Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/3230302e39312e3132382e302f31382d3234203d3e20323033.roa
File:                     3230302e39312e3132382e302f31382d3234203d3e20323033.roa (raw, json)
Hash identifier:          kIMm7dh8UzbGR2cQVuH4q7iTPrCzq7x9BqCaHoa0IQk=
Subject key identifier:   E7:71:8F:1F:4C:C9:6B:8E:C0:C9:60:85:F1:01:D9:62:87:65:B9:4A
Certificate issuer:       /CN=DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2
Certificate serial:       37D9096BB7AA14D4CEAB15E63DA026F1A11595DA
Authority key identifier: DE:D9:DD:B6:E0:5D:26:D9:3F:76:D4:43:4C:06:0C:7E:1D:26:E6:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/3230302e39312e3132382e302f31382d3234203d3e20323033.roa
Signing time:             Tue 05 Mar 2024 18:02:50 +0000
ROA not before:           Tue 05 Mar 2024 17:57:50 +0000
ROA not after:            Tue 04 Mar 2025 18:02:50 +0000
asID:                     203
IP address blocks:        200.91.128.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.crl
                          rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 02:18:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:d9:09:6b:b7:aa:14:d4:ce:ab:15:e6:3d:a0:26:f1:a1:15:95:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2
        Validity
            Not Before: Mar  5 17:57:50 2024 GMT
            Not After : Mar  4 18:02:50 2025 GMT
        Subject: CN=E7718F1F4CC96B8EC0C96085F101D9628765B94A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:6d:cd:94:16:06:96:a7:10:65:cf:27:ac:58:
                    49:fe:f7:24:9c:2c:2f:7e:fb:72:84:00:44:93:40:
                    8c:42:b7:17:9d:17:92:a2:c5:37:fe:ea:0e:b8:3f:
                    c0:ad:0f:4b:90:16:28:b5:61:8c:91:5e:fc:9c:b4:
                    ea:9a:81:a8:dd:06:63:7f:63:68:94:7c:1c:cf:fc:
                    b5:2c:a8:4d:53:d1:3d:15:94:ab:4a:a0:10:df:d6:
                    b3:14:95:7c:e8:db:0b:3d:a0:94:ff:1e:c5:44:42:
                    09:97:e6:ba:13:26:e0:af:bf:2e:cd:b2:40:d9:fe:
                    fc:b1:87:c6:1a:b5:f7:5e:ac:dc:78:8d:0f:d4:5f:
                    9b:33:07:1f:c7:be:fb:77:13:43:71:d5:8b:ed:db:
                    b1:2a:fd:0b:1f:73:c3:a7:3b:f8:46:7c:3c:c7:c9:
                    08:d8:86:ba:3c:b5:da:8e:9e:02:98:7b:fa:4f:b8:
                    28:a1:6f:70:0d:43:ae:13:de:2d:30:38:c9:af:ec:
                    ce:8b:fd:71:21:90:d3:44:ec:0d:ec:db:72:eb:c9:
                    50:c7:26:40:38:a5:87:c0:59:a2:66:0a:78:f1:6c:
                    43:f3:57:3d:aa:40:7d:9d:bd:8e:6e:8b:a1:c2:0b:
                    15:38:26:80:bf:38:f7:dd:91:6a:32:c5:f2:f2:4e:
                    04:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:71:8F:1F:4C:C9:6B:8E:C0:C9:60:85:F1:01:D9:62:87:65:B9:4A
            X509v3 Authority Key Identifier:
                keyid:DE:D9:DD:B6:E0:5D:26:D9:3F:76:D4:43:4C:06:0C:7E:1D:26:E6:C2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/3230302e39312e3132382e302f31382d3234203d3e20323033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.91.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         1a:7e:2b:b5:44:bc:95:d2:e1:62:76:88:3b:df:cb:ce:53:c3:
         7a:ff:86:01:b7:00:3b:15:b8:09:4a:04:94:0b:dd:80:8a:23:
         70:1f:ce:cf:67:e9:d7:07:f8:83:00:db:dc:ae:67:a4:f1:eb:
         f7:9f:8d:6e:ab:45:60:06:cc:cf:9d:05:37:90:ae:4c:95:26:
         70:54:a9:91:a7:6b:b8:ad:e9:e0:13:1f:bb:37:00:98:d5:5a:
         e8:d9:f7:34:b9:85:6f:61:5c:27:59:57:b6:c2:88:5f:92:da:
         4c:c6:c2:17:45:fa:73:9c:e3:3b:13:5e:ef:83:4e:ee:6b:65:
         aa:42:e2:23:36:ac:73:d6:38:a2:81:ff:70:16:7c:e9:bd:2c:
         f7:58:8d:12:72:e1:ea:15:ef:f7:ca:00:84:c6:9f:fe:23:05:
         30:cc:bf:4c:53:fd:d5:da:81:c8:fc:81:03:8a:43:6f:ae:ef:
         56:f7:03:a3:4d:11:7c:b6:f1:77:6e:3b:f0:27:3a:77:e6:64:
         54:88:3e:47:35:f6:22:a6:a4:25:6a:34:bb:a8:ea:9b:1e:7c:
         2d:fb:31:75:c3:17:c3:37:b5:53:8c:be:01:52:b1:4b:cd:9d:
         21:ad:ce:6b:a4:2c:92:7a:29:32:6c:11:1a:de:71:20:2a:5e:
         2e:ba:d4:96
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUN9kJa7eqFNTOqxXmPaAm8aEVldowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREVEOUREQjZFMDVEMjZEOTNGNzZENDQzNEMwNjBDN0Ux
RDI2RTZDMjAeFw0yNDAzMDUxNzU3NTBaFw0yNTAzMDQxODAyNTBaMDMxMTAvBgNV
BAMTKEU3NzE4RjFGNENDOTZCOEVDMEM5NjA4NUYxMDFEOTYyODc2NUI5NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDibc2UFgaWpxBlzyesWEn+9ySc
LC9++3KEAESTQIxCtxedF5KixTf+6g64P8CtD0uQFii1YYyRXvyctOqagajdBmN/
Y2iUfBzP/LUsqE1T0T0VlKtKoBDf1rMUlXzo2ws9oJT/HsVEQgmX5roTJuCvvy7N
skDZ/vyxh8YatfderNx4jQ/UX5szBx/Hvvt3E0Nx1Yvt27Eq/Qsfc8OnO/hGfDzH
yQjYhro8tdqOngKYe/pPuCihb3ANQ64T3i0wOMmv7M6L/XEhkNNE7A3s23LryVDH
JkA4pYfAWaJmCnjxbEPzVz2qQH2dvY5ui6HCCxU4JoC/OPfdkWoyxfLyTgS9AgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQU53GPH0zJa47AyWCF8QHZYodluUowHwYDVR0j
BBgwFoAU3tndtuBdJtk/dtRDTAYMfh0m5sIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yM0M3NUM5MTFCMzUyREYwQkM5NjkxRDRGRkVBMDExODI5
MEEyOTZCNDg2MThGOTVBMEQ3QkJGNDJDMjFCQjQzLzAvREVEOUREQjZFMDVEMjZE
OTNGNzZENDQzNEMwNjBDN0UxRDI2RTZDMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERUQ5RERCNkUwNUQyNkQ5M0Y3
NkQ0NDM0QzA2MEM3RTFEMjZFNkMyLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjNDNzVDOTExQjM1MkRGMEJDOTY5MUQ0RkZFQTAxMTgyOTBBMjk2QjQ4
NjE4Rjk1QTBEN0JCRjQyQzIxQkI0My8wLzMyMzAzMDJlMzkzMTJlMzEzMjM4MmUz
MDJmMzEzODJkMzIzNDIwM2QzZTIwMzIzMDMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGyFuAMA0GCSqG
SIb3DQEBCwUAA4IBAQAafiu1RLyV0uFidog738vOU8N6/4YBtwA7FbgJSgSUC92A
iiNwH87PZ+nXB/iDANvcrmek8ev3n41uq0VgBszPnQU3kK5MlSZwVKmRp2u4reng
Ex+7NwCY1Vro2fc0uYVvYVwnWVe2wohfktpMxsIXRfpznOM7E17vg07ua2WqQuIj
Nqxz1jiigf9wFnzpvSz3WI0ScuHqFe/3ygCExp/+IwUwzL9MU/3V2oHI/IEDikNv
ru9W9wOjTRF8tvF3bjvwJzp35mRUiD5HNfYipqQlajS7qOqbHnwt+zF1wxfDN7VT
jL4BUrFLzZ0hrc5rpCySeikybBEa3nEgKl4uutSW
-----END CERTIFICATE-----
Generated at Fri Jun 14 23:20:01 2024 by rpki-client on console-fra.rpki-client.org