20D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:c9:03:67:ef:9a:bf:b8:fa:e0:d0:b4:ba:f3:
                    f2:47:5d:27:91:a1:0b:00:3a:f7:fd:29:3b:80:18:
                    ae:7b:4d:de:04:ec:89:0c:a5:f0:bb:64:2f:13:fd:
                    d8:5a:a0:ed:3f:29:53:8b:04:c0:98:55:d5:55:b4:
                    c5:d6:80:58:09:5e:b2:7c:93:eb:54:c8:80:de:48:
                    3a:c9:63:cc:1a:2a:95:54:92:89:b4:e9:1a:fe:88:
                    20:0c:60:76:3c:82:a8:93:f7:36:8c:30:8e:8e:e4:
                    b8:c3:a1:1f:e8:3e:00:46:53:b1:ae:73:47:0f:87:
                    aa:78:02:c4:d4:fe:a9:69:8c:3e:96:3d:80:bb:7f:
                    d6:1e:ea:25:12:bd:ef:e3:6d:02:c3:0d:e0:a6:60:
                    cb:59:12:12:fa:d3:55:1e:12:d8:84:8d:4f:f0:95:
                    c3:98:b2:4a:62:71:ae:b7:79:42:71:6d:94:a2:1c:
                    00:10:42:9e:6c:2c:cb:6f:04:7e:4e:e5:fb:46:ff:
                    5e:70:b5:e7:dc:1c:f1:b5:57:fd:a4:d0:71:eb:07:
                    33:90:0f:74:30:39:2b:0b:4f:40:35:11:a5:b6:b0:
                    df:c9:2b:48:c5:f4:76:4c:48:ff:12:9c:6c:e7:60:
                    17:3f:ae:bc:9f:a6:be:6a:79:21:79:bc:a8:ab:ae:
                    2d:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:58:10:16:A6:CE:28:DC:C6:D2:5A:2B:01:9F:73:0B:80:ED:E2:0D
            X509v3 Authority Key Identifier:
                keyid:26:36:D4:CB:ED:BE:7A:0F:4D:43:DC:16:21:DE:3D:19:36:64:5F:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DE025ADE63A9177898D7E1EF1103089E82D18CE0541050F4C849516A60F77423/0/2636D4CBEDBE7A0F4D43DC1621DE3D1936645F3D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2636D4CBEDBE7A0F4D43DC1621DE3D1936645F3D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DE025ADE63A9177898D7E1EF1103089E82D18CE0541050F4C849516A60F77423/0/3137302e3233332e3139322e302f32342d3234203d3e203532353130.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.233.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:26:d9:05:94:8c:77:ac:1e:3e:50:7a:46:06:27:44:82:57:
         36:ee:92:24:88:9f:e5:c0:2f:6c:d1:b5:fd:ad:64:c0:82:f0:
         20:cd:d0:54:d7:cf:af:7d:d6:9d:91:1a:17:58:cc:98:cc:4a:
         ed:71:21:b5:29:04:a5:66:77:46:c4:8b:f8:76:98:1c:d4:67:
         a2:af:fe:56:c3:52:54:93:81:2a:d7:f7:80:e6:91:0d:a2:dc:
         e3:73:55:68:55:a9:f2:21:c3:ca:70:0e:9b:42:76:3b:03:d5:
         e2:04:d6:0b:54:7d:6b:92:6e:c0:ad:32:88:d2:98:de:bb:72:
         c0:cd:fa:16:a1:c2:af:0d:f3:62:98:08:1f:dd:f3:73:0d:b5:
         a9:88:a1:48:3d:d2:01:68:1c:49:02:dd:6d:03:45:9f:a9:52:
         4a:fc:43:ea:7f:1f:1b:6a:87:8e:e8:b8:3b:75:53:78:21:27:
         7d:b7:84:7d:fa:6c:f0:e8:f3:fe:10:38:e9:5e:17:23:61:60:
         92:bd:ab:97:b4:ee:b4:8e:56:6c:fd:07:33:2e:f3:ed:66:da:
         2b:3d:cd:9d:36:19:95:f5:26:d0:53:a7:3a:e1:d9:95:d1:9d:
         29:d8:02:f0:92:9a:37:4d:a2:27:85:94:64:71:8e:04:1a:a8:
         b9:ea:6c:d9
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUBARbljGJdeo/ueYQd0kDjcdtlegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjYzNkQ0Q0JFREJFN0EwRjRENDNEQzE2MjFERTNEMTkz
NjY0NUYzRDAeFw0yNDAzMDUxNzQ3NDRaFw0yNTAzMDQxNzUyNDRaMDMxMTAvBgNV
BAMTKEI1NTgxMDE2QTZDRTI4RENDNkQyNUEyQjAxOUY3MzBCODBFREUyMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCyQNn75q/uPrg0LS68/JHXSeR
oQsAOvf9KTuAGK57Td4E7IkMpfC7ZC8T/dhaoO0/KVOLBMCYVdVVtMXWgFgJXrJ8
k+tUyIDeSDrJY8waKpVUkom06Rr+iCAMYHY8gqiT9zaMMI6O5LjDoR/oPgBGU7Gu
c0cPh6p4AsTU/qlpjD6WPYC7f9Ye6iUSve/jbQLDDeCmYMtZEhL601UeEtiEjU/w
lcOYskpica63eUJxbZSiHAAQQp5sLMtvBH5O5ftG/15wtefcHPG1V/2k0HHrBzOQ
D3QwOSsLT0A1EaW2sN/JK0jF9HZMSP8SnGznYBc/rryfpr5qeSF5vKirri1HAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUtVgQFqbOKNzG0lorAZ9zC4Dt4g0wHwYDVR0j
BBgwFoAUJjbUy+2+eg9NQ9wWId49GTZkXz0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ERTAyNUFERTYzQTkxNzc4OThEN0UxRUYxMTAzMDg5RTgy
RDE4Q0UwNTQxMDUwRjRDODQ5NTE2QTYwRjc3NDIzLzAvMjYzNkQ0Q0JFREJFN0Ew
RjRENDNEQzE2MjFERTNEMTkzNjY0NUYzRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNjM2RDRDQkVEQkU3QTBGNEQ0
M0RDMTYyMURFM0QxOTM2NjQ1RjNELmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREUwMjVBREU2M0E5MTc3ODk4RDdFMUVGMTEwMzA4OUU4MkQxOENFMDU0
MTA1MEY0Qzg0OTUxNkE2MEY3NzQyMy8wLzMxMzczMDJlMzIzMzMzMmUzMTM5MzIy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzUzMTMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqunA
MA0GCSqGSIb3DQEBCwUAA4IBAQCFJtkFlIx3rB4+UHpGBidEglc27pIkiJ/lwC9s
0bX9rWTAgvAgzdBU18+vfdadkRoXWMyYzErtcSG1KQSlZndGxIv4dpgc1Geir/5W
w1JUk4Eq1/eA5pENotzjc1VoVanyIcPKcA6bQnY7A9XiBNYLVH1rkm7ArTKI0pje
u3LAzfoWocKvDfNimAgf3fNzDbWpiKFIPdIBaBxJAt1tA0WfqVJK/EPqfx8baoeO
6Lg7dVN4ISd9t4R9+mzw6PP+EDjpXhcjYWCSvauXtO60jlZs/QczLvPtZtorPc2d
NhmV9SbQU6c64dmV0Z0p2ALwkpo3TaInhZRkcY4EGqi56mzZ
-----END CERTIFICATE-----
Generated at Tue Nov 19 22:25:44 2024 by rpki-client on console-fra.rpki-client.org