Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/05DE10193EA69825A80D66FF6CDA6A07515E86293506DAA9B559CF742E8AD847/0/3230302e3131352e3139322e302f32302d3234203d3e203237373437.roa
File:                     3230302e3131352e3139322e302f32302d3234203d3e203237373437.roa (raw, json)
Hash identifier:          o14bkOemmFmYHPSeTY0f0QTvP04v03mLItLyruDxXto=
Subject key identifier:   A6:12:FA:F3:27:85:E0:32:62:22:FF:7C:F2:AF:91:B5:04:C5:75:C8
Certificate issuer:       /CN=2C0996B2CA5169CEA2CE5B99EAE24DBECDA37C89
Certificate serial:       09D9A0F154F00B66978B36FBC49C992DF64857E2
Authority key identifier: 2C:09:96:B2:CA:51:69:CE:A2:CE:5B:99:EA:E2:4D:BE:CD:A3:7C:89
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2C0996B2CA5169CEA2CE5B99EAE24DBECDA37C89.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/05DE10193EA69825A80D66FF6CDA6A07515E86293506DAA9B559CF742E8AD847/0/3230302e3131352e3139322e302f32302d3234203d3e203237373437.roa
Signing time:             Fri 28 Jun 2024 18:15:00 +0000
ROA not before:           Fri 28 Jun 2024 18:10:00 +0000
ROA not after:            Fri 27 Jun 2025 18:15:00 +0000
asID:                     27747
IP address blocks:        200.115.192.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/05DE10193EA69825A80D66FF6CDA6A07515E86293506DAA9B559CF742E8AD847/0/2C0996B2CA5169CEA2CE5B99EAE24DBECDA37C89.crl
                          rsync://repository.lacnic.net/rpki/lacnic/05DE10193EA69825A80D66FF6CDA6A07515E86293506DAA9B559CF742E8AD847/0/2C0996B2CA5169CEA2CE5B99EAE24DBECDA37C89.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2C0996B2CA5169CEA2CE5B99EAE24DBECDA37C89.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:d9:a0:f1:54:f0:0b:66:97:8b:36:fb:c4:9c:99:2d:f6:48:57:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2C0996B2CA5169CEA2CE5B99EAE24DBECDA37C89
        Validity
            Not Before: Jun 28 18:10:00 2024 GMT
            Not After : Jun 27 18:15:00 2025 GMT
        Subject: CN=A612FAF32785E0326222FF7CF2AF91B504C575C8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:37:90:d9:ea:0a:59:1b:48:ca:35:96:5a:be:
                    02:f5:00:70:f2:90:1a:68:ce:e5:60:de:82:f2:6d:
                    23:a5:65:9d:95:e1:b6:0a:03:69:61:d2:c3:c5:c7:
                    34:69:a3:ac:74:dc:b6:30:45:96:ff:77:27:68:1c:
                    b8:64:76:10:b6:60:f5:f7:e2:9b:72:e6:aa:d3:91:
                    12:b6:e9:03:ed:50:f4:b9:ec:f3:11:86:3d:46:a3:
                    39:23:b1:e8:10:b9:7b:91:03:ce:92:d5:4f:1e:ba:
                    0d:61:06:31:e6:74:2d:05:9c:6e:0f:31:74:4b:5f:
                    5c:d9:45:0d:b3:85:96:eb:a8:14:30:d4:d0:83:c7:
                    bf:7d:8b:72:66:b3:e0:2e:c1:ab:e6:69:60:2f:be:
                    28:dc:ed:39:91:85:ce:90:57:75:86:0e:79:8b:90:
                    45:25:18:c3:8d:08:0a:b1:d6:78:d2:61:56:b9:20:
                    84:01:11:cc:1a:1a:fb:71:dc:6c:aa:55:80:fa:b1:
                    20:ac:f0:86:d9:cf:86:2b:3f:1f:b1:dd:f6:79:66:
                    67:67:3a:fe:a7:6b:9a:5c:97:b1:60:f4:42:15:44:
                    72:0d:d8:fe:ed:9a:6e:d4:29:6f:1a:03:8b:fa:83:
                    08:8a:36:98:b1:83:17:e0:86:1f:33:d0:c8:6e:dc:
                    41:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:12:FA:F3:27:85:E0:32:62:22:FF:7C:F2:AF:91:B5:04:C5:75:C8
            X509v3 Authority Key Identifier:
                keyid:2C:09:96:B2:CA:51:69:CE:A2:CE:5B:99:EA:E2:4D:BE:CD:A3:7C:89

