Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/EA25BBBAA8D21295B831FB8B5E2F6823069D1B1D89B74619D7445222985CB189/0/3139312e3130322e3232342e302f32302d3234203d3e20323632393238.roa
File:                     3139312e3130322e3232342e302f32302d3234203d3e20323632393238.roa (raw, json)
Hash identifier:          pFPpMUtwbkuzEAvXIFvgJs0eh2jZPLVC8JMNyNfFFw8=
Subject key identifier:   3E:49:56:CC:08:30:F2:80:1E:94:25:AB:78:BB:76:38:0E:6C:85:81
Certificate issuer:       /CN=076991290F5B947E0E07A8223FE219EC05478D0F
Certificate serial:       7F5CE4F3CD5DD8281E8867BBB2F22C2D8A55D9B0
Authority key identifier: 07:69:91:29:0F:5B:94:7E:0E:07:A8:22:3F:E2:19:EC:05:47:8D:0F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/076991290F5B947E0E07A8223FE219EC05478D0F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/EA25BBBAA8D21295B831FB8B5E2F6823069D1B1D89B74619D7445222985CB189/0/3139312e3130322e3232342e302f32302d3234203d3e20323632393238.roa
Signing time:             Tue 05 Mar 2024 18:12:20 +0000
ROA not before:           Tue 05 Mar 2024 18:07:20 +0000
ROA not after:            Tue 04 Mar 2025 18:12:20 +0000
asID:                     262928
IP address blocks:        191.102.224.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/EA25BBBAA8D21295B831FB8B5E2F6823069D1B1D89B74619D7445222985CB189/0/076991290F5B947E0E07A8223FE219EC05478D0F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/EA25BBBAA8D21295B831FB8B5E2F6823069D1B1D89B74619D7445222985CB189/0/076991290F5B947E0E07A8223FE219EC05478D0F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/076991290F5B947E0E07A8223FE219EC05478D0F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:5c:e4:f3:cd:5d:d8:28:1e:88:67:bb:b2:f2:2c:2d:8a:55:d9:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=076991290F5B947E0E07A8223FE219EC05478D0F
        Validity
            Not Before: Mar  5 18:07:20 2024 GMT
            Not After : Mar  4 18:12:20 2025 GMT
        Subject: CN=3E4956CC0830F2801E9425AB78BB76380E6C8581
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d3:77:25:9a:a2:f4:cc:d5:8e:6d:23:4b:d8:
                    6f:fa:da:e7:ea:4a:3b:e2:f1:af:99:d0:17:4e:d8:
                    cf:4f:27:d6:5f:25:41:5a:a4:69:56:bf:50:aa:02:
                    6f:f0:a4:ca:0d:ba:72:4b:2a:4f:d9:5a:c4:d7:92:
                    0b:6a:e6:73:0b:42:0a:40:e2:a8:72:e3:e0:7c:d7:
                    e3:01:a3:37:2a:8f:76:e5:64:72:a4:18:18:6e:61:
                    6a:97:12:8c:61:19:58:30:29:95:58:83:63:4f:1d:
                    aa:a5:fd:2f:9a:4d:ae:92:b5:ce:4e:da:a2:e6:1c:
                    4b:6d:5c:37:72:c4:f9:12:da:aa:48:b7:b5:3d:ea:
                    4c:20:ae:db:e9:f3:a4:3f:b9:d1:09:b8:33:bf:95:
                    e5:84:41:5d:40:5f:3d:93:49:18:c9:75:a9:28:b7:
                    f4:54:2d:47:0d:d9:dd:fc:ea:64:39:36:ff:95:01:
                    42:39:6a:a1:22:61:99:b5:e7:37:21:e3:57:ec:5a:
                    9f:0b:13:a2:05:04:c1:32:07:bd:46:b9:88:d4:02:
                    3e:c2:ea:ce:ca:1a:7d:f8:74:5f:fc:ac:4c:79:c1:
                    b9:e2:c5:d7:5c:c4:8d:5f:86:1f:d7:7a:6c:37:ec:
                    2b:83:c4:4a:b6:53:4c:7f:38:06:c0:21:13:6a:3b:
                    e2:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:49:56:CC:08:30:F2:80:1E:94:25:AB:78:BB:76:38:0E:6C:85:81
            X509v3 Authority Key Identifier:
