Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3138372e302f32342d3234203d3e203232363938.roa
File:                     3230312e3233342e3138372e302f32342d3234203d3e203232363938.roa (raw, json)
Hash identifier:          fsahrD72zOkrxVuHnSgqOrgJivozzNjNfeIoZelnzI8=
Subject key identifier:   45:F6:43:9F:4A:C0:3A:E8:13:39:2F:02:66:D5:D0:F6:3E:22:28:CC
Certificate issuer:       /CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
Certificate serial:       47350C188FE7DFFA4F6E10625F40982A7D890416
Authority key identifier: C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3138372e302f32342d3234203d3e203232363938.roa
Signing time:             Tue 05 Mar 2024 18:00:54 +0000
ROA not before:           Tue 05 Mar 2024 17:55:54 +0000
ROA not after:            Tue 04 Mar 2025 18:00:54 +0000
asID:                     22698
IP address blocks:        201.234.187.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl
                          rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Jul 2024 03:40:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:35:0c:18:8f:e7:df:fa:4f:6e:10:62:5f:40:98:2a:7d:89:04:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
        Validity
            Not Before: Mar  5 17:55:54 2024 GMT
            Not After : Mar  4 18:00:54 2025 GMT
        Subject: CN=45F6439F4AC03AE813392F0266D5D0F63E2228CC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:5d:9c:05:58:3d:bf:8c:7b:f0:38:36:a7:51:
                    d2:73:d9:7c:16:bd:c1:d1:d2:89:fa:db:78:25:d0:
                    3d:11:82:86:cb:d3:95:b5:d4:41:a6:3c:29:11:e5:
                    2c:89:e7:9d:32:e0:9f:23:43:df:cd:cb:e8:80:e6:
                    49:cf:a9:e1:7b:d1:41:4e:df:43:8f:f8:fb:d6:ca:
                    ab:50:72:06:43:3c:ca:9f:c4:0b:4c:70:71:e7:77:
                    6d:18:70:ca:7e:0a:3e:f6:04:2c:58:ce:93:81:00:
                    5a:45:2d:0c:f5:14:96:a1:7a:fe:81:26:43:69:be:
                    eb:5d:b6:a6:5d:14:6c:9b:f2:20:8d:ee:72:e6:f1:
                    8c:6b:9e:7f:d9:71:2c:c4:34:7b:7b:87:a8:99:b5:
                    7f:6f:09:24:e9:cd:08:1d:bf:5e:8b:ce:d8:40:25:
                    0d:77:39:19:11:9e:25:2d:af:60:d3:b7:8a:6b:84:
                    3a:7f:d5:78:8c:b8:72:ca:ee:32:b1:67:4d:39:e7:
                    87:ea:cd:e7:77:3d:ad:bf:ae:3a:e9:c6:42:d4:88:
                    c1:fb:29:92:a9:4b:5e:82:1d:7c:3a:7b:99:df:41:
                    f7:e5:6d:66:b4:0d:b9:d8:b6:a7:2b:18:f8:9a:87:
                    75:d9:1c:53:7a:ce:6a:70:71:85:cc:2b:8a:06:6d:
                    1a:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:F6:43:9F:4A:C0:3A:E8:13:39:2F:02:66:D5:D0:F6:3E:22:28:CC
            X509v3 Authority Key Identifier:
                keyid:C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3138372e302f32342d3234203d3e203232363938.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.234.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:0f:1e:96:56:2f:72:15:1c:14:20:9a:0e:b8:14:c8:7a:fd:
         ee:0d:cc:ed:12:f2:d3:72:be:f8:7c:88:27:d8:d5:8c:94:40:
         8e:4e:9c:6b:1a:e8:92:5a:df:54:12:2c:05:10:d0:5c:94:ba:
         13:8b:2c:3a:ad:b0:2b:a7:6e:4e:3f:82:3f:b0:ba:3f:e9:60:
         bb:40:8d:ec:5b:60:de:fd:63:28:ae:99:c5:c3:28:19:40:2b:
         b1:02:7d:a2:40:c8:e4:76:47:0c:11:6f:a9:7a:a8:77:95:f4:
         26:bd:f9:31:45:f1:9f:9b:83:16:fc:c4:ba:4e:f7:62:4d:0f:
         16:e3:7a:42:83:fe:1f:f1:0a:24:2f:aa:79:93:7e:fa:20:1f:
         57:37:dd:b8:3c:89:af:65:49:48:aa:38:14:73:df:86:d4:0e:
         0d:44:97:3d:ed:f9:7e:86:8e:8a:6d:a8:de:84:84:de:06:3d:
         ec:30:8a:30:42:30:01:3a:3f:69:ca:eb:23:f3:e2:ae:12:fa:
         cd:3a:b4:73:5a:c9:f3:88:76:ee:ba:ad:de:e6:77:61:98:0c:
         91:97:50:55:75:af:ab:30:22:8e:44:e1:05:07:01:1a:ce:ac:
         4c:b3:e3:6a:d9:e6:ae:09:69:23:b0:70:96:16:92:3d:f8:28:
         01:35:c9:55
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIURzUMGI/n3/pPbhBiX0CYKn2JBBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg3QzU1QTQ0ODFGMTlDOUI2MTg0OTQ0QjE4N0IzODEz
QjdDRUM1NjAeFw0yNDAzMDUxNzU1NTRaFw0yNTAzMDQxODAwNTRaMDMxMTAvBgNV
BAMTKDQ1RjY0MzlGNEFDMDNBRTgxMzM5MkYwMjY2RDVEMEY2M0UyMjI4Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMXZwFWD2/jHvwODanUdJz2XwW
vcHR0on623gl0D0RgobL05W11EGmPCkR5SyJ550y4J8jQ9/Ny+iA5knPqeF70UFO
30OP+PvWyqtQcgZDPMqfxAtMcHHnd20YcMp+Cj72BCxYzpOBAFpFLQz1FJahev6B
JkNpvutdtqZdFGyb8iCN7nLm8Yxrnn/ZcSzENHt7h6iZtX9vCSTpzQgdv16LzthA
JQ13ORkRniUtr2DTt4prhDp/1XiMuHLK7jKxZ00554fqzed3Pa2/rjrpxkLUiMH7
KZKpS16CHXw6e5nfQfflbWa0DbnYtqcrGPiah3XZHFN6zmpwcYXMK4oGbRoxAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQURfZDn0rAOugTOS8CZtXQ9j4iKMwwHwYDVR0j
BBgwFoAUyHxVpEgfGcm2GElEsYezgTt87FYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMEE2NkE2QTJBNkNGRTkzQzBGNkUzREZDMjBERDMzMUI1
ODBGQjIwMzgzQjYyRkU0QjI2QzAyOTRCNDY4N0M3LzAvQzg3QzU1QTQ0ODFGMTlD
OUI2MTg0OTQ0QjE4N0IzODEzQjdDRUM1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DODdDNTVBNDQ4MUYxOUM5QjYx
ODQ5NDRCMTg3QjM4MTNCN0NFQzU2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDBBNjZBNkEyQTZDRkU5M0MwRjZFM0RGQzIwREQzMzFCNTgwRkIyMDM4
M0I2MkZFNEIyNkMwMjk0QjQ2ODdDNy8wLzMyMzAzMTJlMzIzMzM0MmUzMTM4Mzcy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMyMzYzOTM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyeq7
MA0GCSqGSIb3DQEBCwUAA4IBAQAJDx6WVi9yFRwUIJoOuBTIev3uDcztEvLTcr74
fIgn2NWMlECOTpxrGuiSWt9UEiwFENBclLoTiyw6rbArp25OP4I/sLo/6WC7QI3s
W2De/WMorpnFwygZQCuxAn2iQMjkdkcMEW+peqh3lfQmvfkxRfGfm4MW/MS6Tvdi
TQ8W43pCg/4f8QokL6p5k376IB9XN924PImvZUlIqjgUc9+G1A4NRJc97fl+ho6K
bajehITeBj3sMIowQjABOj9pyusj8+KuEvrNOrRzWsnziHbuuq3e5ndhmAyRl1BV
da+rMCKOROEFBwEazqxMs+Nq2eauCWkjsHCWFpI9+CgBNclV
-----END CERTIFICATE-----
Generated at Thu Jul 11 01:07:59 2024 by rpki-client on console-ams.rpki-client.org