Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ED7CFDCBF0ECDE1A949034BFC02F817A7B6316CCD969D2465B5ADD5EEC836D29/0/3133312e3232312e34332e302f32342d3234203d3e20323632313836.roa
File:                     3133312e3232312e34332e302f32342d3234203d3e20323632313836.roa (raw, json)
Hash identifier:          tVZ0DGV8bwq7hIZ2OBLvhx4H+UUzFZ+6eUvyfCTwH4c=
Subject key identifier:   69:C3:70:7A:B7:BD:C7:6F:49:C8:2A:6D:D9:C4:49:75:A4:FA:75:00
Certificate issuer:       /CN=8995F63E387603C84272761C6F4D5C08A0EC0161
Certificate serial:       77046A5648BE4C5CA800029AAB55AEE7459316F9
Authority key identifier: 89:95:F6:3E:38:76:03:C8:42:72:76:1C:6F:4D:5C:08:A0:EC:01:61
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8995F63E387603C84272761C6F4D5C08A0EC0161.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ED7CFDCBF0ECDE1A949034BFC02F817A7B6316CCD969D2465B5ADD5EEC836D29/0/3133312e3232312e34332e302f32342d3234203d3e20323632313836.roa
Signing time:             Tue 05 Mar 2024 18:02:27 +0000
ROA not before:           Tue 05 Mar 2024 17:57:27 +0000
ROA not after:            Tue 04 Mar 2025 18:02:27 +0000
asID:                     262186
IP address blocks:        131.221.43.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ED7CFDCBF0ECDE1A949034BFC02F817A7B6316CCD969D2465B5ADD5EEC836D29/0/8995F63E387603C84272761C6F4D5C08A0EC0161.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ED7CFDCBF0ECDE1A949034BFC02F817A7B6316CCD969D2465B5ADD5EEC836D29/0/8995F63E387603C84272761C6F4D5C08A0EC0161.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8995F63E387603C84272761C6F4D5C08A0EC0161.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:04:6a:56:48:be:4c:5c:a8:00:02:9a:ab:55:ae:e7:45:93:16:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8995F63E387603C84272761C6F4D5C08A0EC0161
        Validity
            Not Before: Mar  5 17:57:27 2024 GMT
            Not After : Mar  4 18:02:27 2025 GMT
        Subject: CN=69C3707AB7BDC76F49C82A6DD9C44975A4FA7500
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:56:b8:ab:17:f7:a3:5b:8c:22:5c:cf:d1:3b:
                    be:7f:c5:6b:aa:ac:f8:84:34:a4:3e:e9:64:56:22:
                    2e:e9:0e:79:a9:ad:35:7d:f3:ee:83:ae:2e:76:70:
                    2f:70:00:6a:35:ea:6f:33:62:ca:55:f0:7c:70:e4:
                    22:78:f0:eb:4d:46:c5:34:bb:c6:92:9c:fa:0a:d2:
                    41:e7:a7:88:bf:7f:89:a6:fd:0d:b3:57:75:a3:52:
                    e9:52:83:37:30:c2:ff:23:d4:52:bf:c0:87:8d:2f:
                    e5:91:79:a4:fd:4f:55:33:f5:97:13:2c:6d:b6:76:
                    68:67:3c:74:d4:e0:92:ea:f3:a2:09:ad:37:e8:24:
                    a4:f5:a1:8c:15:87:fc:77:d7:a2:6f:c6:ce:75:6f:
                    69:25:1b:18:e1:da:71:ba:41:cc:3d:bc:3e:9e:95:
                    96:53:7b:3c:27:6c:b6:e2:83:2f:3e:4d:40:b2:3a:
                    ec:ef:34:54:c9:fa:4f:e8:5c:49:7d:f2:7d:ea:28:
                    13:ed:9b:0b:ef:c2:e2:06:b7:04:16:9d:e7:fc:96:
                    95:d6:47:96:b2:81:a3:04:6f:ad:65:ea:25:a7:e2:
                    f0:f8:70:e0:7d:29:d9:9d:9c:2c:34:9b:8c:4c:ac:
                    49:1a:c7:49:df:03:1c:9c:ea:17:7d:75:33:e7:e9:
                    5d:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:C3:70:7A:B7:BD:C7:6F:49:C8:2A:6D:D9:C4:49:75:A4:FA:75:00
            X509v3 Authority Key Identifier:
                keyid:89:95:F6:3E:38:76:03:C8:42:72:76:1C:6F:4D:5C:08:A0:EC:01:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ED7CFDCBF0ECDE1A949034BFC02F817A7B6316CCD969D2465B5ADD5EEC836D29/0/8995F63E387603C84272761C6F4D5C08A0EC0161.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8995F63E387603C84272761C6F4D5C08A0EC0161.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ED7CFDCBF0ECDE1A949034BFC02F817A7B6316CCD969D2465B5ADD5EEC836D29/0/3133312e3232312e34332e302f32342d3234203d3e20323632313836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.221.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:2c:35:da:8d:07:95:3b:8b:da:f3:cf:7b:cb:4c:52:04:84:
         36:d3:3e:a1:b3:6b:f5:fa:75:7e:9e:ec:1a:1a:4b:9a:c1:7e:
         83:60:02:f2:88:fb:56:7a:fe:db:78:f0:2d:aa:50:a7:4a:f2:
         57:83:29:2c:ef:40:ab:78:41:5b:8c:87:66:04:df:70:20:12:
         39:58:f6:3b:71:a4:4b:ed:77:ca:25:b8:32:c2:28:b7:84:26:
         b4:44:9b:1d:2c:a8:f1:76:85:df:d5:de:dc:b5:83:27:17:a9:
         b5:2d:90:ed:28:7a:79:d9:34:cf:d5:2c:97:a2:11:9c:7d:18:
         7e:1b:f1:94:63:37:a4:aa:e7:ef:77:0d:2f:81:b4:fc:33:bb:
         14:8c:7d:7d:99:1b:e0:dd:ae:c6:32:1c:bd:26:7e:4a:fc:92:
         3d:3d:13:d6:2f:03:b7:70:45:43:e6:64:58:c7:7e:c9:24:7f:
         7d:0c:c3:5d:a3:09:d7:55:37:ac:2a:6b:11:7c:d5:9a:b6:fd:
         0a:1d:34:03:56:bc:e5:fe:6f:4f:a1:5a:99:13:3f:6a:38:e8:
         78:5b:79:52:fd:b2:3a:35:b0:7f:9a:1c:2d:2e:a6:e6:20:de:
         93:a9:51:ad:1a:ad:6f:11:87:d5:36:8e:58:b4:8c:7b:b0:a8:
         86:02:7c:89
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUdwRqVki+TFyoAAKaq1Wu50WTFvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODk5NUY2M0UzODc2MDNDODQyNzI3NjFDNkY0RDVDMDhB
MEVDMDE2MTAeFw0yNDAzMDUxNzU3MjdaFw0yNTAzMDQxODAyMjdaMDMxMTAvBgNV
BAMTKDY5QzM3MDdBQjdCREM3NkY0OUM4MkE2REQ5QzQ0OTc1QTRGQTc1MDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaVrirF/ejW4wiXM/RO75/xWuq
rPiENKQ+6WRWIi7pDnmprTV98+6Dri52cC9wAGo16m8zYspV8Hxw5CJ48OtNRsU0
u8aSnPoK0kHnp4i/f4mm/Q2zV3WjUulSgzcwwv8j1FK/wIeNL+WReaT9T1Uz9ZcT
LG22dmhnPHTU4JLq86IJrTfoJKT1oYwVh/x316Jvxs51b2klGxjh2nG6Qcw9vD6e
lZZTezwnbLbigy8+TUCyOuzvNFTJ+k/oXEl98n3qKBPtmwvvwuIGtwQWnef8lpXW
R5aygaMEb61l6iWn4vD4cOB9KdmdnCw0m4xMrEkax0nfAxyc6hd9dTPn6V29AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUacNwere9x29JyCpt2cRJdaT6dQAwHwYDVR0j
BBgwFoAUiZX2Pjh2A8hCcnYcb01cCKDsAWEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FRDdDRkRDQkYwRUNERTFBOTQ5MDM0QkZDMDJGODE3QTdC
NjMxNkNDRDk2OUQyNDY1QjVBREQ1RUVDODM2RDI5LzAvODk5NUY2M0UzODc2MDND
ODQyNzI3NjFDNkY0RDVDMDhBMEVDMDE2MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84OTk1RjYzRTM4NzYwM0M4NDI3
Mjc2MUM2RjRENUMwOEEwRUMwMTYxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRUQ3Q0ZEQ0JGMEVDREUxQTk0OTAzNEJGQzAyRjgxN0E3QjYzMTZDQ0Q5
NjlEMjQ2NUI1QURENUVFQzgzNkQyOS8wLzMxMzMzMTJlMzIzMjMxMmUzNDMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMyMzEzODM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAg90r
MA0GCSqGSIb3DQEBCwUAA4IBAQCdLDXajQeVO4va8897y0xSBIQ20z6hs2v1+nV+
nuwaGkuawX6DYALyiPtWev7bePAtqlCnSvJXgyks70CreEFbjIdmBN9wIBI5WPY7
caRL7XfKJbgywii3hCa0RJsdLKjxdoXf1d7ctYMnF6m1LZDtKHp52TTP1SyXohGc
fRh+G/GUYzekqufvdw0vgbT8M7sUjH19mRvg3a7GMhy9Jn5K/JI9PRPWLwO3cEVD
5mRYx37JJH99DMNdownXVTesKmsRfNWatv0KHTQDVrzl/m9PoVqZEz9qOOh4W3lS
/bI6NbB/mhwtLqbmIN6TqVGtGq1vEYfVNo5YtIx7sKiGAnyJ
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:37:50 2024 by rpki-client on console-ams.rpki-client.org