Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DE56898DC87FDB54ED5CF0F204F52F7481694B300B9AC6CB0E9687EF940CE7AE/0/3139312e3130322e3234302e302f32342d3234203d3e20323632393331.roa
File:                     3139312e3130322e3234302e302f32342d3234203d3e20323632393331.roa (raw, json)
Hash identifier:          fTt7LwncVucbi8XxZdJcZOA/SVmemSxHlmRLUSUOvYE=
Subject key identifier:   18:1B:9C:74:69:61:A5:24:96:6A:45:EA:91:4D:53:C3:52:50:B7:BB
Certificate issuer:       /CN=A78765AD08967A6A9A5165858220DC333AEEBF8D
Certificate serial:       443C5E76FBE628F8E67CE8E5D04536C4016E9CC9
Authority key identifier: A7:87:65:AD:08:96:7A:6A:9A:51:65:85:82:20:DC:33:3A:EE:BF:8D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A78765AD08967A6A9A5165858220DC333AEEBF8D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DE56898DC87FDB54ED5CF0F204F52F7481694B300B9AC6CB0E9687EF940CE7AE/0/3139312e3130322e3234302e302f32342d3234203d3e20323632393331.roa
Signing time:             Tue 05 Mar 2024 18:20:59 +0000
ROA not before:           Tue 05 Mar 2024 18:15:59 +0000
ROA not after:            Tue 04 Mar 2025 18:20:59 +0000
asID:                     262931
IP address blocks:        191.102.240.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DE56898DC87FDB54ED5CF0F204F52F7481694B300B9AC6CB0E9687EF940CE7AE/0/A78765AD08967A6A9A5165858220DC333AEEBF8D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DE56898DC87FDB54ED5CF0F204F52F7481694B300B9AC6CB0E9687EF940CE7AE/0/A78765AD08967A6A9A5165858220DC333AEEBF8D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A78765AD08967A6A9A5165858220DC333AEEBF8D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 20 Jun 2024 02:08:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:3c:5e:76:fb:e6:28:f8:e6:7c:e8:e5:d0:45:36:c4:01:6e:9c:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A78765AD08967A6A9A5165858220DC333AEEBF8D
        Validity
            Not Before: Mar  5 18:15:59 2024 GMT
            Not After : Mar  4 18:20:59 2025 GMT
        Subject: CN=181B9C746961A524966A45EA914D53C35250B7BB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:f8:71:12:3a:e0:2f:a1:d1:db:4b:1e:1d:e2:
                    a9:59:d9:c5:0c:97:e3:65:ce:a7:ef:e1:32:01:1b:
                    72:fa:8d:31:03:15:d5:0e:4c:06:55:85:56:99:33:
                    c4:02:03:b7:65:ad:11:be:f8:7a:9b:47:ea:ba:e5:
                    d9:7d:67:ec:2a:8a:7d:76:a7:29:d0:18:52:0e:14:
                    34:cb:f5:8a:27:89:da:b4:8b:bb:85:43:e6:96:e3:
                    b6:29:1d:cd:95:f3:fd:43:85:fa:99:20:9e:3c:d8:
                    5e:60:03:92:08:20:d0:b0:41:dc:45:89:17:90:08:
                    49:03:5b:d1:c4:d8:50:fd:74:29:71:08:85:56:d6:
                    33:b5:40:3f:d2:b8:01:58:06:26:9b:c5:00:04:d1:
                    71:3f:d9:64:6c:99:65:b7:0d:45:b3:b4:86:cf:be:
                    09:76:1e:db:b8:d4:a0:55:b9:fb:67:2c:c8:d9:ff:
                    36:09:32:af:c7:f0:71:7f:90:e4:8e:51:ef:30:bf:
                    84:66:88:23:c1:0c:08:34:33:6f:cc:25:f8:73:33:
                    16:b3:c6:64:56:6a:ff:24:07:40:d9:33:d3:fd:38:
                    d1:f4:5f:5e:38:4c:79:4b:75:96:9e:c2:36:db:8b:
                    bf:ba:6b:b3:81:79:8e:aa:7d:39:59:85:ff:c4:25:
                    53:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:1B:9C:74:69:61:A5:24:96:6A:45:EA:91:4D:53:C3:52:50:B7:BB
            X509v3 Authority Key Identifier:
