Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e32382e302f32342d3234203d3e20323637363939.roa
File:                     3137302e3235342e32382e302f32342d3234203d3e20323637363939.roa (raw, json)
Hash identifier:          J/mQWdiMZ0EABRUfzDNAt1xEOQwG4FTvH/WkUmtekWs=
Subject key identifier:   EC:DB:F4:31:3B:72:7B:10:FC:84:B5:13:66:75:C9:46:B5:B5:C9:8E
Certificate issuer:       /CN=DF4F03C5770C7BA39912813367B5E868005CCD99
Certificate serial:       62B1DE6C5B8A6164FAE7C2BD2C73805D12DAD698
Authority key identifier: DF:4F:03:C5:77:0C:7B:A3:99:12:81:33:67:B5:E8:68:00:5C:CD:99
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e32382e302f32342d3234203d3e20323637363939.roa
Signing time:             Tue 05 Mar 2024 18:05:56 +0000
ROA not before:           Tue 05 Mar 2024 18:00:56 +0000
ROA not after:            Tue 04 Mar 2025 18:05:56 +0000
asID:                     267699
IP address blocks:        170.254.28.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:b1:de:6c:5b:8a:61:64:fa:e7:c2:bd:2c:73:80:5d:12:da:d6:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DF4F03C5770C7BA39912813367B5E868005CCD99
        Validity
            Not Before: Mar  5 18:00:56 2024 GMT
            Not After : Mar  4 18:05:56 2025 GMT
        Subject: CN=ECDBF4313B727B10FC84B5136675C946B5B5C98E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:fd:ed:9c:c8:d2:46:91:e9:36:ff:f1:3a:f1:
                    4e:57:f9:97:dc:d8:f8:0d:f0:6c:38:8b:c3:b0:ac:
                    d5:96:e7:b3:2f:d1:27:be:63:b6:a0:6b:dc:a2:6e:
                    29:68:16:02:d3:49:32:69:55:b9:f3:df:6a:a4:09:
                    52:41:49:59:19:6d:5c:7a:66:14:12:78:1c:5a:18:
                    e7:c8:77:41:fd:44:f6:65:a7:4f:f7:ab:cc:0f:8b:
                    c9:1c:54:33:eb:a7:19:00:41:91:59:a3:11:34:a9:
                    8e:8d:90:39:bf:05:3a:66:5a:5f:34:29:f5:92:87:
                    26:c7:13:35:14:20:81:23:86:70:65:18:b6:ea:4c:
                    2a:b1:b4:20:4e:da:f0:40:09:21:3e:45:2c:37:ba:
                    a2:fd:a0:63:51:5a:2a:6c:d8:4c:8e:ec:76:f2:38:
                    a2:16:5c:b5:ba:ac:00:88:1f:98:a2:61:f9:af:c2:
                    77:cf:9e:37:5f:2f:d1:70:ba:2a:0c:0a:40:1f:0b:
                    d2:0d:79:6f:10:08:ad:b3:99:0e:80:c9:58:c2:fe:
                    b6:62:98:c0:87:b3:9f:32:0f:26:40:4a:8a:72:b3:
                    f2:d8:a6:24:f1:db:f5:14:38:38:da:f6:dc:e2:3b:
                    04:9b:99:a6:46:39:2c:73:bc:a0:2f:b5:72:8c:3a:
                    c2:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:DB:F4:31:3B:72:7B:10:FC:84:B5:13:66:75:C9:46:B5:B5:C9:8E
            X509v3 Authority Key Identifier:
                keyid:DF:4F:03:C5:77:0C:7B:A3:99:12:81:33:67:B5:E8:68:00:5C:CD:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e32382e302f32342d3234203d3e20323637363939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:4e:62:08:a2:da:8d:51:a5:17:40:fe:43:0a:87:17:d3:a9:
         4e:db:6c:cb:ab:61:35:14:6b:27:05:47:5f:66:ea:bd:68:11:
         d8:38:a8:e0:3d:63:b9:2c:ec:17:5b:46:6c:57:78:38:1c:0f:
         d4:d4:84:d7:53:08:89:f1:ba:cb:19:75:dd:5f:67:0e:6f:a4:
         2e:cb:42:39:64:9a:2a:a9:d5:34:ab:23:26:68:9f:df:6f:4c:
         2e:db:b4:58:7b:47:1e:fa:e8:85:e9:fa:b8:6a:60:b8:77:3b:
         fd:a7:a2:fb:b7:1f:67:ef:67:72:76:ef:f7:05:92:01:1e:fe:
         b0:99:2e:82:8b:67:1b:ce:dd:7c:fc:4a:6d:25:6f:f2:9b:3e:
         f1:12:b5:b6:dd:61:26:07:b3:9b:38:bc:43:58:38:dd:9a:94:
         c6:a4:53:f5:ba:7d:a9:b5:e4:a2:fc:d9:a1:fe:8c:e0:f6:5e:
         28:a1:97:92:ad:c4:9f:d6:06:56:55:01:d9:22:18:1c:eb:1d:
         0a:a9:17:75:ff:b5:68:6a:6a:ed:34:be:52:bb:4a:cb:ac:47:
         55:d0:e6:7c:52:01:85:77:4a:6e:3a:54:0e:36:b8:9b:b9:fe:
         37:53:e3:13:ab:9c:92:c4:74:b3:0e:d5:f0:c1:4b:7e:18:dd:
         3a:3f:b8:bd
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUYrHebFuKYWT658K9LHOAXRLa1pgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREY0RjAzQzU3NzBDN0JBMzk5MTI4MTMzNjdCNUU4Njgw
MDVDQ0Q5OTAeFw0yNDAzMDUxODAwNTZaFw0yNTAzMDQxODA1NTZaMDMxMTAvBgNV
BAMTKEVDREJGNDMxM0I3MjdCMTBGQzg0QjUxMzY2NzVDOTQ2QjVCNUM5OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw/e2cyNJGkek2//E68U5X+Zfc
2PgN8Gw4i8OwrNWW57Mv0Se+Y7aga9yibiloFgLTSTJpVbnz32qkCVJBSVkZbVx6
ZhQSeBxaGOfId0H9RPZlp0/3q8wPi8kcVDPrpxkAQZFZoxE0qY6NkDm/BTpmWl80
KfWShybHEzUUIIEjhnBlGLbqTCqxtCBO2vBACSE+RSw3uqL9oGNRWips2EyO7Hby
OKIWXLW6rACIH5iiYfmvwnfPnjdfL9FwuioMCkAfC9INeW8QCK2zmQ6AyVjC/rZi
mMCHs58yDyZASopys/LYpiTx2/UUODja9tziOwSbmaZGOSxzvKAvtXKMOsJ7AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU7Nv0MTtyexD8hLUTZnXJRrW1yY4wHwYDVR0j
BBgwFoAU308DxXcMe6OZEoEzZ7XoaABczZkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FMDhEOTMzNjgyRjY4OEVEOEMzNkQwRkMxRjM0QjY4MzE1
MDUzRDNGMzcxRjY4NEI5QTM4N0E1RkE2NzA5RjE3LzAvREY0RjAzQzU3NzBDN0JB
Mzk5MTI4MTMzNjdCNUU4NjgwMDVDQ0Q5OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERjRGMDNDNTc3MEM3QkEzOTkx
MjgxMzM2N0I1RTg2ODAwNUNDRDk5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTA4RDkzMzY4MkY2ODhFRDhDMzZEMEZDMUYzNEI2ODMxNTA1M0QzRjM3
MUY2ODRCOUEzODdBNUZBNjcwOUYxNy8wLzMxMzczMDJlMzIzNTM0MmUzMjM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM3MzYzOTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqv4c
MA0GCSqGSIb3DQEBCwUAA4IBAQAcTmIIotqNUaUXQP5DCocX06lO22zLq2E1FGsn
BUdfZuq9aBHYOKjgPWO5LOwXW0ZsV3g4HA/U1ITXUwiJ8brLGXXdX2cOb6Quy0I5
ZJoqqdU0qyMmaJ/fb0wu27RYe0ce+uiF6fq4amC4dzv9p6L7tx9n72dydu/3BZIB
Hv6wmS6Ci2cbzt18/EptJW/ymz7xErW23WEmB7ObOLxDWDjdmpTGpFP1un2pteSi
/Nmh/ozg9l4ooZeSrcSf1gZWVQHZIhgc6x0KqRd1/7VoamrtNL5Su0rLrEdV0OZ8
UgGFd0puOlQONribuf43U+MTq5ySxHSzDtXwwUt+GN06P7i9
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:43:12 2024 by rpki-client on console-fra.rpki-client.org