Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1C2D9B1E616BFC6030F3DA1D6F20B6B414319A8CDD44EE6420B6FFE70D65C5B9/0/3230302e36332e3132302e302f32312d3234203d3e203237393736.roa
File:                     3230302e36332e3132302e302f32312d3234203d3e203237393736.roa (raw, json)
Hash identifier:          NsjMOsOYFH8NaG6fbZVmUcvzvEO9aX5FIHNGEYrIHyQ=
Subject key identifier:   66:28:16:8D:34:9D:EE:1E:E2:FE:5C:AF:5B:35:11:B8:E9:5B:5E:61
Certificate issuer:       /CN=C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39
Certificate serial:       380D1A046984D62B966D0217BA8223D8F3117377
Authority key identifier: C4:E4:73:26:7C:7E:D8:DB:FC:CD:20:9A:C0:9A:1C:A7:B8:4A:7C:39
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1C2D9B1E616BFC6030F3DA1D6F20B6B414319A8CDD44EE6420B6FFE70D65C5B9/0/3230302e36332e3132302e302f32312d3234203d3e203237393736.roa
Signing time:             Tue 05 Mar 2024 17:49:30 +0000
ROA not before:           Tue 05 Mar 2024 17:44:30 +0000
ROA not after:            Tue 04 Mar 2025 17:49:30 +0000
asID:                     27976
IP address blocks:        200.63.120.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1C2D9B1E616BFC6030F3DA1D6F20B6B414319A8CDD44EE6420B6FFE70D65C5B9/0/C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1C2D9B1E616BFC6030F3DA1D6F20B6B414319A8CDD44EE6420B6FFE70D65C5B9/0/C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:0d:1a:04:69:84:d6:2b:96:6d:02:17:ba:82:23:d8:f3:11:73:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39
        Validity
            Not Before: Mar  5 17:44:30 2024 GMT
            Not After : Mar  4 17:49:30 2025 GMT
        Subject: CN=6628168D349DEE1EE2FE5CAF5B3511B8E95B5E61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d8:07:af:27:84:3c:a2:c8:cb:17:38:0b:d8:
                    fc:1f:44:fc:53:f8:17:81:aa:c4:ce:0c:f6:26:18:
                    30:e3:1d:7e:7c:4f:c9:cd:62:f0:21:1f:88:69:70:
                    ee:e4:6a:77:66:d9:dd:78:cc:d4:d5:0a:b9:4b:c3:
                    06:de:8f:b8:9b:e4:ca:92:56:10:20:61:fd:d4:c1:
                    6e:0a:50:82:6c:d3:35:80:f2:f5:ba:82:f9:7b:73:
                    73:52:fa:6e:d3:34:a6:5d:4f:19:17:22:5a:e8:ad:
                    98:d9:9f:2d:02:48:bd:01:2f:85:ad:48:da:6c:81:
                    f0:33:db:4a:a9:1b:40:78:5b:3a:32:c5:bb:3d:d3:
                    f6:11:af:64:94:0f:5a:cf:4e:a5:07:8f:87:99:fe:
                    5d:2e:de:a7:21:fc:f4:b7:96:f0:1f:d8:a1:15:12:
                    71:30:e4:df:20:d1:aa:e5:83:91:9b:ba:6b:69:a7:
                    91:d3:8b:57:89:da:af:f4:05:42:e7:14:3e:79:31:
                    f9:88:31:96:d8:c3:55:54:d1:61:92:7a:49:dc:26:
                    f4:e2:d9:2c:b7:10:fb:33:47:74:85:e9:ef:3c:44:
                    29:40:dd:8b:9b:ad:31:f7:eb:9b:f9:06:ce:d5:14:
                    60:22:ca:2a:63:d6:d9:54:aa:df:05:fb:b8:56:5a:
                    a8:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:28:16:8D:34:9D:EE:1E:E2:FE:5C:AF:5B:35:11:B8:E9:5B:5E:61
            X509v3 Authority Key Identifier:
                keyid:C4:E4:73:26:7C:7E:D8:DB:FC:CD:20:9A:C0:9A:1C:A7:B8:4A:7C:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1C2D9B1E616BFC6030F3DA1D6F20B6B414319A8CDD44EE6420B6FFE70D65C5B9/0/C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C4E473267C7ED8DBFCCD209AC09A1CA7B84A7C39.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1C2D9B1E616BFC6030F3DA1D6F20B6B414319A8CDD44EE6420B6FFE70D65C5B9/0/3230302e36332e3132302e302f32312d3234203d3e203237393736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.63.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6e:19:ae:cd:ee:e2:4b:2b:f6:5c:9e:75:8d:7b:c6:a1:36:0a:
         50:b7:29:de:3b:6a:10:44:17:90:f1:48:55:08:4f:c1:7c:aa:
         a1:bd:71:79:f5:13:85:c2:0e:97:60:9c:53:33:36:48:e1:5d:
         51:fa:3d:7a:80:a3:6b:a4:be:30:85:4a:ea:03:e1:f6:76:b1:
         0d:66:f4:ad:21:06:c8:58:cd:48:95:a6:ad:f8:cb:e3:df:dc:
         03:d6:f2:2e:86:8c:8e:c1:c1:c9:71:20:b5:e4:8f:6b:76:69:
         25:50:4c:36:76:14:94:d4:5f:7a:65:18:5b:b6:c4:5f:26:8e:
         bb:c9:af:74:1d:b7:75:d3:39:8b:53:12:36:43:9d:06:06:5f:
         df:ff:1c:b0:b6:de:68:67:77:df:2d:33:06:78:ec:04:0c:62:
         26:55:ec:6e:0d:fd:c5:5b:5b:7b:5e:fe:35:7b:a8:9a:4b:f6:
         07:4b:86:7a:38:90:a0:d0:80:83:a3:27:79:ae:7b:71:f2:c4:
         c5:ac:e0:bd:a3:c4:58:33:45:32:0f:4f:2f:90:1e:29:8d:54:
         67:e1:b3:1d:a1:bf:2b:16:49:03:5b:7d:c1:86:7c:7c:67:10:
         1a:d5:93:d4:1e:86:3d:34:87:56:b3:ff:4e:0a:46:07:bf:a2:
         e9:40:91:9d
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUOA0aBGmE1iuWbQIXuoIj2PMRc3cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzRFNDczMjY3QzdFRDhEQkZDQ0QyMDlBQzA5QTFDQTdC
ODRBN0MzOTAeFw0yNDAzMDUxNzQ0MzBaFw0yNTAzMDQxNzQ5MzBaMDMxMTAvBgNV
BAMTKDY2MjgxNjhEMzQ5REVFMUVFMkZFNUNBRjVCMzUxMUI4RTk1QjVFNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw2AevJ4Q8osjLFzgL2PwfRPxT
+BeBqsTODPYmGDDjHX58T8nNYvAhH4hpcO7kandm2d14zNTVCrlLwwbej7ib5MqS
VhAgYf3UwW4KUIJs0zWA8vW6gvl7c3NS+m7TNKZdTxkXIlrorZjZny0CSL0BL4Wt
SNpsgfAz20qpG0B4Wzoyxbs90/YRr2SUD1rPTqUHj4eZ/l0u3qch/PS3lvAf2KEV
EnEw5N8g0arlg5Gbumtpp5HTi1eJ2q/0BULnFD55MfmIMZbYw1VU0WGSekncJvTi
2Sy3EPszR3SF6e88RClA3YubrTH365v5Bs7VFGAiyipj1tlUqt8F+7hWWqhvAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUZigWjTSd7h7i/lyvWzURuOlbXmEwHwYDVR0j
BBgwFoAUxORzJnx+2Nv8zSCawJocp7hKfDkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQzJEOUIxRTYxNkJGQzYwMzBGM0RBMUQ2RjIwQjZCNDE0
MzE5QThDREQ0NEVFNjQyMEI2RkZFNzBENjVDNUI5LzAvQzRFNDczMjY3QzdFRDhE
QkZDQ0QyMDlBQzA5QTFDQTdCODRBN0MzOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DNEU0NzMyNjdDN0VEOERCRkND
RDIwOUFDMDlBMUNBN0I4NEE3QzM5LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUMyRDlCMUU2MTZCRkM2MDMwRjNEQTFENkYyMEI2QjQxNDMxOUE4Q0RE
NDRFRTY0MjBCNkZGRTcwRDY1QzVCOS8wLzMyMzAzMDJlMzYzMzJlMzEzMjMwMmUz
MDJmMzIzMTJkMzIzNDIwM2QzZTIwMzIzNzM5MzczNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8g/eDAN
BgkqhkiG9w0BAQsFAAOCAQEAbhmuze7iSyv2XJ51jXvGoTYKULcp3jtqEEQXkPFI
VQhPwXyqob1xefUThcIOl2CcUzM2SOFdUfo9eoCja6S+MIVK6gPh9naxDWb0rSEG
yFjNSJWmrfjL49/cA9byLoaMjsHByXEgteSPa3ZpJVBMNnYUlNRfemUYW7bEXyaO
u8mvdB23ddM5i1MSNkOdBgZf3/8csLbeaGd33y0zBnjsBAxiJlXsbg39xVtbe17+
NXuomkv2B0uGejiQoNCAg6Mnea57cfLExazgvaPEWDNFMg9PL5AeKY1UZ+GzHaG/
KxZJA1t9wYZ8fGcQGtWT1B6GPTSHVrP/TgpGB7+i6UCRnQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:00:45 2024 by rpki-client on console-fra.rpki-client.org