Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e32382e302f32322d3234203d3e20323637363939.roa
File:                     3137302e3235342e32382e302f32322d3234203d3e20323637363939.roa (raw, json)
Hash identifier:          5jpbH6cqfaUZVrUFPd/uyjPNe7SXdJMCQcnJkseWqMs=
Subject key identifier:   17:EF:6E:0F:93:5E:29:05:4D:E8:DA:ED:BB:D8:73:3C:10:61:CB:C5
Certificate issuer:       /CN=DF4F03C5770C7BA39912813367B5E868005CCD99
Certificate serial:       7DC4DFFE26257979E4C350DA11B823A59DDD69D5
Authority key identifier: DF:4F:03:C5:77:0C:7B:A3:99:12:81:33:67:B5:E8:68:00:5C:CD:99
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e32382e302f32322d3234203d3e20323637363939.roa
Signing time:             Tue 05 Mar 2024 18:06:00 +0000
ROA not before:           Tue 05 Mar 2024 18:01:00 +0000
ROA not after:            Tue 04 Mar 2025 18:06:00 +0000
asID:                     267699
IP address blocks:        170.254.28.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:c4:df:fe:26:25:79:79:e4:c3:50:da:11:b8:23:a5:9d:dd:69:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DF4F03C5770C7BA39912813367B5E868005CCD99
        Validity
            Not Before: Mar  5 18:01:00 2024 GMT
            Not After : Mar  4 18:06:00 2025 GMT
        Subject: CN=17EF6E0F935E29054DE8DAEDBBD8733C1061CBC5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:61:9d:30:b4:99:3a:70:8c:f2:83:ff:c6:ed:
                    db:07:92:ef:78:9d:8c:19:eb:97:68:58:4f:cb:37:
                    0e:b3:11:28:d4:b2:b1:4c:b8:62:db:24:d6:90:65:
                    aa:f3:33:12:37:ce:06:b0:06:e2:a3:94:ae:d5:aa:
                    d5:78:55:f8:d0:20:59:fa:11:1c:df:d9:3f:fd:08:
                    c4:64:ba:96:62:eb:a1:c7:55:4d:41:95:ee:45:bf:
                    1f:2e:7d:1d:45:a3:12:b8:3d:f7:60:ef:fb:0f:cc:
                    39:c9:e9:40:f1:5f:fb:0d:5e:ff:9a:b4:27:5c:f9:
                    9e:eb:8d:51:57:55:2a:6f:1b:0c:b3:18:02:b3:c4:
                    05:e8:dd:69:60:e4:41:30:96:c3:cf:d5:8c:6f:fc:
                    e6:e4:2b:6b:e6:50:66:5c:25:90:c9:c6:f0:4c:3f:
                    ce:44:c4:9c:68:cf:5d:c7:c6:cd:e0:f7:7b:20:85:
                    0c:5f:d1:dd:9b:a3:eb:ce:31:d4:ac:ea:91:08:bb:
                    67:c3:c0:b4:b6:7d:a0:0f:81:e1:99:13:4f:90:0a:
                    d6:d5:da:53:7d:7b:9e:74:c7:df:e0:af:35:3f:f8:
                    47:7d:16:70:24:e4:86:88:07:67:8b:10:18:58:7e:
                    eb:3f:3f:f4:b8:42:11:4b:5f:14:a1:e9:76:90:4d:
                    5d:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:EF:6E:0F:93:5E:29:05:4D:E8:DA:ED:BB:D8:73:3C:10:61:CB:C5
            X509v3 Authority Key Identifier:
                keyid:DF:4F:03:C5:77:0C:7B:A3:99:12:81:33:67:B5:E8:68:00:5C:CD:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e32382e302f32322d3234203d3e20323637363939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         19:cd:78:de:f2:bd:b5:fa:6b:39:3f:42:c8:7c:f9:fd:d1:07:
         28:88:54:03:6e:88:07:c5:e8:d9:76:3c:fa:ec:4a:e9:23:7a:
         2e:ed:90:5b:d0:99:50:10:55:67:af:20:de:4f:c3:28:2c:ef:
         6c:a9:89:84:bd:7f:36:b6:c4:a3:09:27:bd:d4:4e:7c:da:1d:
         b4:28:aa:a1:0c:35:bc:10:ef:2b:c2:e2:23:9d:f5:72:07:86:
         de:dd:fe:ae:34:7c:91:2d:bc:50:e8:74:d2:2c:84:4b:d0:1b:
         0f:51:92:06:fb:82:cb:d9:84:d7:64:f4:99:77:f6:ed:58:55:
         af:22:d3:e0:3c:f1:af:ab:32:f0:cc:d0:4f:bb:04:7d:6c:c3:
         66:05:b1:98:39:df:f7:e0:b3:c4:2a:0f:6a:7e:b0:8d:44:d6:
         f2:3d:fe:14:a7:07:91:ce:50:f2:72:f6:8b:e4:15:bb:e7:ae:
         db:c3:10:98:bc:16:e0:10:b2:aa:11:0b:0d:7b:0a:ca:c6:9d:
         ef:94:7f:42:ad:bf:1d:01:bb:9b:d0:27:00:60:40:41:05:b7:
         09:12:1b:54:c2:35:d9:cc:37:c0:dd:c2:fb:e7:3a:ff:cc:ae:
         6f:12:4c:67:09:0d:88:55:2e:22:96:f7:88:a1:c2:68:2a:23:
         61:52:98:54
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUfcTf/iYleXnkw1DaEbgjpZ3dadUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREY0RjAzQzU3NzBDN0JBMzk5MTI4MTMzNjdCNUU4Njgw
MDVDQ0Q5OTAeFw0yNDAzMDUxODAxMDBaFw0yNTAzMDQxODA2MDBaMDMxMTAvBgNV
BAMTKDE3RUY2RTBGOTM1RTI5MDU0REU4REFFREJCRDg3MzNDMTA2MUNCQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/YZ0wtJk6cIzyg//G7dsHku94
nYwZ65doWE/LNw6zESjUsrFMuGLbJNaQZarzMxI3zgawBuKjlK7VqtV4VfjQIFn6
ERzf2T/9CMRkupZi66HHVU1Ble5Fvx8ufR1FoxK4Pfdg7/sPzDnJ6UDxX/sNXv+a
tCdc+Z7rjVFXVSpvGwyzGAKzxAXo3Wlg5EEwlsPP1Yxv/ObkK2vmUGZcJZDJxvBM
P85ExJxoz13Hxs3g93sghQxf0d2bo+vOMdSs6pEIu2fDwLS2faAPgeGZE0+QCtbV
2lN9e550x9/grzU/+Ed9FnAk5IaIB2eLEBhYfus/P/S4QhFLXxSh6XaQTV1xAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUF+9uD5NeKQVN6Nrtu9hzPBBhy8UwHwYDVR0j
BBgwFoAU308DxXcMe6OZEoEzZ7XoaABczZkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FMDhEOTMzNjgyRjY4OEVEOEMzNkQwRkMxRjM0QjY4MzE1
MDUzRDNGMzcxRjY4NEI5QTM4N0E1RkE2NzA5RjE3LzAvREY0RjAzQzU3NzBDN0JB
Mzk5MTI4MTMzNjdCNUU4NjgwMDVDQ0Q5OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERjRGMDNDNTc3MEM3QkEzOTkx
MjgxMzM2N0I1RTg2ODAwNUNDRDk5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTA4RDkzMzY4MkY2ODhFRDhDMzZEMEZDMUYzNEI2ODMxNTA1M0QzRjM3
MUY2ODRCOUEzODdBNUZBNjcwOUYxNy8wLzMxMzczMDJlMzIzNTM0MmUzMjM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM3MzYzOTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqv4c
MA0GCSqGSIb3DQEBCwUAA4IBAQAZzXje8r21+ms5P0LIfPn90QcoiFQDbogHxejZ
djz67ErpI3ou7ZBb0JlQEFVnryDeT8MoLO9sqYmEvX82tsSjCSe91E582h20KKqh
DDW8EO8rwuIjnfVyB4be3f6uNHyRLbxQ6HTSLIRL0BsPUZIG+4LL2YTXZPSZd/bt
WFWvItPgPPGvqzLwzNBPuwR9bMNmBbGYOd/34LPEKg9qfrCNRNbyPf4UpweRzlDy
cvaL5BW7567bwxCYvBbgELKqEQsNewrKxp3vlH9Crb8dAbub0CcAYEBBBbcJEhtU
wjXZzDfA3cL75zr/zK5vEkxnCQ2IVS4ilveIocJoKiNhUphU
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:43:12 2024 by rpki-client on console-fra.rpki-client.org