Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/18D46FB38FCEA5E7E88051DAEC3F0E7A5884A6A872D3AA48DE664F81A7D64DDA/0/3230372e3234392e302e302f31392d3234203d3e203133353739.roa
File:                     3230372e3234392e302e302f31392d3234203d3e203133353739.roa (raw, json)
Hash identifier:          tYmRGQ770NTROgO82fYwDu/A4PEiJILMilmfDCqbPPk=
Subject key identifier:   77:6A:29:19:B0:A2:9E:40:F6:6D:37:DA:3D:F6:EB:66:B3:86:07:5C
Certificate issuer:       /CN=C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA
Certificate serial:       2C0ED4C5DBAE40C313CE0CDA4243BB3E5E74BB55
Authority key identifier: C2:FE:C7:92:F3:5A:A2:4D:1C:CC:16:C8:43:2F:4B:D4:4B:DF:CE:FA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/18D46FB38FCEA5E7E88051DAEC3F0E7A5884A6A872D3AA48DE664F81A7D64DDA/0/3230372e3234392e302e302f31392d3234203d3e203133353739.roa
Signing time:             Tue 30 Jul 2024 22:35:02 +0000
ROA not before:           Tue 30 Jul 2024 22:30:02 +0000
ROA not after:            Tue 29 Jul 2025 22:35:02 +0000
asID:                     13579
IP address blocks:        207.249.0.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/18D46FB38FCEA5E7E88051DAEC3F0E7A5884A6A872D3AA48DE664F81A7D64DDA/0/C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/18D46FB38FCEA5E7E88051DAEC3F0E7A5884A6A872D3AA48DE664F81A7D64DDA/0/C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:0e:d4:c5:db:ae:40:c3:13:ce:0c:da:42:43:bb:3e:5e:74:bb:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA
        Validity
            Not Before: Jul 30 22:30:02 2024 GMT
            Not After : Jul 29 22:35:02 2025 GMT
        Subject: CN=776A2919B0A29E40F66D37DA3DF6EB66B386075C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:c1:a2:64:fc:d7:ce:a2:f3:5f:92:98:bd:6f:
                    dc:52:e6:eb:c5:99:b4:62:75:db:7f:99:f4:97:c1:
                    f4:98:f3:eb:f8:e8:90:5e:84:1b:fa:d8:f6:65:e0:
                    e7:e1:36:81:83:75:48:aa:85:ce:b5:1e:a7:76:ef:
                    bb:50:76:3a:11:db:d3:dc:34:46:f3:96:eb:77:64:
                    06:1c:c0:69:6f:c1:ca:64:e2:9e:0f:fe:4e:c9:f7:
                    02:da:f8:80:3f:62:91:e0:58:49:29:95:95:39:c6:
                    54:ee:72:c8:34:93:2c:1a:d9:71:a8:2d:34:84:3c:
                    94:48:7a:9b:83:2a:56:b0:c6:c5:ed:1d:8a:b3:4b:
                    56:a7:b9:d1:b0:8d:8e:5a:69:ab:ea:67:1c:2e:e0:
                    a8:f6:db:58:40:ab:6e:a6:9a:4c:fa:07:6f:7f:77:
                    d7:f7:d1:9f:ee:f6:f5:36:f5:df:55:1a:33:47:ad:
                    4e:35:a7:ef:4d:10:97:0a:fc:a5:68:b1:55:db:f8:
                    2d:42:50:66:6c:c2:65:a4:03:c4:6e:28:d3:9f:34:
                    9f:09:d8:0f:ab:78:16:62:91:44:b5:b3:11:da:63:
                    7d:6e:6e:ba:9b:4c:94:84:39:38:c7:c3:91:bd:f8:
                    89:86:1c:4f:c0:9c:80:69:7b:a7:d0:63:09:17:61:
                    2b:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:6A:29:19:B0:A2:9E:40:F6:6D:37:DA:3D:F6:EB:66:B3:86:07:5C
            X509v3 Authority Key Identifier:
                keyid:C2:FE:C7:92:F3:5A:A2:4D:1C:CC:16:C8:43:2F:4B:D4:4B:DF:CE:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/18D46FB38FCEA5E7E88051DAEC3F0E7A5884A6A872D3AA48DE664F81A7D64DDA/0/C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2FEC792F35AA24D1CCC16C8432F4BD44BDFCEFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/18D46FB38FCEA5E7E88051DAEC3F0E7A5884A6A872D3AA48DE664F81A7D64DDA/0/3230372e3234392e302e302f31392d3234203d3e203133353739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.249.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         41:cb:fc:ea:87:62:ef:f7:12:30:69:a7:e7:c5:8c:5d:41:c0:
         46:ef:84:cd:1f:44:4d:41:1e:ce:9c:8a:c0:3b:21:f6:7e:5f:
         27:f5:99:e0:c2:2d:8f:49:f5:1b:0b:90:22:b8:5f:6d:d4:98:
         c5:60:d5:b9:a3:04:52:bf:f0:23:c5:86:09:cf:d3:bf:f6:dc:
         e0:92:dc:01:f5:5c:47:63:a9:6f:ef:53:08:37:51:36:a6:2c:
         38:e6:8a:df:fe:67:e3:24:9a:68:e5:24:ea:dd:72:ca:68:6d:
         45:73:ce:e5:c6:f0:cd:bd:4a:e4:85:05:a2:39:61:c3:c8:e8:
         ba:e9:e3:04:7c:b7:00:65:eb:4f:96:a7:98:7a:8e:a6:76:9e:
         a5:c7:b7:e3:3f:14:78:4e:d5:dc:f8:62:f2:68:df:83:a3:36:
         fd:74:54:96:96:32:92:8d:da:8d:67:f1:22:5b:ae:c4:b7:0c:
         2d:58:d2:8c:16:fb:05:8c:3a:a3:9a:b1:40:93:36:5f:34:f1:
         b6:86:fe:93:ff:10:04:56:34:60:6e:23:0d:27:30:2c:3e:14:
         5a:a3:b7:d6:3f:1c:e3:01:55:64:71:3a:47:03:ae:31:b1:5c:
         f0:04:ad:ba:a9:dc:b5:ec:3e:76:68:b0:56:48:ad:1d:d5:69:
         23:8d:d7:62
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIULA7UxduuQMMTzgzaQkO7Pl50u1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJGRUM3OTJGMzVBQTI0RDFDQ0MxNkM4NDMyRjRCRDQ0
QkRGQ0VGQTAeFw0yNDA3MzAyMjMwMDJaFw0yNTA3MjkyMjM1MDJaMDMxMTAvBgNV
BAMTKDc3NkEyOTE5QjBBMjlFNDBGNjZEMzdEQTNERjZFQjY2QjM4NjA3NUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHwaJk/NfOovNfkpi9b9xS5uvF
mbRiddt/mfSXwfSY8+v46JBehBv62PZl4OfhNoGDdUiqhc61Hqd277tQdjoR29Pc
NEbzlut3ZAYcwGlvwcpk4p4P/k7J9wLa+IA/YpHgWEkplZU5xlTucsg0kywa2XGo
LTSEPJRIepuDKlawxsXtHYqzS1anudGwjY5aaavqZxwu4Kj221hAq26mmkz6B29/
d9f30Z/u9vU29d9VGjNHrU41p+9NEJcK/KVosVXb+C1CUGZswmWkA8RuKNOfNJ8J
2A+reBZikUS1sxHaY31ubrqbTJSEOTjHw5G9+ImGHE/AnIBpe6fQYwkXYSurAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUd2opGbCinkD2bTfaPfbrZrOGB1wwHwYDVR0j
BBgwFoAUwv7HkvNaok0czBbIQy9L1EvfzvowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xOEQ0NkZCMzhGQ0VBNUU3RTg4MDUxREFFQzNGMEU3QTU4
ODRBNkE4NzJEM0FBNDhERTY2NEY4MUE3RDY0RERBLzAvQzJGRUM3OTJGMzVBQTI0
RDFDQ0MxNkM4NDMyRjRCRDQ0QkRGQ0VGQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkZFQzc5MkYzNUFBMjREMUND
QzE2Qzg0MzJGNEJENDRCREZDRUZBLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMThENDZGQjM4RkNFQTVFN0U4ODA1MURBRUMzRjBFN0E1ODg0QTZBODcy
RDNBQTQ4REU2NjRGODFBN0Q2NEREQS8wLzMyMzAzNzJlMzIzNDM5MmUzMDJlMzAy
ZjMxMzkyZDMyMzQyMDNkM2UyMDMxMzMzNTM3Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXP+QAwDQYJ
KoZIhvcNAQELBQADggEBAEHL/OqHYu/3EjBpp+fFjF1BwEbvhM0fRE1BHs6cisA7
IfZ+Xyf1meDCLY9J9RsLkCK4X23UmMVg1bmjBFK/8CPFhgnP07/23OCS3AH1XEdj
qW/vUwg3UTamLDjmit/+Z+MkmmjlJOrdcspobUVzzuXG8M29SuSFBaI5YcPI6Lrp
4wR8twBl60+Wp5h6jqZ2nqXHt+M/FHhO1dz4YvJo34OjNv10VJaWMpKN2o1n8SJb
rsS3DC1Y0owW+wWMOqOasUCTNl808baG/pP/EARWNGBuIw0nMCw+FFqjt9Y/HOMB
VWRxOkcDrjGxXPAErbqp3LXsPnZosFZIrR3VaSON12I=
-----END CERTIFICATE-----
Generated at Mon Dec 9 07:22:20 2024 by rpki-client on console-ams.rpki-client.org