Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3135322e3132382f32362d3236203d3e203532343434.roa
File:                     3230312e3233342e3135322e3132382f32362d3236203d3e203532343434.roa (raw, json)
Hash identifier:          nGkvnMKocQ/LbwfZe8PcsnHQrwNFd5qX/D0/C6a7QFc=
Subject key identifier:   73:CB:D8:5E:D2:C2:DD:59:8F:4B:96:A2:A2:98:04:0A:AB:0C:F5:48
Certificate issuer:       /CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
Certificate serial:       3BFAC0DD0D8790BB950AC3E4DF1FA5CACFBF11A8
Authority key identifier: C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3135322e3132382f32362d3236203d3e203532343434.roa
Signing time:             Tue 05 Mar 2024 18:00:35 +0000
ROA not before:           Tue 05 Mar 2024 17:55:35 +0000
ROA not after:            Tue 04 Mar 2025 18:00:35 +0000
asID:                     52444
IP address blocks:        201.234.152.128/26 maxlen: 26

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl
                          rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 28 Nov 2024 19:58:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:fa:c0:dd:0d:87:90:bb:95:0a:c3:e4:df:1f:a5:ca:cf:bf:11:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
        Validity
            Not Before: Mar  5 17:55:35 2024 GMT
            Not After : Mar  4 18:00:35 2025 GMT
        Subject: CN=73CBD85ED2C2DD598F4B96A2A298040AAB0CF548
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:ca:88:5c:17:86:7d:a7:e6:08:1d:78:31:1f:
                    8b:41:f4:5d:c3:73:3b:01:df:62:90:f0:06:c7:fd:
                    b6:34:2d:9b:32:17:9b:b5:5c:56:e5:6f:81:49:9f:
                    2c:2e:eb:e6:8d:33:07:f5:30:b0:5b:8d:d1:ec:a5:
                    b9:08:f8:5e:50:11:c1:6c:54:ad:a3:91:ce:d2:9f:
                    b6:da:23:77:d4:be:89:27:cf:11:b9:d3:d3:07:5e:
                    56:ab:90:14:4d:c1:16:76:94:68:7c:e0:0d:57:3b:
                    6d:bc:9c:a2:09:9c:1b:d2:40:1e:45:8c:3d:56:b0:
                    15:45:4c:05:5f:31:62:71:02:a2:11:32:a2:5e:fa:
                    56:1b:76:90:8b:aa:e7:27:af:41:cd:a1:c4:87:55:
                    53:a7:50:35:ea:30:f9:d6:4c:7e:b6:4b:ed:a0:6f:
                    39:2d:47:bc:89:6e:a7:0b:1a:d5:76:a8:a3:39:4c:
                    8c:93:7e:2f:e5:76:cf:fc:d7:ee:34:b3:b0:a6:93:
                    f9:40:49:b6:45:c2:b9:19:26:6b:3e:d3:86:af:b4:
                    4d:30:fe:20:eb:1a:96:75:8e:12:60:a7:91:2f:69:
                    c2:b7:ec:a6:c8:ad:fc:a7:fc:f6:a0:01:0a:f4:fb:
                    b6:75:5f:f5:63:fe:af:53:97:f0:3a:16:ef:13:e2:
                    80:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:CB:D8:5E:D2:C2:DD:59:8F:4B:96:A2:A2:98:04:0A:AB:0C:F5:48
            X509v3 Authority Key Identifier:
                keyid:C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3135322e3132382f32362d3236203d3e203532343434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.234.152.128/26

