Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E52FD6A6A46B7828B44D62F7E0AB52216C5E6EEAD8DE8F789F9A0C8D1195A94C/0/3133382e3230342e31342e302f32342d3234203d3e20323633363831.roa
File:                     3133382e3230342e31342e302f32342d3234203d3e20323633363831.roa (raw, json)
Hash identifier:          MWOHNAINqIpvAsHq+HjgU6OlOgBIAtOhg5xlFIxwVYg=
Subject key identifier:   FA:F2:F5:D4:AC:CA:7C:9E:3F:A4:72:1E:DB:28:6F:B8:E0:89:55:11
Certificate issuer:       /CN=DCD3F0E4EE043C5BA9858A89B5A60E7FF2D355C6
Certificate serial:       71A87A79F4D1BAD535F85A1DFE296A4D24572603
Authority key identifier: DC:D3:F0:E4:EE:04:3C:5B:A9:85:8A:89:B5:A6:0E:7F:F2:D3:55:C6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DCD3F0E4EE043C5BA9858A89B5A60E7FF2D355C6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E52FD6A6A46B7828B44D62F7E0AB52216C5E6EEAD8DE8F789F9A0C8D1195A94C/0/3133382e3230342e31342e302f32342d3234203d3e20323633363831.roa
Signing time:             Thu 18 Jul 2024 04:30:00 +0000
ROA not before:           Thu 18 Jul 2024 04:25:00 +0000
ROA not after:            Thu 17 Jul 2025 04:30:00 +0000
asID:                     263681
IP address blocks:        138.204.14.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/E52FD6A6A46B7828B44D62F7E0AB52216C5E6EEAD8DE8F789F9A0C8D1195A94C/0/DCD3F0E4EE043C5BA9858A89B5A60E7FF2D355C6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E52FD6A6A46B7828B44D62F7E0AB52216C5E6EEAD8DE8F789F9A0C8D1195A94C/0/DCD3F0E4EE043C5BA9858A89B5A60E7FF2D355C6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DCD3F0E4EE043C5BA9858A89B5A60E7FF2D355C6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 07:58:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:a8:7a:79:f4:d1:ba:d5:35:f8:5a:1d:fe:29:6a:4d:24:57:26:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DCD3F0E4EE043C5BA9858A89B5A60E7FF2D355C6
        Validity
            Not Before: Jul 18 04:25:00 2024 GMT
            Not After : Jul 17 04:30:00 2025 GMT
        Subject: CN=FAF2F5D4ACCA7C9E3FA4721EDB286FB8E0895511
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f0:24:c8:2e:12:94:9e:39:be:cb:66:80:ec:
                    87:f8:0c:94:d2:d3:9e:77:9e:67:74:83:5e:ba:97:
                    6c:93:52:e2:49:50:5e:3a:43:a7:14:8c:7c:90:46:
                    fb:33:88:b1:ef:35:39:2a:55:54:71:0a:c2:81:0b:
                    fc:64:ff:c9:9a:16:39:fa:5d:31:f6:5d:94:7c:a8:
                    8a:03:63:05:e5:67:cf:3d:00:a1:e4:a5:e8:71:cf:
                    7d:9d:dc:2b:ec:98:9a:f6:a0:d2:50:5b:50:88:42:
                    12:a9:bf:0f:ab:b8:7c:4b:53:38:eb:f6:c6:b4:c8:
                    52:0a:f4:43:a1:5c:89:99:2f:43:78:f8:69:69:e3:
                    97:e4:f7:1b:88:a9:c0:75:8d:e0:b8:1f:25:76:b5:
                    81:50:c5:75:12:00:57:39:46:40:97:e8:96:cb:dc:
                    6e:f8:ac:97:24:be:02:aa:c7:a8:56:64:12:22:16:
                    58:cd:29:e0:68:8f:b6:d6:9f:a3:57:e3:e6:ca:d2:
                    c5:3d:81:bc:ad:90:ac:89:df:97:17:f0:1e:7a:08:
                    ba:e7:a0:d4:b7:b7:5a:c1:48:6b:4d:a3:49:5d:e9:
                    4e:ea:b7:0c:a7:aa:a8:57:d0:3f:42:da:a4:8b:3e:
                    c8:ba:b1:f6:5c:98:70:88:73:d1:2b:cc:fd:cd:01:
                    29:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:F2:F5:D4:AC:CA:7C:9E:3F:A4:72:1E:DB:28:6F:B8:E0:89:55:11
            X509v3 Authority Key Identifier:
                keyid:DC:D3:F0:E4:EE:04:3C:5B:A9:85:8A:89:B5:A6:0E:7F:F2:D3:55:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E52FD6A6A46B7828B44D62F7E0AB52216C5E6EEAD8DE8F789F9A0C8D1195A94C/0/DCD3F0E4EE043C5BA9858A89B5A60E7FF2D355C6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DCD3F0E4EE043C5BA9858A89B5A60E7FF2D355C6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E52FD6A6A46B7828B44D62F7E0AB52216C5E6EEAD8DE8F789F9A0C8D1195A94C/0/3133382e3230342e31342e302f32342d3234203d3e20323633363831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.204.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:a0:16:04:f5:b4:19:e9:8e:64:cb:b0:8d:1b:52:28:ad:a4:
         68:ef:ae:0a:74:3d:65:0f:5a:3d:b7:bb:f7:d7:2d:f9:49:df:
         75:58:2b:4b:51:92:05:20:51:6a:bd:6c:d0:e1:12:07:4f:5b:
         76:e1:2b:a7:37:d0:eb:69:b0:c9:55:f2:3c:17:3c:97:c8:7d:
         b7:84:44:5e:a7:c5:a2:c1:fe:ad:8c:3f:48:dd:8f:1f:48:41:
         ec:c5:8b:23:6a:9f:81:85:34:81:39:46:9f:a0:37:5e:16:de:
         69:3d:5a:81:72:78:44:8f:6d:47:5f:21:6b:f3:43:bb:2e:46:
         62:09:4b:61:b8:e0:e5:14:7f:28:09:05:6d:aa:20:1f:a1:1b:
         8d:2e:7d:d1:f5:5d:a2:b2:be:6d:3d:b2:c9:b3:98:51:f9:1c:
         70:c9:5b:71:5b:9c:9b:2a:bc:8c:0b:8f:5e:76:a1:1b:71:d5:
         9f:f4:1a:68:58:d6:f6:64:34:34:6a:96:1f:1c:38:cc:c9:2f:
         69:68:25:68:78:15:05:5b:04:b0:a3:ff:fb:80:0e:41:9c:4f:
         4a:3b:ea:aa:52:76:dd:c7:dd:75:ac:3a:c0:e8:2d:aa:b7:31:
         43:c5:db:13:57:2d:a5:be:7f:7d:60:db:84:24:c6:e6:a0:d9:
         ce:08:ae:21
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUcah6efTRutU1+Fod/ilqTSRXJgMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRENEM0YwRTRFRTA0M0M1QkE5ODU4QTg5QjVBNjBFN0ZG
MkQzNTVDNjAeFw0yNDA3MTgwNDI1MDBaFw0yNTA3MTcwNDMwMDBaMDMxMTAvBgNV
BAMTKEZBRjJGNUQ0QUNDQTdDOUUzRkE0NzIxRURCMjg2RkI4RTA4OTU1MTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI8CTILhKUnjm+y2aA7If4DJTS
0553nmd0g166l2yTUuJJUF46Q6cUjHyQRvsziLHvNTkqVVRxCsKBC/xk/8maFjn6
XTH2XZR8qIoDYwXlZ889AKHkpehxz32d3CvsmJr2oNJQW1CIQhKpvw+ruHxLUzjr
9sa0yFIK9EOhXImZL0N4+Glp45fk9xuIqcB1jeC4HyV2tYFQxXUSAFc5RkCX6JbL
3G74rJckvgKqx6hWZBIiFljNKeBoj7bWn6NX4+bK0sU9gbytkKyJ35cX8B56CLrn
oNS3t1rBSGtNo0ld6U7qtwynqqhX0D9C2qSLPsi6sfZcmHCIc9ErzP3NASmtAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU+vL11KzKfJ4/pHIe2yhvuOCJVREwHwYDVR0j
BBgwFoAU3NPw5O4EPFuphYqJtaYOf/LTVcYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FNTJGRDZBNkE0NkI3ODI4QjQ0RDYyRjdFMEFCNTIyMTZD
NUU2RUVBRDhERThGNzg5RjlBMEM4RDExOTVBOTRDLzAvRENEM0YwRTRFRTA0M0M1
QkE5ODU4QTg5QjVBNjBFN0ZGMkQzNTVDNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQ0QzRjBFNEVFMDQzQzVCQTk4
NThBODlCNUE2MEU3RkYyRDM1NUM2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTUyRkQ2QTZBNDZCNzgyOEI0NEQ2MkY3RTBBQjUyMjE2QzVFNkVFQUQ4
REU4Rjc4OUY5QTBDOEQxMTk1QTk0Qy8wLzMxMzMzODJlMzIzMDM0MmUzMTM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMzMzYzODMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAiswO
MA0GCSqGSIb3DQEBCwUAA4IBAQBSoBYE9bQZ6Y5ky7CNG1IoraRo764KdD1lD1o9
t7v31y35Sd91WCtLUZIFIFFqvWzQ4RIHT1t24SunN9DrabDJVfI8FzyXyH23hERe
p8Wiwf6tjD9I3Y8fSEHsxYsjap+BhTSBOUafoDdeFt5pPVqBcnhEj21HXyFr80O7
LkZiCUthuODlFH8oCQVtqiAfoRuNLn3R9V2isr5tPbLJs5hR+RxwyVtxW5ybKryM
C49edqEbcdWf9BpoWNb2ZDQ0apYfHDjMyS9paCVoeBUFWwSwo//7gA5BnE9KO+qq
Unbdx911rDrA6C2qtzFDxdsTVy2lvn99YNuEJMbmoNnOCK4h
-----END CERTIFICATE-----
Generated at Tue Oct 29 00:42:47 2024 by rpki-client on console-fra.rpki-client.org