Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/3137302e3233332e37322e302f32322d3232203d3e203336353131.roa
File:                     3137302e3233332e37322e302f32322d3232203d3e203336353131.roa (raw, json)
Hash identifier:          nbWfJlzNS4MlCl1cVBEY7cFpulxqfx/aY7YjNxWz5j8=
Subject key identifier:   3F:5E:0D:C3:D7:4A:42:08:72:4D:BB:F3:C7:B7:68:97:EC:30:71:AF
Certificate issuer:       /CN=9651F1E4B6480D19626E784CA1A8F0ABC94C1487
Certificate serial:       47746B74EB906EFAC7078E9E9FAE1B10B42D99CC
Authority key identifier: 96:51:F1:E4:B6:48:0D:19:62:6E:78:4C:A1:A8:F0:AB:C9:4C:14:87
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/3137302e3233332e37322e302f32322d3232203d3e203336353131.roa
Signing time:             Tue 30 Apr 2024 20:30:00 +0000
ROA not before:           Tue 30 Apr 2024 20:25:00 +0000
ROA not after:            Tue 29 Apr 2025 20:30:00 +0000
asID:                     36511
IP address blocks:        170.233.72.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.crl
                          rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:74:6b:74:eb:90:6e:fa:c7:07:8e:9e:9f:ae:1b:10:b4:2d:99:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9651F1E4B6480D19626E784CA1A8F0ABC94C1487
        Validity
            Not Before: Apr 30 20:25:00 2024 GMT
            Not After : Apr 29 20:30:00 2025 GMT
        Subject: CN=3F5E0DC3D74A4208724DBBF3C7B76897EC3071AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:db:33:7f:96:8c:fe:4d:7b:9e:03:2e:72:37:
                    cd:a4:46:cb:26:45:79:36:70:c1:8c:d2:b4:86:2c:
                    9a:aa:d2:29:43:eb:d5:f9:65:d2:26:86:b0:98:59:
                    20:9b:e2:70:38:86:13:d0:d4:e9:df:29:79:cb:e9:
                    89:75:5f:1e:a6:19:6b:47:5b:3b:91:ff:5a:b0:69:
                    84:58:9a:b1:a7:2f:ae:eb:a9:60:04:fb:c9:6b:d6:
                    0a:cd:87:11:fe:e3:55:57:45:cc:6b:82:bf:5b:db:
                    45:96:b7:8a:4a:95:d6:56:85:34:96:5d:14:d9:e3:
                    04:10:78:bd:db:9d:34:f3:45:07:e0:c8:5d:50:d1:
                    b8:70:cb:bc:da:b6:bb:c0:00:52:30:2d:c5:46:19:
                    70:7d:e2:cb:3c:c7:2c:39:f0:81:07:bb:c4:7e:bc:
                    bd:56:aa:87:ee:63:ae:df:8b:62:de:8d:06:10:2f:
                    88:80:f4:40:47:85:9e:be:ab:b6:72:40:b7:31:f4:
                    d8:51:0f:8d:8b:e8:e9:24:09:89:2d:c8:9c:fe:43:
                    7b:c1:79:f4:dd:28:6b:0e:11:cd:29:71:5e:8b:e6:
                    79:9f:2f:90:b7:7f:00:d3:7b:57:16:ab:0a:22:e9:
                    d3:f0:ac:e1:7d:5e:d1:b4:67:9b:cb:66:0f:ea:25:
                    2b:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:5E:0D:C3:D7:4A:42:08:72:4D:BB:F3:C7:B7:68:97:EC:30:71:AF
            X509v3 Authority Key Identifier:
                keyid:96:51:F1:E4:B6:48:0D:19:62:6E:78:4C:A1:A8:F0:AB:C9:4C:14:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/3137302e3233332e37322e302f32322d3232203d3e203336353131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.233.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9f:70:1b:79:32:7c:f4:c3:f0:b7:dc:63:18:a8:b4:52:85:44:
         2d:9d:41:33:aa:ec:df:29:ff:9d:d1:bc:ba:ec:96:bf:fb:2b:
         74:69:37:07:87:59:ca:5a:99:0d:55:8c:7c:a7:d9:a1:e3:36:
         e8:05:60:06:15:9c:c7:60:6d:7c:65:96:f5:cc:fc:1b:5d:53:
         0a:13:1d:18:b8:3e:97:16:95:2c:02:2d:bb:23:9e:3a:7d:5e:
         a7:ae:4a:a0:4e:79:4d:e0:b9:1f:cb:1e:cd:62:e9:15:36:2e:
         db:6f:03:ee:10:ff:3d:ad:7b:b6:75:12:e2:f2:4d:38:d7:de:
         02:a5:15:1b:b0:d5:c0:13:e2:4a:f9:07:f6:1f:47:7e:83:3b:
         10:bd:fa:2d:5a:ac:24:91:51:b1:ea:46:35:c0:14:f6:57:77:
         5d:4f:f5:f1:0e:70:d3:69:9f:05:18:15:14:98:2d:94:ca:60:
         42:9e:5d:ca:a8:91:44:ce:3a:5d:63:d0:54:1e:d4:1d:fd:dd:
         be:3c:01:7d:59:07:87:f3:88:67:35:ff:87:e0:b6:9d:69:3c:
         ba:88:07:76:0a:25:fd:e8:b3:8a:09:ce:ea:bb:56:ea:20:b2:
         0e:c8:34:72:01:f4:f3:5b:d6:ab:11:cc:00:0b:c3:5b:08:15:
         cf:61:8f:84
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUR3RrdOuQbvrHB46en64bELQtmcwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTY1MUYxRTRCNjQ4MEQxOTYyNkU3ODRDQTFBOEYwQUJD
OTRDMTQ4NzAeFw0yNDA0MzAyMDI1MDBaFw0yNTA0MjkyMDMwMDBaMDMxMTAvBgNV
BAMTKDNGNUUwREMzRDc0QTQyMDg3MjREQkJGM0M3Qjc2ODk3RUMzMDcxQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC52zN/loz+TXueAy5yN82kRssm
RXk2cMGM0rSGLJqq0ilD69X5ZdImhrCYWSCb4nA4hhPQ1OnfKXnL6Yl1Xx6mGWtH
WzuR/1qwaYRYmrGnL67rqWAE+8lr1grNhxH+41VXRcxrgr9b20WWt4pKldZWhTSW
XRTZ4wQQeL3bnTTzRQfgyF1Q0bhwy7zatrvAAFIwLcVGGXB94ss8xyw58IEHu8R+
vL1WqofuY67fi2LejQYQL4iA9EBHhZ6+q7ZyQLcx9NhRD42L6OkkCYktyJz+Q3vB
efTdKGsOEc0pcV6L5nmfL5C3fwDTe1cWqwoi6dPwrOF9XtG0Z5vLZg/qJSuRAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUP14Nw9dKQghyTbvzx7dol+wwca8wHwYDVR0j
BBgwFoAUllHx5LZIDRlibnhMoajwq8lMFIcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GNjhFMjE3RjY5REU5OUQ1MkFCM0I2Mzg1RDEzNEI5M0Mz
RDREODI2MEYxRTI0QzAyMzE0OTNFODlDMkZGMTBGLzAvOTY1MUYxRTRCNjQ4MEQx
OTYyNkU3ODRDQTFBOEYwQUJDOTRDMTQ4Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85NjUxRjFFNEI2NDgwRDE5NjI2
RTc4NENBMUE4RjBBQkM5NEMxNDg3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjY4RTIxN0Y2OURFOTlENTJBQjNCNjM4NUQxMzRCOTNDM0Q0RDgyNjBG
MUUyNEMwMjMxNDkzRTg5QzJGRjEwRi8wLzMxMzczMDJlMzIzMzMzMmUzNzMyMmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzMzNjM1MzEzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqrpSDAN
BgkqhkiG9w0BAQsFAAOCAQEAn3AbeTJ89MPwt9xjGKi0UoVELZ1BM6rs3yn/ndG8
uuyWv/srdGk3B4dZylqZDVWMfKfZoeM26AVgBhWcx2BtfGWW9cz8G11TChMdGLg+
lxaVLAItuyOeOn1ep65KoE55TeC5H8sezWLpFTYu228D7hD/Pa17tnUS4vJNONfe
AqUVG7DVwBPiSvkH9h9HfoM7EL36LVqsJJFRsepGNcAU9ld3XU/18Q5w02mfBRgV
FJgtlMpgQp5dyqiRRM46XWPQVB7UHf3dvjwBfVkHh/OIZzX/h+C2nWk8uogHdgol
/eizignO6rtW6iCyDsg0cgH081vWqxHMAAvDWwgVz2GPhA==
-----END CERTIFICATE-----
Generated at Wed Nov 20 21:51:55 2024 by rpki-client on console-fra.rpki-client.org