Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e39312e302f32342d3234203d3e2033333536.roa
File:                     3230312e3233342e39312e302f32342d3234203d3e2033333536.roa (raw, json)
Hash identifier:          J5ZLR94Hv5Oel/AIXcKBVL8wYG3NwCH8qJ0u8cMOygA=
Subject key identifier:   06:C8:04:94:1C:50:91:E5:F3:3E:A7:7D:17:E9:FF:55:B3:47:24:E7
Certificate issuer:       /CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
Certificate serial:       7427411A9D8AE079C28682DD67466784137BDC8A
Authority key identifier: C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e39312e302f32342d3234203d3e2033333536.roa
Signing time:             Tue 05 Mar 2024 18:00:57 +0000
ROA not before:           Tue 05 Mar 2024 17:55:57 +0000
ROA not after:            Tue 04 Mar 2025 18:00:57 +0000
asID:                     3356
IP address blocks:        201.234.91.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl
                          rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:27:41:1a:9d:8a:e0:79:c2:86:82:dd:67:46:67:84:13:7b:dc:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
        Validity
            Not Before: Mar  5 17:55:57 2024 GMT
            Not After : Mar  4 18:00:57 2025 GMT
        Subject: CN=06C804941C5091E5F33EA77D17E9FF55B34724E7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:ee:1e:5c:5b:fd:d6:3c:e7:1c:f3:32:a3:9f:
                    9f:1a:d5:69:6e:48:14:42:69:96:6a:d1:de:14:36:
                    cb:ea:c7:81:d0:fb:9c:85:d7:40:8e:da:ef:b5:11:
                    3b:13:4e:44:87:fa:94:30:8d:2e:82:00:c9:22:00:
                    3a:29:66:d1:63:f8:44:4c:2a:8f:87:25:a3:06:2b:
                    b2:ed:39:a4:c0:d8:cf:05:09:3b:14:61:45:3e:f8:
                    46:ad:b9:aa:8f:8c:5b:0c:68:19:43:c6:6d:fa:7b:
                    07:19:20:a1:a5:06:9e:df:3b:23:b6:99:7b:59:5b:
                    32:8f:54:ea:97:ab:2f:c1:ab:16:83:d4:07:b5:f9:
                    a2:62:0d:ef:d4:01:0e:a9:55:66:cc:1c:5f:3a:ff:
                    67:cf:58:25:64:68:7c:58:de:02:ea:ac:53:e8:f5:
                    6d:9f:74:f4:89:d3:7a:73:6b:66:a5:73:c2:bd:02:
                    e8:3e:e1:24:6b:2a:e5:88:eb:9d:e0:d7:cb:24:4a:
                    3c:1d:dc:b6:24:40:be:60:33:d5:0f:c5:fc:f5:2b:
                    2d:bc:45:ab:26:be:a4:07:d9:cc:a7:08:a9:4e:37:
                    f5:bf:22:48:b5:91:0b:36:a7:75:8c:94:55:c8:b7:
                    55:ee:49:a8:ce:b4:e1:a6:04:45:74:a9:61:fb:24:
                    50:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:C8:04:94:1C:50:91:E5:F3:3E:A7:7D:17:E9:FF:55:B3:47:24:E7
            X509v3 Authority Key Identifier:
                keyid:C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e39312e302f32342d3234203d3e2033333536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.234.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:55:e2:3a:ef:27:a9:c2:c7:0b:15:cd:3f:a2:6b:df:2e:6d:
         cb:3b:2c:74:04:ec:14:cb:96:7c:21:1e:2d:00:cc:dd:01:a7:
         80:9a:1f:94:ce:f1:1e:0e:6e:ac:86:8e:83:ab:99:81:db:90:
         ff:29:b5:ef:7c:90:ed:ae:c5:ea:d5:62:cf:61:2b:49:67:8b:
         ee:67:2c:58:02:10:d4:3a:39:dd:ec:95:78:4a:38:3f:d2:41:
         3a:f7:16:49:24:c4:3e:f0:37:8f:c2:75:8e:ec:0a:da:9b:cf:
         41:e6:1d:55:9e:f4:1b:ab:00:57:23:34:a6:2f:f9:3c:d7:9a:
         ac:3a:23:c4:e8:69:9c:0a:9f:70:76:c0:98:2f:52:a1:0d:91:
         f8:d2:e4:c3:3b:51:8b:e0:93:4a:ac:f8:30:59:e6:0e:48:92:
         ed:c7:70:48:82:5b:8b:af:08:35:ba:7d:82:cf:7e:05:ce:f0:
         1e:6b:d5:36:b0:97:3b:dd:b5:95:c2:e2:79:98:1e:a8:f1:e4:
         95:8d:47:a1:4d:ab:78:8d:4e:c6:4a:fb:7a:3f:71:58:3a:ed:
         60:19:46:24:49:93:6b:27:6d:3e:78:70:38:b3:54:a4:69:0b:
         81:85:30:54:ba:39:a9:a3:0c:6c:c6:0a:2c:83:df:4f:4f:0d:
         e4:af:1a:15
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUdCdBGp2K4HnChoLdZ0ZnhBN73IowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg3QzU1QTQ0ODFGMTlDOUI2MTg0OTQ0QjE4N0IzODEz
QjdDRUM1NjAeFw0yNDAzMDUxNzU1NTdaFw0yNTAzMDQxODAwNTdaMDMxMTAvBgNV
BAMTKDA2QzgwNDk0MUM1MDkxRTVGMzNFQTc3RDE3RTlGRjU1QjM0NzI0RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY7h5cW/3WPOcc8zKjn58a1Wlu
SBRCaZZq0d4UNsvqx4HQ+5yF10CO2u+1ETsTTkSH+pQwjS6CAMkiADopZtFj+ERM
Ko+HJaMGK7LtOaTA2M8FCTsUYUU++EatuaqPjFsMaBlDxm36ewcZIKGlBp7fOyO2
mXtZWzKPVOqXqy/BqxaD1Ae1+aJiDe/UAQ6pVWbMHF86/2fPWCVkaHxY3gLqrFPo
9W2fdPSJ03pza2alc8K9Aug+4SRrKuWI653g18skSjwd3LYkQL5gM9UPxfz1Ky28
RasmvqQH2cynCKlON/W/Iki1kQs2p3WMlFXIt1XuSajOtOGmBEV0qWH7JFC3AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUBsgElBxQkeXzPqd9F+n/VbNHJOcwHwYDVR0j
BBgwFoAUyHxVpEgfGcm2GElEsYezgTt87FYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMEE2NkE2QTJBNkNGRTkzQzBGNkUzREZDMjBERDMzMUI1
ODBGQjIwMzgzQjYyRkU0QjI2QzAyOTRCNDY4N0M3LzAvQzg3QzU1QTQ0ODFGMTlD
OUI2MTg0OTQ0QjE4N0IzODEzQjdDRUM1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DODdDNTVBNDQ4MUYxOUM5QjYx
ODQ5NDRCMTg3QjM4MTNCN0NFQzU2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDBBNjZBNkEyQTZDRkU5M0MwRjZFM0RGQzIwREQzMzFCNTgwRkIyMDM4
M0I2MkZFNEIyNkMwMjk0QjQ2ODdDNy8wLzMyMzAzMTJlMzIzMzM0MmUzOTMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzMzM1MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADJ6lswDQYJ
KoZIhvcNAQELBQADggEBACJV4jrvJ6nCxwsVzT+ia98ubcs7LHQE7BTLlnwhHi0A
zN0Bp4CaH5TO8R4ObqyGjoOrmYHbkP8pte98kO2uxerVYs9hK0lni+5nLFgCENQ6
Od3slXhKOD/SQTr3FkkkxD7wN4/CdY7sCtqbz0HmHVWe9BurAFcjNKYv+TzXmqw6
I8ToaZwKn3B2wJgvUqENkfjS5MM7UYvgk0qs+DBZ5g5Iku3HcEiCW4uvCDW6fYLP
fgXO8B5r1TawlzvdtZXC4nmYHqjx5JWNR6FNq3iNTsZK+3o/cVg67WAZRiRJk2sn
bT54cDizVKRpC4GFMFS6OamjDGzGCiyD309PDeSvGhU=
-----END CERTIFICATE-----
Generated at Wed Nov 20 03:14:21 2024 by rpki-client on console-fra.rpki-client.org