                keyid:A7:87:65:AD:08:96:7A:6A:9A:51:65:85:82:20:DC:33:3A:EE:BF:8D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DE56898DC87FDB54ED5CF0F204F52F7481694B300B9AC6CB0E9687EF940CE7AE/0/A78765AD08967A6A9A5165858220DC333AEEBF8D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A78765AD08967A6A9A5165858220DC333AEEBF8D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DE56898DC87FDB54ED5CF0F204F52F7481694B300B9AC6CB0E9687EF940CE7AE/0/3139312e3130322e3234302e302f32342d3234203d3e20323632393331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.102.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:f7:37:62:b5:a3:56:e9:e5:b6:61:89:3f:25:8f:cf:84:31:
         c4:95:c7:e1:77:9d:76:84:a0:c3:43:4e:eb:c2:76:e4:c8:b2:
         fc:e4:de:2b:c8:e5:b2:a4:0e:bb:ce:3f:ab:f2:71:dc:d6:d6:
         aa:5b:2d:35:b4:7d:02:5a:07:3e:a8:35:f9:4b:30:50:14:be:
         31:f9:05:2e:1f:25:75:f9:f4:e5:f7:0a:0c:a3:df:6f:92:a0:
         6f:61:bb:83:a0:f9:f2:64:f0:08:0c:10:a8:9a:73:48:68:fd:
         65:7a:41:d6:3f:bc:d2:50:71:1f:c1:cc:ca:81:1b:fb:31:9b:
         42:61:5e:30:a9:09:ce:b4:a1:a1:d6:27:09:8a:cd:61:49:4a:
         e4:99:a0:67:31:98:ba:ec:b8:41:95:b9:d1:ee:81:05:8d:3e:
         21:5d:53:fc:fd:71:0e:b0:fc:f3:2a:19:02:d0:4a:18:90:c5:
         a8:3a:82:df:bf:b9:4a:57:d7:cd:41:ac:82:7c:29:37:6b:c9:
         83:a5:c6:9f:e9:23:76:61:0a:55:29:95:7b:68:5f:f6:b3:c9:
         5d:29:ba:6b:d3:45:5e:69:c9:ce:a7:2a:fa:67:55:d1:c6:e7:
         ee:d4:a6:4b:ba:ce:55:ce:65:a6:d7:8c:22:73:fe:c5:12:af:
         12:e8:c5:bc
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIURDxedvvmKPjmfOjl0EU2xAFunMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTc4NzY1QUQwODk2N0E2QTlBNTE2NTg1ODIyMERDMzMz
QUVFQkY4RDAeFw0yNDAzMDUxODE1NTlaFw0yNTAzMDQxODIwNTlaMDMxMTAvBgNV
BAMTKDE4MUI5Qzc0Njk2MUE1MjQ5NjZBNDVFQTkxNEQ1M0MzNTI1MEI3QkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG+HESOuAvodHbSx4d4qlZ2cUM
l+Nlzqfv4TIBG3L6jTEDFdUOTAZVhVaZM8QCA7dlrRG++HqbR+q65dl9Z+wqin12
pynQGFIOFDTL9Yonidq0i7uFQ+aW47YpHc2V8/1DhfqZIJ482F5gA5IIINCwQdxF
iReQCEkDW9HE2FD9dClxCIVW1jO1QD/SuAFYBiabxQAE0XE/2WRsmWW3DUWztIbP
vgl2Htu41KBVuftnLMjZ/zYJMq/H8HF/kOSOUe8wv4RmiCPBDAg0M2/MJfhzMxaz
xmRWav8kB0DZM9P9ONH0X144THlLdZaewjbbi7+6a7OBeY6qfTlZhf/EJVNpAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUGBucdGlhpSSWakXqkU1Tw1JQt7swHwYDVR0j
BBgwFoAUp4dlrQiWemqaUWWFgiDcMzruv40wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ERTU2ODk4REM4N0ZEQjU0RUQ1Q0YwRjIwNEY1MkY3NDgx
Njk0QjMwMEI5QUM2Q0IwRTk2ODdFRjk0MENFN0FFLzAvQTc4NzY1QUQwODk2N0E2
QTlBNTE2NTg1ODIyMERDMzMzQUVFQkY4RC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNzg3NjVBRDA4OTY3QTZBOUE1
MTY1ODU4MjIwREMzMzNBRUVCRjhELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREU1Njg5OERDODdGREI1NEVENUNGMEYyMDRGNTJGNzQ4MTY5NEIzMDBC
OUFDNkNCMEU5Njg3RUY5NDBDRTdBRS8wLzMxMzkzMTJlMzEzMDMyMmUzMjM0MzAy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzIzOTMzMzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC/
ZvAwDQYJKoZIhvcNAQELBQADggEBAKX3N2K1o1bp5bZhiT8lj8+EMcSVx+F3nXaE
oMNDTuvCduTIsvzk3ivI5bKkDrvOP6vycdzW1qpbLTW0fQJaBz6oNflLMFAUvjH5
BS4fJXX59OX3Cgyj32+SoG9hu4Og+fJk8AgMEKiac0ho/WV6QdY/vNJQcR/BzMqB
G/sxm0JhXjCpCc60oaHWJwmKzWFJSuSZoGcxmLrsuEGVudHugQWNPiFdU/z9cQ6w
/PMqGQLQShiQxag6gt+/uUpX181BrIJ8KTdryYOlxp/pI3ZhClUplXtoX/azyV0p
umvTRV5pyc6nKvpnVdHG5+7Upku6zlXOZabXjCJz/sUSrxLoxbw=
-----END CERTIFICATE-----
Generated at Sun Jun 16 21:30:44 2024 by rpki-client on console-fra.rpki-client.org