Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1F8205A5BB97201E990D3372B7AF94155D7F1863EE2E79B447406F0540D9B002/0/3230302e302e31372e302f32342d3234203d3e203131303538.roa
File:                     3230302e302e31372e302f32342d3234203d3e203131303538.roa (raw, json)
Hash identifier:          krw4B6cbYO8ACjO5tUN20cn45FKmKW4sIX7nHN76t+s=
Subject key identifier:   10:15:4E:F8:0F:FF:F0:78:FB:EC:67:64:17:C3:85:20:FF:D1:3B:31
Certificate issuer:       /CN=481B3876880F63D5F9BA6D763D7E663E9DB369FC
Certificate serial:       4EAF527FDAB58653E9E61FE5D071273DCAA0D4FE
Authority key identifier: 48:1B:38:76:88:0F:63:D5:F9:BA:6D:76:3D:7E:66:3E:9D:B3:69:FC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/481B3876880F63D5F9BA6D763D7E663E9DB369FC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1F8205A5BB97201E990D3372B7AF94155D7F1863EE2E79B447406F0540D9B002/0/3230302e302e31372e302f32342d3234203d3e203131303538.roa
Signing time:             Tue 05 Mar 2024 18:16:08 +0000
ROA not before:           Tue 05 Mar 2024 18:11:08 +0000
ROA not after:            Tue 04 Mar 2025 18:16:08 +0000
asID:                     11058
IP address blocks:        200.0.17.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1F8205A5BB97201E990D3372B7AF94155D7F1863EE2E79B447406F0540D9B002/0/481B3876880F63D5F9BA6D763D7E663E9DB369FC.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1F8205A5BB97201E990D3372B7AF94155D7F1863EE2E79B447406F0540D9B002/0/481B3876880F63D5F9BA6D763D7E663E9DB369FC.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/481B3876880F63D5F9BA6D763D7E663E9DB369FC.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 26 Nov 2024 13:35:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:af:52:7f:da:b5:86:53:e9:e6:1f:e5:d0:71:27:3d:ca:a0:d4:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=481B3876880F63D5F9BA6D763D7E663E9DB369FC
        Validity
            Not Before: Mar  5 18:11:08 2024 GMT
            Not After : Mar  4 18:16:08 2025 GMT
        Subject: CN=10154EF80FFFF078FBEC676417C38520FFD13B31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:0a:72:37:02:15:36:14:9b:b8:e9:ec:4b:37:
                    52:b4:a7:0a:ea:a4:fb:c8:e6:02:fd:7a:1a:1c:69:
                    95:22:43:1f:60:32:f4:88:2d:ba:18:04:c4:af:5f:
                    e3:0f:09:fb:9a:8d:b7:3b:fb:25:43:06:47:ad:81:
                    84:09:0d:48:86:9b:6f:c5:b2:85:7b:c4:3f:33:8a:
                    6d:ec:47:17:47:9e:56:0b:f3:16:29:6e:16:fe:05:
                    3c:02:89:7c:20:9d:3c:f9:e8:b1:de:d5:50:1f:cf:
                    ba:51:0b:00:a3:bb:41:f7:24:52:c1:54:82:ea:28:
                    e9:ef:0f:01:03:91:23:3b:24:99:df:ad:73:09:01:
                    b2:d6:84:a8:b7:89:29:b5:26:65:a2:ec:8a:66:9c:
                    5b:e0:01:09:97:41:32:a8:41:15:9b:8e:7c:ba:d3:
                    e2:da:69:2f:b0:39:51:a1:ec:da:9e:fc:c3:43:f6:
                    0e:42:3d:f1:db:c3:ca:8e:ca:8a:64:1b:10:ef:c0:
                    54:35:f2:75:63:99:ef:17:6c:01:8b:fd:a1:db:b0:
                    ca:01:f8:66:d7:1a:78:c3:2b:c5:c6:b5:89:01:1d:
                    3f:75:2a:52:29:53:76:22:ad:49:8a:e3:67:0e:d0:
                    a4:e5:c0:da:9e:b3:56:50:ae:54:3b:30:6e:4b:53:
                    b3:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:15:4E:F8:0F:FF:F0:78:FB:EC:67:64:17:C3:85:20:FF:D1:3B:31
            X509v3 Authority Key Identifier:
                keyid:48:1B:38:76:88:0F:63:D5:F9:BA:6D:76:3D:7E:66:3E:9D:B3:69:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1F8205A5BB97201E990D3372B7AF94155D7F1863EE2E79B447406F0540D9B002/0/481B3876880F63D5F9BA6D763D7E663E9DB369FC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/481B3876880F63D5F9BA6D763D7E663E9DB369FC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1F8205A5BB97201E990D3372B7AF94155D7F1863EE2E79B447406F0540D9B002/0/3230302e302e31372e302f32342d3234203d3e203131303538.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.0.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:79:7f:f2:58:f1:13:34:7a:88:07:54:69:ad:38:7b:51:83:
         f1:a5:85:5b:41:13:6a:77:21:ea:1b:a8:b5:77:33:c8:a5:20:
         e8:6a:66:d7:4d:4c:5b:1c:a2:b9:5a:c7:56:8d:cc:19:02:30:
         ab:ae:79:23:fe:bd:3f:19:fc:e2:aa:e3:00:7e:62:57:99:91:
         3b:56:63:5a:e4:2f:c7:4b:58:15:16:eb:bb:68:00:01:32:54:
         a8:ad:30:9e:11:74:03:2c:e8:9d:e0:c7:8d:05:c5:54:66:bd:
         0f:f9:b1:aa:02:39:da:a2:e9:fb:b9:6f:bd:ee:b4:12:08:42:
         c9:a8:4a:9e:76:51:0c:91:e8:92:80:ef:0a:dc:f6:f9:85:19:
         31:89:8e:e0:33:8b:3d:a2:55:49:40:e1:c6:38:7e:cc:28:dc:
         aa:c2:7a:71:03:88:21:c4:5d:3e:d0:e9:ec:66:12:5f:a6:60:
         94:fa:cd:bf:4c:c7:f1:29:83:96:2e:be:72:ff:2d:45:c0:40:
         5a:ea:00:31:2a:e8:ea:05:c6:aa:81:29:b4:44:75:fd:36:bd:
         fa:29:55:a1:71:4f:a1:a1:51:5d:51:01:26:3b:3d:35:70:cb:
         b9:95:b1:c5:36:a0:5e:c2:2d:f2:b9:22:b5:3f:ab:c7:e4:3a:
         c2:bc:16:f9
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUTq9Sf9q1hlPp5h/l0HEnPcqg1P4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDgxQjM4NzY4ODBGNjNENUY5QkE2RDc2M0Q3RTY2M0U5
REIzNjlGQzAeFw0yNDAzMDUxODExMDhaFw0yNTAzMDQxODE2MDhaMDMxMTAvBgNV
BAMTKDEwMTU0RUY4MEZGRkYwNzhGQkVDNjc2NDE3QzM4NTIwRkZEMTNCMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkCnI3AhU2FJu46exLN1K0pwrq
pPvI5gL9ehocaZUiQx9gMvSILboYBMSvX+MPCfuajbc7+yVDBketgYQJDUiGm2/F
soV7xD8zim3sRxdHnlYL8xYpbhb+BTwCiXwgnTz56LHe1VAfz7pRCwCju0H3JFLB
VILqKOnvDwEDkSM7JJnfrXMJAbLWhKi3iSm1JmWi7IpmnFvgAQmXQTKoQRWbjny6
0+LaaS+wOVGh7Nqe/MND9g5CPfHbw8qOyopkGxDvwFQ18nVjme8XbAGL/aHbsMoB
+GbXGnjDK8XGtYkBHT91KlIpU3YirUmK42cO0KTlwNqes1ZQrlQ7MG5LU7MFAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUEBVO+A//8Hj77GdkF8OFIP/ROzEwHwYDVR0j
BBgwFoAUSBs4dogPY9X5um12PX5mPp2zafwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xRjgyMDVBNUJCOTcyMDFFOTkwRDMzNzJCN0FGOTQxNTVE
N0YxODYzRUUyRTc5QjQ0NzQwNkYwNTQwRDlCMDAyLzAvNDgxQjM4NzY4ODBGNjNE
NUY5QkE2RDc2M0Q3RTY2M0U5REIzNjlGQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80ODFCMzg3Njg4MEY2M0Q1RjlC
QTZENzYzRDdFNjYzRTlEQjM2OUZDLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUY4MjA1QTVCQjk3MjAxRTk5MEQzMzcyQjdBRjk0MTU1RDdGMTg2M0VF
MkU3OUI0NDc0MDZGMDU0MEQ5QjAwMi8wLzMyMzAzMDJlMzAyZTMxMzcyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMxMzAzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyAARMA0GCSqG
SIb3DQEBCwUAA4IBAQCceX/yWPETNHqIB1RprTh7UYPxpYVbQRNqdyHqG6i1dzPI
pSDoambXTUxbHKK5WsdWjcwZAjCrrnkj/r0/GfziquMAfmJXmZE7VmNa5C/HS1gV
Fuu7aAABMlSorTCeEXQDLOid4MeNBcVUZr0P+bGqAjnaoun7uW+97rQSCELJqEqe
dlEMkeiSgO8K3Pb5hRkxiY7gM4s9olVJQOHGOH7MKNyqwnpxA4ghxF0+0OnsZhJf
pmCU+s2/TMfxKYOWLr5y/y1FwEBa6gAxKujqBcaqgSm0RHX9Nr36KVWhcU+hoVFd
UQEmOz01cMu5lbHFNqBewi3yuSK1P6vH5DrCvBb5
-----END CERTIFICATE-----
Generated at Fri Nov 22 01:32:02 2024 by rpki-client on console-ams.rpki-client.org