Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3235332e302f32342d3234203d3e20323633373536.roa
File:                     3230312e3233342e3235332e302f32342d3234203d3e20323633373536.roa (raw, json)
Hash identifier:          iAUyHjo4Zr5m9Y5iuNuhz32kaOsK2mpOCsdxBrVf350=
Subject key identifier:   70:51:E4:69:9B:96:DD:F6:8F:36:C3:79:A1:8D:39:87:75:68:81:EF
Certificate issuer:       /CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
Certificate serial:       0DCB59802C1361ABE7902A3599D25610ECD9202B
Authority key identifier: C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3235332e302f32342d3234203d3e20323633373536.roa
Signing time:             Tue 05 Mar 2024 18:00:54 +0000
ROA not before:           Tue 05 Mar 2024 17:55:54 +0000
ROA not after:            Tue 04 Mar 2025 18:00:54 +0000
asID:                     263756
IP address blocks:        201.234.253.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl
                          rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:cb:59:80:2c:13:61:ab:e7:90:2a:35:99:d2:56:10:ec:d9:20:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
        Validity
            Not Before: Mar  5 17:55:54 2024 GMT
            Not After : Mar  4 18:00:54 2025 GMT
        Subject: CN=7051E4699B96DDF68F36C379A18D3987756881EF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:c6:b4:dd:2e:49:74:11:d6:ff:40:17:ac:35:
                    de:7f:b7:fb:c5:aa:f1:fb:8c:49:40:67:64:83:d8:
                    b9:d4:16:e5:c7:0b:e9:77:59:c2:7d:80:bd:da:e7:
                    dd:df:c7:72:bd:6e:b9:4f:52:e9:49:b0:12:59:36:
                    19:d8:86:57:86:e9:6d:3a:33:ed:61:63:02:f7:d2:
                    4e:15:2c:2a:f7:58:e2:ea:81:41:d8:5b:52:02:b2:
                    0e:b4:c6:12:06:9e:9d:69:2f:cc:fa:3d:04:a6:85:
                    01:17:0a:0f:b3:5a:d2:90:43:fc:05:36:a1:84:9e:
                    5c:5c:c0:8f:13:0d:3b:3e:0d:43:b2:75:71:85:0a:
                    02:80:ce:17:21:3d:dd:77:c4:f9:b2:92:0b:51:0a:
                    4a:98:c3:00:dc:86:80:36:04:5c:12:2f:14:bf:9b:
                    7a:20:0f:39:24:f4:24:8d:1a:3e:c4:a8:96:75:bb:
                    5b:2d:fc:26:32:a8:b7:4d:70:06:46:92:f0:0f:43:
                    4a:57:c0:4a:e6:0d:d3:d2:9b:10:21:f9:40:7a:72:
                    7d:11:4b:38:3c:77:f7:39:b8:7f:ea:89:88:e0:61:
                    29:2b:ed:98:d4:9a:f8:4b:c4:6e:f1:9a:ae:da:80:
                    22:4a:f4:1e:bc:10:9c:51:54:77:16:a2:e8:37:17:
                    0f:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:51:E4:69:9B:96:DD:F6:8F:36:C3:79:A1:8D:39:87:75:68:81:EF
            X509v3 Authority Key Identifier:
                keyid:C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3235332e302f32342d3234203d3e20323633373536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.234.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:a6:20:85:bd:7f:29:1e:99:37:19:25:da:5c:d7:30:3c:39:
         11:4c:30:cf:c2:36:26:37:29:f4:fd:2e:5b:92:ba:9d:01:a9:
         57:d1:be:54:c5:41:1b:82:28:cd:29:b3:c2:9c:34:85:48:12:
         22:8c:73:11:67:2a:96:3b:2f:71:5b:20:14:7e:66:9b:88:86:
         47:07:55:63:48:85:60:7e:28:26:ed:17:ed:77:55:60:55:06:
         7e:c9:e9:a4:8f:70:57:4d:4d:5a:53:b4:f6:db:db:33:c7:96:
         a0:75:9a:66:57:df:3f:8c:50:1c:e0:d0:30:6f:1a:bb:da:09:
         b8:9b:fb:71:6e:d6:55:59:7b:fa:87:e1:3a:e4:c6:e4:40:c2:
         e2:53:43:d8:88:f3:22:85:a8:97:44:34:28:dc:e2:5f:66:66:
         55:18:82:23:44:ca:f7:1e:be:48:52:ce:a7:b9:a2:fe:5c:6b:
         bc:32:27:b4:fa:10:a3:85:ae:e4:76:8a:67:6e:91:10:24:4d:
         5c:21:f1:85:29:51:96:8d:94:99:48:98:59:2b:ff:10:ef:9e:
         f0:e2:92:6f:3c:3f:76:10:92:71:65:94:cb:63:e5:e7:ae:b3:
         0a:94:4e:56:80:bf:26:91:ed:de:19:fd:9f:6f:8f:2d:60:76:
         a1:90:a0:e7
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUDctZgCwTYavnkCo1mdJWEOzZICswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg3QzU1QTQ0ODFGMTlDOUI2MTg0OTQ0QjE4N0IzODEz
QjdDRUM1NjAeFw0yNDAzMDUxNzU1NTRaFw0yNTAzMDQxODAwNTRaMDMxMTAvBgNV
BAMTKDcwNTFFNDY5OUI5NkRERjY4RjM2QzM3OUExOEQzOTg3NzU2ODgxRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzxrTdLkl0Edb/QBesNd5/t/vF
qvH7jElAZ2SD2LnUFuXHC+l3WcJ9gL3a593fx3K9brlPUulJsBJZNhnYhleG6W06
M+1hYwL30k4VLCr3WOLqgUHYW1ICsg60xhIGnp1pL8z6PQSmhQEXCg+zWtKQQ/wF
NqGEnlxcwI8TDTs+DUOydXGFCgKAzhchPd13xPmykgtRCkqYwwDchoA2BFwSLxS/
m3ogDzkk9CSNGj7EqJZ1u1st/CYyqLdNcAZGkvAPQ0pXwErmDdPSmxAh+UB6cn0R
Szg8d/c5uH/qiYjgYSkr7ZjUmvhLxG7xmq7agCJK9B68EJxRVHcWoug3Fw9BAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUcFHkaZuW3faPNsN5oY05h3Voge8wHwYDVR0j
BBgwFoAUyHxVpEgfGcm2GElEsYezgTt87FYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMEE2NkE2QTJBNkNGRTkzQzBGNkUzREZDMjBERDMzMUI1
ODBGQjIwMzgzQjYyRkU0QjI2QzAyOTRCNDY4N0M3LzAvQzg3QzU1QTQ0ODFGMTlD
OUI2MTg0OTQ0QjE4N0IzODEzQjdDRUM1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DODdDNTVBNDQ4MUYxOUM5QjYx
ODQ5NDRCMTg3QjM4MTNCN0NFQzU2LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDBBNjZBNkEyQTZDRkU5M0MwRjZFM0RGQzIwREQzMzFCNTgwRkIyMDM4
M0I2MkZFNEIyNkMwMjk0QjQ2ODdDNy8wLzMyMzAzMTJlMzIzMzM0MmUzMjM1MzMy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzMzNzM1MzYucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADJ
6v0wDQYJKoZIhvcNAQELBQADggEBAHumIIW9fykemTcZJdpc1zA8ORFMMM/CNiY3
KfT9LluSup0BqVfRvlTFQRuCKM0ps8KcNIVIEiKMcxFnKpY7L3FbIBR+ZpuIhkcH
VWNIhWB+KCbtF+13VWBVBn7J6aSPcFdNTVpTtPbb2zPHlqB1mmZX3z+MUBzg0DBv
GrvaCbib+3Fu1lVZe/qH4TrkxuRAwuJTQ9iI8yKFqJdENCjc4l9mZlUYgiNEyvce
vkhSzqe5ov5ca7wyJ7T6EKOFruR2imdukRAkTVwh8YUpUZaNlJlImFkr/xDvnvDi
km88P3YQknFllMtj5eeuswqUTlaAvyaR7d4Z/Z9vjy1gdqGQoOc=
-----END CERTIFICATE-----
Generated at Wed Nov 20 03:14:21 2024 by rpki-client on console-fra.rpki-client.org