Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DF6495DFE557A9656AFD934637E96634D3D2739D5072D17F108058F0A9CA9938/0/3230312e3136332e3132312e302f32342d3234203d3e20323635353034.roa
File:                     3230312e3136332e3132312e302f32342d3234203d3e20323635353034.roa (raw, json)
Hash identifier:          /Ojn3BZOhsxqszoQ4NMTk1EPhEn/PC5YBHr6lF6Qr3M=
Subject key identifier:   17:DF:77:69:CA:18:EA:12:BC:21:8D:94:7E:C7:E6:01:5F:73:F2:17
Certificate issuer:       /CN=E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15
Certificate serial:       4F10A613146E0D3321FBF4923981F80E3FFE6BA3
Authority key identifier: E3:5D:D2:93:E1:C3:BC:5F:4D:E1:53:18:FA:C5:96:7E:7D:55:BF:15
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DF6495DFE557A9656AFD934637E96634D3D2739D5072D17F108058F0A9CA9938/0/3230312e3136332e3132312e302f32342d3234203d3e20323635353034.roa
Signing time:             Tue 05 Mar 2024 17:54:31 +0000
ROA not before:           Tue 05 Mar 2024 17:49:31 +0000
ROA not after:            Tue 04 Mar 2025 17:54:31 +0000
asID:                     265504
IP address blocks:        201.163.121.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DF6495DFE557A9656AFD934637E96634D3D2739D5072D17F108058F0A9CA9938/0/E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DF6495DFE557A9656AFD934637E96634D3D2739D5072D17F108058F0A9CA9938/0/E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:10:a6:13:14:6e:0d:33:21:fb:f4:92:39:81:f8:0e:3f:fe:6b:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15
        Validity
            Not Before: Mar  5 17:49:31 2024 GMT
            Not After : Mar  4 17:54:31 2025 GMT
        Subject: CN=17DF7769CA18EA12BC218D947EC7E6015F73F217
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:7a:17:d1:a9:6e:2b:4f:69:a3:49:62:7b:d2:
                    0e:4f:78:19:ad:04:2e:39:ba:b7:3e:93:3f:09:62:
                    e3:23:66:b2:35:42:a6:fb:34:78:b9:8f:7d:ee:02:
                    b2:5e:f3:03:d3:c6:be:40:9b:db:cf:a6:da:0a:9f:
                    f0:ad:a5:74:c5:e2:ba:8b:34:c7:95:7c:88:65:26:
                    cb:cf:58:34:85:83:f2:c2:bf:dd:3d:4e:7e:49:28:
                    81:48:03:18:da:bc:4e:84:05:e5:36:24:f4:9e:0d:
                    54:9f:be:26:53:0f:81:2f:25:b9:cc:7f:81:72:5a:
                    9c:43:fd:c8:49:06:9f:d0:ec:7b:57:8f:2d:c5:9e:
                    83:fc:69:f4:a5:9b:8c:11:d3:9b:f2:6e:3e:37:2f:
                    ca:a5:ed:14:3a:c6:89:62:1c:94:5e:a5:09:8b:7a:
                    5c:84:50:8e:72:e1:b6:1a:a9:3d:39:c6:6c:d7:e9:
                    96:e3:73:98:90:37:d9:6f:13:ce:ff:28:88:66:95:
                    36:40:3e:cb:4a:a2:ec:e2:68:30:30:50:de:34:62:
                    9d:96:11:d7:88:b7:99:69:f5:e1:34:b1:8f:7e:2a:
                    18:e1:8b:4d:7f:bf:e5:37:fa:2d:35:55:c7:9a:22:
                    5e:82:c5:8e:98:4a:20:b1:05:72:c5:3c:4c:3a:12:
                    2a:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:DF:77:69:CA:18:EA:12:BC:21:8D:94:7E:C7:E6:01:5F:73:F2:17
            X509v3 Authority Key Identifier:
                keyid:E3:5D:D2:93:E1:C3:BC:5F:4D:E1:53:18:FA:C5:96:7E:7D:55:BF:15