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/05DE10193EA69825A80D66FF6CDA6A07515E86293506DAA9B559CF742E8AD847/0/2C0996B2CA5169CEA2CE5B99EAE24DBECDA37C89.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2C0996B2CA5169CEA2CE5B99EAE24DBECDA37C89.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/05DE10193EA69825A80D66FF6CDA6A07515E86293506DAA9B559CF742E8AD847/0/3230302e3131352e3139322e302f32302d3234203d3e203237373437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.115.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         09:63:11:48:04:7e:df:e8:86:c8:82:c2:1a:0f:0a:71:85:83:
         17:6f:6d:50:fd:4f:0e:a8:84:06:bc:b7:8a:23:d6:be:10:f1:
         1a:27:37:e3:75:93:0b:ad:1e:eb:07:30:db:8c:59:9a:c9:fc:
         45:e3:73:86:0d:37:18:9f:8b:b7:e1:6c:66:23:35:c9:4d:a1:
         81:18:19:93:95:74:22:c8:f8:15:dd:14:b6:9f:ae:e0:00:2d:
         0f:0a:d6:f0:04:0d:6b:02:90:e3:0e:0b:89:d2:c0:0d:f8:10:
         76:d8:2c:1a:bf:a7:1b:c5:c5:e8:4e:d4:2c:16:18:b3:9e:22:
         13:82:c1:9d:b6:17:50:1c:3d:37:bd:7f:46:ef:84:18:c6:84:
         f2:38:4f:b4:54:3f:d6:66:b0:d7:12:0d:5b:5a:d4:8c:64:d8:
         64:1e:ee:b6:94:41:8e:80:13:6b:4c:37:26:d1:60:df:b2:88:
         4b:c2:e0:ff:ac:b4:8c:6f:05:5f:c1:54:e1:20:0b:ab:1f:d6:
         74:4d:0a:e8:21:0a:b3:49:79:c6:eb:24:4e:f7:48:e2:fc:f2:
         65:0e:24:61:84:23:b4:3a:88:ac:c7:8c:9f:b1:67:15:3f:68:
         b9:83:af:83:53:c6:b9:bf:40:eb:9e:0d:80:04:3b:46:70:1f:
         26:31:db:0d
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUCdmg8VTwC2aXizb7xJyZLfZIV+IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkMwOTk2QjJDQTUxNjlDRUEyQ0U1Qjk5RUFFMjREQkVD
REEzN0M4OTAeFw0yNDA2MjgxODEwMDBaFw0yNTA2MjcxODE1MDBaMDMxMTAvBgNV
BAMTKEE2MTJGQUYzMjc4NUUwMzI2MjIyRkY3Q0YyQUY5MUI1MDRDNTc1QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8N5DZ6gpZG0jKNZZavgL1AHDy
kBpozuVg3oLybSOlZZ2V4bYKA2lh0sPFxzRpo6x03LYwRZb/dydoHLhkdhC2YPX3
4pty5qrTkRK26QPtUPS57PMRhj1GozkjsegQuXuRA86S1U8eug1hBjHmdC0FnG4P
MXRLX1zZRQ2zhZbrqBQw1NCDx799i3Jms+AuwavmaWAvvijc7TmRhc6QV3WGDnmL
kEUlGMONCAqx1njSYVa5IIQBEcwaGvtx3GyqVYD6sSCs8IbZz4YrPx+x3fZ5Zmdn
Ov6na5pcl7Fg9EIVRHIN2P7tmm7UKW8aA4v6gwiKNpixgxfghh8z0Mhu3EH7AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUphL68yeF4DJiIv988q+RtQTFdcgwHwYDVR0j
BBgwFoAULAmWsspRac6izluZ6uJNvs2jfIkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wNURFMTAxOTNFQTY5ODI1QTgwRDY2RkY2Q0RBNkEwNzUx
NUU4NjI5MzUwNkRBQTlCNTU5Q0Y3NDJFOEFEODQ3LzAvMkMwOTk2QjJDQTUxNjlD
RUEyQ0U1Qjk5RUFFMjREQkVDREEzN0M4OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yQzA5OTZCMkNBNTE2OUNFQTJD
RTVCOTlFQUUyNERCRUNEQTM3Qzg5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDVERTEwMTkzRUE2OTgyNUE4MEQ2NkZGNkNEQTZBMDc1MTVFODYyOTM1
MDZEQUE5QjU1OUNGNzQyRThBRDg0Ny8wLzMyMzAzMDJlMzEzMTM1MmUzMTM5MzIy
ZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMjM3MzczNDM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEyHPA
MA0GCSqGSIb3DQEBCwUAA4IBAQAJYxFIBH7f6IbIgsIaDwpxhYMXb21Q/U8OqIQG
vLeKI9a+EPEaJzfjdZMLrR7rBzDbjFmayfxF43OGDTcYn4u34WxmIzXJTaGBGBmT
lXQiyPgV3RS2n67gAC0PCtbwBA1rApDjDguJ0sAN+BB22Cwav6cbxcXoTtQsFhiz
niITgsGdthdQHD03vX9G74QYxoTyOE+0VD/WZrDXEg1bWtSMZNhkHu62lEGOgBNr
TDcm0WDfsohLwuD/rLSMbwVfwVThIAurH9Z0TQroIQqzSXnG6yRO90ji/PJlDiRh
hCO0Ooisx4yfsWcVP2i5g6+DU8a5v0Drng2ABDtGcB8mMdsN
-----END CERTIFICATE-----
Generated at Tue Nov 19 23:16:56 2024 by rpki-client on console-ams.rpki-client.org