Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1A3C227E19AA3716C777D495C59E5752560AD1D24ED9D2B6745C6DA5FB7FC311/0/3230302e32362e3138352e302f32342d3234203d3e20323639303730.roa
File:                     3230302e32362e3138352e302f32342d3234203d3e20323639303730.roa (raw, json)
Hash identifier:          QzYnEo524YoaY56wB6LsXWYi2MYNpFJB52Rjx2v+iAs=
Subject key identifier:   EE:C2:A5:BF:EC:12:E0:6C:33:4F:41:4A:C1:13:00:B3:43:2C:6F:B3
Certificate issuer:       /CN=CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994
Certificate serial:       79C7BA663EFA6B1E34B781459D60E2774C50FEA7
Authority key identifier: CE:C7:9B:D3:D4:AC:E7:89:58:36:B5:E4:2E:6E:5B:5F:6C:A5:59:94
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1A3C227E19AA3716C777D495C59E5752560AD1D24ED9D2B6745C6DA5FB7FC311/0/3230302e32362e3138352e302f32342d3234203d3e20323639303730.roa
Signing time:             Mon 16 Sep 2024 13:40:00 +0000
ROA not before:           Mon 16 Sep 2024 13:35:00 +0000
ROA not after:            Mon 15 Sep 2025 13:40:00 +0000
asID:                     269070
IP address blocks:        200.26.185.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1A3C227E19AA3716C777D495C59E5752560AD1D24ED9D2B6745C6DA5FB7FC311/0/CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1A3C227E19AA3716C777D495C59E5752560AD1D24ED9D2B6745C6DA5FB7FC311/0/CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 16 Dec 2024 04:49:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:c7:ba:66:3e:fa:6b:1e:34:b7:81:45:9d:60:e2:77:4c:50:fe:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994
        Validity
            Not Before: Sep 16 13:35:00 2024 GMT
            Not After : Sep 15 13:40:00 2025 GMT
        Subject: CN=EEC2A5BFEC12E06C334F414AC11300B3432C6FB3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:50:d3:61:79:06:49:f2:d8:7a:23:ba:72:e4:
                    22:06:a2:cb:ec:0d:b9:ce:d6:0c:23:97:c0:ac:3a:
                    4f:bd:41:30:cb:74:47:6f:c0:a0:47:9c:4f:ff:eb:
                    87:e2:31:7a:4a:89:80:fc:b1:00:07:f7:5f:4c:a4:
                    95:67:31:f4:2f:95:32:9f:bd:75:bc:a3:ca:67:4b:
                    93:dd:49:44:c5:cf:9e:d2:82:de:f3:69:83:f2:54:
                    38:e0:60:8c:66:93:69:11:00:d2:47:54:77:af:49:
                    91:47:73:79:65:ba:27:85:e9:d7:85:4a:42:64:2c:
                    83:50:96:80:93:3f:5e:e1:60:06:e0:58:ba:7e:36:
                    21:5d:90:a2:26:e3:f6:37:42:57:f7:3b:a3:15:55:
                    1b:48:c0:8e:06:68:63:5a:84:14:b8:2d:51:0f:2c:
                    ac:57:e2:e5:ae:08:a8:ea:1c:40:46:b4:85:75:bb:
                    cb:15:99:20:c3:39:d3:c2:c9:7b:d8:38:b0:bc:78:
                    d3:9e:52:96:18:83:82:7e:c9:d5:4d:ae:a9:4b:bc:
                    d2:7f:b4:54:29:e7:bb:c1:49:f8:d6:d8:4b:c6:08:
                    90:fe:80:1d:46:63:4e:6c:74:b5:f1:9c:e6:39:47:
                    e9:93:f6:23:f5:a6:54:eb:28:bc:0c:c4:81:5c:09:
                    b5:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:C2:A5:BF:EC:12:E0:6C:33:4F:41:4A:C1:13:00:B3:43:2C:6F:B3
            X509v3 Authority Key Identifier:
                keyid:CE:C7:9B:D3:D4:AC:E7:89:58:36:B5:E4:2E:6E:5B:5F:6C:A5:59:94

