Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0C15FD84A7B1D129FCDFF7710B48414F7BB19EC348EAC2D29EEFA7C8E9B10D9E/0/3230302e3231352e3233322e302f32322d3234203d3e20323731393433.roa
File:                     3230302e3231352e3233322e302f32322d3234203d3e20323731393433.roa (raw, json)
Hash identifier:          7Na4yNOj0iJkuuP8yEMFyWzjprwiESRUA7cwRh7LgFs=
Subject key identifier:   E4:1B:89:E4:21:1B:42:AD:7C:2D:D1:FF:57:EC:CD:A5:9D:37:85:D8
Certificate issuer:       /CN=1BF98E25D84D87FB5D822B785EC286F20EDF99D7
Certificate serial:       40925FCC4505D81574668CA4E9107D6C17853F4F
Authority key identifier: 1B:F9:8E:25:D8:4D:87:FB:5D:82:2B:78:5E:C2:86:F2:0E:DF:99:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1BF98E25D84D87FB5D822B785EC286F20EDF99D7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0C15FD84A7B1D129FCDFF7710B48414F7BB19EC348EAC2D29EEFA7C8E9B10D9E/0/3230302e3231352e3233322e302f32322d3234203d3e20323731393433.roa
Signing time:             Tue 05 Mar 2024 17:46:19 +0000
ROA not before:           Tue 05 Mar 2024 17:41:19 +0000
ROA not after:            Tue 04 Mar 2025 17:46:19 +0000
asID:                     271943
IP address blocks:        200.215.232.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0C15FD84A7B1D129FCDFF7710B48414F7BB19EC348EAC2D29EEFA7C8E9B10D9E/0/1BF98E25D84D87FB5D822B785EC286F20EDF99D7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0C15FD84A7B1D129FCDFF7710B48414F7BB19EC348EAC2D29EEFA7C8E9B10D9E/0/1BF98E25D84D87FB5D822B785EC286F20EDF99D7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1BF98E25D84D87FB5D822B785EC286F20EDF99D7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 19:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:92:5f:cc:45:05:d8:15:74:66:8c:a4:e9:10:7d:6c:17:85:3f:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1BF98E25D84D87FB5D822B785EC286F20EDF99D7
        Validity
            Not Before: Mar  5 17:41:19 2024 GMT
            Not After : Mar  4 17:46:19 2025 GMT
        Subject: CN=E41B89E4211B42AD7C2DD1FF57ECCDA59D3785D8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:12:71:79:3b:c9:1a:94:11:88:1f:a1:ac:35:
                    18:c2:3a:0b:ad:18:ff:28:7b:5b:54:88:69:a5:ac:
                    c7:7a:af:aa:1a:e7:d1:42:01:c1:b9:b5:26:0a:be:
                    11:b5:5c:61:f9:d1:a0:09:21:f5:f6:74:a6:4d:03:
                    ad:79:4e:50:08:0a:a9:a2:72:99:8e:58:7b:1c:cb:
                    3d:b2:db:50:15:73:fd:52:14:e4:36:9a:c9:18:34:
                    60:23:8e:bc:a4:46:e7:d3:70:29:a1:9a:fb:ee:16:
                    4a:eb:da:1d:46:dc:62:ba:a7:61:a2:32:6e:7c:92:
                    89:d1:e4:5b:55:33:a9:eb:34:0d:68:9e:45:0e:bc:
                    21:57:ce:18:bc:91:f2:10:fc:7d:32:df:d1:d3:b0:
                    1a:37:dd:5b:f7:4c:b6:70:99:fa:be:f9:da:7b:53:
                    d5:62:b6:65:f2:32:6b:40:4d:8d:95:d7:00:db:9a:
                    d8:b5:9e:fb:3b:fb:e8:52:b1:f2:fb:14:d1:5e:8d:
                    a3:a9:ce:82:8c:cc:76:3d:40:d6:48:3d:23:a3:bc:
                    3f:b4:e1:c6:3e:9a:09:fa:81:cb:5c:b1:4d:4e:e1:
                    c8:76:e2:4e:00:1d:3f:cf:01:cb:b7:18:38:27:35:
                    ee:bf:db:5e:81:e2:bf:aa:11:19:3b:32:cf:15:e7:
                    96:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:1B:89:E4:21:1B:42:AD:7C:2D:D1:FF:57:EC:CD:A5:9D:37:85:D8
            X509v3 Authority Key Identifier:
                keyid:1B:F9:8E:25:D8:4D:87:FB:5D:82:2B:78:5E:C2:86:F2:0E:DF:99:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0C15FD84A7B1D129FCDFF7710B48414F7BB19EC348EAC2D29EEFA7C8E9B10D9E/0/1BF98E25D84D87FB5D822B785EC286F20EDF99D7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1BF98E25D84D87FB5D822B785EC286F20EDF99D7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0C15FD84A7B1D129FCDFF7710B48414F7BB19EC348EAC2D29EEFA7C8E9B10D9E/0/3230302e3231352e3233322e302f32322d3234203d3e20323731393433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.215.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         24:bb:4a:3c:fa:ca:fa:ee:e9:e9:54:77:90:74:c5:f1:0b:d0:
         b4:f5:8e:ef:01:21:87:12:0f:88:fd:c1:cb:74:46:61:ac:66:
         04:8b:6d:e9:29:3b:63:84:ec:b2:e7:dd:32:bf:f7:76:07:c3:
         f9:9c:3a:91:66:4e:57:71:82:a4:f9:8d:22:ba:c9:93:04:c9:
         93:d2:94:85:fa:2f:b1:58:e0:56:b4:05:e6:9a:71:76:85:2f:
         1b:59:a8:11:f6:15:40:9d:60:57:28:b9:a0:c9:51:2a:28:09:
         81:de:fd:c9:56:48:47:d6:9a:f9:22:71:c0:6e:49:ca:74:c8:
         58:8e:6a:7c:28:0f:0b:a4:f9:6d:83:80:b2:f9:92:b1:1d:2c:
         d7:60:72:69:18:7b:ee:cf:56:15:fb:90:7d:3f:e2:3b:05:23:
         fe:5c:b1:af:45:84:c2:48:91:3a:3d:fa:fe:a1:0c:12:b7:25:
         7a:75:38:30:45:6f:ef:7b:c4:02:ab:50:28:eb:c2:42:03:55:
         cc:ac:1b:f9:4b:16:c2:b6:03:7d:b4:d8:57:d4:92:94:03:32:
         19:e4:db:82:bf:e2:97:5c:76:c5:5c:16:3f:0f:a5:8c:75:b8:
         2f:61:f1:04:1a:f7:71:e6:76:c4:94:58:a4:7b:4e:be:c7:19:
         92:6c:bf:65
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUQJJfzEUF2BV0Zoyk6RB9bBeFP08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUJGOThFMjVEODREODdGQjVEODIyQjc4NUVDMjg2RjIw
RURGOTlENzAeFw0yNDAzMDUxNzQxMTlaFw0yNTAzMDQxNzQ2MTlaMDMxMTAvBgNV
BAMTKEU0MUI4OUU0MjExQjQyQUQ3QzJERDFGRjU3RUNDREE1OUQzNzg1RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkEnF5O8kalBGIH6GsNRjCOgut
GP8oe1tUiGmlrMd6r6oa59FCAcG5tSYKvhG1XGH50aAJIfX2dKZNA615TlAICqmi
cpmOWHscyz2y21AVc/1SFOQ2mskYNGAjjrykRufTcCmhmvvuFkrr2h1G3GK6p2Gi
Mm58konR5FtVM6nrNA1onkUOvCFXzhi8kfIQ/H0y39HTsBo33Vv3TLZwmfq++dp7
U9VitmXyMmtATY2V1wDbmti1nvs7++hSsfL7FNFejaOpzoKMzHY9QNZIPSOjvD+0
4cY+mgn6gctcsU1O4ch24k4AHT/PAcu3GDgnNe6/216B4r+qERk7Ms8V55YpAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU5BuJ5CEbQq18LdH/V+zNpZ03hdgwHwYDVR0j
BBgwFoAUG/mOJdhNh/tdgit4XsKG8g7fmdcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wQzE1RkQ4NEE3QjFEMTI5RkNERkY3NzEwQjQ4NDE0RjdC
QjE5RUMzNDhFQUMyRDI5RUVGQTdDOEU5QjEwRDlFLzAvMUJGOThFMjVEODREODdG
QjVEODIyQjc4NUVDMjg2RjIwRURGOTlENy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xQkY5OEUyNUQ4NEQ4N0ZCNUQ4
MjJCNzg1RUMyODZGMjBFREY5OUQ3LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEMxNUZEODRBN0IxRDEyOUZDREZGNzcxMEI0ODQxNEY3QkIxOUVDMzQ4
RUFDMkQyOUVFRkE3QzhFOUIxMEQ5RS8wLzMyMzAzMDJlMzIzMTM1MmUzMjMzMzIy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM3MzEzOTM0MzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALI
1+gwDQYJKoZIhvcNAQELBQADggEBACS7Sjz6yvru6elUd5B0xfEL0LT1ju8BIYcS
D4j9wct0RmGsZgSLbekpO2OE7LLn3TK/93YHw/mcOpFmTldxgqT5jSK6yZMEyZPS
lIX6L7FY4Fa0BeaacXaFLxtZqBH2FUCdYFcouaDJUSooCYHe/clWSEfWmvkiccBu
Scp0yFiOanwoDwuk+W2DgLL5krEdLNdgcmkYe+7PVhX7kH0/4jsFI/5csa9FhMJI
kTo9+v6hDBK3JXp1ODBFb+97xAKrUCjrwkIDVcysG/lLFsK2A3202FfUkpQDMhnk
24K/4pdcdsVcFj8PpYx1uC9h8QQa93HmdsSUWKR7Tr7HGZJsv2U=
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:22:24 2024 by rpki-client on console-ams.rpki-client.org