Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1BC81E3C8BFC028EFACF08614951FD0DB9A86232CC25CF8B606BA7075D6063F5/0/3230302e3132332e35392e302f32342d3234203d3e20323635363839.roa
File:                     3230302e3132332e35392e302f32342d3234203d3e20323635363839.roa (raw, json)
Hash identifier:          3skfSigigNk4b48ZZ4FU6XY7Gu3vhWwHQJbGKND6ewo=
Subject key identifier:   CA:6C:87:28:65:86:0D:45:9E:FE:20:EA:6C:91:A9:73:1E:50:12:EA
Certificate issuer:       /CN=ED05FF962C1240B2E8CC68B4EA41D187C5509591
Certificate serial:       1188B578ED2DECFEA28A884A802892D7E2BAD379
Authority key identifier: ED:05:FF:96:2C:12:40:B2:E8:CC:68:B4:EA:41:D1:87:C5:50:95:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/ED05FF962C1240B2E8CC68B4EA41D187C5509591.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1BC81E3C8BFC028EFACF08614951FD0DB9A86232CC25CF8B606BA7075D6063F5/0/3230302e3132332e35392e302f32342d3234203d3e20323635363839.roa
Signing time:             Tue 05 Mar 2024 18:21:58 +0000
ROA not before:           Tue 05 Mar 2024 18:16:58 +0000
ROA not after:            Tue 04 Mar 2025 18:21:58 +0000
asID:                     265689
IP address blocks:        200.123.59.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1BC81E3C8BFC028EFACF08614951FD0DB9A86232CC25CF8B606BA7075D6063F5/0/ED05FF962C1240B2E8CC68B4EA41D187C5509591.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1BC81E3C8BFC028EFACF08614951FD0DB9A86232CC25CF8B606BA7075D6063F5/0/ED05FF962C1240B2E8CC68B4EA41D187C5509591.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/ED05FF962C1240B2E8CC68B4EA41D187C5509591.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 24 Jun 2024 23:54:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:88:b5:78:ed:2d:ec:fe:a2:8a:88:4a:80:28:92:d7:e2:ba:d3:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ED05FF962C1240B2E8CC68B4EA41D187C5509591
        Validity
            Not Before: Mar  5 18:16:58 2024 GMT
            Not After : Mar  4 18:21:58 2025 GMT
        Subject: CN=CA6C872865860D459EFE20EA6C91A9731E5012EA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:e2:2d:1c:ce:1a:8d:e6:43:b1:ce:ed:c5:1e:
                    5d:2d:84:e9:92:88:6f:ea:9e:5c:22:bf:10:58:81:
                    b1:83:91:41:42:7e:73:8c:b5:b8:7e:bc:b5:1b:8e:
                    06:e5:d6:9f:88:66:ff:23:56:ce:5e:48:06:71:aa:
                    45:7c:de:d8:85:f3:3a:68:3d:ad:7d:59:5f:05:8e:
                    88:48:26:e2:05:4b:4e:26:c9:c0:36:57:c8:a8:84:
                    a6:c8:d1:5e:16:53:14:65:8e:2f:3e:13:e9:97:2d:
                    ce:c8:c1:7f:59:b5:d4:e1:83:12:be:db:73:b6:e0:
                    a1:da:d6:ae:7a:00:26:84:f6:b2:a2:bc:c8:a7:c8:
                    56:98:de:60:bd:b9:0d:4b:86:25:5b:08:50:ff:c6:
                    f2:28:14:f5:86:b0:c5:6f:6c:d6:1d:fc:93:5f:7f:
                    f1:70:dd:f0:7e:3b:4c:1e:d1:63:2c:b3:1b:67:ad:
                    1d:79:04:26:78:a0:57:78:dd:9e:31:55:a0:dd:b8:
                    b8:72:dc:ab:0d:ad:9b:7d:a9:52:d0:c0:79:2f:e8:
                    71:7d:e6:00:46:99:19:28:c5:96:2d:8d:19:c2:9f:
                    8d:6b:07:cf:27:22:be:00:3d:c2:93:15:1d:46:5e:
                    78:db:37:e9:8e:4b:17:98:13:03:92:3b:b1:96:80:
                    30:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:6C:87:28:65:86:0D:45:9E:FE:20:EA:6C:91:A9:73:1E:50:12:EA
            X509v3 Authority Key Identifier:
                keyid:ED:05:FF:96:2C:12:40:B2:E8:CC:68:B4:EA:41:D1:87:C5:50:95:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1BC81E3C8BFC028EFACF08614951FD0DB9A86232CC25CF8B606BA7075D6063F5/0/ED05FF962C1240B2E8CC68B4EA41D187C5509591.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/ED05FF962C1240B2E8CC68B4EA41D187C5509591.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1BC81E3C8BFC028EFACF08614951FD0DB9A86232CC25CF8B606BA7075D6063F5/0/3230302e3132332e35392e302f32342d3234203d3e20323635363839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.123.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:2e:82:99:00:6c:b9:7b:d1:d2:b8:3a:96:b6:b1:ad:a8:d5:
         ba:27:c4:70:8d:a4:58:e3:8b:e0:c9:f4:b4:4f:3a:af:ab:05:
         4a:9b:f4:1d:94:2a:6c:70:b9:a8:2e:af:41:45:a2:44:ef:35:
         d7:78:59:8a:f3:f4:86:33:0d:b5:fb:1b:40:b4:e2:52:50:4e:
         a4:d3:8b:28:01:9a:a7:4e:84:08:36:56:e6:2c:5c:fa:17:13:
         9d:50:46:21:b7:03:4f:10:c3:72:d3:8d:21:16:45:30:8a:99:
         b0:25:e0:08:69:b4:33:25:7e:6b:ea:11:a9:fc:af:84:3e:7d:
         1f:b7:af:39:f4:49:ac:14:9f:b3:08:09:e8:24:b6:c2:ea:aa:
         6f:ed:9b:c3:0b:fa:4d:62:e6:20:89:1b:d1:88:b2:98:85:51:
         59:4c:fd:ca:b1:ff:d4:67:3b:a1:47:f4:2e:62:ff:d7:5f:cf:
         0f:41:81:e8:b7:89:43:f8:0d:32:7e:fb:41:df:7e:a8:59:1e:
         15:c6:db:30:d7:28:3c:12:fc:2d:60:e8:4e:bf:e3:52:56:cc:
         d2:29:c8:47:b3:50:cd:63:11:03:54:f3:35:d5:df:b7:f6:cc:
         88:c3:ac:29:e6:ed:39:cc:0a:c3:ba:80:74:57:59:ca:29:36:
         bc:46:39:a6
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUEYi1eO0t7P6iiohKgCiS1+K603kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUQwNUZGOTYyQzEyNDBCMkU4Q0M2OEI0RUE0MUQxODdD
NTUwOTU5MTAeFw0yNDAzMDUxODE2NThaFw0yNTAzMDQxODIxNThaMDMxMTAvBgNV
BAMTKENBNkM4NzI4NjU4NjBENDU5RUZFMjBFQTZDOTFBOTczMUU1MDEyRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDi4i0czhqN5kOxzu3FHl0thOmS
iG/qnlwivxBYgbGDkUFCfnOMtbh+vLUbjgbl1p+IZv8jVs5eSAZxqkV83tiF8zpo
Pa19WV8FjohIJuIFS04mycA2V8iohKbI0V4WUxRlji8+E+mXLc7IwX9ZtdThgxK+
23O24KHa1q56ACaE9rKivMinyFaY3mC9uQ1LhiVbCFD/xvIoFPWGsMVvbNYd/JNf
f/Fw3fB+O0we0WMssxtnrR15BCZ4oFd43Z4xVaDduLhy3KsNrZt9qVLQwHkv6HF9
5gBGmRkoxZYtjRnCn41rB88nIr4APcKTFR1GXnjbN+mOSxeYEwOSO7GWgDC/AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUymyHKGWGDUWe/iDqbJGpcx5QEuowHwYDVR0j
BBgwFoAU7QX/liwSQLLozGi06kHRh8VQlZEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQkM4MUUzQzhCRkMwMjhFRkFDRjA4NjE0OTUxRkQwREI5
QTg2MjMyQ0MyNUNGOEI2MDZCQTcwNzVENjA2M0Y1LzAvRUQwNUZGOTYyQzEyNDBC
MkU4Q0M2OEI0RUE0MUQxODdDNTUwOTU5MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FRDA1RkY5NjJDMTI0MEIyRThD
QzY4QjRFQTQxRDE4N0M1NTA5NTkxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUJDODFFM0M4QkZDMDI4RUZBQ0YwODYxNDk1MUZEMERCOUE4NjIzMkND
MjVDRjhCNjA2QkE3MDc1RDYwNjNGNS8wLzMyMzAzMDJlMzEzMjMzMmUzNTM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM1MzYzODM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyHs7
MA0GCSqGSIb3DQEBCwUAA4IBAQB7LoKZAGy5e9HSuDqWtrGtqNW6J8RwjaRY44vg
yfS0TzqvqwVKm/QdlCpscLmoLq9BRaJE7zXXeFmK8/SGMw21+xtAtOJSUE6k04so
AZqnToQINlbmLFz6FxOdUEYhtwNPEMNy040hFkUwipmwJeAIabQzJX5r6hGp/K+E
Pn0ft6859EmsFJ+zCAnoJLbC6qpv7ZvDC/pNYuYgiRvRiLKYhVFZTP3Ksf/UZzuh
R/QuYv/XX88PQYHot4lD+A0yfvtB336oWR4Vxtsw1yg8EvwtYOhOv+NSVszSKchH
s1DNYxEDVPM11d+39syIw6wp5u05zArDuoB0V1nKKTa8Rjmm
-----END CERTIFICATE-----
Generated at Fri Jun 21 13:59:06 2024 by rpki-client on console-fra.rpki-client.org