Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0C966AF2D667C71DB8F7DC6CBE7AA3B54C9A1341ACA871B57B438DF8EAC761DC/0/3230302e3139322e3233362e302f32322d3232203d3e20323633323438.roa
File:                     3230302e3139322e3233362e302f32322d3232203d3e20323633323438.roa (raw, json)
Hash identifier:          rTk5Ju7ypg1OOkO/ATVIMQhljVSv+AqrkotR/dUdsrQ=
Subject key identifier:   00:EB:CC:36:C7:F5:5D:A3:F9:91:BF:EB:0B:F5:52:2E:61:BE:B5:20
Certificate issuer:       /CN=A4EC8475F98014B965F34B25A2A68F58AAEE199B
Certificate serial:       6DD5674F70E56331ADCE0BDCBD228627338E31F3
Authority key identifier: A4:EC:84:75:F9:80:14:B9:65:F3:4B:25:A2:A6:8F:58:AA:EE:19:9B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A4EC8475F98014B965F34B25A2A68F58AAEE199B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0C966AF2D667C71DB8F7DC6CBE7AA3B54C9A1341ACA871B57B438DF8EAC761DC/0/3230302e3139322e3233362e302f32322d3232203d3e20323633323438.roa
Signing time:             Tue 05 Mar 2024 17:40:51 +0000
ROA not before:           Tue 05 Mar 2024 17:35:51 +0000
ROA not after:            Tue 04 Mar 2025 17:40:51 +0000
asID:                     263248
IP address blocks:        200.192.236.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0C966AF2D667C71DB8F7DC6CBE7AA3B54C9A1341ACA871B57B438DF8EAC761DC/0/A4EC8475F98014B965F34B25A2A68F58AAEE199B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0C966AF2D667C71DB8F7DC6CBE7AA3B54C9A1341ACA871B57B438DF8EAC761DC/0/A4EC8475F98014B965F34B25A2A68F58AAEE199B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A4EC8475F98014B965F34B25A2A68F58AAEE199B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:d5:67:4f:70:e5:63:31:ad:ce:0b:dc:bd:22:86:27:33:8e:31:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A4EC8475F98014B965F34B25A2A68F58AAEE199B
        Validity
            Not Before: Mar  5 17:35:51 2024 GMT
            Not After : Mar  4 17:40:51 2025 GMT
        Subject: CN=00EBCC36C7F55DA3F991BFEB0BF5522E61BEB520
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:1d:56:01:60:97:ca:ab:03:0e:08:20:c3:08:
                    87:4c:a6:73:ae:c2:7e:e2:5e:de:db:ee:04:ee:76:
                    a1:26:70:58:ab:5f:05:bf:60:65:7f:59:45:51:ca:
                    5f:33:69:ae:9e:bf:ee:1f:c0:e4:7d:6d:56:5f:26:
                    54:16:34:68:b9:2b:bb:38:66:0d:7e:2c:55:0c:f9:
                    ba:c4:57:44:44:ad:51:ef:84:b8:33:e0:e3:8d:34:
                    12:9b:e4:62:6f:e7:fe:46:48:8f:19:d6:9b:91:37:
                    e6:c8:d7:4a:8f:63:7d:a6:50:ee:21:3e:dd:1e:d9:
                    d6:ff:27:c6:60:ee:f7:1d:33:94:c5:d8:a5:b2:85:
                    1c:ce:81:5f:01:1a:e4:03:70:37:05:05:42:f3:ed:
                    e8:c1:44:6f:ae:1d:df:45:cd:07:6c:a3:b0:4b:8e:
                    6f:2c:1c:44:00:91:9b:7b:06:a6:25:74:66:b6:fb:
                    80:30:3e:41:d8:58:67:76:72:a4:c4:9e:8e:26:3c:
                    90:5d:aa:ab:0a:6d:a4:07:01:a8:6a:1e:bf:74:df:
                    83:5d:6f:92:0b:8f:a3:7d:dd:1b:60:bf:73:07:a9:
                    f2:e3:27:8f:43:c4:b9:1d:5d:2e:a4:8d:73:e2:f1:
                    05:31:00:79:8a:70:41:a2:8a:2d:69:25:d9:5e:6d:
                    e3:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:EB:CC:36:C7:F5:5D:A3:F9:91:BF:EB:0B:F5:52:2E:61:BE:B5:20
            X509v3 Authority Key Identifier:
                keyid:A4:EC:84:75:F9:80:14:B9:65:F3:4B:25:A2:A6:8F:58:AA:EE:19:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0C966AF2D667C71DB8F7DC6CBE7AA3B54C9A1341ACA871B57B438DF8EAC761DC/0/A4EC8475F98014B965F34B25A2A68F58AAEE199B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A4EC8475F98014B965F34B25A2A68F58AAEE199B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0C966AF2D667C71DB8F7DC6CBE7AA3B54C9A1341ACA871B57B438DF8EAC761DC/0/3230302e3139322e3233362e302f32322d3232203d3e20323633323438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.192.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4c:da:2c:35:8f:7d:c6:f8:8a:89:ba:6c:c2:1f:3b:0b:47:2d:
         ce:62:a6:5b:c9:2c:cf:d0:cc:23:a6:73:55:2c:2f:72:55:06:
         7c:04:0f:6a:3e:79:35:14:66:9f:4a:d6:3b:79:e3:b9:c9:ac:
         6a:6f:34:ab:d8:32:c7:69:e9:b1:5a:c3:27:40:d1:6f:67:8f:
         9c:e7:6e:84:49:5e:37:76:b6:a0:d2:e8:17:8f:41:56:d7:79:
         66:a5:07:e7:12:69:71:5f:bb:dc:0c:15:6d:4c:fb:27:3a:3b:
         51:7c:07:63:7c:ee:fe:d2:5f:5e:2d:e2:18:4d:95:56:af:dd:
         2d:3f:d6:81:71:95:41:bc:64:b8:2d:c9:1a:79:2a:f9:a6:34:
         38:fb:5a:e4:9c:f0:ec:47:96:20:45:a7:8c:c1:5d:bd:39:8c:
         e1:31:87:3b:9e:d9:b2:98:11:d6:0f:c5:98:38:16:7b:e4:d4:
         9e:12:00:d3:6e:c0:51:37:37:4e:35:de:a6:f6:c9:3b:ff:a8:
         30:9f:f0:24:f8:77:f2:85:3f:d6:68:59:59:0e:a6:0a:1b:c9:
         08:e8:b7:e7:82:08:49:b8:76:f3:32:96:c5:f2:06:a2:54:10:
         4a:69:02:8b:73:a9:a6:1a:e0:b9:7e:25:f3:63:d7:fb:ca:2e:
         22:ed:c7:ef
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUbdVnT3DlYzGtzgvcvSKGJzOOMfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTRFQzg0NzVGOTgwMTRCOTY1RjM0QjI1QTJBNjhGNThB
QUVFMTk5QjAeFw0yNDAzMDUxNzM1NTFaFw0yNTAzMDQxNzQwNTFaMDMxMTAvBgNV
BAMTKDAwRUJDQzM2QzdGNTVEQTNGOTkxQkZFQjBCRjU1MjJFNjFCRUI1MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXHVYBYJfKqwMOCCDDCIdMpnOu
wn7iXt7b7gTudqEmcFirXwW/YGV/WUVRyl8zaa6ev+4fwOR9bVZfJlQWNGi5K7s4
Zg1+LFUM+brEV0RErVHvhLgz4OONNBKb5GJv5/5GSI8Z1puRN+bI10qPY32mUO4h
Pt0e2db/J8Zg7vcdM5TF2KWyhRzOgV8BGuQDcDcFBULz7ejBRG+uHd9FzQdso7BL
jm8sHEQAkZt7BqYldGa2+4AwPkHYWGd2cqTEno4mPJBdqqsKbaQHAahqHr9034Nd
b5ILj6N93Rtgv3MHqfLjJ49DxLkdXS6kjXPi8QUxAHmKcEGiii1pJdlebeMvAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUAOvMNsf1XaP5kb/rC/VSLmG+tSAwHwYDVR0j
BBgwFoAUpOyEdfmAFLll80sloqaPWKruGZswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wQzk2NkFGMkQ2NjdDNzFEQjhGN0RDNkNCRTdBQTNCNTRD
OUExMzQxQUNBODcxQjU3QjQzOERGOEVBQzc2MURDLzAvQTRFQzg0NzVGOTgwMTRC
OTY1RjM0QjI1QTJBNjhGNThBQUVFMTk5Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNEVDODQ3NUY5ODAxNEI5NjVG
MzRCMjVBMkE2OEY1OEFBRUUxOTlCLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEM5NjZBRjJENjY3QzcxREI4RjdEQzZDQkU3QUEzQjU0QzlBMTM0MUFD
QTg3MUI1N0I0MzhERjhFQUM3NjFEQy8wLzMyMzAzMDJlMzEzOTMyMmUzMjMzMzYy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM2MzMzMjM0Mzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALI
wOwwDQYJKoZIhvcNAQELBQADggEBAEzaLDWPfcb4iom6bMIfOwtHLc5iplvJLM/Q
zCOmc1UsL3JVBnwED2o+eTUUZp9K1jt547nJrGpvNKvYMsdp6bFawydA0W9nj5zn
boRJXjd2tqDS6BePQVbXeWalB+cSaXFfu9wMFW1M+yc6O1F8B2N87v7SX14t4hhN
lVav3S0/1oFxlUG8ZLgtyRp5KvmmNDj7WuSc8OxHliBFp4zBXb05jOExhzue2bKY
EdYPxZg4Fnvk1J4SANNuwFE3N0413qb2yTv/qDCf8CT4d/KFP9ZoWVkOpgobyQjo
t+eCCEm4dvMylsXyBqJUEEppAotzqaYa4Ll+JfNj1/vKLiLtx+8=
-----END CERTIFICATE-----
Generated at Wed Nov 20 01:20:20 2024 by rpki-client on console-ams.rpki-client.org