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DF6495DFE557A9656AFD934637E96634D3D2739D5072D17F108058F0A9CA9938/0/E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DF6495DFE557A9656AFD934637E96634D3D2739D5072D17F108058F0A9CA9938/0/3230312e3136332e3132312e302f32342d3234203d3e20323635353034.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.163.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:51:df:59:5e:b4:76:37:6a:c1:29:bf:4c:d2:42:67:6d:5f:
         ef:f8:96:20:7c:6f:a0:8f:cf:0b:36:2f:76:a8:77:e1:9f:de:
         18:80:ee:a7:7a:e7:c1:ad:d6:31:f4:2f:34:4a:8e:74:6e:79:
         ed:1f:50:0d:b4:7a:b5:af:06:c3:2c:25:f9:24:e1:0f:8b:ca:
         15:83:45:a9:73:bc:f3:7f:5b:88:03:1c:f9:e6:e3:e3:b0:07:
         99:3b:3e:c5:92:46:08:24:c1:72:ba:c1:9c:95:46:77:2a:52:
         57:0d:0b:0c:07:c0:33:5f:e2:ce:45:75:a0:79:c2:1c:6c:fe:
         b3:14:68:6b:0b:09:bf:8a:50:2a:97:6b:2c:3f:1f:8a:8b:db:
         c7:cf:77:1b:07:b7:41:9a:a7:df:cc:e2:e7:7b:7d:90:32:06:
         13:e0:63:ce:9d:6c:dd:5e:04:22:35:a6:54:5d:86:23:47:b1:
         b4:71:4d:76:af:d9:c1:6f:a9:4c:1d:36:6f:40:3b:a9:c2:8d:
         9f:66:c4:f7:e6:cb:c9:cf:06:bc:a7:31:77:d0:06:2d:3c:33:
         0a:a9:f5:3f:70:83:9e:0c:77:be:e1:62:96:6f:2b:f8:2f:59:
         d6:f7:27:09:e4:cd:dc:fc:99:ea:4a:2d:1b:9e:2a:2a:c2:e1:
         93:48:a5:05
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUTxCmExRuDTMh+/SSOYH4Dj/+a6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTM1REQyOTNFMUMzQkM1RjRERTE1MzE4RkFDNTk2N0U3
RDU1QkYxNTAeFw0yNDAzMDUxNzQ5MzFaFw0yNTAzMDQxNzU0MzFaMDMxMTAvBgNV
BAMTKDE3REY3NzY5Q0ExOEVBMTJCQzIxOEQ5NDdFQzdFNjAxNUY3M0YyMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzehfRqW4rT2mjSWJ70g5PeBmt
BC45urc+kz8JYuMjZrI1Qqb7NHi5j33uArJe8wPTxr5Am9vPptoKn/CtpXTF4rqL
NMeVfIhlJsvPWDSFg/LCv909Tn5JKIFIAxjavE6EBeU2JPSeDVSfviZTD4EvJbnM
f4FyWpxD/chJBp/Q7HtXjy3FnoP8afSlm4wR05vybj43L8ql7RQ6xoliHJRepQmL
elyEUI5y4bYaqT05xmzX6Zbjc5iQN9lvE87/KIhmlTZAPstKouziaDAwUN40Yp2W
EdeIt5lp9eE0sY9+Khjhi01/v+U3+i01VceaIl6CxY6YSiCxBXLFPEw6EirvAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUF993acoY6hK8IY2UfsfmAV9z8hcwHwYDVR0j
BBgwFoAU413Sk+HDvF9N4VMY+sWWfn1VvxUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ERjY0OTVERkU1NTdBOTY1NkFGRDkzNDYzN0U5NjYzNEQz
RDI3MzlENTA3MkQxN0YxMDgwNThGMEE5Q0E5OTM4LzAvRTM1REQyOTNFMUMzQkM1
RjRERTE1MzE4RkFDNTk2N0U3RDU1QkYxNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FMzVERDI5M0UxQzNCQzVGNERF
MTUzMThGQUM1OTY3RTdENTVCRjE1LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREY2NDk1REZFNTU3QTk2NTZBRkQ5MzQ2MzdFOTY2MzREM0QyNzM5RDUw
NzJEMTdGMTA4MDU4RjBBOUNBOTkzOC8wLzMyMzAzMTJlMzEzNjMzMmUzMTMyMzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzUzNTMwMzQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADJ
o3kwDQYJKoZIhvcNAQELBQADggEBAElR31letHY3asEpv0zSQmdtX+/4liB8b6CP
zws2L3aod+Gf3hiA7qd658Gt1jH0LzRKjnRuee0fUA20erWvBsMsJfkk4Q+LyhWD
RalzvPN/W4gDHPnm4+OwB5k7PsWSRggkwXK6wZyVRncqUlcNCwwHwDNf4s5FdaB5
whxs/rMUaGsLCb+KUCqXayw/H4qL28fPdxsHt0Gap9/M4ud7fZAyBhPgY86dbN1e
BCI1plRdhiNHsbRxTXav2cFvqUwdNm9AO6nCjZ9mxPfmy8nPBrynMXfQBi08Mwqp
9T9wg54Md77hYpZvK/gvWdb3Jwnkzdz8mepKLRueKirC4ZNIpQU=
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:42:13 2024 by rpki-client on console-fra.rpki-client.org