Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F40AADD9C3A2CB7ADB90AFE235A6092B23824D5EF00503F30B65187B2B22F321/0/3139302e3134392e3135322e302f32342d3332203d3e203134373534.roa
File:                     3139302e3134392e3135322e302f32342d3332203d3e203134373534.roa (raw, json)
Hash identifier:          Y433VoQxVsmpwTu2wVXQ4RovpJh5UdE2dMypJbMWCCc=
Subject key identifier:   5C:61:BE:CF:2D:94:0F:AF:8E:B5:8A:4B:8D:64:A0:83:0C:98:74:C5
Certificate issuer:       /CN=AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D
Certificate serial:       2B875250C159BCD6BD710FA067B42707239DDC58
Authority key identifier: AD:31:6B:C5:0E:18:6B:C4:D6:EE:D8:B1:A7:1E:2F:7F:AA:5F:95:3D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F40AADD9C3A2CB7ADB90AFE235A6092B23824D5EF00503F30B65187B2B22F321/0/3139302e3134392e3135322e302f32342d3332203d3e203134373534.roa
Signing time:             Tue 05 Mar 2024 18:08:26 +0000
ROA not before:           Tue 05 Mar 2024 18:03:26 +0000
ROA not after:            Tue 04 Mar 2025 18:08:26 +0000
asID:                     14754
IP address blocks:        190.149.152.0/24 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/F40AADD9C3A2CB7ADB90AFE235A6092B23824D5EF00503F30B65187B2B22F321/0/AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/F40AADD9C3A2CB7ADB90AFE235A6092B23824D5EF00503F30B65187B2B22F321/0/AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 20 Jul 2024 11:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:87:52:50:c1:59:bc:d6:bd:71:0f:a0:67:b4:27:07:23:9d:dc:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D
        Validity
            Not Before: Mar  5 18:03:26 2024 GMT
            Not After : Mar  4 18:08:26 2025 GMT
        Subject: CN=5C61BECF2D940FAF8EB58A4B8D64A0830C9874C5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:0a:27:a1:29:5b:99:ef:6f:32:e0:35:80:6e:
                    e1:37:0f:d9:d2:a4:28:1f:7f:03:0f:5f:19:3f:48:
                    21:67:19:f9:fb:77:a5:06:94:c1:57:a9:d3:fd:bd:
                    a5:75:e1:f8:b9:df:58:91:1e:fa:a1:ee:b8:3e:e6:
                    40:43:f7:de:46:cc:bc:d3:70:7a:6d:74:af:97:e2:
                    d6:80:3b:e3:51:80:d2:36:f0:0a:ad:e3:26:db:44:
                    fc:a8:a4:a1:e1:8e:65:e9:e3:90:4c:c1:80:d8:c7:
                    5e:03:c9:79:19:20:56:1d:57:3a:89:0e:c4:fc:6d:
                    b5:71:34:d3:d3:71:8c:7a:e9:4b:13:d4:f4:0b:11:
                    ac:79:4b:8b:1e:4d:ce:a1:5b:32:24:09:b0:fd:15:
                    27:ce:dd:17:13:23:f3:bb:ef:9d:ce:8a:60:4e:4f:
                    dd:20:31:f1:0d:37:b3:5e:6e:2c:fe:32:87:2c:72:
                    be:d9:39:ef:43:af:3d:bb:24:92:cc:3c:0c:66:6d:
                    9e:af:34:9e:ab:10:cd:9b:92:95:29:0f:18:33:10:
                    60:99:1a:e7:de:c4:63:53:11:57:49:c8:fa:52:3a:
                    8a:95:34:fe:9f:de:15:97:d8:41:81:66:48:9b:61:
                    38:98:9b:b2:e8:e5:0e:19:be:86:2a:82:65:cf:c8:
                    53:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:61:BE:CF:2D:94:0F:AF:8E:B5:8A:4B:8D:64:A0:83:0C:98:74:C5
            X509v3 Authority Key Identifier:
                keyid:AD:31:6B:C5:0E:18:6B:C4:D6:EE:D8:B1:A7:1E:2F:7F:AA:5F:95:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F40AADD9C3A2CB7ADB90AFE235A6092B23824D5EF00503F30B65187B2B22F321/0/AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AD316BC50E186BC4D6EED8B1A71E2F7FAA5F953D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F40AADD9C3A2CB7ADB90AFE235A6092B23824D5EF00503F30B65187B2B22F321/0/3139302e3134392e3135322e302f32342d3332203d3e203134373534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.149.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:21:35:74:b1:d6:7e:49:9f:01:f8:17:62:59:cf:15:15:95:
         34:ce:34:cf:08:3c:ad:ab:80:55:68:3f:59:ef:d3:a9:6e:d3:
         52:7d:fd:22:3f:09:a7:c8:df:d3:18:a9:72:ba:eb:ee:fe:45:
         49:a4:ec:11:38:e9:b5:cf:54:d7:4c:4c:16:23:f1:87:61:2c:
         b4:85:36:c9:8a:d0:cb:06:3e:0c:60:18:0e:df:28:f1:f8:d5:
         1b:d9:10:ce:21:3f:37:c4:12:d7:80:66:a1:ed:dd:2e:78:2d:
         63:2a:f5:28:29:cf:20:b8:95:18:d1:3c:e7:94:3f:68:b5:d4:
         8f:72:b5:3e:7f:96:5a:93:3d:23:56:7c:09:41:cb:38:f4:eb:
         b6:fe:59:b0:77:66:74:e1:9b:01:58:59:04:95:21:f2:0c:26:
         42:f2:55:9b:79:52:cf:12:1f:5d:1f:73:2e:e6:75:d4:e1:23:
         ba:53:77:e6:10:3d:c2:61:24:a2:32:82:0d:6a:8e:e1:2e:05:
         66:6c:21:08:d8:e2:5d:ed:bb:0d:43:b5:4d:43:94:77:42:84:
         b1:8b:88:1c:82:d4:cd:63:ae:6f:51:f6:f2:e5:3d:ca:8d:25:
         95:10:74:f2:a9:ee:af:23:3f:99:dd:c1:44:b5:09:fb:18:63:
         1c:c1:d2:ed
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUK4dSUMFZvNa9cQ+gZ7QnByOd3FgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUQzMTZCQzUwRTE4NkJDNEQ2RUVEOEIxQTcxRTJGN0ZB
QTVGOTUzRDAeFw0yNDAzMDUxODAzMjZaFw0yNTAzMDQxODA4MjZaMDMxMTAvBgNV
BAMTKDVDNjFCRUNGMkQ5NDBGQUY4RUI1OEE0QjhENjRBMDgzMEM5ODc0QzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJCiehKVuZ728y4DWAbuE3D9nS
pCgffwMPXxk/SCFnGfn7d6UGlMFXqdP9vaV14fi531iRHvqh7rg+5kBD995GzLzT
cHptdK+X4taAO+NRgNI28Aqt4ybbRPyopKHhjmXp45BMwYDYx14DyXkZIFYdVzqJ
DsT8bbVxNNPTcYx66UsT1PQLEax5S4seTc6hWzIkCbD9FSfO3RcTI/O7753OimBO
T90gMfENN7Nebiz+Mocscr7ZOe9Drz27JJLMPAxmbZ6vNJ6rEM2bkpUpDxgzEGCZ
GufexGNTEVdJyPpSOoqVNP6f3hWX2EGBZkibYTiYm7Lo5Q4ZvoYqgmXPyFNpAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUXGG+zy2UD6+OtYpLjWSggwyYdMUwHwYDVR0j
BBgwFoAUrTFrxQ4Ya8TW7tixpx4vf6pflT0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GNDBBQUREOUMzQTJDQjdBREI5MEFGRTIzNUE2MDkyQjIz
ODI0RDVFRjAwNTAzRjMwQjY1MTg3QjJCMjJGMzIxLzAvQUQzMTZCQzUwRTE4NkJD
NEQ2RUVEOEIxQTcxRTJGN0ZBQTVGOTUzRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BRDMxNkJDNTBFMTg2QkM0RDZF
RUQ4QjFBNzFFMkY3RkFBNUY5NTNELmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjQwQUFERDlDM0EyQ0I3QURCOTBBRkUyMzVBNjA5MkIyMzgyNEQ1RUYw
MDUwM0YzMEI2NTE4N0IyQjIyRjMyMS8wLzMxMzkzMDJlMzEzNDM5MmUzMTM1MzIy
ZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTM0MzczNTM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvpWY
MA0GCSqGSIb3DQEBCwUAA4IBAQCYITV0sdZ+SZ8B+BdiWc8VFZU0zjTPCDytq4BV
aD9Z79OpbtNSff0iPwmnyN/TGKlyuuvu/kVJpOwROOm1z1TXTEwWI/GHYSy0hTbJ
itDLBj4MYBgO3yjx+NUb2RDOIT83xBLXgGah7d0ueC1jKvUoKc8guJUY0TznlD9o
tdSPcrU+f5Zakz0jVnwJQcs49Ou2/lmwd2Z04ZsBWFkElSHyDCZC8lWbeVLPEh9d
H3Mu5nXU4SO6U3fmED3CYSSiMoINao7hLgVmbCEI2OJd7bsNQ7VNQ5R3QoSxi4gc
gtTNY65vUfby5T3KjSWVEHTyqe6vIz+Z3cFEtQn7GGMcwdLt
-----END CERTIFICATE-----
Generated at Mon Jul 15 22:12:37 2024 by rpki-client on console-fra.rpki-client.org