Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/18D46FB38FCEA5E7E88051DAEC3F0E7A5884A6A872D3AA48DE664F81A7D64DDA/0/3230342e3135332e32342e302f32332d3234203d3e203133353739.roa
File:                     3230342e3135332e32342e302f32332d3234203d3e203133353739.roa (raw, json)
Hash identifier:          q6KoRVLviE7H/BflL1q+QRtl974/rnCx0mc5W0N3vZY=
Subject key identifier:   9F:A8:F3:DD:EC:EF:21:7C:11:F6:E2:5E:C1:0F:4D:D7:D8:28:F8:E4
Certificate issuer:       /CN=C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA
Certificate serial:       35C63EF092F3F047E6D0D0E2902F1A036D1CC636
Authority key identifier: C2:FE:C7:92:F3:5A:A2:4D:1C:CC:16:C8:43:2F:4B:D4:4B:DF:CE:FA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/18D46FB38FCEA5E7E88051DAEC3F0E7A5884A6A872D3AA48DE664F81A7D64DDA/0/3230342e3135332e32342e302f32332d3234203d3e203133353739.roa
Signing time:             Tue 30 Jul 2024 22:35:01 +0000
ROA not before:           Tue 30 Jul 2024 22:30:01 +0000
ROA not after:            Tue 29 Jul 2025 22:35:01 +0000
asID:                     13579
IP address blocks:        204.153.24.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/18D46FB38FCEA5E7E88051DAEC3F0E7A5884A6A872D3AA48DE664F81A7D64DDA/0/C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/18D46FB38FCEA5E7E88051DAEC3F0E7A5884A6A872D3AA48DE664F81A7D64DDA/0/C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:c6:3e:f0:92:f3:f0:47:e6:d0:d0:e2:90:2f:1a:03:6d:1c:c6:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA
        Validity
            Not Before: Jul 30 22:30:01 2024 GMT
            Not After : Jul 29 22:35:01 2025 GMT
        Subject: CN=9FA8F3DDECEF217C11F6E25EC10F4DD7D828F8E4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:e9:23:d7:33:65:a7:eb:34:c2:9c:a0:75:70:
                    30:f7:b7:50:34:3d:74:11:f3:61:fb:7d:90:e3:40:
                    f1:11:99:b5:b6:d9:1c:54:9a:eb:32:4c:03:07:c2:
                    17:fb:8f:c1:66:19:c9:61:e0:ed:71:a6:c1:1d:26:
                    b0:c6:a6:ca:b9:71:b3:02:b3:95:98:c3:51:61:34:
                    0d:17:82:cc:7b:99:3d:b3:85:26:29:5c:b6:ae:f2:
                    c3:08:c0:24:83:31:d5:29:19:28:e9:84:14:df:77:
                    fa:84:03:cb:04:45:25:87:d8:d6:53:02:1e:84:0b:
                    6d:f5:d6:b4:fd:3f:59:77:8a:64:7c:6c:e0:7d:6e:
                    8c:a8:c2:61:2a:4e:df:94:0b:64:91:4f:b4:55:79:
                    43:ef:25:42:87:83:ca:f0:28:e8:ee:aa:68:fc:b5:
                    9d:70:f8:5f:5f:d0:6f:7d:8e:97:e6:e4:7a:ce:cd:
                    c5:12:c8:52:21:c1:86:fa:fe:f5:1e:af:70:07:f5:
                    a0:e6:cc:71:ab:32:5b:c7:e8:a8:a2:66:68:4d:0a:
                    b3:29:ad:01:3f:2c:77:77:92:ba:05:a9:a6:ec:64:
                    7b:9d:1b:a6:ca:9e:f0:e4:63:65:97:58:69:9f:ec:
                    e4:32:a4:b0:81:e7:85:c9:aa:ab:91:d4:97:e5:f1:
                    7b:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:A8:F3:DD:EC:EF:21:7C:11:F6:E2:5E:C1:0F:4D:D7:D8:28:F8:E4
            X509v3 Authority Key Identifier:
                keyid:C2:FE:C7:92:F3:5A:A2:4D:1C:CC:16:C8:43:2F:4B:D4:4B:DF:CE:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/18D46FB38FCEA5E7E88051DAEC3F0E7A5884A6A872D3AA48DE664F81A7D64DDA/0/C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/18D46FB38FCEA5E7E88051DAEC3F0E7A5884A6A872D3AA48DE664F81A7D64DDA/0/3230342e3135332e32342e302f32332d3234203d3e203133353739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.153.24.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2a:a9:50:5e:d7:6d:0f:76:ed:b7:29:c1:06:d9:35:16:7f:5c:
         72:21:74:9e:c9:5b:00:c4:8b:7d:04:b8:67:a0:02:36:ab:b4:
         f5:a7:54:2c:92:98:aa:b5:cd:f0:99:48:22:cb:f0:d1:2a:6f:
         ea:1e:3b:3d:62:85:8f:94:10:e9:13:3f:4a:d1:10:f3:55:5c:
         3e:94:d8:5c:22:10:ae:14:f3:28:ee:d4:90:b8:33:02:c1:fa:
         c8:c0:fb:5a:1c:63:45:d6:34:8f:92:b3:11:8b:e3:51:4a:1f:
         1e:5c:8c:b8:7b:94:83:ec:8c:ee:df:98:b9:d7:e2:9c:1b:79:
         9c:34:bb:f2:06:58:6b:67:2d:ac:c5:7b:d0:2a:e9:ce:4f:1f:
         2e:38:04:76:1f:d1:b9:34:9b:21:98:2b:91:98:22:08:b1:bf:
         4c:ef:77:a8:a9:0b:79:d2:3a:b8:7b:80:6d:e6:e1:82:a4:ac:
         9a:eb:9c:fc:6b:78:5a:dd:d2:bd:78:07:3b:9d:00:06:89:35:
         04:78:b8:3e:b7:8b:62:6d:aa:ee:0e:32:45:f4:de:66:f3:86:
         d3:39:88:5f:a9:93:32:66:53:59:0c:4a:46:47:c3:1b:7f:8f:
         91:d6:91:b9:fe:2d:e9:c2:b8:f1:f0:4c:57:ca:8c:06:59:2d:
         be:5f:29:41
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUNcY+8JLz8Efm0NDikC8aA20cxjYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJGRUM3OTJGMzVBQTI0RDFDQ0MxNkM4NDMyRjRCRDQ0
QkRGQ0VGQTAeFw0yNDA3MzAyMjMwMDFaFw0yNTA3MjkyMjM1MDFaMDMxMTAvBgNV
BAMTKDlGQThGM0RERUNFRjIxN0MxMUY2RTI1RUMxMEY0REQ3RDgyOEY4RTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD86SPXM2Wn6zTCnKB1cDD3t1A0
PXQR82H7fZDjQPERmbW22RxUmusyTAMHwhf7j8FmGclh4O1xpsEdJrDGpsq5cbMC
s5WYw1FhNA0Xgsx7mT2zhSYpXLau8sMIwCSDMdUpGSjphBTfd/qEA8sERSWH2NZT
Ah6EC2311rT9P1l3imR8bOB9boyowmEqTt+UC2SRT7RVeUPvJUKHg8rwKOjuqmj8
tZ1w+F9f0G99jpfm5HrOzcUSyFIhwYb6/vUer3AH9aDmzHGrMlvH6KiiZmhNCrMp
rQE/LHd3kroFqabsZHudG6bKnvDkY2WXWGmf7OQypLCB54XJqquR1Jfl8XshAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUn6jz3ezvIXwR9uJewQ9N19go+OQwHwYDVR0j
BBgwFoAUwv7HkvNaok0czBbIQy9L1EvfzvowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xOEQ0NkZCMzhGQ0VBNUU3RTg4MDUxREFFQzNGMEU3QTU4
ODRBNkE4NzJEM0FBNDhERTY2NEY4MUE3RDY0RERBLzAvQzJGRUM3OTJGMzVBQTI0
RDFDQ0MxNkM4NDMyRjRCRDQ0QkRGQ0VGQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkZFQzc5MkYzNUFBMjREMUND
QzE2Qzg0MzJGNEJENDRCREZDRUZBLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMThENDZGQjM4RkNFQTVFN0U4ODA1MURBRUMzRjBFN0E1ODg0QTZBODcy
RDNBQTQ4REU2NjRGODFBN0Q2NEREQS8wLzMyMzAzNDJlMzEzNTMzMmUzMjM0MmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzEzMzM1MzczOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcyZGDAN
BgkqhkiG9w0BAQsFAAOCAQEAKqlQXtdtD3bttynBBtk1Fn9cciF0nslbAMSLfQS4
Z6ACNqu09adULJKYqrXN8JlIIsvw0Spv6h47PWKFj5QQ6RM/StEQ81VcPpTYXCIQ
rhTzKO7UkLgzAsH6yMD7WhxjRdY0j5KzEYvjUUofHlyMuHuUg+yM7t+YudfinBt5
nDS78gZYa2ctrMV70Crpzk8fLjgEdh/RuTSbIZgrkZgiCLG/TO93qKkLedI6uHuA
bebhgqSsmuuc/Gt4Wt3SvXgHO50ABok1BHi4PreLYm2q7g4yRfTeZvOG0zmIX6mT
MmZTWQxKRkfDG3+PkdaRuf4t6cK48fBMV8qMBlktvl8pQQ==
-----END CERTIFICATE-----
Generated at Mon Dec 9 07:21:39 2024 by rpki-client on console-fra.rpki-client.org