Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3138382e302f32342d3234203d3e203232363938.roa
File:                     3230312e3233342e3138382e302f32342d3234203d3e203232363938.roa (raw, json)
Hash identifier:          S0UKYEihVBQxD5nMlDMSukI3F2XzxVNxSWTjh1Zf4kQ=
Subject key identifier:   CD:D5:6E:E0:71:FB:8D:49:81:FB:55:3C:9B:67:AE:A4:51:3C:5A:35
Certificate issuer:       /CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
Certificate serial:       6EEBCEC4C27975847BC211EB148952692FE152D7
Authority key identifier: C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3138382e302f32342d3234203d3e203232363938.roa
Signing time:             Tue 05 Mar 2024 18:00:36 +0000
ROA not before:           Tue 05 Mar 2024 17:55:36 +0000
ROA not after:            Tue 04 Mar 2025 18:00:36 +0000
asID:                     22698
IP address blocks:        201.234.188.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl
                          rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Jul 2024 03:40:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:eb:ce:c4:c2:79:75:84:7b:c2:11:eb:14:89:52:69:2f:e1:52:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
        Validity
            Not Before: Mar  5 17:55:36 2024 GMT
            Not After : Mar  4 18:00:36 2025 GMT
        Subject: CN=CDD56EE071FB8D4981FB553C9B67AEA4513C5A35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:69:ec:f3:84:b9:64:7c:e1:4c:13:95:f6:e6:
                    50:92:2a:3b:c1:6b:51:7b:f0:87:70:d3:11:98:50:
                    df:b3:53:57:55:4d:93:bf:35:49:fd:bc:3b:45:06:
                    89:a1:7f:de:c5:b0:4f:0c:92:06:7a:50:44:a4:57:
                    8d:7e:3a:ad:3f:1a:95:5c:1d:b0:4d:dd:95:31:77:
                    2c:53:df:8c:60:42:a7:bf:76:9a:de:36:82:9d:8b:
                    54:75:76:b5:d1:f0:71:64:02:a1:24:2d:84:73:c1:
                    b6:c4:69:5c:ce:51:26:d3:8b:4d:16:85:7c:48:c9:
                    03:58:81:0d:1f:0e:04:4d:a7:f2:ee:c2:01:5e:94:
                    5c:01:7b:69:1b:f6:48:1f:a9:2d:45:34:7f:70:29:
                    d3:b6:e4:54:fb:23:de:fb:56:d8:25:cb:a7:99:55:
                    27:28:0c:97:85:2b:30:d5:ed:e7:bf:87:82:71:5d:
                    aa:3b:b4:66:de:d7:14:0b:32:08:48:e4:93:62:bf:
                    50:7d:6c:62:89:3e:0f:49:1c:0a:bc:8f:e6:b7:99:
                    e6:49:45:ec:9f:52:c0:49:eb:5f:46:e5:50:d1:82:
                    5e:dd:75:75:4f:73:1d:5f:5e:70:fc:69:0d:d1:51:
                    eb:45:64:1d:4f:79:2e:d4:ab:72:14:3f:ac:c7:ec:
                    80:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:D5:6E:E0:71:FB:8D:49:81:FB:55:3C:9B:67:AE:A4:51:3C:5A:35
            X509v3 Authority Key Identifier:
                keyid:C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3138382e302f32342d3234203d3e203232363938.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.234.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:d2:20:4a:dc:0c:97:e5:39:f8:34:43:5c:ed:50:6b:f1:3a:
         5c:a7:61:a6:e9:e1:df:b9:04:30:bb:e2:36:cf:56:b8:a1:22:
         48:e9:5c:c8:fa:c5:59:f2:30:54:2e:9d:5c:f5:dd:aa:87:83:
         04:6d:05:ab:1e:cf:f1:fd:b0:f0:9f:61:87:8b:a3:62:f6:8d:
         46:a6:2d:00:82:44:dc:60:bd:15:03:cf:99:81:9f:50:e3:c0:
         5a:4a:9f:06:d6:d8:90:54:f2:2c:41:3d:7b:18:ec:28:b9:4f:
         bc:cf:44:18:a4:8a:57:e1:bd:3a:de:93:7d:a8:8b:76:23:c5:
         b5:2e:02:f3:c7:68:5e:b6:2b:62:cd:8a:bb:53:38:6a:92:e8:
         dd:67:8a:8d:15:cc:0e:4b:6c:01:d5:d0:81:be:89:c4:46:24:
         24:95:b5:42:e9:05:59:f7:b8:ad:58:be:25:39:c0:c0:6c:20:
         5b:75:5a:8c:ec:54:2e:dd:f9:c3:ad:c7:6d:b2:5a:e9:13:a7:
         39:e8:28:09:2d:36:28:19:79:c5:a5:7d:39:a8:85:b0:dd:b9:
         23:08:d4:be:19:99:3a:7e:c3:d7:77:87:c5:35:6c:28:75:e3:
         46:61:38:44:34:a1:41:7f:e5:e5:98:3b:b1:2d:be:f2:4f:7e:
         78:fd:b2:68
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUbuvOxMJ5dYR7whHrFIlSaS/hUtcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg3QzU1QTQ0ODFGMTlDOUI2MTg0OTQ0QjE4N0IzODEz
QjdDRUM1NjAeFw0yNDAzMDUxNzU1MzZaFw0yNTAzMDQxODAwMzZaMDMxMTAvBgNV
BAMTKENERDU2RUUwNzFGQjhENDk4MUZCNTUzQzlCNjdBRUE0NTEzQzVBMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtaezzhLlkfOFME5X25lCSKjvB
a1F78Idw0xGYUN+zU1dVTZO/NUn9vDtFBomhf97FsE8MkgZ6UESkV41+Oq0/GpVc
HbBN3ZUxdyxT34xgQqe/dpreNoKdi1R1drXR8HFkAqEkLYRzwbbEaVzOUSbTi00W
hXxIyQNYgQ0fDgRNp/LuwgFelFwBe2kb9kgfqS1FNH9wKdO25FT7I977Vtgly6eZ
VScoDJeFKzDV7ee/h4JxXao7tGbe1xQLMghI5JNiv1B9bGKJPg9JHAq8j+a3meZJ
ReyfUsBJ619G5VDRgl7ddXVPcx1fXnD8aQ3RUetFZB1PeS7Uq3IUP6zH7IBHAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUzdVu4HH7jUmB+1U8m2eupFE8WjUwHwYDVR0j
BBgwFoAUyHxVpEgfGcm2GElEsYezgTt87FYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMEE2NkE2QTJBNkNGRTkzQzBGNkUzREZDMjBERDMzMUI1
ODBGQjIwMzgzQjYyRkU0QjI2QzAyOTRCNDY4N0M3LzAvQzg3QzU1QTQ0ODFGMTlD
OUI2MTg0OTQ0QjE4N0IzODEzQjdDRUM1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DODdDNTVBNDQ4MUYxOUM5QjYx
ODQ5NDRCMTg3QjM4MTNCN0NFQzU2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDBBNjZBNkEyQTZDRkU5M0MwRjZFM0RGQzIwREQzMzFCNTgwRkIyMDM4
M0I2MkZFNEIyNkMwMjk0QjQ2ODdDNy8wLzMyMzAzMTJlMzIzMzM0MmUzMTM4Mzgy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMyMzYzOTM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyeq8
MA0GCSqGSIb3DQEBCwUAA4IBAQAa0iBK3AyX5Tn4NENc7VBr8Tpcp2Gm6eHfuQQw
u+I2z1a4oSJI6VzI+sVZ8jBULp1c9d2qh4MEbQWrHs/x/bDwn2GHi6Ni9o1Gpi0A
gkTcYL0VA8+ZgZ9Q48BaSp8G1tiQVPIsQT17GOwouU+8z0QYpIpX4b063pN9qIt2
I8W1LgLzx2hetitizYq7UzhqkujdZ4qNFcwOS2wB1dCBvonERiQklbVC6QVZ97it
WL4lOcDAbCBbdVqM7FQu3fnDrcdtslrpE6c56CgJLTYoGXnFpX05qIWw3bkjCNS+
GZk6fsPXd4fFNWwodeNGYThENKFBf+XlmDuxLb7yT354/bJo
-----END CERTIFICATE-----
Generated at Thu Jul 11 00:31:12 2024 by rpki-client on console-fra.rpki-client.org