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1A3C227E19AA3716C777D495C59E5752560AD1D24ED9D2B6745C6DA5FB7FC311/0/CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1A3C227E19AA3716C777D495C59E5752560AD1D24ED9D2B6745C6DA5FB7FC311/0/3230302e32362e3138352e302f32342d3234203d3e20323639303730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:1e:61:89:4e:73:96:00:b1:51:1d:8d:5e:d5:77:d2:13:25:
         78:a9:fe:15:33:b9:d3:fa:7c:d6:b5:6f:f2:a4:57:07:b8:0a:
         8c:95:6b:88:07:58:9b:6c:4b:47:e7:03:92:3e:0c:4f:0d:b6:
         e9:9b:7d:82:72:ce:35:d4:f8:36:c7:53:3b:5b:0c:94:78:9d:
         20:7f:9a:dd:24:fe:dc:37:e8:90:a6:02:47:51:42:12:00:48:
         6c:bf:70:a5:d1:ec:4a:46:fb:b8:e9:d1:ed:0b:23:e7:71:c0:
         0e:59:12:4f:39:16:c7:c6:d9:de:c0:c0:b7:01:01:cf:6a:b6:
         0a:23:fd:3f:25:7a:43:9d:5e:fc:93:b8:6a:52:5c:3f:95:ab:
         9a:9b:07:c4:77:ac:83:32:52:94:34:98:e0:72:38:26:e4:6a:
         02:dd:91:3b:f0:44:c7:58:1b:5b:2c:6a:62:d0:32:b8:6b:ca:
         8b:c4:dd:34:38:52:f5:2a:dd:54:fe:8f:5c:41:1a:f3:d4:82:
         1e:2f:59:c8:0c:8f:09:c2:37:36:36:e5:14:9c:b1:74:14:b2:
         c4:b4:aa:25:18:82:30:6e:bb:87:79:f3:02:a1:33:6a:08:86:
         32:b5:96:80:e8:c6:60:78:5f:a3:97:9c:42:0f:66:fe:af:34:
         3e:e2:97:39
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUece6Zj76ax40t4FFnWDid0xQ/qcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0VDNzlCRDNENEFDRTc4OTU4MzZCNUU0MkU2RTVCNUY2
Q0E1NTk5NDAeFw0yNDA5MTYxMzM1MDBaFw0yNTA5MTUxMzQwMDBaMDMxMTAvBgNV
BAMTKEVFQzJBNUJGRUMxMkUwNkMzMzRGNDE0QUMxMTMwMEIzNDMyQzZGQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFUNNheQZJ8th6I7py5CIGosvs
DbnO1gwjl8CsOk+9QTDLdEdvwKBHnE//64fiMXpKiYD8sQAH919MpJVnMfQvlTKf
vXW8o8pnS5PdSUTFz57Sgt7zaYPyVDjgYIxmk2kRANJHVHevSZFHc3lluieF6deF
SkJkLINQloCTP17hYAbgWLp+NiFdkKIm4/Y3Qlf3O6MVVRtIwI4GaGNahBS4LVEP
LKxX4uWuCKjqHEBGtIV1u8sVmSDDOdPCyXvYOLC8eNOeUpYYg4J+ydVNrqlLvNJ/
tFQp57vBSfjW2EvGCJD+gB1GY05sdLXxnOY5R+mT9iP1plTrKLwMxIFcCbXpAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU7sKlv+wS4GwzT0FKwRMAs0Msb7MwHwYDVR0j
BBgwFoAUzseb09Ss54lYNrXkLm5bX2ylWZQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQTNDMjI3RTE5QUEzNzE2Qzc3N0Q0OTVDNTlFNTc1MjU2
MEFEMUQyNEVEOUQyQjY3NDVDNkRBNUZCN0ZDMzExLzAvQ0VDNzlCRDNENEFDRTc4
OTU4MzZCNUU0MkU2RTVCNUY2Q0E1NTk5NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DRUM3OUJEM0Q0QUNFNzg5NTgz
NkI1RTQyRTZFNUI1RjZDQTU1OTk0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUEzQzIyN0UxOUFBMzcxNkM3NzdENDk1QzU5RTU3NTI1NjBBRDFEMjRF
RDlEMkI2NzQ1QzZEQTVGQjdGQzMxMS8wLzMyMzAzMDJlMzIzNjJlMzEzODM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM5MzAzNzMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyBq5
MA0GCSqGSIb3DQEBCwUAA4IBAQCMHmGJTnOWALFRHY1e1XfSEyV4qf4VM7nT+nzW
tW/ypFcHuAqMlWuIB1ibbEtH5wOSPgxPDbbpm32Ccs411Pg2x1M7WwyUeJ0gf5rd
JP7cN+iQpgJHUUISAEhsv3Cl0exKRvu46dHtCyPnccAOWRJPORbHxtnewMC3AQHP
arYKI/0/JXpDnV78k7hqUlw/lauamwfEd6yDMlKUNJjgcjgm5GoC3ZE78ETHWBtb
LGpi0DK4a8qLxN00OFL1Kt1U/o9cQRrz1IIeL1nIDI8Jwjc2NuUUnLF0FLLEtKol
GIIwbruHefMCoTNqCIYytZaA6MZgeF+jl5xCD2b+rzQ+4pc5
-----END CERTIFICATE-----
Generated at Thu Dec 12 18:25:35 2024 by rpki-client on console-fra.rpki-client.org