Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/3139302e39362e3134342e302f32302d3231203d3e2033383136.roa
File:                     3139302e39362e3134342e302f32302d3231203d3e2033383136.roa (raw, json)
Hash identifier:          G+4NhB2pXAbOPz1Gf5qF5K+de2XTo+7mnf0WPTcGMG4=
Subject key identifier:   03:AD:9A:35:40:1B:F9:84:DE:41:B7:A0:DC:E2:91:24:37:A3:FC:04
Certificate issuer:       /CN=DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B
Certificate serial:       6B3B5C05D122A7D8D4AF83DAEDFB0A0E8F65D3F6
Authority key identifier: DA:5A:37:1F:C0:19:89:AA:59:6F:E2:68:CE:70:A3:C4:DC:AA:7A:9B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/3139302e39362e3134342e302f32302d3231203d3e2033383136.roa
Signing time:             Tue 05 Mar 2024 18:06:03 +0000
ROA not before:           Tue 05 Mar 2024 18:01:03 +0000
ROA not after:            Tue 04 Mar 2025 18:06:03 +0000
asID:                     3816
IP address blocks:        190.96.144.0/20 maxlen: 21

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:3b:5c:05:d1:22:a7:d8:d4:af:83:da:ed:fb:0a:0e:8f:65:d3:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B
        Validity
            Not Before: Mar  5 18:01:03 2024 GMT
            Not After : Mar  4 18:06:03 2025 GMT
        Subject: CN=03AD9A35401BF984DE41B7A0DCE2912437A3FC04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:42:ae:38:67:49:6a:46:79:1e:37:87:20:93:
                    ec:77:3a:c0:b9:c6:7c:95:55:3f:8d:61:79:8d:9d:
                    8a:77:81:fb:bf:41:7d:dd:71:03:a5:75:38:15:54:
                    56:35:76:28:82:63:6a:ec:d1:0a:2b:88:86:41:c8:
                    41:cc:97:80:f6:15:af:83:3d:e6:8a:35:88:7b:a3:
                    bf:2a:4f:95:0e:17:d6:2e:21:87:a9:41:db:36:8a:
                    e3:1e:be:0d:2d:85:04:1f:99:41:b7:c8:09:f7:5a:
                    a2:fb:20:1a:6d:f1:85:e3:81:ee:e0:cc:4a:cc:13:
                    89:a7:46:dd:db:6f:60:80:2a:53:e2:5d:dc:b1:a1:
                    78:72:a5:16:4e:8f:e4:2f:a7:dc:8f:49:cd:eb:aa:
                    2c:f7:53:85:96:02:e1:09:6f:59:ac:ec:5d:61:87:
                    d5:38:b8:f1:f4:e6:30:5a:ea:4c:08:8c:bb:41:c9:
                    54:1f:42:13:ab:1f:c1:4a:0b:91:ca:03:4d:a7:39:
                    40:66:ae:a8:f7:99:b1:f2:4d:f2:09:27:c8:dc:83:
                    28:52:47:ca:3c:f6:95:01:29:3f:fb:2a:59:01:d9:
                    8c:57:79:8d:46:00:9c:1f:52:2f:99:02:98:80:46:
                    8f:d4:db:85:14:bd:2d:ff:e7:00:2a:5b:4e:c1:18:
                    a7:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:AD:9A:35:40:1B:F9:84:DE:41:B7:A0:DC:E2:91:24:37:A3:FC:04
            X509v3 Authority Key Identifier:
                keyid:DA:5A:37:1F:C0:19:89:AA:59:6F:E2:68:CE:70:A3:C4:DC:AA:7A:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/3139302e39362e3134342e302f32302d3231203d3e2033383136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.96.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         38:f8:ae:c1:84:61:97:60:cf:24:28:c1:49:b5:ee:42:0d:ec:
         2b:05:84:02:b9:64:d1:20:b2:f6:37:b1:de:15:b4:8d:51:22:
         8d:93:c3:39:96:d0:fd:a9:bd:69:3d:77:82:6f:45:49:ff:4e:
         78:62:67:b7:a0:7e:de:92:8c:3f:bc:41:9d:6b:80:54:51:54:
         00:58:4b:8a:81:b2:c9:46:84:b8:a8:33:ab:e8:f5:d0:fe:b4:
         11:0e:c2:e4:01:7d:03:46:a5:63:be:9c:6a:83:e9:60:2d:76:
         a4:28:49:63:6d:02:67:b7:02:e9:46:72:82:79:2a:4c:08:bb:
         23:08:8d:c3:01:fa:ae:60:be:e1:30:46:a3:a3:b5:16:40:d7:
         05:c3:0a:94:1f:c7:66:04:80:b8:dc:15:bb:4c:af:db:b1:41:
         d2:21:fa:eb:2a:c7:ee:a5:ba:72:99:ad:ff:17:07:f8:0b:56:
         f5:45:23:c3:a2:09:1f:c1:dd:5d:75:e3:6f:f5:f0:55:4f:7c:
         6c:62:c0:bb:5c:ed:6e:9b:19:50:3a:93:2e:c4:d5:7f:30:8a:
         75:96:c7:ad:45:98:39:9e:72:19:9b:42:15:76:dc:16:e1:7e:
         0b:bb:d6:3b:a2:29:2f:5d:e0:34:a4:b1:71:5a:ab:78:c6:98:
         82:99:38:ff
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUaztcBdEip9jUr4Pa7fsKDo9l0/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREE1QTM3MUZDMDE5ODlBQTU5NkZFMjY4Q0U3MEEzQzRE
Q0FBN0E5QjAeFw0yNDAzMDUxODAxMDNaFw0yNTAzMDQxODA2MDNaMDMxMTAvBgNV
BAMTKDAzQUQ5QTM1NDAxQkY5ODRERTQxQjdBMERDRTI5MTI0MzdBM0ZDMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdQq44Z0lqRnkeN4cgk+x3OsC5
xnyVVT+NYXmNnYp3gfu/QX3dcQOldTgVVFY1diiCY2rs0QoriIZByEHMl4D2Fa+D
PeaKNYh7o78qT5UOF9YuIYepQds2iuMevg0thQQfmUG3yAn3WqL7IBpt8YXjge7g
zErME4mnRt3bb2CAKlPiXdyxoXhypRZOj+Qvp9yPSc3rqiz3U4WWAuEJb1ms7F1h
h9U4uPH05jBa6kwIjLtByVQfQhOrH8FKC5HKA02nOUBmrqj3mbHyTfIJJ8jcgyhS
R8o89pUBKT/7KlkB2YxXeY1GAJwfUi+ZApiARo/U24UUvS3/5wAqW07BGKcVAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUA62aNUAb+YTeQbeg3OKRJDej/AQwHwYDVR0j
BBgwFoAU2lo3H8AZiapZb+JoznCjxNyqepswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMDYwNjQ1Rjk0NzQ4ODMyQTY1REFCNTRBMDFBNzI5QTAy
MDhFNDQ0NkM4MjMyQTE3QkE2RkUwNzNDRDQ2NUM1LzAvREE1QTM3MUZDMDE5ODlB
QTU5NkZFMjY4Q0U3MEEzQzREQ0FBN0E5Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQTVBMzcxRkMwMTk4OUFBNTk2
RkUyNjhDRTcwQTNDNERDQUE3QTlCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjA2MDY0NUY5NDc0ODgzMkE2NURBQjU0QTAxQTcyOUEwMjA4RTQ0NDZD
ODIzMkExN0JBNkZFMDczQ0Q0NjVDNS8wLzMxMzkzMDJlMzkzNjJlMzEzNDM0MmUz
MDJmMzIzMDJkMzIzMTIwM2QzZTIwMzMzODMxMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAS+YJAwDQYJ
KoZIhvcNAQELBQADggEBADj4rsGEYZdgzyQowUm17kIN7CsFhAK5ZNEgsvY3sd4V
tI1RIo2TwzmW0P2pvWk9d4JvRUn/TnhiZ7egft6SjD+8QZ1rgFRRVABYS4qBsslG
hLioM6vo9dD+tBEOwuQBfQNGpWO+nGqD6WAtdqQoSWNtAme3AulGcoJ5KkwIuyMI
jcMB+q5gvuEwRqOjtRZA1wXDCpQfx2YEgLjcFbtMr9uxQdIh+usqx+6lunKZrf8X
B/gLVvVFI8OiCR/B3V1142/18FVPfGxiwLtc7W6bGVA6ky7E1X8winWWx61FmDme
chmbQhV23Bbhfgu71juiKS9d4DSksXFaq3jGmIKZOP8=
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:17:41 2024 by rpki-client on console-fra.rpki-client.org