Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3130312e302f32342d3234203d3e203532323535.roa
File:                     3230312e3233342e3130312e302f32342d3234203d3e203532323535.roa (raw, json)
Hash identifier:          Ih6CwJvC+9RDT54hd7XOAwgpD2zmQkTue4s008x7iSc=
Subject key identifier:   6E:B5:0D:5C:2B:71:5B:FD:17:3C:80:7A:2E:59:93:E9:C7:F3:B8:95
Certificate issuer:       /CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
Certificate serial:       163AA203B950722A3EC50405E49B1E6492CDD5F0
Authority key identifier: C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3130312e302f32342d3234203d3e203532323535.roa
Signing time:             Tue 05 Mar 2024 18:00:47 +0000
ROA not before:           Tue 05 Mar 2024 17:55:47 +0000
ROA not after:            Tue 04 Mar 2025 18:00:47 +0000
asID:                     52255
IP address blocks:        201.234.101.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl
                          rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 22 Jul 2024 13:18:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:3a:a2:03:b9:50:72:2a:3e:c5:04:05:e4:9b:1e:64:92:cd:d5:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
        Validity
            Not Before: Mar  5 17:55:47 2024 GMT
            Not After : Mar  4 18:00:47 2025 GMT
        Subject: CN=6EB50D5C2B715BFD173C807A2E5993E9C7F3B895
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:48:19:48:5b:51:11:f4:ce:3c:cd:c7:81:4f:
                    cf:6a:f4:5c:0f:9c:48:f7:cf:37:62:6f:ad:63:5d:
                    20:ee:f9:ba:20:ab:79:8d:13:b6:97:67:80:cf:47:
                    4f:2c:f4:2f:78:28:d9:0e:b1:0b:36:72:d9:4c:ce:
                    8a:e2:b6:d5:d2:92:4b:58:4e:1b:89:fd:ef:dd:cb:
                    e2:9d:0e:46:0b:23:5e:c4:67:bd:5b:f1:c5:73:03:
                    a2:8c:36:42:96:d9:ca:67:40:e7:a0:18:12:c8:ec:
                    13:1b:9e:bc:e1:a7:2f:4c:f0:9f:15:8a:47:45:6a:
                    b0:a8:8a:ec:d7:4b:12:67:0a:15:b3:61:ce:11:51:
                    5a:71:9f:c2:fd:61:4e:ab:74:2d:ab:5d:fc:58:01:
                    8c:59:58:b6:d6:a0:e6:7b:c7:12:a4:f4:d7:70:ba:
                    4b:5d:a6:a9:75:b3:cf:58:a5:98:a9:3e:6d:bd:71:
                    0c:8d:3a:68:c1:a5:ce:ae:50:a1:14:f9:a3:f2:c2:
                    0f:6e:ea:60:2e:c1:0d:97:11:75:9d:9d:09:5a:92:
                    7b:35:01:28:bb:0e:25:a8:36:81:f6:e6:84:f3:40:
                    ff:7f:44:ad:f3:db:dd:50:83:62:fe:a1:80:21:19:
                    7e:36:40:03:c9:cc:af:d8:ca:e1:21:07:15:57:ab:
                    06:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:B5:0D:5C:2B:71:5B:FD:17:3C:80:7A:2E:59:93:E9:C7:F3:B8:95
            X509v3 Authority Key Identifier:
                keyid:C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3130312e302f32342d3234203d3e203532323535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.234.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:a2:96:47:9f:29:ca:d7:9c:77:0e:d7:56:0f:cc:46:5c:77:
         c5:84:75:56:d1:10:82:1b:d1:77:71:5b:6c:93:3d:20:a6:4b:
         d3:c9:e2:ee:78:51:ec:8c:ba:97:dd:cf:8b:78:a9:22:4b:78:
         7b:da:8b:66:8b:66:4b:45:d4:31:76:05:ab:e0:9a:5b:9b:21:
         00:8d:56:c1:4d:11:8b:5f:50:76:31:41:2e:13:d1:6f:0d:b7:
         22:b7:47:ad:0a:7d:dd:01:49:15:16:c4:7c:40:7b:b8:15:74:
         f5:ff:f5:86:b4:6b:92:25:fa:0a:88:36:f0:93:b6:b3:2b:84:
         2d:98:ff:0e:50:c5:43:c0:e1:38:12:61:77:73:1d:80:23:ac:
         28:8f:0d:a6:8a:f3:50:42:ee:f3:62:a2:2a:ef:7a:07:d1:bd:
         26:6c:b3:9c:dc:15:93:88:57:64:75:4e:1b:f3:3b:f3:5d:52:
         55:ac:eb:48:75:1e:cf:09:2b:09:ea:c9:4d:cf:b3:7e:12:be:
         7a:64:2a:d6:ee:5f:e4:c5:b7:a8:c9:06:27:d1:d3:04:59:f9:
         79:62:3d:9c:43:68:75:9c:a1:be:e3:34:6c:b3:db:14:59:28:
         39:06:11:e0:d9:23:d6:95:b9:c3:08:1b:17:09:ed:20:21:70:
         19:5e:23:ff
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUFjqiA7lQcio+xQQF5JseZJLN1fAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg3QzU1QTQ0ODFGMTlDOUI2MTg0OTQ0QjE4N0IzODEz
QjdDRUM1NjAeFw0yNDAzMDUxNzU1NDdaFw0yNTAzMDQxODAwNDdaMDMxMTAvBgNV
BAMTKDZFQjUwRDVDMkI3MTVCRkQxNzNDODA3QTJFNTk5M0U5QzdGM0I4OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChSBlIW1ER9M48zceBT89q9FwP
nEj3zzdib61jXSDu+bogq3mNE7aXZ4DPR08s9C94KNkOsQs2ctlMzorittXSkktY
ThuJ/e/dy+KdDkYLI17EZ71b8cVzA6KMNkKW2cpnQOegGBLI7BMbnrzhpy9M8J8V
ikdFarCoiuzXSxJnChWzYc4RUVpxn8L9YU6rdC2rXfxYAYxZWLbWoOZ7xxKk9Ndw
uktdpql1s89YpZipPm29cQyNOmjBpc6uUKEU+aPywg9u6mAuwQ2XEXWdnQlakns1
ASi7DiWoNoH25oTzQP9/RK3z291Qg2L+oYAhGX42QAPJzK/YyuEhBxVXqwY/AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUbrUNXCtxW/0XPIB6LlmT6cfzuJUwHwYDVR0j
BBgwFoAUyHxVpEgfGcm2GElEsYezgTt87FYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMEE2NkE2QTJBNkNGRTkzQzBGNkUzREZDMjBERDMzMUI1
ODBGQjIwMzgzQjYyRkU0QjI2QzAyOTRCNDY4N0M3LzAvQzg3QzU1QTQ0ODFGMTlD
OUI2MTg0OTQ0QjE4N0IzODEzQjdDRUM1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DODdDNTVBNDQ4MUYxOUM5QjYx
ODQ5NDRCMTg3QjM4MTNCN0NFQzU2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDBBNjZBNkEyQTZDRkU5M0MwRjZFM0RGQzIwREQzMzFCNTgwRkIyMDM4
M0I2MkZFNEIyNkMwMjk0QjQ2ODdDNy8wLzMyMzAzMTJlMzIzMzM0MmUzMTMwMzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzIzNTM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyepl
MA0GCSqGSIb3DQEBCwUAA4IBAQA1opZHnynK15x3DtdWD8xGXHfFhHVW0RCCG9F3
cVtskz0gpkvTyeLueFHsjLqX3c+LeKkiS3h72otmi2ZLRdQxdgWr4JpbmyEAjVbB
TRGLX1B2MUEuE9FvDbcit0etCn3dAUkVFsR8QHu4FXT1//WGtGuSJfoKiDbwk7az
K4QtmP8OUMVDwOE4EmF3cx2AI6wojw2mivNQQu7zYqIq73oH0b0mbLOc3BWTiFdk
dU4b8zvzXVJVrOtIdR7PCSsJ6slNz7N+Er56ZCrW7l/kxbeoyQYn0dMEWfl5Yj2c
Q2h1nKG+4zRss9sUWSg5BhHg2SPWlbnDCBsXCe0gIXAZXiP/
-----END CERTIFICATE-----
Generated at Thu Jul 18 07:30:39 2024 by rpki-client on console-ams.rpki-client.org