    Signature Algorithm: sha256WithRSAEncryption
         5d:95:9a:a2:8b:19:61:b1:45:d4:da:04:b5:6d:19:5a:d4:bc:
         57:ec:74:d4:89:d3:3d:cc:38:48:bd:ba:10:ea:d9:9c:30:75:
         02:a9:1c:85:04:55:7c:4b:4c:9d:f6:43:64:5c:b3:34:3c:83:
         d6:1b:46:3f:3a:22:4f:dd:ac:17:d1:7b:80:30:26:09:1f:4b:
         f7:1a:f2:bd:a8:43:a2:6f:7d:73:6a:3e:f4:b4:c9:9c:c9:74:
         f5:0d:e2:5e:dc:7a:43:d0:d8:b0:0e:f3:35:6c:cb:f6:c7:04:
         75:10:6e:11:62:2a:cc:4e:4f:17:99:9d:88:d8:d9:8a:a4:fa:
         da:a1:9e:44:f1:33:e4:81:88:22:33:17:62:4a:e1:4b:27:7f:
         e1:3e:e2:3c:90:36:5c:d5:de:5f:93:2e:b4:b0:37:f3:72:3d:
         17:08:65:4c:e9:51:96:1b:77:1c:e3:e0:c9:c3:bb:65:65:4f:
         93:48:48:af:7d:2c:35:b2:f6:72:57:f2:f9:02:45:fe:d9:d0:
         d6:b1:bc:85:e1:91:c7:84:62:4e:e6:81:86:b0:a4:f0:1d:9a:
         1b:50:72:67:bd:7c:25:f8:c8:57:2a:8b:77:5a:18:63:cf:b5:
         b1:f3:06:9c:9d:e2:1c:fa:32:4f:01:51:6b:48:5c:aa:2e:73:
         e6:07:14:8b
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUO/rA3Q2HkLuVCsPk3x+lys+/EagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg3QzU1QTQ0ODFGMTlDOUI2MTg0OTQ0QjE4N0IzODEz
QjdDRUM1NjAeFw0yNDAzMDUxNzU1MzVaFw0yNTAzMDQxODAwMzVaMDMxMTAvBgNV
BAMTKDczQ0JEODVFRDJDMkRENTk4RjRCOTZBMkEyOTgwNDBBQUIwQ0Y1NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkyohcF4Z9p+YIHXgxH4tB9F3D
czsB32KQ8AbH/bY0LZsyF5u1XFblb4FJnywu6+aNMwf1MLBbjdHspbkI+F5QEcFs
VK2jkc7Sn7baI3fUvoknzxG509MHXlarkBRNwRZ2lGh84A1XO228nKIJnBvSQB5F
jD1WsBVFTAVfMWJxAqIRMqJe+lYbdpCLqucnr0HNocSHVVOnUDXqMPnWTH62S+2g
bzktR7yJbqcLGtV2qKM5TIyTfi/lds/81+40s7Cmk/lASbZFwrkZJms+04avtE0w
/iDrGpZ1jhJgp5EvacK37KbIrfyn/PagAQr0+7Z1X/Vj/q9Tl/A6Fu8T4oC7AgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUc8vYXtLC3VmPS5aiopgECqsM9UgwHwYDVR0j
BBgwFoAUyHxVpEgfGcm2GElEsYezgTt87FYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMEE2NkE2QTJBNkNGRTkzQzBGNkUzREZDMjBERDMzMUI1
ODBGQjIwMzgzQjYyRkU0QjI2QzAyOTRCNDY4N0M3LzAvQzg3QzU1QTQ0ODFGMTlD
OUI2MTg0OTQ0QjE4N0IzODEzQjdDRUM1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DODdDNTVBNDQ4MUYxOUM5QjYx
ODQ5NDRCMTg3QjM4MTNCN0NFQzU2LmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDBBNjZBNkEyQTZDRkU5M0MwRjZFM0RGQzIwREQzMzFCNTgwRkIyMDM4
M0I2MkZFNEIyNkMwMjk0QjQ2ODdDNy8wLzMyMzAzMTJlMzIzMzM0MmUzMTM1MzIy
ZTMxMzIzODJmMzIzNjJkMzIzNjIwM2QzZTIwMzUzMjM0MzQzNC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAEwBwMF
BsnqmIAwDQYJKoZIhvcNAQELBQADggEBAF2VmqKLGWGxRdTaBLVtGVrUvFfsdNSJ
0z3MOEi9uhDq2ZwwdQKpHIUEVXxLTJ32Q2RcszQ8g9YbRj86Ik/drBfRe4AwJgkf
S/ca8r2oQ6JvfXNqPvS0yZzJdPUN4l7cekPQ2LAO8zVsy/bHBHUQbhFiKsxOTxeZ
nYjY2Yqk+tqhnkTxM+SBiCIzF2JK4Usnf+E+4jyQNlzV3l+TLrSwN/NyPRcIZUzp
UZYbdxzj4MnDu2VlT5NISK99LDWy9nJX8vkCRf7Z0NaxvIXhkceEYk7mgYawpPAd
mhtQcme9fCX4yFcqi3daGGPPtbHzBpyd4hz6Mk8BUWtIXKouc+YHFIs=
-----END CERTIFICATE-----
Generated at Sun Nov 24 10:18:22 2024 by rpki-client on console-fra.rpki-client.org