Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1F8205A5BB97201E990D3372B7AF94155D7F1863EE2E79B447406F0540D9B002/0/3230302e31342e33372e302f32342d3234203d3e203532333332.roa
File:                     3230302e31342e33372e302f32342d3234203d3e203532333332.roa (raw, json)
Hash identifier:          5Or8ZrL4TOR+6r7bJvxNqLHjzJ124DG8yEatf23e0sE=
Subject key identifier:   7C:F4:13:B6:EA:D5:85:64:18:C3:5D:21:B2:53:5B:79:1A:DD:8E:9E
Certificate issuer:       /CN=481B3876880F63D5F9BA6D763D7E663E9DB369FC
Certificate serial:       520B1DD62E1D72534B784451A78930D7D7D9E3A2
Authority key identifier: 48:1B:38:76:88:0F:63:D5:F9:BA:6D:76:3D:7E:66:3E:9D:B3:69:FC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/481B3876880F63D5F9BA6D763D7E663E9DB369FC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1F8205A5BB97201E990D3372B7AF94155D7F1863EE2E79B447406F0540D9B002/0/3230302e31342e33372e302f32342d3234203d3e203532333332.roa
Signing time:             Tue 05 Mar 2024 18:16:09 +0000
ROA not before:           Tue 05 Mar 2024 18:11:09 +0000
ROA not after:            Tue 04 Mar 2025 18:16:09 +0000
asID:                     52332
IP address blocks:        200.14.37.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1F8205A5BB97201E990D3372B7AF94155D7F1863EE2E79B447406F0540D9B002/0/481B3876880F63D5F9BA6D763D7E663E9DB369FC.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1F8205A5BB97201E990D3372B7AF94155D7F1863EE2E79B447406F0540D9B002/0/481B3876880F63D5F9BA6D763D7E663E9DB369FC.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/481B3876880F63D5F9BA6D763D7E663E9DB369FC.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 14 Jun 2024 21:27:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:0b:1d:d6:2e:1d:72:53:4b:78:44:51:a7:89:30:d7:d7:d9:e3:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=481B3876880F63D5F9BA6D763D7E663E9DB369FC
        Validity
            Not Before: Mar  5 18:11:09 2024 GMT
            Not After : Mar  4 18:16:09 2025 GMT
        Subject: CN=7CF413B6EAD5856418C35D21B2535B791ADD8E9E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:1c:46:da:e5:3f:6d:82:1c:17:a2:fc:3e:e0:
                    01:5d:f8:f5:ff:3f:dd:97:dd:0e:a8:2d:82:23:5a:
                    80:43:fc:ed:63:e4:89:41:d5:ad:2f:8d:e8:68:8e:
                    51:95:1d:79:f9:37:94:82:46:ed:8f:b9:62:9b:43:
                    65:e9:46:8c:84:fa:26:06:5d:af:69:e1:a9:3c:1f:
                    4b:c4:05:39:48:da:c5:24:38:2f:43:cf:4d:ca:f0:
                    ab:71:48:5d:22:28:73:6a:54:09:5c:fb:a1:ef:14:
                    c9:d1:48:cc:f3:11:be:c5:17:bf:80:8e:cc:07:48:
                    47:01:a5:fe:c4:1f:c1:0f:b2:43:bd:f1:d4:48:ad:
                    ec:8c:14:7f:a1:b0:fd:da:c0:48:3c:31:df:af:ad:
                    93:16:9c:8a:83:0d:75:e1:9f:9e:d8:22:f9:a5:77:
                    2c:6b:6c:77:8c:74:ac:cb:80:85:45:64:1b:eb:64:
                    3e:7b:ee:49:b6:cb:d4:8d:37:5f:9d:f2:ce:6b:a2:
                    2d:09:69:d0:ef:6d:22:52:38:79:0a:43:55:d3:6b:
                    37:10:b2:cb:55:1c:a2:6c:e9:14:62:ed:eb:73:c4:
                    48:a2:c1:38:1c:10:d6:00:18:4d:f7:bb:99:ae:e1:
                    f1:95:22:b0:e5:f5:5f:18:9e:e2:91:2b:a2:fe:89:
                    56:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:F4:13:B6:EA:D5:85:64:18:C3:5D:21:B2:53:5B:79:1A:DD:8E:9E
            X509v3 Authority Key Identifier:
