Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F7959A2DB129AB6818B9F2CDFCA54039039708CB847724BB23423576862D4A7F/0/3138312e3139382e32332e302f32342d3234203d3e203139313134.roa
File:                     3138312e3139382e32332e302f32342d3234203d3e203139313134.roa (raw, json)
Hash identifier:          FuUPmTZdZ7h7Rxs3JyQ87sO0DHckCtJppdzXJhfSirk=
Subject key identifier:   79:41:EC:F9:72:14:30:0C:4C:1D:05:39:76:78:D1:35:A5:6C:5E:81
Certificate issuer:       /CN=96F6D055361134166E9B66FB555FF27DCEDBF85D
Certificate serial:       7D1560B074400C55D5AD23F8BDC856CB350C3DFD
Authority key identifier: 96:F6:D0:55:36:11:34:16:6E:9B:66:FB:55:5F:F2:7D:CE:DB:F8:5D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/96F6D055361134166E9B66FB555FF27DCEDBF85D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F7959A2DB129AB6818B9F2CDFCA54039039708CB847724BB23423576862D4A7F/0/3138312e3139382e32332e302f32342d3234203d3e203139313134.roa
Signing time:             Tue 05 Mar 2024 18:10:33 +0000
ROA not before:           Tue 05 Mar 2024 18:05:33 +0000
ROA not after:            Tue 04 Mar 2025 18:10:33 +0000
asID:                     19114
IP address blocks:        181.198.23.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/F7959A2DB129AB6818B9F2CDFCA54039039708CB847724BB23423576862D4A7F/0/96F6D055361134166E9B66FB555FF27DCEDBF85D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/F7959A2DB129AB6818B9F2CDFCA54039039708CB847724BB23423576862D4A7F/0/96F6D055361134166E9B66FB555FF27DCEDBF85D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/96F6D055361134166E9B66FB555FF27DCEDBF85D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 23 May 2024 17:37:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:15:60:b0:74:40:0c:55:d5:ad:23:f8:bd:c8:56:cb:35:0c:3d:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96F6D055361134166E9B66FB555FF27DCEDBF85D
        Validity
            Not Before: Mar  5 18:05:33 2024 GMT
            Not After : Mar  4 18:10:33 2025 GMT
        Subject: CN=7941ECF97214300C4C1D05397678D135A56C5E81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:14:2a:21:3f:e2:4d:6f:0f:20:ba:be:76:13:
                    6f:0d:3f:4f:22:5d:3b:7e:3e:bc:cd:5b:16:97:3f:
                    8b:54:da:e0:20:a8:78:81:9a:76:d1:78:1d:4c:27:
                    9b:ee:fa:79:d0:c7:22:de:41:73:de:00:9f:24:29:
                    51:f8:66:f3:1b:44:8a:06:2e:0e:19:c4:21:f6:81:
                    0c:b8:ac:6e:47:13:54:a6:a3:ec:9e:9f:58:c2:e7:
                    b9:74:d6:4b:11:99:a7:58:bb:21:b8:3c:36:eb:c2:
                    6c:7f:b6:f6:96:f2:19:59:4e:ca:41:d0:1f:92:cd:
                    18:d5:b9:a0:05:99:a4:f3:9e:d9:df:3a:95:52:f5:
                    be:03:c0:63:29:b1:0f:88:6b:3c:bb:b8:e5:57:79:
                    93:c9:21:d0:44:a8:56:e5:51:b5:92:30:9c:99:af:
                    66:9c:a0:c7:69:ae:3f:e4:35:4b:a1:87:e4:fb:f2:
                    c4:b2:e9:b9:90:5b:6e:33:e8:cc:53:6d:95:56:5f:
                    d3:ca:1b:ef:55:4d:6a:c6:54:82:72:be:4f:cd:eb:
                    a9:a9:e8:f6:3e:5b:28:74:66:3f:4b:44:20:34:6f:
                    d7:b8:2b:ef:cc:49:00:61:18:78:a4:10:c8:35:25:
                    7d:aa:49:2f:ed:9c:64:9c:55:5f:f4:f6:e7:76:d8:
                    08:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:41:EC:F9:72:14:30:0C:4C:1D:05:39:76:78:D1:35:A5:6C:5E:81
            X509v3 Authority Key Identifier:
                keyid:96:F6:D0:55:36:11:34:16:6E:9B:66:FB:55:5F:F2:7D:CE:DB:F8:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F7959A2DB129AB6818B9F2CDFCA54039039708CB847724BB23423576862D4A7F/0/96F6D055361134166E9B66FB555FF27DCEDBF85D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/96F6D055361134166E9B66FB555FF27DCEDBF85D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F7959A2DB129AB6818B9F2CDFCA54039039708CB847724BB23423576862D4A7F/0/3138312e3139382e32332e302f32342d3234203d3e203139313134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.198.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:6d:fa:b0:ab:46:98:c2:8b:77:9e:3e:44:ee:22:42:f2:8b:
         68:9e:c2:5e:24:02:7c:5b:a8:16:21:5c:e7:07:da:2b:17:ab:
         55:fa:95:d3:f8:98:ef:cf:ee:b3:35:b0:db:9c:1a:6d:3a:55:
         f0:3e:d3:0f:3e:9f:99:bb:98:27:f2:6e:12:30:7b:f0:d1:b2:
         09:98:e4:e9:08:b0:73:80:6b:e1:ea:ad:81:34:9e:c3:45:d6:
         fa:7d:a5:bb:20:d8:84:1e:b7:ea:15:11:6d:a4:e6:1e:4f:0f:
         d3:5d:30:7d:68:84:81:c8:8e:b4:57:72:7f:92:8a:7a:32:f1:
         1e:90:ab:e0:9e:89:80:94:9c:ef:2c:fa:42:28:a5:32:87:c3:
         39:da:46:bb:fd:e1:cc:a0:df:18:a4:15:61:fc:19:00:3b:31:
         d2:96:c0:91:53:ff:b7:a2:79:c9:fc:68:74:f9:82:5e:c8:27:
         bd:f0:80:cc:d8:81:00:11:7c:ce:f8:bc:c3:f4:2e:b2:84:9d:
         59:37:9f:fe:18:99:59:e7:b0:92:4b:b0:c3:27:9e:aa:d0:45:
         a6:6e:69:68:b7:fd:02:89:35:c4:ef:16:4f:23:e2:59:28:c0:
         8f:02:f1:12:d3:b9:c7:76:2d:bb:5c:43:b1:9e:b3:75:db:8f:
         73:f9:63:0a
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUfRVgsHRADFXVrSP4vchWyzUMPf0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTZGNkQwNTUzNjExMzQxNjZFOUI2NkZCNTU1RkYyN0RD
RURCRjg1RDAeFw0yNDAzMDUxODA1MzNaFw0yNTAzMDQxODEwMzNaMDMxMTAvBgNV
BAMTKDc5NDFFQ0Y5NzIxNDMwMEM0QzFEMDUzOTc2NzhEMTM1QTU2QzVFODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaFCohP+JNbw8gur52E28NP08i
XTt+PrzNWxaXP4tU2uAgqHiBmnbReB1MJ5vu+nnQxyLeQXPeAJ8kKVH4ZvMbRIoG
Lg4ZxCH2gQy4rG5HE1Smo+yen1jC57l01ksRmadYuyG4PDbrwmx/tvaW8hlZTspB
0B+SzRjVuaAFmaTzntnfOpVS9b4DwGMpsQ+Iazy7uOVXeZPJIdBEqFblUbWSMJyZ
r2acoMdprj/kNUuhh+T78sSy6bmQW24z6MxTbZVWX9PKG+9VTWrGVIJyvk/N66mp
6PY+Wyh0Zj9LRCA0b9e4K+/MSQBhGHikEMg1JX2qSS/tnGScVV/09ud22AhbAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUeUHs+XIUMAxMHQU5dnjRNaVsXoEwHwYDVR0j
BBgwFoAUlvbQVTYRNBZum2b7VV/yfc7b+F0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GNzk1OUEyREIxMjlBQjY4MThCOUYyQ0RGQ0E1NDAzOTAz
OTcwOENCODQ3NzI0QkIyMzQyMzU3Njg2MkQ0QTdGLzAvOTZGNkQwNTUzNjExMzQx
NjZFOUI2NkZCNTU1RkYyN0RDRURCRjg1RC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85NkY2RDA1NTM2MTEzNDE2NkU5
QjY2RkI1NTVGRjI3RENFREJGODVELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjc5NTlBMkRCMTI5QUI2ODE4QjlGMkNERkNBNTQwMzkwMzk3MDhDQjg0
NzcyNEJCMjM0MjM1NzY4NjJENEE3Ri8wLzMxMzgzMTJlMzEzOTM4MmUzMjMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzOTMxMzEzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALXGFzAN
BgkqhkiG9w0BAQsFAAOCAQEAKG36sKtGmMKLd54+RO4iQvKLaJ7CXiQCfFuoFiFc
5wfaKxerVfqV0/iY78/uszWw25wabTpV8D7TDz6fmbuYJ/JuEjB78NGyCZjk6Qiw
c4Br4eqtgTSew0XW+n2luyDYhB636hURbaTmHk8P010wfWiEgciOtFdyf5KKejLx
HpCr4J6JgJSc7yz6QiilMofDOdpGu/3hzKDfGKQVYfwZADsx0pbAkVP/t6J5yfxo
dPmCXsgnvfCAzNiBABF8zvi8w/QusoSdWTef/hiZWeewkkuwwyeeqtBFpm5paLf9
Aok1xO8WTyPiWSjAjwLxEtO5x3Ytu1xDsZ6zdduPc/ljCg==
-----END CERTIFICATE-----
Generated at Mon May 20 01:39:13 2024 by rpki-client on console-fra.rpki-client.org