Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e33302e302f32342d3234203d3e20323637363939.roa
File:                     3137302e3235342e33302e302f32342d3234203d3e20323637363939.roa (raw, json)
Hash identifier:          9veLQGhzkPw1kGBE58QIPi/6WdBS7vp4zkvMbA+KyQs=
Subject key identifier:   48:4C:91:55:A8:86:54:91:84:69:A2:94:DC:E2:49:48:B1:B9:E9:AC
Certificate issuer:       /CN=DF4F03C5770C7BA39912813367B5E868005CCD99
Certificate serial:       666DCC4A40E4B978B771FE14B976733AA7226C72
Authority key identifier: DF:4F:03:C5:77:0C:7B:A3:99:12:81:33:67:B5:E8:68:00:5C:CD:99
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e33302e302f32342d3234203d3e20323637363939.roa
Signing time:             Tue 05 Mar 2024 18:06:00 +0000
ROA not before:           Tue 05 Mar 2024 18:01:00 +0000
ROA not after:            Tue 04 Mar 2025 18:06:00 +0000
asID:                     267699
IP address blocks:        170.254.30.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:6d:cc:4a:40:e4:b9:78:b7:71:fe:14:b9:76:73:3a:a7:22:6c:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DF4F03C5770C7BA39912813367B5E868005CCD99
        Validity
            Not Before: Mar  5 18:01:00 2024 GMT
            Not After : Mar  4 18:06:00 2025 GMT
        Subject: CN=484C9155A88654918469A294DCE24948B1B9E9AC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:70:66:8e:53:06:ea:f0:c3:cc:9c:5c:4c:59:
                    2d:7b:5d:3c:3d:86:b3:44:ff:28:66:f6:d1:73:a9:
                    80:be:00:31:3e:f1:1a:f4:fa:f8:89:ef:5b:87:38:
                    48:43:0a:0c:cc:2f:4d:b4:9d:77:12:e1:cb:05:9b:
                    59:77:8c:28:fa:a0:dd:28:26:39:b9:2c:f3:94:9c:
                    cb:0d:a0:d6:b8:13:20:75:88:a3:07:78:b8:34:3c:
                    06:c4:05:af:91:a0:12:aa:f9:53:c5:e8:e1:95:90:
                    e8:ed:60:bd:61:cf:d5:1d:e5:01:53:9e:6f:d2:f7:
                    a4:f5:a0:b9:8c:fd:e1:5b:d1:7b:c9:8f:1e:29:ae:
                    3a:d9:e6:bc:63:d5:35:7a:8e:02:bc:6e:4d:09:c7:
                    73:16:86:cd:75:27:cb:24:40:f5:cc:b0:c7:2b:c2:
                    03:4e:b4:8a:6a:9d:bc:67:e4:2d:4c:30:ec:e2:c1:
                    cc:53:26:67:15:53:2b:ef:71:4e:76:01:65:56:ff:
                    b6:41:c7:0e:c0:46:cd:49:ee:44:da:4e:b7:eb:f1:
                    32:e8:00:0e:44:5a:89:89:02:c8:ce:9b:10:1f:93:
                    6b:19:22:86:53:f7:79:47:8e:ca:24:e9:f4:bc:1e:
                    46:22:0d:f5:f4:8f:1e:3f:83:a4:3b:b7:68:e5:e8:
                    93:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:4C:91:55:A8:86:54:91:84:69:A2:94:DC:E2:49:48:B1:B9:E9:AC
            X509v3 Authority Key Identifier:
                keyid:DF:4F:03:C5:77:0C:7B:A3:99:12:81:33:67:B5:E8:68:00:5C:CD:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e33302e302f32342d3234203d3e20323637363939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:13:f2:c2:30:82:cb:72:75:19:5e:f5:a8:8b:b9:ee:7e:88:
         a7:13:27:7f:07:48:9f:9b:eb:80:66:5c:b4:c6:38:a6:0a:f5:
         75:61:b5:f5:c6:f8:fa:89:cf:28:85:b1:bf:94:7a:cf:37:84:
         7b:e3:ba:ea:6f:74:f6:46:24:c6:27:63:8b:04:1d:1e:37:fd:
         4c:a5:16:e2:2d:1c:bb:99:e7:29:fa:0c:64:86:b2:3f:c2:7d:
         04:f4:6f:01:a2:1d:29:98:83:93:15:b9:a7:59:37:b9:8c:61:
         4d:3a:d3:1d:0d:20:74:21:b2:f6:56:04:d0:05:f1:0c:84:c8:
         2e:a9:db:e8:bc:10:d5:54:c2:33:14:1f:c8:2c:12:e3:fd:a6:
         ec:e6:a1:25:91:d5:31:10:26:f7:14:72:0e:4c:77:35:35:66:
         8c:ab:bb:cc:17:72:a7:fe:78:5f:63:38:ca:e8:77:56:f8:92:
         3d:90:8a:f5:a7:5c:b5:89:6d:53:ae:d9:e2:86:69:c8:41:b4:
         22:4c:49:93:47:4a:72:55:e5:fa:e3:8d:c4:17:10:bc:b8:b5:
         06:8a:94:a8:59:c8:98:ed:23:ed:96:d6:c9:5e:01:51:8a:e8:
         e0:34:35:49:4e:63:2e:9c:ec:12:93:da:bc:c0:c5:df:ca:69:
         8e:31:f0:fd
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUZm3MSkDkuXi3cf4UuXZzOqcibHIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREY0RjAzQzU3NzBDN0JBMzk5MTI4MTMzNjdCNUU4Njgw
MDVDQ0Q5OTAeFw0yNDAzMDUxODAxMDBaFw0yNTAzMDQxODA2MDBaMDMxMTAvBgNV
BAMTKDQ4NEM5MTU1QTg4NjU0OTE4NDY5QTI5NERDRTI0OTQ4QjFCOUU5QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpcGaOUwbq8MPMnFxMWS17XTw9
hrNE/yhm9tFzqYC+ADE+8Rr0+viJ71uHOEhDCgzML020nXcS4csFm1l3jCj6oN0o
Jjm5LPOUnMsNoNa4EyB1iKMHeLg0PAbEBa+RoBKq+VPF6OGVkOjtYL1hz9Ud5QFT
nm/S96T1oLmM/eFb0XvJjx4prjrZ5rxj1TV6jgK8bk0Jx3MWhs11J8skQPXMsMcr
wgNOtIpqnbxn5C1MMOziwcxTJmcVUyvvcU52AWVW/7ZBxw7ARs1J7kTaTrfr8TLo
AA5EWomJAsjOmxAfk2sZIoZT93lHjsok6fS8HkYiDfX0jx4/g6Q7t2jl6JOVAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUSEyRVaiGVJGEaaKU3OJJSLG56awwHwYDVR0j
BBgwFoAU308DxXcMe6OZEoEzZ7XoaABczZkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FMDhEOTMzNjgyRjY4OEVEOEMzNkQwRkMxRjM0QjY4MzE1
MDUzRDNGMzcxRjY4NEI5QTM4N0E1RkE2NzA5RjE3LzAvREY0RjAzQzU3NzBDN0JB
Mzk5MTI4MTMzNjdCNUU4NjgwMDVDQ0Q5OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERjRGMDNDNTc3MEM3QkEzOTkx
MjgxMzM2N0I1RTg2ODAwNUNDRDk5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTA4RDkzMzY4MkY2ODhFRDhDMzZEMEZDMUYzNEI2ODMxNTA1M0QzRjM3
MUY2ODRCOUEzODdBNUZBNjcwOUYxNy8wLzMxMzczMDJlMzIzNTM0MmUzMzMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM3MzYzOTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqv4e
MA0GCSqGSIb3DQEBCwUAA4IBAQChE/LCMILLcnUZXvWoi7nufoinEyd/B0ifm+uA
Zly0xjimCvV1YbX1xvj6ic8ohbG/lHrPN4R747rqb3T2RiTGJ2OLBB0eN/1MpRbi
LRy7mecp+gxkhrI/wn0E9G8Boh0pmIOTFbmnWTe5jGFNOtMdDSB0IbL2VgTQBfEM
hMguqdvovBDVVMIzFB/ILBLj/abs5qElkdUxECb3FHIOTHc1NWaMq7vMF3Kn/nhf
YzjK6HdW+JI9kIr1p1y1iW1TrtnihmnIQbQiTEmTR0pyVeX6443EFxC8uLUGipSo
WciY7SPtltbJXgFRiujgNDVJTmMunOwSk9q8wMXfymmOMfD9
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:27:17 2024 by rpki-client on console-ams.rpki-client.org