Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e33312e302f32342d3234203d3e20323637363939.roa
File:                     3137302e3235342e33312e302f32342d3234203d3e20323637363939.roa (raw, json)
Hash identifier:          dgt9dTA6tyKmKGnHnLti8aTcVL26ozc2ZBa1Shl4+jI=
Subject key identifier:   4D:E8:D0:32:F0:FD:08:CB:94:E5:5F:B2:65:CC:8E:E2:7E:56:CC:12
Certificate issuer:       /CN=DF4F03C5770C7BA39912813367B5E868005CCD99
Certificate serial:       4AEC6CD0396600A424E59EF7BD9CF3C60C3641A9
Authority key identifier: DF:4F:03:C5:77:0C:7B:A3:99:12:81:33:67:B5:E8:68:00:5C:CD:99
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e33312e302f32342d3234203d3e20323637363939.roa
Signing time:             Tue 05 Mar 2024 18:05:57 +0000
ROA not before:           Tue 05 Mar 2024 18:00:57 +0000
ROA not after:            Tue 04 Mar 2025 18:05:57 +0000
asID:                     267699
IP address blocks:        170.254.31.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:ec:6c:d0:39:66:00:a4:24:e5:9e:f7:bd:9c:f3:c6:0c:36:41:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DF4F03C5770C7BA39912813367B5E868005CCD99
        Validity
            Not Before: Mar  5 18:00:57 2024 GMT
            Not After : Mar  4 18:05:57 2025 GMT
        Subject: CN=4DE8D032F0FD08CB94E55FB265CC8EE27E56CC12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d3:23:fd:63:f0:54:76:06:97:a7:0c:fc:6e:
                    47:f6:48:50:a5:bf:64:ec:3e:cd:41:b4:27:24:07:
                    bb:8d:97:30:b4:2d:8f:47:34:34:6c:8b:9d:42:ce:
                    7a:6d:5d:a5:09:46:ad:ff:7f:af:3e:1b:1b:94:c4:
                    6f:c8:b2:0d:48:5a:ae:97:fb:c0:40:87:1c:74:82:
                    58:87:7e:e7:cf:6c:1b:ce:ef:b7:9c:b7:40:83:44:
                    a4:80:88:e6:ba:1c:f1:fd:a8:63:1f:17:db:64:b9:
                    0c:a1:61:6e:99:1c:c9:c6:2b:f5:c3:fd:65:d5:e0:
                    4e:18:bd:42:73:fc:c0:d9:da:49:f9:15:07:00:d1:
                    2f:da:41:43:d1:a1:9e:ea:45:8c:1f:e6:5a:61:e5:
                    58:80:e9:54:1d:37:84:53:5c:6f:34:9d:18:06:0c:
                    82:4f:76:f8:d4:84:a8:7b:40:3a:4e:f0:18:74:15:
                    d1:ec:01:8f:af:c4:50:f8:a0:fa:5b:a6:4e:62:79:
                    70:db:cf:66:d7:59:9a:ed:5f:22:b3:51:de:ff:bc:
                    bb:c2:99:57:13:fe:f5:0a:7d:3b:42:35:b6:04:dc:
                    09:de:2e:22:c1:df:db:bb:b7:4c:5e:e1:6d:18:d3:
                    f2:bf:fb:39:02:fc:a3:e2:83:42:5b:9f:4d:04:56:
                    8d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:E8:D0:32:F0:FD:08:CB:94:E5:5F:B2:65:CC:8E:E2:7E:56:CC:12
            X509v3 Authority Key Identifier:
                keyid:DF:4F:03:C5:77:0C:7B:A3:99:12:81:33:67:B5:E8:68:00:5C:CD:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e33312e302f32342d3234203d3e20323637363939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:79:16:94:e5:82:ab:92:12:ed:b6:eb:95:64:55:51:2e:1a:
         50:70:ae:1c:77:de:5c:c9:5c:04:0b:d7:f7:50:fe:53:c7:02:
         92:ac:67:54:e7:ec:de:ae:1b:cf:f2:de:23:9c:b8:ad:9e:5e:
         fc:75:84:b6:f3:a8:2b:ab:cb:bc:31:74:b6:7f:22:05:35:b4:
         24:88:b9:b3:63:a2:1b:72:17:8a:0f:fb:d8:14:c7:19:4c:bf:
         1b:6d:ec:a2:0b:f0:31:f6:f0:ac:ff:99:80:15:97:e9:71:80:
         67:83:a2:48:08:81:3f:72:e0:88:40:36:26:1f:8c:af:26:9c:
         55:5d:e9:1d:c2:a1:8b:f7:b3:f5:f7:92:87:ee:c9:e1:46:be:
         86:98:23:f9:1b:f0:70:19:8d:06:89:83:9a:e6:4b:c9:cf:7f:
         2d:78:91:a5:f7:78:62:6f:eb:1b:12:37:df:7b:7d:e3:9f:fd:
         7a:60:a0:97:68:ef:07:5c:1c:6c:97:a5:8d:9d:99:35:8b:38:
         0a:cd:c0:d4:53:54:3a:ab:e1:2f:6e:73:8c:d2:af:7e:39:10:
         35:b2:59:df:0d:c9:5a:b6:b1:73:6c:62:c4:2a:13:89:ec:f6:
         c9:97:dc:6d:f8:78:28:98:a7:ce:7c:3d:6b:1b:46:b6:92:ce:
         00:ba:2c:39
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUSuxs0DlmAKQk5Z73vZzzxgw2QakwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREY0RjAzQzU3NzBDN0JBMzk5MTI4MTMzNjdCNUU4Njgw
MDVDQ0Q5OTAeFw0yNDAzMDUxODAwNTdaFw0yNTAzMDQxODA1NTdaMDMxMTAvBgNV
BAMTKDRERThEMDMyRjBGRDA4Q0I5NEU1NUZCMjY1Q0M4RUUyN0U1NkNDMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB0yP9Y/BUdgaXpwz8bkf2SFCl
v2TsPs1BtCckB7uNlzC0LY9HNDRsi51CznptXaUJRq3/f68+GxuUxG/Isg1IWq6X
+8BAhxx0gliHfufPbBvO77ect0CDRKSAiOa6HPH9qGMfF9tkuQyhYW6ZHMnGK/XD
/WXV4E4YvUJz/MDZ2kn5FQcA0S/aQUPRoZ7qRYwf5lph5ViA6VQdN4RTXG80nRgG
DIJPdvjUhKh7QDpO8Bh0FdHsAY+vxFD4oPpbpk5ieXDbz2bXWZrtXyKzUd7/vLvC
mVcT/vUKfTtCNbYE3AneLiLB39u7t0xe4W0Y0/K/+zkC/KPig0Jbn00EVo0xAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUTejQMvD9CMuU5V+yZcyO4n5WzBIwHwYDVR0j
BBgwFoAU308DxXcMe6OZEoEzZ7XoaABczZkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FMDhEOTMzNjgyRjY4OEVEOEMzNkQwRkMxRjM0QjY4MzE1
MDUzRDNGMzcxRjY4NEI5QTM4N0E1RkE2NzA5RjE3LzAvREY0RjAzQzU3NzBDN0JB
Mzk5MTI4MTMzNjdCNUU4NjgwMDVDQ0Q5OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERjRGMDNDNTc3MEM3QkEzOTkx
MjgxMzM2N0I1RTg2ODAwNUNDRDk5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTA4RDkzMzY4MkY2ODhFRDhDMzZEMEZDMUYzNEI2ODMxNTA1M0QzRjM3
MUY2ODRCOUEzODdBNUZBNjcwOUYxNy8wLzMxMzczMDJlMzIzNTM0MmUzMzMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM3MzYzOTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqv4f
MA0GCSqGSIb3DQEBCwUAA4IBAQByeRaU5YKrkhLttuuVZFVRLhpQcK4cd95cyVwE
C9f3UP5TxwKSrGdU5+zerhvP8t4jnLitnl78dYS286grq8u8MXS2fyIFNbQkiLmz
Y6IbcheKD/vYFMcZTL8bbeyiC/Ax9vCs/5mAFZfpcYBng6JICIE/cuCIQDYmH4yv
JpxVXekdwqGL97P195KH7snhRr6GmCP5G/BwGY0GiYOa5kvJz38teJGl93hib+sb
Ejffe33jn/16YKCXaO8HXBxsl6WNnZk1izgKzcDUU1Q6q+EvbnOM0q9+ORA1slnf
DclatrFzbGLEKhOJ7PbJl9xt+HgomKfOfD1rG0a2ks4Auiw5
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:27:17 2024 by rpki-client on console-ams.rpki-client.org