Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E364B8F7767B6DAAF449C86EDED6726CAC89C8714F55C3851E646559A81B4E19/0/3136372e3235302e3139362e302f32332d3233203d3e20323637373438.roa
File:                     3136372e3235302e3139362e302f32332d3233203d3e20323637373438.roa (raw, json)
Hash identifier:          FJaeUF6OVuZW8s/rMGPjGV7BgRgWIM207Fg3sFV/DKg=
Subject key identifier:   DC:B2:61:1D:F9:AF:0E:A3:82:D7:D5:8D:BB:38:D9:C6:50:51:3C:7F
Certificate issuer:       /CN=EFC95BAC1123D189B92EBD678C7CCE09083397C2
Certificate serial:       2170AFBF6AAFE693775EECC89BA3DC1AC9DFDA07
Authority key identifier: EF:C9:5B:AC:11:23:D1:89:B9:2E:BD:67:8C:7C:CE:09:08:33:97:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EFC95BAC1123D189B92EBD678C7CCE09083397C2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E364B8F7767B6DAAF449C86EDED6726CAC89C8714F55C3851E646559A81B4E19/0/3136372e3235302e3139362e302f32332d3233203d3e20323637373438.roa
Signing time:             Tue 05 Mar 2024 18:14:03 +0000
ROA not before:           Tue 05 Mar 2024 18:09:03 +0000
ROA not after:            Tue 04 Mar 2025 18:14:03 +0000
asID:                     267748
IP address blocks:        167.250.196.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/E364B8F7767B6DAAF449C86EDED6726CAC89C8714F55C3851E646559A81B4E19/0/EFC95BAC1123D189B92EBD678C7CCE09083397C2.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E364B8F7767B6DAAF449C86EDED6726CAC89C8714F55C3851E646559A81B4E19/0/EFC95BAC1123D189B92EBD678C7CCE09083397C2.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EFC95BAC1123D189B92EBD678C7CCE09083397C2.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:70:af:bf:6a:af:e6:93:77:5e:ec:c8:9b:a3:dc:1a:c9:df:da:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EFC95BAC1123D189B92EBD678C7CCE09083397C2
        Validity
            Not Before: Mar  5 18:09:03 2024 GMT
            Not After : Mar  4 18:14:03 2025 GMT
        Subject: CN=DCB2611DF9AF0EA382D7D58DBB38D9C650513C7F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:6b:c5:3a:2a:75:2c:35:ff:06:e8:78:f4:77:
                    f0:63:9c:a0:d6:eb:4e:fa:d2:f1:27:a6:fe:65:bf:
                    aa:e3:33:fc:d5:56:74:8a:7a:9c:36:e3:dc:54:f4:
                    8b:60:b7:fd:53:10:90:f1:7c:07:59:1f:63:95:8b:
                    ee:6d:f6:0f:dd:4a:ba:48:a4:08:46:9e:11:b4:f1:
                    ab:71:3e:fa:bf:6d:ab:06:f9:36:a9:63:31:b7:15:
                    46:15:04:03:df:ef:5e:36:5e:e7:af:3f:ac:9a:9e:
                    74:b6:19:af:57:69:a8:67:73:14:3c:13:42:ed:b2:
                    f4:bb:53:5a:02:7e:ce:0f:46:a3:03:8e:f4:17:b4:
                    8a:d7:45:29:df:53:85:16:03:21:8a:40:c2:58:0b:
                    b8:ed:66:a8:99:19:1d:4b:17:09:61:b3:87:8c:f6:
                    fc:89:2d:6e:45:0f:62:89:dc:11:2f:f4:67:ee:cb:
                    a5:27:cc:07:c4:87:41:48:39:c0:fa:e0:f5:51:b4:
                    e5:7b:7a:82:f3:3e:f3:ed:af:91:13:e4:47:73:bf:
                    f1:9f:65:b4:b7:bc:1c:84:66:68:a7:14:e3:f6:25:
                    c2:32:51:8a:09:8e:ee:a6:3c:52:b4:46:58:b6:63:
                    1c:c2:38:cf:a0:7e:7b:02:1d:f0:07:7f:d7:15:85:
                    65:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:B2:61:1D:F9:AF:0E:A3:82:D7:D5:8D:BB:38:D9:C6:50:51:3C:7F
            X509v3 Authority Key Identifier:
                keyid:EF:C9:5B:AC:11:23:D1:89:B9:2E:BD:67:8C:7C:CE:09:08:33:97:C2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E364B8F7767B6DAAF449C86EDED6726CAC89C8714F55C3851E646559A81B4E19/0/EFC95BAC1123D189B92EBD678C7CCE09083397C2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EFC95BAC1123D189B92EBD678C7CCE09083397C2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E364B8F7767B6DAAF449C86EDED6726CAC89C8714F55C3851E646559A81B4E19/0/3136372e3235302e3139362e302f32332d3233203d3e20323637373438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.250.196.0/23

    Signature Algorithm: sha256WithRSAEncryption
         10:4a:d9:9d:31:47:b3:18:80:88:d7:4f:19:50:4d:45:f2:fd:
         38:ff:d7:12:96:36:36:35:1a:cb:38:e5:cd:7b:ea:4f:58:33:
         36:d1:97:76:14:87:0e:c3:8d:3c:89:ea:59:de:8f:a4:69:59:
         8d:4d:39:6c:1c:2c:7c:0b:0d:12:eb:56:a4:66:a2:bd:29:cd:
         84:48:4a:ff:28:af:79:1b:94:70:b6:0e:3a:24:3a:aa:61:d1:
         c6:d0:9f:f0:89:d6:97:cf:31:5e:c7:db:ea:8e:88:e0:3c:32:
         fa:13:6b:00:36:8d:67:4f:2d:a5:50:a4:98:f6:5d:72:63:d8:
         d2:a4:6c:b1:a2:a8:52:8a:73:c2:f9:d3:9f:c2:aa:92:91:db:
         5a:e2:bc:63:5b:f8:c9:ee:71:ed:1c:11:50:4b:e9:21:3a:85:
         1c:da:31:95:22:d4:13:c3:e1:11:44:6c:16:b8:68:d0:50:50:
         45:86:b3:a4:b3:1f:8b:6a:a0:f3:d1:72:b3:e0:7a:83:9e:0c:
         5b:be:9e:0d:4f:68:09:af:26:50:2b:e7:aa:33:7a:fa:b8:65:
         c1:85:08:21:15:5d:7f:65:0c:36:fc:18:8f:7a:d8:40:46:1a:
         01:27:41:bf:aa:e1:8a:9f:aa:02:72:d1:1b:74:12:0f:4e:22:
         a0:a4:b4:ff
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUIXCvv2qv5pN3XuzIm6PcGsnf2gcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUZDOTVCQUMxMTIzRDE4OUI5MkVCRDY3OEM3Q0NFMDkw
ODMzOTdDMjAeFw0yNDAzMDUxODA5MDNaFw0yNTAzMDQxODE0MDNaMDMxMTAvBgNV
BAMTKERDQjI2MTFERjlBRjBFQTM4MkQ3RDU4REJCMzhEOUM2NTA1MTNDN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCma8U6KnUsNf8G6Hj0d/BjnKDW
60760vEnpv5lv6rjM/zVVnSKepw249xU9Itgt/1TEJDxfAdZH2OVi+5t9g/dSrpI
pAhGnhG08atxPvq/basG+TapYzG3FUYVBAPf7142XuevP6yannS2Ga9XaahncxQ8
E0LtsvS7U1oCfs4PRqMDjvQXtIrXRSnfU4UWAyGKQMJYC7jtZqiZGR1LFwlhs4eM
9vyJLW5FD2KJ3BEv9Gfuy6UnzAfEh0FIOcD64PVRtOV7eoLzPvPtr5ET5Edzv/Gf
ZbS3vByEZminFOP2JcIyUYoJju6mPFK0Rli2YxzCOM+gfnsCHfAHf9cVhWXhAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU3LJhHfmvDqOC19WNuzjZxlBRPH8wHwYDVR0j
BBgwFoAU78lbrBEj0Ym5Lr1njHzOCQgzl8IwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FMzY0QjhGNzc2N0I2REFBRjQ0OUM4NkVERUQ2NzI2Q0FD
ODlDODcxNEY1NUMzODUxRTY0NjU1OUE4MUI0RTE5LzAvRUZDOTVCQUMxMTIzRDE4
OUI5MkVCRDY3OEM3Q0NFMDkwODMzOTdDMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FRkM5NUJBQzExMjNEMTg5Qjky
RUJENjc4QzdDQ0UwOTA4MzM5N0MyLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTM2NEI4Rjc3NjdCNkRBQUY0NDlDODZFREVENjcyNkNBQzg5Qzg3MTRG
NTVDMzg1MUU2NDY1NTlBODFCNEUxOS8wLzMxMzYzNzJlMzIzNTMwMmUzMTM5MzYy
ZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjM2MzczNzM0Mzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGn
+sQwDQYJKoZIhvcNAQELBQADggEBABBK2Z0xR7MYgIjXTxlQTUXy/Tj/1xKWNjY1
Gss45c176k9YMzbRl3YUhw7DjTyJ6lnej6RpWY1NOWwcLHwLDRLrVqRmor0pzYRI
Sv8or3kblHC2DjokOqph0cbQn/CJ1pfPMV7H2+qOiOA8MvoTawA2jWdPLaVQpJj2
XXJj2NKkbLGiqFKKc8L505/CqpKR21rivGNb+Mnuce0cEVBL6SE6hRzaMZUi1BPD
4RFEbBa4aNBQUEWGs6SzH4tqoPPRcrPgeoOeDFu+ng1PaAmvJlAr56ozevq4ZcGF
CCEVXX9lDDb8GI962EBGGgEnQb+q4YqfqgJy0Rt0Eg9OIqCktP8=
-----END CERTIFICATE-----
Generated at Wed Nov 20 08:53:07 2024 by rpki-client on console-ams.rpki-client.org