Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E5A7BC69D0EB1845D2FDE3FC5E5564FAF1DA99B9BDADBF0ACB44307D088829D9/0/3139302e392e37302e302f32332d3234203d3e20323733313136.roa
File:                     3139302e392e37302e302f32332d3234203d3e20323733313136.roa (raw, json)
Hash identifier:          avBO3G1YpbuS5KBefz6U6FlXvtjqpjIJTLtP7wte2lo=
Subject key identifier:   40:0A:28:A6:E5:9F:51:1A:19:28:BE:B3:45:B2:EB:3D:4A:5A:41:0D
Certificate issuer:       /CN=E51AFE0ACF27786A371E93DAA45AD232AFF6F8CF
Certificate serial:       45970ADE79EA9877A86DB5C5E9D998DAD3FFE485
Authority key identifier: E5:1A:FE:0A:CF:27:78:6A:37:1E:93:DA:A4:5A:D2:32:AF:F6:F8:CF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E51AFE0ACF27786A371E93DAA45AD232AFF6F8CF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E5A7BC69D0EB1845D2FDE3FC5E5564FAF1DA99B9BDADBF0ACB44307D088829D9/0/3139302e392e37302e302f32332d3234203d3e20323733313136.roa
Signing time:             Tue 05 Mar 2024 18:17:01 +0000
ROA not before:           Tue 05 Mar 2024 18:12:01 +0000
ROA not after:            Tue 04 Mar 2025 18:17:01 +0000
asID:                     273116
IP address blocks:        190.9.70.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/E5A7BC69D0EB1845D2FDE3FC5E5564FAF1DA99B9BDADBF0ACB44307D088829D9/0/E51AFE0ACF27786A371E93DAA45AD232AFF6F8CF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5A7BC69D0EB1845D2FDE3FC5E5564FAF1DA99B9BDADBF0ACB44307D088829D9/0/E51AFE0ACF27786A371E93DAA45AD232AFF6F8CF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E51AFE0ACF27786A371E93DAA45AD232AFF6F8CF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:97:0a:de:79:ea:98:77:a8:6d:b5:c5:e9:d9:98:da:d3:ff:e4:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E51AFE0ACF27786A371E93DAA45AD232AFF6F8CF
        Validity
            Not Before: Mar  5 18:12:01 2024 GMT
            Not After : Mar  4 18:17:01 2025 GMT
        Subject: CN=400A28A6E59F511A1928BEB345B2EB3D4A5A410D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:41:31:bd:0d:c8:6a:0e:cc:2a:df:d3:34:9d:
                    9d:61:f0:fe:4f:93:d8:a9:65:a7:c2:6c:5d:56:f4:
                    da:cc:64:c1:e4:49:43:bf:5c:73:cc:22:11:86:85:
                    05:ff:c2:17:40:2f:bc:86:1e:1f:3c:0d:67:f1:6b:
                    be:de:c0:d5:2e:92:31:c5:34:5a:c4:39:8b:15:9f:
                    0a:ba:38:cb:8b:f2:70:ea:12:7e:3d:42:e3:88:2a:
                    ee:73:7c:15:d9:9c:43:8a:72:b6:5f:e6:92:ca:b8:
                    f9:82:be:80:c3:f0:c9:62:e2:72:c1:d0:52:fc:db:
                    68:1d:01:8a:b6:2e:1b:74:92:75:65:5c:d3:a5:76:
                    51:6f:7c:56:73:58:51:50:cc:4d:a5:0d:ba:e7:79:
                    f1:b3:57:11:77:65:f2:5d:e9:ce:3c:6e:27:58:1e:
                    23:d4:fe:6d:e2:67:37:d8:0d:70:b8:a9:b9:0b:3a:
                    e3:fa:6b:9f:83:57:a7:16:1a:57:7d:d9:fa:d8:0b:
                    bc:5c:03:07:a7:c3:9d:d9:cd:81:cd:38:e8:38:8d:
                    c8:ef:f1:67:27:f3:d5:50:df:08:99:50:e8:22:80:
                    35:91:51:36:c7:c0:78:7d:b5:67:79:89:30:d7:2f:
                    76:82:24:48:2f:8f:b8:c1:a5:20:ec:9b:48:9c:d6:
                    92:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:0A:28:A6:E5:9F:51:1A:19:28:BE:B3:45:B2:EB:3D:4A:5A:41:0D
            X509v3 Authority Key Identifier:
                keyid:E5:1A:FE:0A:CF:27:78:6A:37:1E:93:DA:A4:5A:D2:32:AF:F6:F8:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E5A7BC69D0EB1845D2FDE3FC5E5564FAF1DA99B9BDADBF0ACB44307D088829D9/0/E51AFE0ACF27786A371E93DAA45AD232AFF6F8CF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E51AFE0ACF27786A371E93DAA45AD232AFF6F8CF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E5A7BC69D0EB1845D2FDE3FC5E5564FAF1DA99B9BDADBF0ACB44307D088829D9/0/3139302e392e37302e302f32332d3234203d3e20323733313136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.9.70.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bd:0b:a2:96:0f:21:e1:68:12:dc:f0:9a:10:5e:20:64:2f:d9:
         e1:9e:52:da:3c:dd:d6:fa:23:f5:9f:bd:09:05:1b:fc:b4:6d:
         76:e1:13:81:76:f6:b0:7d:4c:b9:b4:17:50:c8:51:b9:84:19:
         a7:48:bd:99:49:46:8f:4f:b7:38:dd:bf:01:1e:57:af:79:67:
         bd:84:9b:bf:ef:22:d6:3c:ae:c6:f8:4d:a5:49:5b:69:da:c6:
         59:c8:1f:63:81:ee:e9:40:27:51:0f:7a:ad:68:26:b4:31:10:
         48:8c:cb:e4:ca:c1:3a:18:75:42:db:d1:75:50:1f:15:1f:c9:
         7c:7b:f3:dd:56:bf:92:9f:f5:2c:79:21:20:47:fa:11:7c:66:
         5e:b3:3e:4e:f0:51:b0:88:24:f9:98:74:85:e1:d9:54:a5:a7:
         1b:4c:d8:80:60:65:66:90:5b:08:35:5e:f5:69:85:d6:3a:c1:
         9c:23:0d:ea:cd:9e:74:39:95:dc:aa:a4:89:8a:7f:da:df:2e:
         c6:53:cf:0f:e9:e0:5d:3e:ac:7d:35:33:36:d0:95:90:b2:ba:
         f3:4b:fe:24:77:15:39:81:ff:3b:a1:fd:67:80:98:7b:b5:56:
         3f:90:e2:46:36:ca:86:32:e3:97:08:84:e3:f7:33:ff:c7:18:
         0f:4d:d5:fa
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIURZcK3nnqmHeobbXF6dmY2tP/5IUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTUxQUZFMEFDRjI3Nzg2QTM3MUU5M0RBQTQ1QUQyMzJB
RkY2RjhDRjAeFw0yNDAzMDUxODEyMDFaFw0yNTAzMDQxODE3MDFaMDMxMTAvBgNV
BAMTKDQwMEEyOEE2RTU5RjUxMUExOTI4QkVCMzQ1QjJFQjNENEE1QTQxMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfQTG9DchqDswq39M0nZ1h8P5P
k9ipZafCbF1W9NrMZMHkSUO/XHPMIhGGhQX/whdAL7yGHh88DWfxa77ewNUukjHF
NFrEOYsVnwq6OMuL8nDqEn49QuOIKu5zfBXZnEOKcrZf5pLKuPmCvoDD8Mli4nLB
0FL822gdAYq2Lht0knVlXNOldlFvfFZzWFFQzE2lDbrnefGzVxF3ZfJd6c48bidY
HiPU/m3iZzfYDXC4qbkLOuP6a5+DV6cWGld92frYC7xcAwenw53ZzYHNOOg4jcjv
8Wcn89VQ3wiZUOgigDWRUTbHwHh9tWd5iTDXL3aCJEgvj7jBpSDsm0ic1pLTAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUQAoopuWfURoZKL6zRbLrPUpaQQ0wHwYDVR0j
BBgwFoAU5Rr+Cs8neGo3HpPapFrSMq/2+M8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FNUE3QkM2OUQwRUIxODQ1RDJGREUzRkM1RTU1NjRGQUYx
REE5OUI5QkRBREJGMEFDQjQ0MzA3RDA4ODgyOUQ5LzAvRTUxQUZFMEFDRjI3Nzg2
QTM3MUU5M0RBQTQ1QUQyMzJBRkY2RjhDRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FNTFBRkUwQUNGMjc3ODZBMzcx
RTkzREFBNDVBRDIzMkFGRjZGOENGLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTVBN0JDNjlEMEVCMTg0NUQyRkRFM0ZDNUU1NTY0RkFGMURBOTlCOUJE
QURCRjBBQ0I0NDMwN0QwODg4MjlEOS8wLzMxMzkzMDJlMzkyZTM3MzAyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMjM3MzMzMTMxMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG+CUYwDQYJ
KoZIhvcNAQELBQADggEBAL0LopYPIeFoEtzwmhBeIGQv2eGeUto83db6I/WfvQkF
G/y0bXbhE4F29rB9TLm0F1DIUbmEGadIvZlJRo9PtzjdvwEeV695Z72Em7/vItY8
rsb4TaVJW2naxlnIH2OB7ulAJ1EPeq1oJrQxEEiMy+TKwToYdULb0XVQHxUfyXx7
891Wv5Kf9Sx5ISBH+hF8Zl6zPk7wUbCIJPmYdIXh2VSlpxtM2IBgZWaQWwg1XvVp
hdY6wZwjDerNnnQ5ldyqpImKf9rfLsZTzw/p4F0+rH01MzbQlZCyuvNL/iR3FTmB
/zuh/WeAmHu1Vj+Q4kY2yoYy45cIhOP3M//HGA9N1fo=
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:34:18 2024 by rpki-client on console-fra.rpki-client.org