Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/103C4FFE8F3FFFA4F8F3FBD4DED3EDD0D8232E29429547E80EDF1F23E23C0D1A/0/3230302e31342e34352e302f32342d3234203d3e203237383130.roa
File:                     3230302e31342e34352e302f32342d3234203d3e203237383130.roa (raw, json)
Hash identifier:          fDWR5+6aqBcJ4podzVTu5FqBDiEVxkETMwatDPk/Y8s=
Subject key identifier:   74:5F:D2:19:C4:32:1F:C1:01:65:E5:14:5A:E3:80:A3:65:8B:37:9B
Certificate issuer:       /CN=ACFD9D629DD7DC5504C90BEB82187223A99FEEA7
Certificate serial:       4089E24F8C77799A464C1C449F03437BD3C2DCB5
Authority key identifier: AC:FD:9D:62:9D:D7:DC:55:04:C9:0B:EB:82:18:72:23:A9:9F:EE:A7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/ACFD9D629DD7DC5504C90BEB82187223A99FEEA7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/103C4FFE8F3FFFA4F8F3FBD4DED3EDD0D8232E29429547E80EDF1F23E23C0D1A/0/3230302e31342e34352e302f32342d3234203d3e203237383130.roa
Signing time:             Tue 05 Mar 2024 18:11:13 +0000
ROA not before:           Tue 05 Mar 2024 18:06:13 +0000
ROA not after:            Tue 04 Mar 2025 18:11:13 +0000
asID:                     27810
IP address blocks:        200.14.45.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/103C4FFE8F3FFFA4F8F3FBD4DED3EDD0D8232E29429547E80EDF1F23E23C0D1A/0/ACFD9D629DD7DC5504C90BEB82187223A99FEEA7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/103C4FFE8F3FFFA4F8F3FBD4DED3EDD0D8232E29429547E80EDF1F23E23C0D1A/0/ACFD9D629DD7DC5504C90BEB82187223A99FEEA7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/ACFD9D629DD7DC5504C90BEB82187223A99FEEA7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:89:e2:4f:8c:77:79:9a:46:4c:1c:44:9f:03:43:7b:d3:c2:dc:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ACFD9D629DD7DC5504C90BEB82187223A99FEEA7
        Validity
            Not Before: Mar  5 18:06:13 2024 GMT
            Not After : Mar  4 18:11:13 2025 GMT
        Subject: CN=745FD219C4321FC10165E5145AE380A3658B379B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:1e:51:a2:8a:8d:cd:b8:eb:5f:f2:99:02:33:
                    88:50:a4:cb:3e:77:37:9e:c2:aa:78:35:3f:5a:35:
                    9d:00:d2:d0:35:f1:6e:7b:88:ed:7e:c8:cd:54:d0:
                    6e:7c:78:35:98:13:5c:d7:c8:f6:20:95:b8:7e:14:
                    28:6c:0b:96:92:d7:93:4a:84:67:58:20:65:94:93:
                    50:85:17:84:38:6e:00:88:de:26:aa:4c:5d:1d:9b:
                    0c:16:8f:93:4a:b5:ee:9d:ea:05:cb:85:a5:d8:89:
                    b3:59:32:ad:99:75:70:a2:e1:2c:89:df:52:e6:34:
                    7c:73:bf:dc:cb:f0:08:fe:36:96:c4:b3:a4:bd:7c:
                    a9:52:c9:ad:06:7a:75:ec:85:58:27:a2:f2:07:12:
                    2a:9a:0c:34:fb:09:52:76:ff:db:70:54:61:ca:5f:
                    fd:ad:2b:2a:08:92:55:f5:41:cf:32:18:72:60:72:
                    29:7d:e0:e3:d9:cb:9b:cc:58:d8:06:a8:b2:45:ed:
                    01:0c:fa:86:9f:7d:01:45:7c:58:0e:df:f1:38:5c:
                    b4:65:70:34:73:89:12:8d:67:e8:36:8c:db:76:dc:
                    94:17:9d:4b:e1:27:bd:f6:de:eb:bc:8d:65:17:11:
                    cd:b1:fb:2d:e3:47:6f:6e:06:1d:18:39:84:ea:11:
                    32:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:5F:D2:19:C4:32:1F:C1:01:65:E5:14:5A:E3:80:A3:65:8B:37:9B
            X509v3 Authority Key Identifier:
                keyid:AC:FD:9D:62:9D:D7:DC:55:04:C9:0B:EB:82:18:72:23:A9:9F:EE:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/103C4FFE8F3FFFA4F8F3FBD4DED3EDD0D8232E29429547E80EDF1F23E23C0D1A/0/ACFD9D629DD7DC5504C90BEB82187223A99FEEA7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/ACFD9D629DD7DC5504C90BEB82187223A99FEEA7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/103C4FFE8F3FFFA4F8F3FBD4DED3EDD0D8232E29429547E80EDF1F23E23C0D1A/0/3230302e31342e34352e302f32342d3234203d3e203237383130.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.14.45.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:4c:71:a0:19:5b:71:9a:d5:cf:d0:0a:12:17:cc:1e:28:1a:
         27:31:08:a5:b9:21:33:f2:e5:23:36:18:db:d6:be:5b:68:ea:
         9b:11:a3:0e:82:8d:fc:72:91:0a:34:51:d3:6d:10:ec:1c:31:
         a3:ca:75:1e:d9:e4:2a:53:b7:b1:a5:5c:a4:d8:67:aa:09:8e:
         e2:fc:91:6c:79:df:10:bd:95:9c:e1:be:13:5b:49:10:fa:b4:
         25:81:a0:1c:fa:63:fa:07:38:12:83:3e:b8:da:bf:5e:ba:6b:
         0d:da:50:e3:ec:4a:81:7a:e9:2f:b2:11:51:a0:cd:e4:45:26:
         cd:80:d4:8e:7d:ba:a5:97:f5:b0:e0:33:62:2a:18:28:b8:66:
         ac:b5:88:d0:0e:91:06:c9:1c:fc:2a:09:8c:cb:07:a4:2a:a1:
         6b:a7:7b:87:84:70:0c:ec:ec:bd:ab:4c:66:ef:0c:9c:cd:63:
         51:ca:85:38:df:12:5c:a1:32:d3:11:40:cc:75:81:f0:c1:ca:
         b7:83:d4:f1:d7:a8:b1:6e:33:30:ee:51:12:c0:cc:c1:63:a2:
         dc:24:9a:63:1c:df:ae:a7:f0:4f:44:f2:71:c7:96:6b:26:9e:
         2b:11:3a:bd:99:1d:d8:9c:e6:c4:95:2c:38:17:92:36:c7:8b:
         b2:23:ae:ef
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUQIniT4x3eZpGTBxEnwNDe9PC3LUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUNGRDlENjI5REQ3REM1NTA0QzkwQkVCODIxODcyMjNB
OTlGRUVBNzAeFw0yNDAzMDUxODA2MTNaFw0yNTAzMDQxODExMTNaMDMxMTAvBgNV
BAMTKDc0NUZEMjE5QzQzMjFGQzEwMTY1RTUxNDVBRTM4MEEzNjU4QjM3OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9HlGiio3NuOtf8pkCM4hQpMs+
dzeewqp4NT9aNZ0A0tA18W57iO1+yM1U0G58eDWYE1zXyPYglbh+FChsC5aS15NK
hGdYIGWUk1CFF4Q4bgCI3iaqTF0dmwwWj5NKte6d6gXLhaXYibNZMq2ZdXCi4SyJ
31LmNHxzv9zL8Aj+NpbEs6S9fKlSya0GenXshVgnovIHEiqaDDT7CVJ2/9twVGHK
X/2tKyoIklX1Qc8yGHJgcil94OPZy5vMWNgGqLJF7QEM+oaffQFFfFgO3/E4XLRl
cDRziRKNZ+g2jNt23JQXnUvhJ7323uu8jWUXEc2x+y3jR29uBh0YOYTqETKDAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUdF/SGcQyH8EBZeUUWuOAo2WLN5swHwYDVR0j
BBgwFoAUrP2dYp3X3FUEyQvrghhyI6mf7qcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMDNDNEZGRThGM0ZGRkE0RjhGM0ZCRDRERUQzRUREMEQ4
MjMyRTI5NDI5NTQ3RTgwRURGMUYyM0UyM0MwRDFBLzAvQUNGRDlENjI5REQ3REM1
NTA0QzkwQkVCODIxODcyMjNBOTlGRUVBNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BQ0ZEOUQ2MjlERDdEQzU1MDRD
OTBCRUI4MjE4NzIyM0E5OUZFRUE3LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTAzQzRGRkU4RjNGRkZBNEY4RjNGQkQ0REVEM0VERDBEODIzMkUyOTQy
OTU0N0U4MEVERjFGMjNFMjNDMEQxQS8wLzMyMzAzMDJlMzEzNDJlMzQzNTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczODMxMzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIDi0wDQYJ
KoZIhvcNAQELBQADggEBAHNMcaAZW3Ga1c/QChIXzB4oGicxCKW5ITPy5SM2GNvW
vlto6psRow6CjfxykQo0UdNtEOwcMaPKdR7Z5CpTt7GlXKTYZ6oJjuL8kWx53xC9
lZzhvhNbSRD6tCWBoBz6Y/oHOBKDPrjav166aw3aUOPsSoF66S+yEVGgzeRFJs2A
1I59uqWX9bDgM2IqGCi4Zqy1iNAOkQbJHPwqCYzLB6QqoWune4eEcAzs7L2rTGbv
DJzNY1HKhTjfElyhMtMRQMx1gfDByreD1PHXqLFuMzDuURLAzMFjotwkmmMc366n
8E9E8nHHlmsmnisROr2ZHdic5sSVLDgXkjbHi7Ijru8=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:56:51 2024 by rpki-client on console-fra.rpki-client.org