Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/FF2D4DC420C4C39790BC2C03D51255D0A1C01933F37C28DC074059858B00573E/0/3138312e3139312e32372e302f32342d3234203d3e203532343235.roa
File:                     3138312e3139312e32372e302f32342d3234203d3e203532343235.roa (raw, json)
Hash identifier:          pYhc5XdKnHhc5aeQA8O3MDvodoZGyVLJHxDRqzMoCQM=
Subject key identifier:   4D:48:09:8B:08:88:8F:E7:B5:67:A6:5C:AF:8E:74:22:92:38:76:5E
Certificate issuer:       /CN=3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76
Certificate serial:       7FC45E18329D029BDB0AD17BDF7E9455AA00CF25
Authority key identifier: 3D:06:F0:A5:D3:F0:CF:D8:4C:F1:A8:1F:12:D5:E3:C7:62:3E:CD:76
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/FF2D4DC420C4C39790BC2C03D51255D0A1C01933F37C28DC074059858B00573E/0/3138312e3139312e32372e302f32342d3234203d3e203532343235.roa
Signing time:             Tue 05 Mar 2024 18:09:04 +0000
ROA not before:           Tue 05 Mar 2024 18:04:04 +0000
ROA not after:            Tue 04 Mar 2025 18:09:04 +0000
asID:                     52425
IP address blocks:        181.191.27.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/FF2D4DC420C4C39790BC2C03D51255D0A1C01933F37C28DC074059858B00573E/0/3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FF2D4DC420C4C39790BC2C03D51255D0A1C01933F37C28DC074059858B00573E/0/3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:c4:5e:18:32:9d:02:9b:db:0a:d1:7b:df:7e:94:55:aa:00:cf:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76
        Validity
            Not Before: Mar  5 18:04:04 2024 GMT
            Not After : Mar  4 18:09:04 2025 GMT
        Subject: CN=4D48098B08888FE7B567A65CAF8E74229238765E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:04:88:5a:93:86:cc:db:3f:8d:74:bb:d2:3b:
                    b5:47:44:04:11:1c:f8:ef:90:9e:4f:f1:4f:0d:28:
                    f3:fe:fa:23:87:45:35:bd:38:b6:e9:8d:f8:47:c2:
                    1c:28:34:f7:2e:be:d2:ed:92:70:6a:d0:18:ab:6f:
                    51:5e:ad:67:2d:c5:98:a0:c5:f7:bc:c2:56:ca:0b:
                    f4:4b:6b:16:f0:42:41:3b:57:fc:ae:86:49:bd:39:
                    81:02:dc:e0:0e:a0:b3:52:f5:48:93:b8:4c:b2:71:
                    d7:38:85:e5:22:ed:69:65:94:cc:b8:00:bb:5e:69:
                    c2:a9:f5:4f:9d:a3:53:17:c6:ec:ba:ee:cc:a1:45:
                    30:2e:1d:fa:fd:17:bf:8b:c7:5d:9a:97:1f:2b:39:
                    b2:da:42:34:5d:1f:ad:57:44:03:c7:99:83:2a:2c:
                    b5:ad:95:f4:c4:ef:16:74:54:d2:76:c2:37:9c:52:
                    6a:7d:da:f1:aa:34:ae:f0:89:e9:24:92:8e:44:a6:
                    7b:3a:60:4d:18:80:99:5a:db:d6:ce:85:3d:d3:4e:
                    79:21:e1:bc:7a:cb:0e:52:4f:ed:19:e4:9d:49:0c:
                    f3:cb:99:22:73:3b:c3:3b:78:58:da:91:e3:b9:60:
                    b0:f6:88:0e:c8:e3:9f:e1:0e:76:9b:c3:a8:e1:98:
                    ee:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:48:09:8B:08:88:8F:E7:B5:67:A6:5C:AF:8E:74:22:92:38:76:5E
            X509v3 Authority Key Identifier:
                keyid:3D:06:F0:A5:D3:F0:CF:D8:4C:F1:A8:1F:12:D5:E3:C7:62:3E:CD:76

