Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/3230302e3132352e3132382e302f32342d3234203d3e203237393437.roa
File:                     3230302e3132352e3132382e302f32342d3234203d3e203237393437.roa (raw, json)
Hash identifier:          X1SN1oderIppvDpUoc8gMsUVR5fik1wbYKde6pVx9TU=
Subject key identifier:   DF:76:28:EE:01:8A:37:58:9D:2F:9D:43:BF:A6:07:73:19:CA:7F:79
Certificate issuer:       /CN=D2709F777988D8BB9C29DBBB53968812568C616E
Certificate serial:       02B0C410795E193BC4EE26041FF9DB1A870FCF00
Authority key identifier: D2:70:9F:77:79:88:D8:BB:9C:29:DB:BB:53:96:88:12:56:8C:61:6E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2709F777988D8BB9C29DBBB53968812568C616E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/3230302e3132352e3132382e302f32342d3234203d3e203237393437.roa
Signing time:             Tue 05 Mar 2024 17:46:43 +0000
ROA not before:           Tue 05 Mar 2024 17:41:43 +0000
ROA not after:            Tue 04 Mar 2025 17:46:43 +0000
asID:                     27947
IP address blocks:        200.125.128.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/D2709F777988D8BB9C29DBBB53968812568C616E.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/D2709F777988D8BB9C29DBBB53968812568C616E.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2709F777988D8BB9C29DBBB53968812568C616E.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:b0:c4:10:79:5e:19:3b:c4:ee:26:04:1f:f9:db:1a:87:0f:cf:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2709F777988D8BB9C29DBBB53968812568C616E
        Validity
            Not Before: Mar  5 17:41:43 2024 GMT
            Not After : Mar  4 17:46:43 2025 GMT
        Subject: CN=DF7628EE018A37589D2F9D43BFA6077319CA7F79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:51:83:26:bd:ac:7c:07:8e:bd:bc:76:a8:96:
                    f6:ed:54:d9:40:11:ce:bf:a4:4f:09:b8:82:e2:b7:
                    e8:fa:99:fe:04:43:82:33:fb:96:c8:70:a1:ac:c2:
                    2e:dc:b6:f7:0e:16:f7:60:b6:22:94:b3:4e:6c:d7:
                    43:15:9c:8c:db:82:d0:e7:51:1c:e8:2c:bd:a5:cf:
                    60:3d:90:a6:4c:60:7a:2b:31:a1:bd:bc:be:b1:b8:
                    ae:67:f5:d9:6a:68:db:16:50:db:a7:8e:7d:39:0c:
                    7e:1b:cf:f2:95:2a:ca:25:00:9e:83:12:92:73:6f:
                    58:1a:de:dd:68:6e:c0:ed:08:21:fe:b6:9c:f0:50:
                    a0:d1:9c:38:0d:b8:f6:f8:77:32:a8:7d:f0:8c:1e:
                    22:3e:77:7b:d2:52:be:dc:9c:d4:3f:0d:ac:27:db:
                    1d:15:82:19:ae:cb:be:f0:00:8c:c6:20:a6:a7:fe:
                    5d:d3:ae:ce:8a:88:64:d9:2a:19:7e:87:49:2e:9e:
                    1c:35:ea:0d:40:8a:fd:f7:3c:5a:81:b0:4e:c9:db:
                    71:aa:60:bf:94:94:1c:da:fc:b8:33:31:9b:9a:6f:
                    c4:58:c7:e9:9e:0e:2e:43:e2:64:90:46:34:5e:64:
                    6b:74:97:5a:dc:dd:10:ea:0f:38:f7:98:fa:b9:34:
                    16:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:76:28:EE:01:8A:37:58:9D:2F:9D:43:BF:A6:07:73:19:CA:7F:79
            X509v3 Authority Key Identifier:
                keyid:D2:70:9F:77:79:88:D8:BB:9C:29:DB:BB:53:96:88:12:56:8C:61:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/D2709F777988D8BB9C29DBBB53968812568C616E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2709F777988D8BB9C29DBBB53968812568C616E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/3230302e3132352e3132382e302f32342d3234203d3e203237393437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.125.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:e4:ad:94:e3:a2:cb:9f:53:b4:49:11:f8:1a:ca:46:69:3f:
         f6:42:3a:db:11:a9:90:7a:1b:44:e5:a1:67:ad:48:37:1f:06:
         c7:e4:9e:ab:27:c1:cf:59:58:83:2d:11:59:fa:c5:dd:9b:c1:
         98:74:f4:8c:c9:20:fc:0e:ff:5f:dd:8a:32:05:97:b0:2d:de:
         73:88:1e:3d:de:d2:a9:d7:b9:7f:a7:53:57:ea:8b:1c:e9:56:
         cd:90:ef:f2:02:63:8d:2d:58:27:8a:4c:c1:a4:66:90:37:d9:
         58:f9:02:bc:f8:09:4c:ea:66:a9:15:fd:76:0d:2d:5c:8d:22:
         a8:d2:66:9e:f6:47:3d:2b:da:28:d5:a0:c0:49:13:05:c4:e7:
         89:04:99:3d:4a:03:ac:f4:1a:71:aa:dd:85:ce:f6:bf:17:6d:
         a6:6c:53:d9:6d:79:5a:45:4d:89:45:08:b1:95:b8:38:21:03:
         00:7e:d6:b1:e0:56:63:e1:73:02:6a:c8:fb:2d:d0:32:16:8a:
         09:94:d2:a5:25:ad:70:f0:3b:be:15:47:99:6f:65:90:17:b9:
         ca:15:b6:e0:32:d8:cd:64:c8:37:29:8b:95:b7:ef:6b:32:8b:
         e7:41:ca:da:7c:a9:b6:c6:d0:e3:c8:0c:af:d4:d2:ee:2e:4e:
         0a:3b:28:33
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUArDEEHleGTvE7iYEH/nbGocPzwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDI3MDlGNzc3OTg4RDhCQjlDMjlEQkJCNTM5Njg4MTI1
NjhDNjE2RTAeFw0yNDAzMDUxNzQxNDNaFw0yNTAzMDQxNzQ2NDNaMDMxMTAvBgNV
BAMTKERGNzYyOEVFMDE4QTM3NTg5RDJGOUQ0M0JGQTYwNzczMTlDQTdGNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdUYMmvax8B469vHaolvbtVNlA
Ec6/pE8JuILit+j6mf4EQ4Iz+5bIcKGswi7ctvcOFvdgtiKUs05s10MVnIzbgtDn
URzoLL2lz2A9kKZMYHorMaG9vL6xuK5n9dlqaNsWUNunjn05DH4bz/KVKsolAJ6D
EpJzb1ga3t1obsDtCCH+tpzwUKDRnDgNuPb4dzKoffCMHiI+d3vSUr7cnNQ/Dawn
2x0Vghmuy77wAIzGIKan/l3Trs6KiGTZKhl+h0kunhw16g1Aiv33PFqBsE7J23Gq
YL+UlBza/LgzMZuab8RYx+meDi5D4mSQRjReZGt0l1rc3RDqDzj3mPq5NBZ7AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU33Yo7gGKN1idL51Dv6YHcxnKf3kwHwYDVR0j
BBgwFoAU0nCfd3mI2LucKdu7U5aIElaMYW4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQ0JEQTNDQkUzRjk0QjE5RURGMDA5OTUzQzBGNDU1RDcw
NTNCMDYwODgzRkY3NEFCM0ZGQ0ExMjgxOEYwOTMyLzAvRDI3MDlGNzc3OTg4RDhC
QjlDMjlEQkJCNTM5Njg4MTI1NjhDNjE2RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMjcwOUY3Nzc5ODhEOEJCOUMy
OURCQkI1Mzk2ODgxMjU2OEM2MTZFLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUNCREEzQ0JFM0Y5NEIxOUVERjAwOTk1M0MwRjQ1NUQ3MDUzQjA2MDg4
M0ZGNzRBQjNGRkNBMTI4MThGMDkzMi8wLzMyMzAzMDJlMzEzMjM1MmUzMTMyMzgy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzkzNDM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyH2A
MA0GCSqGSIb3DQEBCwUAA4IBAQB85K2U46LLn1O0SRH4GspGaT/2QjrbEamQehtE
5aFnrUg3HwbH5J6rJ8HPWViDLRFZ+sXdm8GYdPSMySD8Dv9f3YoyBZewLd5ziB49
3tKp17l/p1NX6osc6VbNkO/yAmONLVgnikzBpGaQN9lY+QK8+AlM6mapFf12DS1c
jSKo0mae9kc9K9oo1aDASRMFxOeJBJk9SgOs9Bpxqt2Fzva/F22mbFPZbXlaRU2J
RQixlbg4IQMAftax4FZj4XMCasj7LdAyFooJlNKlJa1w8Du+FUeZb2WQF7nKFbbg
MtjNZMg3KYuVt+9rMovnQcrafKm2xtDjyAyv1NLuLk4KOygz
-----END CERTIFICATE-----
Generated at Wed Nov 20 13:43:34 2024 by rpki-client on console-ams.rpki-client.org