Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/3230302e39312e36342e302f31382d3234203d3e2033333536.roa
File:                     3230302e39312e36342e302f31382d3234203d3e2033333536.roa (raw, json)
Hash identifier:          clXef65QW7mIE2zPzOA7KDM4szKP4j0RfQxyY3zuaBI=
Subject key identifier:   0F:76:3B:9E:3F:47:72:ED:E1:C7:55:7C:11:BD:B0:A6:B0:31:C0:6A
Certificate issuer:       /CN=DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2
Certificate serial:       3C431990B3459D4CA46584FE5961A9BBA4C28ACD
Authority key identifier: DE:D9:DD:B6:E0:5D:26:D9:3F:76:D4:43:4C:06:0C:7E:1D:26:E6:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/3230302e39312e36342e302f31382d3234203d3e2033333536.roa
Signing time:             Tue 05 Mar 2024 18:02:50 +0000
ROA not before:           Tue 05 Mar 2024 17:57:50 +0000
ROA not after:            Tue 04 Mar 2025 18:02:50 +0000
asID:                     3356
IP address blocks:        200.91.64.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.crl
                          rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 25 Nov 2024 23:25:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:43:19:90:b3:45:9d:4c:a4:65:84:fe:59:61:a9:bb:a4:c2:8a:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2
        Validity
            Not Before: Mar  5 17:57:50 2024 GMT
            Not After : Mar  4 18:02:50 2025 GMT
        Subject: CN=0F763B9E3F4772EDE1C7557C11BDB0A6B031C06A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:0b:d3:9e:87:af:62:10:c2:48:0c:07:67:bc:
                    32:aa:19:4d:54:9f:a8:be:90:38:df:89:4e:c3:f6:
                    67:31:f1:1a:30:92:24:85:12:ee:6f:08:ed:2a:0c:
                    c8:eb:46:b7:2d:56:21:f8:c4:34:18:bb:a9:6d:d2:
                    e2:a6:e1:cf:45:ff:80:d5:e7:91:06:9b:4c:f3:ce:
                    6c:5b:df:bd:b5:65:88:55:1c:35:ef:d4:a4:93:d8:
                    dd:2b:84:7d:1b:c3:1b:f3:8a:1f:ab:ff:f8:96:e4:
                    a0:10:e3:cf:77:4b:e8:ad:e1:58:7c:b3:4e:c4:f1:
                    2d:91:c1:2d:59:fa:9a:b9:00:cf:c3:9d:25:a8:a5:
                    5a:d8:8d:ab:6d:27:02:b4:18:b1:60:2d:11:ab:15:
                    43:59:66:fa:4f:27:b4:de:48:d8:13:5c:f3:dc:85:
                    56:23:39:f8:f1:92:82:e6:70:a9:85:30:4d:e8:27:
                    e0:47:56:5d:0c:33:6b:44:45:5f:39:d3:8f:77:ac:
                    2b:a5:2a:d6:e8:13:7e:c2:63:f0:9d:d7:f5:21:19:
                    4e:61:e2:4f:6d:81:14:e5:15:2d:b9:f6:f8:a9:86:
                    d0:02:51:3f:10:7c:53:61:e2:4e:b6:5d:5e:53:e5:
                    c7:ba:fd:0a:7b:