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/FF2D4DC420C4C39790BC2C03D51255D0A1C01933F37C28DC074059858B00573E/0/3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/FF2D4DC420C4C39790BC2C03D51255D0A1C01933F37C28DC074059858B00573E/0/3138312e3139312e32372e302f32342d3234203d3e203532343235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.191.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:ad:98:64:bc:53:98:ae:c6:8b:90:26:99:df:eb:9f:81:04:
         cc:62:37:7c:a6:3d:66:81:21:f1:02:29:51:ec:f7:cf:f5:e9:
         30:6f:48:2e:7a:4b:c5:0c:42:66:70:f0:48:d8:74:11:3e:df:
         b6:ab:8c:7f:3a:85:59:b0:3c:a7:60:81:ff:ad:c3:0b:f2:62:
         44:ad:23:25:10:37:90:66:85:2e:46:af:e6:68:68:cf:ce:f8:
         8d:fe:24:43:49:5c:fd:60:03:90:0b:9d:e7:6d:9b:d4:4a:b3:
         b6:b6:2c:41:cc:04:da:e4:44:d9:b0:32:1f:d7:ee:34:c8:bf:
         95:fa:0f:f3:76:f6:0f:f7:95:eb:e3:91:38:5a:30:b6:64:35:
         5f:fb:5b:fc:ed:a1:56:fe:c2:b9:b5:2c:27:df:bd:78:31:e6:
         b0:d5:91:d3:8f:a0:d9:b7:00:01:c1:74:e8:2a:1e:40:0e:a8:
         2f:90:37:7a:a6:bd:39:ea:3a:e9:40:b5:9f:45:dd:d2:43:4a:
         ca:a2:56:74:7c:c4:88:31:43:1f:4a:18:f0:0a:5e:53:0f:46:
         0d:d3:dc:ed:95:e2:e9:4f:8c:d0:62:b5:a2:69:a7:16:f4:3b:
         95:7c:33:f4:24:7f:14:22:eb:ae:c2:99:b3:5e:3d:86:ff:1c:
         90:e1:76:8d
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUf8ReGDKdApvbCtF7336UVaoAzyUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0QwNkYwQTVEM0YwQ0ZEODRDRjFBODFGMTJENUUzQzc2
MjNFQ0Q3NjAeFw0yNDAzMDUxODA0MDRaFw0yNTAzMDQxODA5MDRaMDMxMTAvBgNV
BAMTKDRENDgwOThCMDg4ODhGRTdCNTY3QTY1Q0FGOEU3NDIyOTIzODc2NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRBIhak4bM2z+NdLvSO7VHRAQR
HPjvkJ5P8U8NKPP++iOHRTW9OLbpjfhHwhwoNPcuvtLtknBq0Birb1FerWctxZig
xfe8wlbKC/RLaxbwQkE7V/yuhkm9OYEC3OAOoLNS9UiTuEyycdc4heUi7WlllMy4
ALteacKp9U+do1MXxuy67syhRTAuHfr9F7+Lx12alx8rObLaQjRdH61XRAPHmYMq
LLWtlfTE7xZ0VNJ2wjecUmp92vGqNK7wiekkko5Epns6YE0YgJla29bOhT3TTnkh
4bx6yw5ST+0Z5J1JDPPLmSJzO8M7eFjakeO5YLD2iA7I45/hDnabw6jhmO71AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUTUgJiwiIj+e1Z6Zcr450IpI4dl4wHwYDVR0j
BBgwFoAUPQbwpdPwz9hM8agfEtXjx2I+zXYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GRjJENERDNDIwQzRDMzk3OTBCQzJDMDNENTEyNTVEMEEx
QzAxOTMzRjM3QzI4REMwNzQwNTk4NThCMDA1NzNFLzAvM0QwNkYwQTVEM0YwQ0ZE
ODRDRjFBODFGMTJENUUzQzc2MjNFQ0Q3Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRDA2RjBBNUQzRjBDRkQ4NENG
MUE4MUYxMkQ1RTNDNzYyM0VDRDc2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRkYyRDREQzQyMEM0QzM5NzkwQkMyQzAzRDUxMjU1RDBBMUMwMTkzM0Yz
N0MyOERDMDc0MDU5ODU4QjAwNTczRS8wLzMxMzgzMTJlMzEzOTMxMmUzMjM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjM0MzIzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALW/GzAN
BgkqhkiG9w0BAQsFAAOCAQEAja2YZLxTmK7Gi5Ammd/rn4EEzGI3fKY9ZoEh8QIp
Uez3z/XpMG9ILnpLxQxCZnDwSNh0ET7ftquMfzqFWbA8p2CB/63DC/JiRK0jJRA3
kGaFLkav5mhoz874jf4kQ0lc/WADkAud522b1EqztrYsQcwE2uRE2bAyH9fuNMi/
lfoP83b2D/eV6+OROFowtmQ1X/tb/O2hVv7CubUsJ9+9eDHmsNWR04+g2bcAAcF0
6CoeQA6oL5A3eqa9Oeo66UC1n0Xd0kNKyqJWdHzEiDFDH0oY8ApeUw9GDdPc7ZXi
6U+M0GK1ommnFvQ7lXwz9CR/FCLrrsKZs149hv8ckOF2jQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 05:29:50 2024 by rpki-client on console-fra.rpki-client.org