                keyid:48:1B:38:76:88:0F:63:D5:F9:BA:6D:76:3D:7E:66:3E:9D:B3:69:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1F8205A5BB97201E990D3372B7AF94155D7F1863EE2E79B447406F0540D9B002/0/481B3876880F63D5F9BA6D763D7E663E9DB369FC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/481B3876880F63D5F9BA6D763D7E663E9DB369FC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1F8205A5BB97201E990D3372B7AF94155D7F1863EE2E79B447406F0540D9B002/0/3230302e31342e33372e302f32342d3234203d3e203532333332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.14.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:69:b4:59:2f:07:22:9f:89:3e:23:03:8a:e3:a8:a7:93:a9:
         0c:78:6f:bd:43:19:b1:a5:0b:74:49:47:c2:36:8b:ff:c0:98:
         68:15:d3:87:76:f8:a6:4d:f1:53:51:4b:ff:0d:71:41:ed:e0:
         e7:2a:0b:92:6f:d7:c9:83:bb:1a:ff:f9:74:92:0c:6c:3e:a3:
         cd:38:ee:10:b8:ea:39:94:45:ab:19:59:ef:07:aa:ce:7f:a9:
         50:0c:f8:f4:ac:59:16:d6:1a:8c:43:47:53:d6:58:9e:d8:8d:
         4f:e1:29:95:c4:06:c1:0b:8d:51:da:e1:36:d0:0c:b1:7f:85:
         ab:0e:91:de:c6:42:db:67:f2:4b:c2:74:fb:7e:a8:a4:db:c9:
         98:b8:3c:29:83:91:5d:65:f3:14:9e:02:94:72:76:5d:6b:56:
         e4:97:a9:ae:ca:7f:fe:49:3a:92:1f:41:9d:ab:bc:33:b9:55:
         0e:f5:82:4d:b6:81:eb:86:7f:c9:35:b6:e8:44:ec:cf:89:ec:
         2e:38:c5:f4:4e:45:d0:6c:5b:42:42:5a:04:17:74:5a:bc:8c:
         97:57:0a:4c:69:0d:17:8a:e5:59:bb:42:af:75:1c:c6:ea:1e:
         c0:3e:d4:ac:b5:ad:e0:6d:4b:17:64:97:4e:2a:a0:45:0f:48:
         48:48:a1:5c
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUUgsd1i4dclNLeERRp4kw19fZ46IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDgxQjM4NzY4ODBGNjNENUY5QkE2RDc2M0Q3RTY2M0U5
REIzNjlGQzAeFw0yNDAzMDUxODExMDlaFw0yNTAzMDQxODE2MDlaMDMxMTAvBgNV
BAMTKDdDRjQxM0I2RUFENTg1NjQxOEMzNUQyMUIyNTM1Qjc5MUFERDhFOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiHEba5T9tghwXovw+4AFd+PX/
P92X3Q6oLYIjWoBD/O1j5IlB1a0vjehojlGVHXn5N5SCRu2PuWKbQ2XpRoyE+iYG
Xa9p4ak8H0vEBTlI2sUkOC9Dz03K8KtxSF0iKHNqVAlc+6HvFMnRSMzzEb7FF7+A
jswHSEcBpf7EH8EPskO98dRIreyMFH+hsP3awEg8Md+vrZMWnIqDDXXhn57YIvml
dyxrbHeMdKzLgIVFZBvrZD577km2y9SNN1+d8s5roi0JadDvbSJSOHkKQ1XTazcQ
sstVHKJs6RRi7etzxEiiwTgcENYAGE33u5mu4fGVIrDl9V8YnuKRK6L+iVahAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUfPQTturVhWQYw10hslNbeRrdjp4wHwYDVR0j
BBgwFoAUSBs4dogPY9X5um12PX5mPp2zafwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xRjgyMDVBNUJCOTcyMDFFOTkwRDMzNzJCN0FGOTQxNTVE
N0YxODYzRUUyRTc5QjQ0NzQwNkYwNTQwRDlCMDAyLzAvNDgxQjM4NzY4ODBGNjNE
NUY5QkE2RDc2M0Q3RTY2M0U5REIzNjlGQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80ODFCMzg3Njg4MEY2M0Q1RjlC
QTZENzYzRDdFNjYzRTlEQjM2OUZDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUY4MjA1QTVCQjk3MjAxRTk5MEQzMzcyQjdBRjk0MTU1RDdGMTg2M0VF
MkU3OUI0NDc0MDZGMDU0MEQ5QjAwMi8wLzMyMzAzMDJlMzEzNDJlMzMzNzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzMzMzMzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIDiUwDQYJ
KoZIhvcNAQELBQADggEBAA1ptFkvByKfiT4jA4rjqKeTqQx4b71DGbGlC3RJR8I2
i//AmGgV04d2+KZN8VNRS/8NcUHt4OcqC5Jv18mDuxr/+XSSDGw+o8047hC46jmU
RasZWe8Hqs5/qVAM+PSsWRbWGoxDR1PWWJ7YjU/hKZXEBsELjVHa4TbQDLF/hasO
kd7GQttn8kvCdPt+qKTbyZi4PCmDkV1l8xSeApRydl1rVuSXqa7Kf/5JOpIfQZ2r
vDO5VQ71gk22geuGf8k1tuhE7M+J7C44xfRORdBsW0JCWgQXdFq8jJdXCkxpDReK
5Vm7Qq91HMbqHsA+1Ky1reBtSxdkl04qoEUPSEhIoVw=
-----END CERTIFICATE-----
Generated at Mon Jun 10 12:30:05 2024 by rpki-client on console-fra.rpki-client.org