Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1A3C227E19AA3716C777D495C59E5752560AD1D24ED9D2B6745C6DA5FB7FC311/0/3230302e32362e3138392e302f32342d3234203d3e203138373437.roa
File:                     3230302e32362e3138392e302f32342d3234203d3e203138373437.roa (raw, json)
Hash identifier:          3+I7Oe86ZBmCgos56VNRFgc2yAAJiO/6/wNxUPFOej0=
Subject key identifier:   A5:4D:83:78:34:39:F1:BF:5B:52:A2:67:B2:2E:C0:83:A6:89:D6:8B
Certificate issuer:       /CN=CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994
Certificate serial:       614DE8A58851F56EAC1B61246194E5917D73CBCD
Authority key identifier: CE:C7:9B:D3:D4:AC:E7:89:58:36:B5:E4:2E:6E:5B:5F:6C:A5:59:94
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1A3C227E19AA3716C777D495C59E5752560AD1D24ED9D2B6745C6DA5FB7FC311/0/3230302e32362e3138392e302f32342d3234203d3e203138373437.roa
Signing time:             Tue 05 Mar 2024 17:49:26 +0000
ROA not before:           Tue 05 Mar 2024 17:44:26 +0000
ROA not after:            Tue 04 Mar 2025 17:49:26 +0000
asID:                     18747
IP address blocks:        200.26.189.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1A3C227E19AA3716C777D495C59E5752560AD1D24ED9D2B6745C6DA5FB7FC311/0/CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1A3C227E19AA3716C777D495C59E5752560AD1D24ED9D2B6745C6DA5FB7FC311/0/CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 16 Dec 2024 04:49:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:4d:e8:a5:88:51:f5:6e:ac:1b:61:24:61:94:e5:91:7d:73:cb:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994
        Validity
            Not Before: Mar  5 17:44:26 2024 GMT
            Not After : Mar  4 17:49:26 2025 GMT
        Subject: CN=A54D83783439F1BF5B52A267B22EC083A689D68B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:78:41:76:7a:c1:b7:81:73:57:28:b6:3e:f1:
                    99:99:f1:d4:55:64:c9:2e:13:47:30:17:fe:20:40:
                    b4:c1:ff:5b:f6:33:5e:c1:4f:d4:31:2c:28:05:e6:
                    f2:61:13:6b:57:90:fe:c7:65:13:6a:0b:73:62:75:
                    2d:ed:cc:e4:5d:4f:72:68:03:05:13:af:44:1e:58:
                    d7:8e:6a:c7:79:ab:5a:cc:75:c5:cd:59:d8:62:33:
                    d6:ff:0f:e0:01:46:a9:f8:92:44:39:cc:f8:b1:f1:
                    d7:24:53:c8:86:24:43:09:48:c8:82:75:33:f7:37:
                    5d:5f:be:32:fc:4a:49:70:19:f2:d7:47:12:b5:25:
                    6a:92:6e:fb:d2:e9:42:c0:7e:d0:01:0c:6e:53:64:
                    e2:5e:79:35:73:aa:fb:ed:5a:c7:6e:04:1e:3c:22:
                    fe:a6:6a:1f:f7:d4:0c:30:cf:01:ad:85:30:a1:91:
                    b2:8b:93:29:d7:ad:fb:00:79:74:7f:87:d7:40:7b:
                    b0:ed:da:d0:9d:b1:6d:cb:ea:d7:6f:f6:ba:c1:1b:
                    2b:72:03:f3:b1:3b:78:19:68:ac:a5:1a:bd:ce:bc:
                    b1:75:2c:6b:db:45:fd:fb:4a:fc:51:ee:5b:d0:ba:
                    2c:8b:3b:d3:96:67:26:a9:0e:c4:37:a3:4d:5a:6e:
                    32:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:4D:83:78:34:39:F1:BF:5B:52:A2:67:B2:2E:C0:83:A6:89:D6:8B
            X509v3 Authority Key Identifier:
                keyid:CE:C7:9B:D3:D4:AC:E7:89:58:36:B5:E4:2E:6E:5B:5F:6C:A5:59:94

