Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1BC81E3C8BFC028EFACF08614951FD0DB9A86232CC25CF8B606BA7075D6063F5/0/3230302e3132332e36302e302f32332d3234203d3e20323635363839.roa
File:                     3230302e3132332e36302e302f32332d3234203d3e20323635363839.roa (raw, json)
Hash identifier:          5CX42jnWa7aoucIn5xcTOBuf0oKTisic1E8kHYAYAWM=
Subject key identifier:   3F:29:5D:60:42:ED:A8:EB:B1:4F:47:BE:BC:EB:3A:F9:31:D7:9D:5E
Certificate issuer:       /CN=ED05FF962C1240B2E8CC68B4EA41D187C5509591
Certificate serial:       2B09BD7684B01F238FF5F53031D34284C05CC9BF
Authority key identifier: ED:05:FF:96:2C:12:40:B2:E8:CC:68:B4:EA:41:D1:87:C5:50:95:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/ED05FF962C1240B2E8CC68B4EA41D187C5509591.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1BC81E3C8BFC028EFACF08614951FD0DB9A86232CC25CF8B606BA7075D6063F5/0/3230302e3132332e36302e302f32332d3234203d3e20323635363839.roa
Signing time:             Tue 05 Mar 2024 18:22:04 +0000
ROA not before:           Tue 05 Mar 2024 18:17:04 +0000
ROA not after:            Tue 04 Mar 2025 18:22:04 +0000
asID:                     265689
IP address blocks:        200.123.60.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1BC81E3C8BFC028EFACF08614951FD0DB9A86232CC25CF8B606BA7075D6063F5/0/ED05FF962C1240B2E8CC68B4EA41D187C5509591.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1BC81E3C8BFC028EFACF08614951FD0DB9A86232CC25CF8B606BA7075D6063F5/0/ED05FF962C1240B2E8CC68B4EA41D187C5509591.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/ED05FF962C1240B2E8CC68B4EA41D187C5509591.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 08 Dec 2024 21:38:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:09:bd:76:84:b0:1f:23:8f:f5:f5:30:31:d3:42:84:c0:5c:c9:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ED05FF962C1240B2E8CC68B4EA41D187C5509591
        Validity
            Not Before: Mar  5 18:17:04 2024 GMT
            Not After : Mar  4 18:22:04 2025 GMT
        Subject: CN=3F295D6042EDA8EBB14F47BEBCEB3AF931D79D5E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a2:4d:b8:c1:64:c1:32:9b:bd:31:ea:f5:4d:
                    4d:e4:de:dc:24:54:5a:da:12:5f:d6:a0:7f:e3:7c:
                    aa:ce:aa:f9:3d:77:91:3c:6b:ea:cb:c8:95:73:df:
                    59:3e:19:d1:59:bd:30:38:9e:0f:48:d4:a3:59:09:
                    a0:53:7d:4d:9e:02:3c:6d:e2:76:96:39:f5:55:dd:
                    7a:9b:70:c5:5a:80:8e:ba:16:7d:2c:bc:e8:d4:8c:
                    62:b6:73:c2:16:2a:12:1f:c9:71:e4:07:75:e7:d1:
                    46:96:5c:7d:b3:82:77:f6:b6:c0:36:de:e1:65:2b:
                    b2:bd:18:51:19:45:66:ab:25:e0:6f:49:1f:7d:e1:
                    0c:03:b0:ed:7b:11:93:07:50:ad:eb:0d:2f:07:70:
                    11:9a:4e:fb:c1:ec:de:5d:0b:e7:8a:cc:a3:35:69:
                    bb:5e:f4:73:39:15:c0:80:05:51:1d:31:35:6b:ab:
                    05:b8:10:af:47:11:fe:b4:91:f2:70:fe:eb:5a:4b:
                    2a:a3:72:4b:07:07:b3:ab:28:ee:79:f5:a7:7b:c5:
                    9c:6a:19:49:6d:f5:44:08:ad:8b:9a:24:25:89:f7:
                    c5:df:13:25:48:68:fc:c4:ab:d9:0b:a6:6d:a4:cb:
                    e8:cf:f0:62:ca:69:18:31:71:65:97:33:43:bd:fb:
                    e3:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:29:5D:60:42:ED:A8:EB:B1:4F:47:BE:BC:EB:3A:F9:31:D7:9D:5E
            X509v3 Authority Key Identifier:
                keyid:ED:05:FF:96:2C:12:40:B2:E8:CC:68:B4:EA:41:D1:87:C5:50:95:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1BC81E3C8BFC028EFACF08614951FD0DB9A86232CC25CF8B606BA7075D6063F5/0/ED05FF962C1240B2E8CC68B4EA41D187C5509591.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/ED05FF962C1240B2E8CC68B4EA41D187C5509591.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1BC81E3C8BFC028EFACF08614951FD0DB9A86232CC25CF8B606BA7075D6063F5/0/3230302e3132332e36302e302f32332d3234203d3e20323635363839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.123.60.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8e:5d:c6:08:0e:7d:27:a5:45:e1:72:91:26:40:e4:0c:f8:76:
         5c:49:0b:f2:d3:23:37:e3:de:5f:d4:f1:e4:84:33:5b:37:56:
         35:66:08:77:cf:cc:40:e1:b5:3f:68:39:0d:7c:55:98:ee:dc:
         12:54:f4:2d:db:06:ca:f5:60:aa:9a:06:44:55:49:20:6e:b0:
         9c:36:9f:84:f7:de:d0:16:c5:f3:5c:4b:b8:d2:c8:76:30:6b:
         34:0e:6d:8f:59:b8:1c:2a:e6:bb:dd:fc:4e:61:99:f6:60:72:
         13:4f:4c:42:40:74:7d:be:ef:e0:07:99:ea:7a:19:0f:62:4d:
         c6:32:08:64:65:54:a2:eb:dd:fc:6b:62:4e:cb:02:f5:b7:4d:
         02:67:6a:3b:02:52:84:45:f4:7a:0d:41:10:95:ca:c6:14:06:
         5d:eb:df:7d:8b:da:c8:12:29:c9:9c:3c:ff:5f:90:67:57:bd:
         2e:b9:f7:e7:23:fe:53:c5:89:0d:f8:d4:b2:6e:8e:18:38:ff:
         3b:84:49:d6:ec:c7:8a:bb:4e:14:83:5f:47:78:a9:fa:c2:79:
         da:cb:60:e5:fd:a2:2e:42:4c:f1:9e:aa:86:f7:1f:92:0d:bd:
         17:e5:cb:0d:74:2d:df:2d:24:4f:3b:c0:13:51:5e:07:6b:5f:
         06:bc:dc:a3
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUKwm9doSwHyOP9fUwMdNChMBcyb8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUQwNUZGOTYyQzEyNDBCMkU4Q0M2OEI0RUE0MUQxODdD
NTUwOTU5MTAeFw0yNDAzMDUxODE3MDRaFw0yNTAzMDQxODIyMDRaMDMxMTAvBgNV
BAMTKDNGMjk1RDYwNDJFREE4RUJCMTRGNDdCRUJDRUIzQUY5MzFENzlENUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYok24wWTBMpu9Mer1TU3k3twk
VFraEl/WoH/jfKrOqvk9d5E8a+rLyJVz31k+GdFZvTA4ng9I1KNZCaBTfU2eAjxt
4naWOfVV3XqbcMVagI66Fn0svOjUjGK2c8IWKhIfyXHkB3Xn0UaWXH2zgnf2tsA2
3uFlK7K9GFEZRWarJeBvSR994QwDsO17EZMHUK3rDS8HcBGaTvvB7N5dC+eKzKM1
abte9HM5FcCABVEdMTVrqwW4EK9HEf60kfJw/utaSyqjcksHB7OrKO559ad7xZxq
GUlt9UQIrYuaJCWJ98XfEyVIaPzEq9kLpm2ky+jP8GLKaRgxcWWXM0O9++O3AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUPyldYELtqOuxT0e+vOs6+THXnV4wHwYDVR0j
BBgwFoAU7QX/liwSQLLozGi06kHRh8VQlZEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQkM4MUUzQzhCRkMwMjhFRkFDRjA4NjE0OTUxRkQwREI5
QTg2MjMyQ0MyNUNGOEI2MDZCQTcwNzVENjA2M0Y1LzAvRUQwNUZGOTYyQzEyNDBC
MkU4Q0M2OEI0RUE0MUQxODdDNTUwOTU5MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FRDA1RkY5NjJDMTI0MEIyRThD
QzY4QjRFQTQxRDE4N0M1NTA5NTkxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUJDODFFM0M4QkZDMDI4RUZBQ0YwODYxNDk1MUZEMERCOUE4NjIzMkND
MjVDRjhCNjA2QkE3MDc1RDYwNjNGNS8wLzMyMzAzMDJlMzEzMjMzMmUzNjMwMmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNjM1MzYzODM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQByHs8
MA0GCSqGSIb3DQEBCwUAA4IBAQCOXcYIDn0npUXhcpEmQOQM+HZcSQvy0yM3495f
1PHkhDNbN1Y1Zgh3z8xA4bU/aDkNfFWY7twSVPQt2wbK9WCqmgZEVUkgbrCcNp+E
997QFsXzXEu40sh2MGs0Dm2PWbgcKua73fxOYZn2YHITT0xCQHR9vu/gB5nqehkP
Yk3GMghkZVSi6938a2JOywL1t00CZ2o7AlKERfR6DUEQlcrGFAZd6999i9rIEinJ
nDz/X5BnV70uuffnI/5TxYkN+NSybo4YOP87hEnW7MeKu04Ug19HeKn6wnnay2Dl
/aIuQkzxnqqG9x+SDb0X5csNdC3fLSRPO8ATUV4Ha18GvNyj
-----END CERTIFICATE-----
Generated at Thu Dec 5 11:16:03 2024 by rpki-client on console-ams.rpki-client.org