Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131382e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3131382e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          YPw90EqxT2GN4IuTsyJXrMQB+QB26fJIJ5WimnSqzBI=
Subject key identifier:   43:6D:7C:46:B9:68:A2:D0:25:3A:24:F8:EC:BB:F1:CC:E7:56:F1:84
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       3E021814FB829A4DDE6B6BDE7FF93B2E024E0023
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131382e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 05 Mar 2024 17:40:15 +0000
ROA not before:           Tue 05 Mar 2024 17:35:15 +0000
ROA not after:            Tue 04 Mar 2025 17:40:15 +0000
asID:                     27823
IP address blocks:        200.58.118.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:02:18:14:fb:82:9a:4d:de:6b:6b:de:7f:f9:3b:2e:02:4e:00:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Mar  5 17:35:15 2024 GMT
            Not After : Mar  4 17:40:15 2025 GMT
        Subject: CN=436D7C46B968A2D0253A24F8ECBBF1CCE756F184
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:d6:41:30:3c:22:1a:1e:3b:2e:94:8a:92:ff:
                    2f:e1:ea:fa:2b:0a:5c:5c:af:8d:22:06:49:ec:83:
                    25:5b:ad:74:a4:6a:4c:1f:6f:32:b6:4d:69:39:28:
                    1d:3a:ef:80:26:b9:0a:6c:5f:69:5e:a8:45:cf:00:
                    c5:83:99:f2:9f:c2:1b:2b:27:54:95:34:6d:d1:12:
                    0c:b5:2f:73:b9:cb:ec:98:9e:c1:67:d4:a0:ef:0c:
                    77:5c:7f:88:c5:98:12:b2:d0:db:61:8e:83:68:3e:
                    0b:82:43:d5:56:3d:64:ba:3f:e3:79:52:ab:a9:80:
                    49:87:a9:9f:90:2c:ec:f6:af:06:a8:32:63:a9:93:
                    f0:4a:d1:7c:ed:d7:ad:77:30:ff:10:16:7e:8a:d8:
                    4e:03:8b:82:4a:6f:a6:10:0a:27:75:2e:21:df:58:
                    38:20:a6:1e:45:00:9e:fa:91:83:6a:48:5e:b8:d0:
                    27:33:c9:26:05:4c:83:a5:94:c6:33:78:72:e5:5a:
                    23:65:89:b0:e6:8c:70:48:eb:2f:a8:ca:68:18:12:
                    12:70:1e:52:0b:68:96:c6:d1:98:ea:a9:a3:47:ab:
                    f0:48:b7:c9:c6:90:05:f7:3d:44:42:cb:ab:6a:38:
                    ca:5a:39:6b:a2:12:42:81:ae:74:96:d7:1c:8f:cb:
                    e7:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:6D:7C:46:B9:68:A2:D0:25:3A:24:F8:EC:BB:F1:CC:E7:56:F1:84
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131382e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:49:a2:64:fd:f8:38:a0:19:eb:3a:66:4e:c9:44:92:46:2f:
         1b:f4:af:16:14:24:a3:37:b2:a9:5a:5b:02:ae:3f:61:1c:de:
         a8:87:37:fc:e5:cc:f8:dc:c1:a9:38:d1:6e:28:02:a7:99:4b:
         fc:4b:75:92:4e:15:a3:58:a8:92:12:2c:79:c6:bf:e0:10:d5:
         0d:38:c2:9f:b9:59:1c:5c:8e:22:64:6c:ef:6d:53:bb:83:0b:
         b9:59:6d:90:a9:2a:67:a1:87:68:a7:18:46:0a:de:03:61:99:
         4a:2e:b3:ad:1b:e9:e1:42:d9:88:5e:25:c3:6c:bf:47:e4:8d:
         1d:6a:ff:04:1b:0b:52:3f:eb:54:44:8f:ee:3c:4f:f8:43:e3:
         37:da:1f:87:c0:a5:8e:8e:47:43:3e:35:b0:f6:c4:07:83:1c:
         59:ba:62:c7:1f:18:20:02:32:28:cd:eb:9f:1c:14:22:d3:15:
         10:92:45:ad:76:67:ac:0a:90:f2:20:a6:fa:52:52:22:8f:5d:
         d5:0f:b0:7c:a9:c3:5b:b1:5b:2f:1a:d8:0a:30:cc:9d:9a:1c:
         69:56:a1:09:b1:39:90:6d:23:e7:58:86:bd:31:7c:89:f0:90:
         d1:71:26:6e:ac:7e:7e:a6:7b:6c:d4:2b:4b:3e:b3:92:d9:9c:
         c7:0c:ca:4a
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUPgIYFPuCmk3ea2vef/k7LgJOACMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNDAzMDUxNzM1MTVaFw0yNTAzMDQxNzQwMTVaMDMxMTAvBgNV
BAMTKDQzNkQ3QzQ2Qjk2OEEyRDAyNTNBMjRGOEVDQkJGMUNDRTc1NkYxODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu1kEwPCIaHjsulIqS/y/h6vor
Clxcr40iBknsgyVbrXSkakwfbzK2TWk5KB0674AmuQpsX2leqEXPAMWDmfKfwhsr
J1SVNG3REgy1L3O5y+yYnsFn1KDvDHdcf4jFmBKy0NthjoNoPguCQ9VWPWS6P+N5
UqupgEmHqZ+QLOz2rwaoMmOpk/BK0Xzt1613MP8QFn6K2E4Di4JKb6YQCid1LiHf
WDggph5FAJ76kYNqSF640CczySYFTIOllMYzeHLlWiNlibDmjHBI6y+oymgYEhJw
HlILaJbG0ZjqqaNHq/BIt8nGkAX3PURCy6tqOMpaOWuiEkKBrnSW1xyPy+fjAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUQ218RrlootAlOiT47LvxzOdW8YQwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMTM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6djAN
BgkqhkiG9w0BAQsFAAOCAQEAsUmiZP34OKAZ6zpmTslEkkYvG/SvFhQkozeyqVpb
Aq4/YRzeqIc3/OXM+NzBqTjRbigCp5lL/Et1kk4Vo1iokhIseca/4BDVDTjCn7lZ
HFyOImRs721Tu4MLuVltkKkqZ6GHaKcYRgreA2GZSi6zrRvp4ULZiF4lw2y/R+SN
HWr/BBsLUj/rVESP7jxP+EPjN9ofh8Cljo5HQz41sPbEB4McWbpixx8YIAIyKM3r
nxwUItMVEJJFrXZnrAqQ8iCm+lJSIo9d1Q+wfKnDW7FbLxrYCjDMnZocaVahCbE5
kG0j51iGvTF8ifCQ0XEmbqx+fqZ7bNQrSz6zktmcxwzKSg==
-----END CERTIFICATE-----
Generated at Wed Nov 20 06:22:13 2024 by rpki-client on console-ams.rpki-client.org