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1A3C227E19AA3716C777D495C59E5752560AD1D24ED9D2B6745C6DA5FB7FC311/0/CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CEC79BD3D4ACE7895836B5E42E6E5B5F6CA55994.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1A3C227E19AA3716C777D495C59E5752560AD1D24ED9D2B6745C6DA5FB7FC311/0/3230302e32362e3138392e302f32342d3234203d3e203138373437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:dd:c5:96:8a:28:79:4f:96:89:28:5c:1d:ad:0c:a5:a8:6e:
         4e:d2:60:37:0c:dd:f1:78:b7:81:73:2a:c0:0d:29:ae:ad:23:
         79:57:ed:35:27:8d:ad:5f:1f:14:e3:b5:27:52:52:66:9e:12:
         bf:ba:8e:af:71:f5:72:c6:51:da:22:83:61:d4:71:2b:26:83:
         df:d5:81:07:80:e1:75:1c:1e:2d:4a:b4:99:af:76:0c:71:0a:
         2d:88:88:a2:3b:aa:af:d3:50:46:be:22:2b:3e:58:8e:c2:a2:
         f1:6a:46:20:db:bf:db:09:2c:17:19:0e:48:27:b7:3e:19:8d:
         9f:08:99:7e:3e:ff:b1:ea:a1:1a:e7:6b:49:84:6d:2c:fe:89:
         0d:35:af:c0:cb:f7:ca:71:c4:94:ad:b4:d8:6b:23:ab:26:68:
         54:8c:4b:a1:4f:aa:90:8d:cc:5f:c3:97:09:1e:b7:2c:95:a9:
         bd:33:52:65:63:f7:52:37:07:db:77:4a:98:4c:0c:71:38:6c:
         0e:57:33:de:5b:53:51:02:64:f1:26:c4:b5:1d:ef:00:9c:26:
         00:d8:57:79:90:13:1b:d0:20:d8:3d:6d:4f:3a:c4:ce:0f:d5:
         c0:f1:95:e3:41:dc:45:35:32:9c:d7:f2:cc:89:3c:82:a1:c6:
         bb:40:ab:e5
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUYU3opYhR9W6sG2EkYZTlkX1zy80wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0VDNzlCRDNENEFDRTc4OTU4MzZCNUU0MkU2RTVCNUY2
Q0E1NTk5NDAeFw0yNDAzMDUxNzQ0MjZaFw0yNTAzMDQxNzQ5MjZaMDMxMTAvBgNV
BAMTKEE1NEQ4Mzc4MzQzOUYxQkY1QjUyQTI2N0IyMkVDMDgzQTY4OUQ2OEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOeEF2esG3gXNXKLY+8ZmZ8dRV
ZMkuE0cwF/4gQLTB/1v2M17BT9QxLCgF5vJhE2tXkP7HZRNqC3NidS3tzORdT3Jo
AwUTr0QeWNeOasd5q1rMdcXNWdhiM9b/D+ABRqn4kkQ5zPix8dckU8iGJEMJSMiC
dTP3N11fvjL8SklwGfLXRxK1JWqSbvvS6ULAftABDG5TZOJeeTVzqvvtWsduBB48
Iv6mah/31AwwzwGthTChkbKLkynXrfsAeXR/h9dAe7Dt2tCdsW3L6tdv9rrBGyty
A/OxO3gZaKylGr3OvLF1LGvbRf37SvxR7lvQuiyLO9OWZyapDsQ3o01abjJHAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUpU2DeDQ58b9bUqJnsi7Ag6aJ1oswHwYDVR0j
BBgwFoAUzseb09Ss54lYNrXkLm5bX2ylWZQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQTNDMjI3RTE5QUEzNzE2Qzc3N0Q0OTVDNTlFNTc1MjU2
MEFEMUQyNEVEOUQyQjY3NDVDNkRBNUZCN0ZDMzExLzAvQ0VDNzlCRDNENEFDRTc4
OTU4MzZCNUU0MkU2RTVCNUY2Q0E1NTk5NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DRUM3OUJEM0Q0QUNFNzg5NTgz
NkI1RTQyRTZFNUI1RjZDQTU1OTk0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUEzQzIyN0UxOUFBMzcxNkM3NzdENDk1QzU5RTU3NTI1NjBBRDFEMjRF
RDlEMkI2NzQ1QzZEQTVGQjdGQzMxMS8wLzMyMzAzMDJlMzIzNjJlMzEzODM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzODM3MzQzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMgavTAN
BgkqhkiG9w0BAQsFAAOCAQEApd3FloooeU+WiShcHa0MpahuTtJgNwzd8Xi3gXMq
wA0prq0jeVftNSeNrV8fFOO1J1JSZp4Sv7qOr3H1csZR2iKDYdRxKyaD39WBB4Dh
dRweLUq0ma92DHEKLYiIojuqr9NQRr4iKz5YjsKi8WpGINu/2wksFxkOSCe3PhmN
nwiZfj7/seqhGudrSYRtLP6JDTWvwMv3ynHElK202GsjqyZoVIxLoU+qkI3MX8OX
CR63LJWpvTNSZWP3UjcH23dKmEwMcThsDlcz3ltTUQJk8SbEtR3vAJwmANhXeZAT
G9Ag2D1tTzrEzg/VwPGV40HcRTUynNfyzIk8gqHGu0Cr5Q==
-----END CERTIFICATE-----
Generated at Thu Dec 12 20:53:34 2024 by rpki-client on console-ams.rpki-client.org