Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1F174878F65C3099DEE26EA2965185DD2C010153C5DC343723B50A4060A8A0EA/0/3230312e3233382e302e302f31382d3234203d3e203237383839.roa
File:                     3230312e3233382e302e302f31382d3234203d3e203237383839.roa (raw, json)
Hash identifier:          7M99pwpW2R/rFrH7oVVhBLQ5kclZw3AW0tMQrAAAfic=
Subject key identifier:   1F:C3:48:0A:EE:6D:82:D8:31:C9:3C:CC:E1:60:F4:CB:85:97:2B:A6
Certificate issuer:       /CN=3D2C065C974E700B1369EDF4ADBE1BD11272B09A
Certificate serial:       7578EE2CAC94EF1053F7E0FAC2FD988C91977E35
Authority key identifier: 3D:2C:06:5C:97:4E:70:0B:13:69:ED:F4:AD:BE:1B:D1:12:72:B0:9A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D2C065C974E700B1369EDF4ADBE1BD11272B09A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1F174878F65C3099DEE26EA2965185DD2C010153C5DC343723B50A4060A8A0EA/0/3230312e3233382e302e302f31382d3234203d3e203237383839.roa
Signing time:             Fri 10 May 2024 12:45:00 +0000
ROA not before:           Fri 10 May 2024 12:40:00 +0000
ROA not after:            Fri 09 May 2025 12:45:00 +0000
asID:                     27889
IP address blocks:        201.238.0.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1F174878F65C3099DEE26EA2965185DD2C010153C5DC343723B50A4060A8A0EA/0/3D2C065C974E700B1369EDF4ADBE1BD11272B09A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1F174878F65C3099DEE26EA2965185DD2C010153C5DC343723B50A4060A8A0EA/0/3D2C065C974E700B1369EDF4ADBE1BD11272B09A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D2C065C974E700B1369EDF4ADBE1BD11272B09A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 31 Oct 2024 16:16:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:78:ee:2c:ac:94:ef:10:53:f7:e0:fa:c2:fd:98:8c:91:97:7e:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3D2C065C974E700B1369EDF4ADBE1BD11272B09A
        Validity
            Not Before: May 10 12:40:00 2024 GMT
            Not After : May  9 12:45:00 2025 GMT
        Subject: CN=1FC3480AEE6D82D831C93CCCE160F4CB85972BA6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c7:df:2e:46:c0:c5:b6:dc:54:80:1d:ba:15:
                    59:28:b9:b5:d7:42:f5:1e:4e:72:b9:cf:a2:ac:03:
                    67:a5:ca:5a:e7:d4:94:36:c0:2f:1d:ef:b8:28:78:
                    9b:6c:a9:45:71:9a:5a:19:40:19:57:02:40:a1:19:
                    cb:55:cb:31:ec:f7:eb:8c:b8:c8:64:02:82:0a:18:
                    d4:f8:0a:de:37:70:8b:32:32:a2:61:68:99:d1:67:
                    d5:ae:76:99:91:66:3d:94:9e:0e:da:0e:c1:1b:52:
                    bb:ff:08:7c:b1:1b:cc:26:d7:38:a6:72:de:ff:9d:
                    85:3f:22:45:a6:81:8b:6d:2b:49:2f:ef:3c:d9:98:
                    e7:f3:e0:87:fa:fc:1f:b7:99:6b:46:4a:3f:1c:e3:
                    03:35:e4:0e:ed:b8:6a:b7:76:e1:06:c6:68:b0:9c:
                    d3:99:d7:5c:03:95:39:8c:b0:0c:1b:3f:55:95:cf:
                    32:78:1a:41:54:e6:0f:89:74:15:57:06:7c:4a:6c:
                    0e:ae:ce:57:64:be:b2:3d:3f:70:41:6f:48:2a:c6:
                    a6:1e:27:8f:e0:46:1f:90:a5:e6:65:16:c0:41:5b:
                    cc:1c:0d:88:6c:7b:d7:15:d4:6e:75:67:c8:a7:c2:
                    1e:6e:e8:b2:76:4d:bb:d2:3a:7a:4b:f3:48:0b:05:
                    60:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:C3:48:0A:EE:6D:82:D8:31:C9:3C:CC:E1:60:F4:CB:85:97:2B:A6
            X509v3 Authority Key Identifier:
                keyid:3D:2C:06:5C:97:4E:70:0B:13:69:ED:F4:AD:BE:1B:D1:12:72:B0:9A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1F174878F65C3099DEE26EA2965185DD2C010153C5DC343723B50A4060A8A0EA/0/3D2C065C974E700B1369EDF4ADBE1BD11272B09A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D2C065C974E700B1369EDF4ADBE1BD11272B09A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1F174878F65C3099DEE26EA2965185DD2C010153C5DC343723B50A4060A8A0EA/0/3230312e3233382e302e302f31382d3234203d3e203237383839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.238.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         0d:87:3a:c8:af:a3:b3:e1:f1:0d:d5:ca:28:b8:37:23:b5:25:
         57:f1:37:d9:58:f1:f7:2f:d4:15:48:81:5c:27:3f:37:3e:ae:
         44:07:2b:5d:e6:30:60:6d:6e:54:db:86:1d:2d:db:96:a4:7d:
         0d:62:5c:93:31:b0:8d:a5:fc:ee:e6:60:50:ba:90:05:76:ed:
         a7:1f:84:60:ba:53:af:58:cc:bd:be:df:66:86:79:64:6a:7e:
         13:d9:8d:6f:00:a4:d4:ea:de:2f:31:c2:0e:4e:57:9e:9d:b5:
         4d:9e:70:e7:0b:d9:1b:7e:a9:0a:a4:61:fa:11:d2:c2:fb:6d:
         b6:c5:f0:58:9c:a0:96:69:63:f3:c8:4b:ae:e9:05:3b:33:e1:
         49:02:99:0f:02:60:5c:d1:ff:b2:9a:89:55:3d:54:6f:2d:ae:
         ab:98:06:88:0d:52:8e:7e:30:53:5e:12:76:1c:3c:f0:fe:6d:
         ac:bb:52:54:ce:11:cd:03:8c:9e:76:5a:2d:4b:7d:88:1b:30:
         1e:44:32:ef:a6:56:4d:dd:3c:f2:04:72:6c:59:36:38:d2:6a:
         f5:c4:8b:ab:76:84:b6:6d:cf:e5:4b:1a:b9:64:79:ef:5f:7c:
         e2:5b:49:9f:84:dd:eb:52:48:5c:85:8a:64:3d:c5:d1:c0:2e:
         85:8b:50:bf
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUdXjuLKyU7xBT9+D6wv2YjJGXfjUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0QyQzA2NUM5NzRFNzAwQjEzNjlFREY0QURCRTFCRDEx
MjcyQjA5QTAeFw0yNDA1MTAxMjQwMDBaFw0yNTA1MDkxMjQ1MDBaMDMxMTAvBgNV
BAMTKDFGQzM0ODBBRUU2RDgyRDgzMUM5M0NDQ0UxNjBGNENCODU5NzJCQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvx98uRsDFttxUgB26FVkoubXX
QvUeTnK5z6KsA2elylrn1JQ2wC8d77goeJtsqUVxmloZQBlXAkChGctVyzHs9+uM
uMhkAoIKGNT4Ct43cIsyMqJhaJnRZ9WudpmRZj2Ung7aDsEbUrv/CHyxG8wm1zim
ct7/nYU/IkWmgYttK0kv7zzZmOfz4If6/B+3mWtGSj8c4wM15A7tuGq3duEGxmiw
nNOZ11wDlTmMsAwbP1WVzzJ4GkFU5g+JdBVXBnxKbA6uzldkvrI9P3BBb0gqxqYe
J4/gRh+QpeZlFsBBW8wcDYhse9cV1G51Z8inwh5u6LJ2TbvSOnpL80gLBWAzAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUH8NICu5tgtgxyTzM4WD0y4WXK6YwHwYDVR0j
BBgwFoAUPSwGXJdOcAsTae30rb4b0RJysJowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xRjE3NDg3OEY2NUMzMDk5REVFMjZFQTI5NjUxODVERDJD
MDEwMTUzQzVEQzM0MzcyM0I1MEE0MDYwQThBMEVBLzAvM0QyQzA2NUM5NzRFNzAw
QjEzNjlFREY0QURCRTFCRDExMjcyQjA5QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRDJDMDY1Qzk3NEU3MDBCMTM2
OUVERjRBREJFMUJEMTEyNzJCMDlBLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUYxNzQ4NzhGNjVDMzA5OURFRTI2RUEyOTY1MTg1REQyQzAxMDE1M0M1
REMzNDM3MjNCNTBBNDA2MEE4QTBFQS8wLzMyMzAzMTJlMzIzMzM4MmUzMDJlMzAy
ZjMxMzgyZDMyMzQyMDNkM2UyMDMyMzczODM4Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbJ7gAwDQYJ
KoZIhvcNAQELBQADggEBAA2HOsivo7Ph8Q3Vyii4NyO1JVfxN9lY8fcv1BVIgVwn
Pzc+rkQHK13mMGBtblTbhh0t25akfQ1iXJMxsI2l/O7mYFC6kAV27acfhGC6U69Y
zL2+32aGeWRqfhPZjW8ApNTq3i8xwg5OV56dtU2ecOcL2Rt+qQqkYfoR0sL7bbbF
8FicoJZpY/PIS67pBTsz4UkCmQ8CYFzR/7KaiVU9VG8trquYBogNUo5+MFNeEnYc
PPD+bay7UlTOEc0DjJ52Wi1LfYgbMB5EMu+mVk3dPPIEcmxZNjjSavXEi6t2hLZt
z+VLGrlkee9ffOJbSZ+E3etSSFyFimQ9xdHALoWLUL8=
-----END CERTIFICATE-----
Generated at Mon Oct 28 05:01:26 2024 by rpki-client on console-ams.rpki-client.org