Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E6D2BC7FB7C5C774D7EB328A9135BF4865D92FE35BD5BBD7CA4A16A372D8FC13/0/3137302e3233312e3137362e302f32322d3234203d3e20323634373235.roa
File:                     3137302e3233312e3137362e302f32322d3234203d3e20323634373235.roa (raw, json)
Hash identifier:          1to8BKBo3V/5HVswFvJKVaPD0Uzc9kzFLWMj/Ums+/w=
Subject key identifier:   32:70:C0:16:CE:41:E9:C4:71:B2:FF:7C:BC:A2:C3:BE:7C:F9:0D:C7
Certificate issuer:       /CN=93F35A87F551B29E98811C3B3CAAA1961A6A9D07
Certificate serial:       6E38F7463656658F44FD266AF43E0516BE6C77F1
Authority key identifier: 93:F3:5A:87:F5:51:B2:9E:98:81:1C:3B:3C:AA:A1:96:1A:6A:9D:07
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/93F35A87F551B29E98811C3B3CAAA1961A6A9D07.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E6D2BC7FB7C5C774D7EB328A9135BF4865D92FE35BD5BBD7CA4A16A372D8FC13/0/3137302e3233312e3137362e302f32322d3234203d3e20323634373235.roa
Signing time:             Tue 05 Mar 2024 17:42:42 +0000
ROA not before:           Tue 05 Mar 2024 17:37:42 +0000
ROA not after:            Tue 04 Mar 2025 17:42:42 +0000
asID:                     264725
IP address blocks:        170.231.176.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/E6D2BC7FB7C5C774D7EB328A9135BF4865D92FE35BD5BBD7CA4A16A372D8FC13/0/93F35A87F551B29E98811C3B3CAAA1961A6A9D07.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E6D2BC7FB7C5C774D7EB328A9135BF4865D92FE35BD5BBD7CA4A16A372D8FC13/0/93F35A87F551B29E98811C3B3CAAA1961A6A9D07.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/93F35A87F551B29E98811C3B3CAAA1961A6A9D07.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 20 Jun 2024 02:08:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:38:f7:46:36:56:65:8f:44:fd:26:6a:f4:3e:05:16:be:6c:77:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93F35A87F551B29E98811C3B3CAAA1961A6A9D07
        Validity
            Not Before: Mar  5 17:37:42 2024 GMT
            Not After : Mar  4 17:42:42 2025 GMT
        Subject: CN=3270C016CE41E9C471B2FF7CBCA2C3BE7CF90DC7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ee:c0:f8:30:fe:55:e5:33:07:23:b1:ac:a1:
                    8e:73:48:d7:12:da:61:3b:eb:6d:e9:ff:87:6a:5c:
                    f7:aa:00:1d:61:a8:e7:0a:ed:2e:ed:f0:b1:52:d7:
                    33:13:f9:d7:3a:a4:36:78:fd:99:2f:a0:aa:24:3f:
                    d0:83:a1:b8:05:5c:d9:9b:e4:3c:41:5d:60:1d:c2:
                    e7:4e:00:e3:3b:09:8d:7e:35:8d:0e:f8:b3:20:50:
                    e4:7f:ef:7c:90:41:1f:38:87:19:0b:a9:43:1b:92:
                    e1:0e:c5:35:49:ef:25:53:42:c5:c9:56:4b:5e:5f:
                    5e:4e:fd:18:d1:07:e1:28:b2:38:33:10:29:ff:a7:
                    28:92:fc:2e:c2:b9:90:ae:9b:4b:2f:aa:b2:f0:7e:
                    b9:0a:ae:9b:96:bb:b3:00:c6:8a:98:6f:aa:75:ad:
                    5f:a1:8f:15:8f:4e:1c:36:f4:fa:73:56:7b:5a:2a:
                    03:1c:53:3a:96:2e:4b:3d:90:65:69:9d:d6:54:97:
                    38:74:b9:40:22:28:a8:00:46:0e:e1:df:b3:6f:ea:
                    a4:12:d1:7f:22:3d:85:9f:e7:e3:e0:2a:ae:eb:cc:
                    a8:b1:89:44:18:56:45:08:74:83:e0:dd:83:30:97:
                    5a:8a:74:54:6b:2b:49:8d:1d:48:49:9b:ef:da:4d:
                    f5:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:70:C0:16:CE:41:E9:C4:71:B2:FF:7C:BC:A2:C3:BE:7C:F9:0D:C7
            X509v3 Authority Key Identifier:
                keyid:93:F3:5A:87:F5:51:B2:9E:98:81:1C:3B:3C:AA:A1:96:1A:6A:9D:07

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E6D2BC7FB7C5C774D7EB328A9135BF4865D92FE35BD5BBD7CA4A16A372D8FC13/0/93F35A87F551B29E98811C3B3CAAA1961A6A9D07.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/93F35A87F551B29E98811C3B3CAAA1961A6A9D07.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E6D2BC7FB7C5C774D7EB328A9135BF4865D92FE35BD5BBD7CA4A16A372D8FC13/0/3137302e3233312e3137362e302f32322d3234203d3e20323634373235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.231.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         56:8d:aa:c4:63:b3:86:63:52:6a:5d:52:d6:b1:10:31:cd:da:
         d8:85:92:2c:b1:67:98:39:8d:94:68:fd:d3:61:ab:d8:82:9c:
         04:18:96:1f:f2:45:c7:16:fb:9e:80:c1:13:01:7f:03:93:2d:
         26:97:65:52:e1:c7:90:e4:e6:7c:e8:49:cb:df:93:5a:16:47:
         38:49:7c:cf:38:c6:d1:de:57:50:05:70:aa:73:b5:db:c6:cb:
         25:86:86:f4:9b:16:7f:02:cc:db:e4:20:b1:2e:11:6e:04:69:
         40:89:b2:2f:f6:35:d5:59:fa:8f:0b:a7:7f:a3:81:38:8a:3a:
         0f:b9:e6:5e:ba:7f:5d:37:ef:24:66:ab:8c:d0:aa:c1:d6:66:
         d5:3f:bf:25:fa:61:06:92:ab:32:4d:d9:63:a9:fd:dd:0c:b5:
         e2:2d:64:5b:67:f3:bf:f7:e6:f4:6f:cc:6a:00:f6:d0:58:49:
         c6:3a:32:34:6d:2c:26:09:1a:86:46:37:18:e2:78:70:f1:e3:
         59:d5:48:d3:fa:1e:bd:d0:cd:d9:c8:ee:33:be:81:5c:bf:9b:
         de:04:b8:db:b2:54:9a:c1:d2:23:76:69:56:0e:b1:9f:0c:29:
         4b:15:6a:74:9b:24:22:54:61:95:18:6c:42:b8:c2:b1:b9:60:
         c8:ec:b4:7e
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUbjj3RjZWZY9E/SZq9D4FFr5sd/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTNGMzVBODdGNTUxQjI5RTk4ODExQzNCM0NBQUExOTYx
QTZBOUQwNzAeFw0yNDAzMDUxNzM3NDJaFw0yNTAzMDQxNzQyNDJaMDMxMTAvBgNV
BAMTKDMyNzBDMDE2Q0U0MUU5QzQ3MUIyRkY3Q0JDQTJDM0JFN0NGOTBEQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW7sD4MP5V5TMHI7GsoY5zSNcS
2mE7623p/4dqXPeqAB1hqOcK7S7t8LFS1zMT+dc6pDZ4/ZkvoKokP9CDobgFXNmb
5DxBXWAdwudOAOM7CY1+NY0O+LMgUOR/73yQQR84hxkLqUMbkuEOxTVJ7yVTQsXJ
VkteX15O/RjRB+EosjgzECn/pyiS/C7CuZCum0svqrLwfrkKrpuWu7MAxoqYb6p1
rV+hjxWPThw29PpzVntaKgMcUzqWLks9kGVpndZUlzh0uUAiKKgARg7h37Nv6qQS
0X8iPYWf5+PgKq7rzKixiUQYVkUIdIPg3YMwl1qKdFRrK0mNHUhJm+/aTfUNAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUMnDAFs5B6cRxsv98vKLDvnz5DccwHwYDVR0j
BBgwFoAUk/Nah/VRsp6YgRw7PKqhlhpqnQcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FNkQyQkM3RkI3QzVDNzc0RDdFQjMyOEE5MTM1QkY0ODY1
RDkyRkUzNUJENUJCRDdDQTRBMTZBMzcyRDhGQzEzLzAvOTNGMzVBODdGNTUxQjI5
RTk4ODExQzNCM0NBQUExOTYxQTZBOUQwNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85M0YzNUE4N0Y1NTFCMjlFOTg4
MTFDM0IzQ0FBQTE5NjFBNkE5RDA3LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTZEMkJDN0ZCN0M1Qzc3NEQ3RUIzMjhBOTEzNUJGNDg2NUQ5MkZFMzVC
RDVCQkQ3Q0E0QTE2QTM3MkQ4RkMxMy8wLzMxMzczMDJlMzIzMzMxMmUzMTM3MzYy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzQzNzMyMzUucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKq
57AwDQYJKoZIhvcNAQELBQADggEBAFaNqsRjs4ZjUmpdUtaxEDHN2tiFkiyxZ5g5
jZRo/dNhq9iCnAQYlh/yRccW+56AwRMBfwOTLSaXZVLhx5Dk5nzoScvfk1oWRzhJ
fM84xtHeV1AFcKpztdvGyyWGhvSbFn8CzNvkILEuEW4EaUCJsi/2NdVZ+o8Lp3+j
gTiKOg+55l66f1037yRmq4zQqsHWZtU/vyX6YQaSqzJN2WOp/d0MteItZFtn87/3
5vRvzGoA9tBYScY6MjRtLCYJGoZGNxjieHDx41nVSNP6Hr3QzdnI7jO+gVy/m94E
uNuyVJrB0iN2aVYOsZ8MKUsVanSbJCJUYZUYbEK4wrG5YMjstH4=
-----END CERTIFICATE-----
Generated at Mon Jun 17 02:10:05 2024 by rpki-client on console-ams.rpki-client.org