                keyid:07:69:91:29:0F:5B:94:7E:0E:07:A8:22:3F:E2:19:EC:05:47:8D:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/EA25BBBAA8D21295B831FB8B5E2F6823069D1B1D89B74619D7445222985CB189/0/076991290F5B947E0E07A8223FE219EC05478D0F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/076991290F5B947E0E07A8223FE219EC05478D0F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/EA25BBBAA8D21295B831FB8B5E2F6823069D1B1D89B74619D7445222985CB189/0/3139312e3130322e3232342e302f32302d3234203d3e20323632393238.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.102.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         5f:76:cf:c3:ee:c6:92:ea:e2:39:be:73:75:83:cd:2a:6a:e2:
         f6:2d:50:79:71:de:f6:98:53:51:93:f6:6f:3d:63:c9:90:2a:
         ba:98:53:37:a2:a6:40:3a:e5:ee:5b:54:46:9b:1b:e4:db:86:
         3e:1b:a0:8f:22:f9:93:37:de:1a:d8:06:15:84:74:71:f7:1c:
         6e:55:8c:7c:42:57:61:2c:aa:cb:8d:25:35:52:7e:d9:ce:a3:
         fa:bc:66:d0:b0:3f:53:79:13:73:4e:21:be:55:45:49:38:a7:
         95:fe:80:29:fa:c6:eb:f9:6f:47:88:38:74:18:96:6d:09:96:
         8f:2e:d7:1b:74:85:fb:62:e6:e0:73:e8:98:9e:6a:17:ce:0d:
         77:53:01:ee:7a:c1:92:4a:a4:13:be:1e:c1:65:b1:7e:de:74:
         ad:97:e1:fb:11:6b:23:44:da:9a:9b:d3:86:e9:cb:de:36:de:
         e2:a5:8a:db:a3:7a:4f:b6:47:16:9f:a8:85:22:ef:80:3c:9a:
         fb:af:8c:14:70:5a:1c:9f:f6:6f:22:29:50:18:4f:31:c6:b9:
         de:67:0b:c4:00:6b:32:b1:ac:0d:7e:78:72:76:ab:8e:9e:87:
         44:ea:1e:e1:5c:3f:2d:3f:ad:d6:72:5a:d1:7d:7a:b3:4b:ae:
         37:1c:0e:47
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUf1zk881d2CgeiGe7svIsLYpV2bAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDc2OTkxMjkwRjVCOTQ3RTBFMDdBODIyM0ZFMjE5RUMw
NTQ3OEQwRjAeFw0yNDAzMDUxODA3MjBaFw0yNTAzMDQxODEyMjBaMDMxMTAvBgNV
BAMTKDNFNDk1NkNDMDgzMEYyODAxRTk0MjVBQjc4QkI3NjM4MEU2Qzg1ODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo03clmqL0zNWObSNL2G/62ufq
Sjvi8a+Z0BdO2M9PJ9ZfJUFapGlWv1CqAm/wpMoNunJLKk/ZWsTXkgtq5nMLQgpA
4qhy4+B81+MBozcqj3blZHKkGBhuYWqXEoxhGVgwKZVYg2NPHaql/S+aTa6Stc5O
2qLmHEttXDdyxPkS2qpIt7U96kwgrtvp86Q/udEJuDO/leWEQV1AXz2TSRjJdako
t/RULUcN2d386mQ5Nv+VAUI5aqEiYZm15zch41fsWp8LE6IFBMEyB71GuYjUAj7C
6s7KGn34dF/8rEx5wbnixddcxI1fhh/Xemw37CuDxEq2U0x/OAbAIRNqO+IPAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUPklWzAgw8oAelCWreLt2OA5shYEwHwYDVR0j
BBgwFoAUB2mRKQ9blH4OB6giP+IZ7AVHjQ8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FQTI1QkJCQUE4RDIxMjk1QjgzMUZCOEI1RTJGNjgyMzA2
OUQxQjFEODlCNzQ2MTlENzQ0NTIyMjk4NUNCMTg5LzAvMDc2OTkxMjkwRjVCOTQ3
RTBFMDdBODIyM0ZFMjE5RUMwNTQ3OEQwRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wNzY5OTEyOTBGNUI5NDdFMEUw
N0E4MjIzRkUyMTlFQzA1NDc4RDBGLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRUEyNUJCQkFBOEQyMTI5NUI4MzFGQjhCNUUyRjY4MjMwNjlEMUIxRDg5
Qjc0NjE5RDc0NDUyMjI5ODVDQjE4OS8wLzMxMzkzMTJlMzEzMDMyMmUzMjMyMzQy
ZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMjM2MzIzOTMyMzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAS/
ZuAwDQYJKoZIhvcNAQELBQADggEBAF92z8PuxpLq4jm+c3WDzSpq4vYtUHlx3vaY
U1GT9m89Y8mQKrqYUzeipkA65e5bVEabG+Tbhj4boI8i+ZM33hrYBhWEdHH3HG5V
jHxCV2EsqsuNJTVSftnOo/q8ZtCwP1N5E3NOIb5VRUk4p5X+gCn6xuv5b0eIOHQY
lm0Jlo8u1xt0hfti5uBz6JieahfODXdTAe56wZJKpBO+HsFlsX7edK2X4fsRayNE
2pqb04bpy9423uKlitujek+2RxafqIUi74A8mvuvjBRwWhyf9m8iKVAYTzHGud5n
C8QAazKxrA1+eHJ2q46eh0TqHuFcPy0/rdZyWtF9erNLrjccDkc=
-----END CERTIFICATE-----
Generated at Tue Nov 19 18:42:48 2024 by rpki-client on console-fra.rpki-client.org