Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F40AADD9C3A2CB7ADB90AFE235A6092B23824D5EF00503F30B65187B2B22F321/0/3138362e3135312e39362e302f32302d3332203d3e203134373534.roa
File:                     3138362e3135312e39362e302f32302d3332203d3e203134373534.roa (raw, json)
Hash identifier:          BzgT9GUbrvCDj46Kj9+oznkgCI0MJV+LTtux7s7CMLE=
Subject key identifier:   A9:1E:8D:C2:04:C1:8C:89:CC:90:F3:90:44:7A:D3:2E:B9:82:87:BF
Certificate issuer:       /CN=AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D
Certificate serial:       5585C41BD26625D9E223C586EE9E34891342F0D4
Authority key identifier: AD:31:6B:C5:0E:18:6B:C4:D6:EE:D8:B1:A7:1E:2F:7F:AA:5F:95:3D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F40AADD9C3A2CB7ADB90AFE235A6092B23824D5EF00503F30B65187B2B22F321/0/3138362e3135312e39362e302f32302d3332203d3e203134373534.roa
Signing time:             Mon 18 Mar 2024 14:25:00 +0000
ROA not before:           Mon 18 Mar 2024 14:20:00 +0000
ROA not after:            Mon 17 Mar 2025 14:25:00 +0000
asID:                     14754
IP address blocks:        186.151.96.0/20 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/F40AADD9C3A2CB7ADB90AFE235A6092B23824D5EF00503F30B65187B2B22F321/0/AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/F40AADD9C3A2CB7ADB90AFE235A6092B23824D5EF00503F30B65187B2B22F321/0/AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 20 Jul 2024 11:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:85:c4:1b:d2:66:25:d9:e2:23:c5:86:ee:9e:34:89:13:42:f0:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D
        Validity
            Not Before: Mar 18 14:20:00 2024 GMT
            Not After : Mar 17 14:25:00 2025 GMT
        Subject: CN=A91E8DC204C18C89CC90F390447AD32EB98287BF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:08:e6:83:28:fd:fc:d6:58:41:b3:97:97:fa:
                    e5:ea:14:7b:12:fb:58:82:22:be:ec:63:b7:22:64:
                    f8:92:11:a3:1c:2d:0a:b0:c6:d1:23:63:5c:92:c2:
                    34:82:7e:2b:ff:5a:f9:d3:09:3e:1b:7d:6f:81:dd:
                    ef:8c:8e:4c:ce:f6:20:26:74:27:6d:d6:74:96:00:
                    fc:f4:08:f2:9c:23:2d:90:67:b7:9d:66:eb:81:de:
                    40:c3:bd:45:74:45:09:9f:db:58:47:3f:d9:fc:c1:
                    58:2f:8a:f3:76:1e:7a:29:2b:17:6e:12:6f:e1:0b:
                    72:6c:01:81:4c:d8:f9:50:e3:40:eb:c7:00:66:a9:
                    ea:38:65:d1:94:bb:50:c3:58:09:29:b9:e7:53:f7:
                    3c:66:86:29:e5:47:6f:52:66:9d:8e:f4:4d:51:b5:
                    5f:12:43:c8:04:ff:10:62:44:3b:b7:87:cd:c0:f0:
                    08:b0:2a:f9:ec:62:8b:e1:1d:39:6f:04:eb:4a:ad:
                    1e:80:38:e5:10:30:5a:7a:49:3b:bf:e9:86:cb:47:
                    9b:25:1c:b3:1d:81:c0:4d:01:3f:2e:08:d5:7f:ec:
                    58:55:57:86:cf:e2:c5:53:00:51:5c:12:5a:a3:31:
                    1c:a1:c3:14:37:8f:97:26:aa:c5:5c:96:bd:cb:f5:
                    08:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:1E:8D:C2:04:C1:8C:89:CC:90:F3:90:44:7A:D3:2E:B9:82:87:BF
            X509v3 Authority Key Identifier:
                keyid:AD:31:6B:C5:0E:18:6B:C4:D6:EE:D8:B1:A7:1E:2F:7F:AA:5F:95:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F40AADD9C3A2CB7ADB90AFE235A6092B23824D5EF00503F30B65187B2B22F321/0/AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F40AADD9C3A2CB7ADB90AFE235A6092B23824D5EF00503F30B65187B2B22F321/0/3138362e3135312e39362e302f32302d3332203d3e203134373534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.151.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         ad:65:05:6e:85:67:ab:dd:16:92:c3:75:aa:5d:0a:02:35:f8:
         b6:80:22:89:62:bc:76:9c:08:60:5c:ed:44:df:26:90:8b:ca:
         c6:7d:22:3c:09:eb:16:0e:dc:b9:ea:28:da:90:15:57:57:c1:
         34:92:36:f1:17:c7:b2:eb:82:1f:23:ff:3a:dc:8c:c8:4a:26:
         1f:c4:7c:3b:3a:11:f1:f1:81:a5:13:79:15:46:cc:ae:46:44:
         fd:54:f9:95:25:8c:d0:14:1f:27:07:50:da:d0:80:90:dd:27:
         1e:9d:39:3d:24:7f:72:c5:8e:1a:99:de:af:9c:ae:95:85:d8:
         9a:0c:03:3c:53:6f:c8:ed:4d:e0:ce:cf:d4:4b:97:26:bd:9d:
         fb:6c:cb:33:b6:4c:b4:88:8f:8d:61:e5:5c:4c:33:a3:59:8d:
         e6:24:f2:95:8f:7c:7a:ad:bb:dd:fb:49:b1:3f:58:c9:41:1c:
         b3:75:c1:e7:44:7e:3c:f9:4b:49:bf:32:ac:9c:18:4a:0f:2f:
         14:32:3e:9b:d6:34:4e:74:2f:2d:91:c4:ef:ad:cd:f8:3b:08:
         6a:f6:5b:92:e4:7d:5d:d8:0c:7b:48:9e:02:fd:bc:e2:9f:de:
         ee:69:a8:d7:04:4b:73:24:8e:57:2c:07:b8:24:32:c8:07:11:
         e6:a4:26:6b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUVYXEG9JmJdniI8WG7p40iRNC8NQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUQzMTZCQzUwRTE4NkJDNEQ2RUVEOEIxQTcxRTJGN0ZB
QTVGOTUzRDAeFw0yNDAzMTgxNDIwMDBaFw0yNTAzMTcxNDI1MDBaMDMxMTAvBgNV
BAMTKEE5MUU4REMyMDRDMThDODlDQzkwRjM5MDQ0N0FEMzJFQjk4Mjg3QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnCOaDKP381lhBs5eX+uXqFHsS
+1iCIr7sY7ciZPiSEaMcLQqwxtEjY1ySwjSCfiv/WvnTCT4bfW+B3e+MjkzO9iAm
dCdt1nSWAPz0CPKcIy2QZ7edZuuB3kDDvUV0RQmf21hHP9n8wVgvivN2HnopKxdu
Em/hC3JsAYFM2PlQ40DrxwBmqeo4ZdGUu1DDWAkpuedT9zxmhinlR29SZp2O9E1R
tV8SQ8gE/xBiRDu3h83A8AiwKvnsYovhHTlvBOtKrR6AOOUQMFp6STu/6YbLR5sl
HLMdgcBNAT8uCNV/7FhVV4bP4sVTAFFcElqjMRyhwxQ3j5cmqsVclr3L9Qh/AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUqR6NwgTBjInMkPOQRHrTLrmCh78wHwYDVR0j
BBgwFoAUrTFrxQ4Ya8TW7tixpx4vf6pflT0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GNDBBQUREOUMzQTJDQjdBREI5MEFGRTIzNUE2MDkyQjIz
ODI0RDVFRjAwNTAzRjMwQjY1MTg3QjJCMjJGMzIxLzAvQUQzMTZCQzUwRTE4NkJD
NEQ2RUVEOEIxQTcxRTJGN0ZBQTVGOTUzRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BRDMxNkJDNTBFMTg2QkM0RDZF
RUQ4QjFBNzFFMkY3RkFBNUY5NTNELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjQwQUFERDlDM0EyQ0I3QURCOTBBRkUyMzVBNjA5MkIyMzgyNEQ1RUYw
MDUwM0YzMEI2NTE4N0IyQjIyRjMyMS8wLzMxMzgzNjJlMzEzNTMxMmUzOTM2MmUz
MDJmMzIzMDJkMzMzMjIwM2QzZTIwMzEzNDM3MzUzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLqXYDAN
BgkqhkiG9w0BAQsFAAOCAQEArWUFboVnq90WksN1ql0KAjX4toAiiWK8dpwIYFzt
RN8mkIvKxn0iPAnrFg7cueoo2pAVV1fBNJI28RfHsuuCHyP/OtyMyEomH8R8OzoR
8fGBpRN5FUbMrkZE/VT5lSWM0BQfJwdQ2tCAkN0nHp05PSR/csWOGpner5yulYXY
mgwDPFNvyO1N4M7P1EuXJr2d+2zLM7ZMtIiPjWHlXEwzo1mN5iTylY98eq273ftJ
sT9YyUEcs3XB50R+PPlLSb8yrJwYSg8vFDI+m9Y0TnQvLZHE763N+DsIavZbkuR9
XdgMe0ieAv284p/e7mmo1wRLcySOVywHuCQyyAcR5qQmaw==
-----END CERTIFICATE-----
Generated at Mon Jul 15 22:12:37 2024 by rpki-client on console-fra.rpki-client.org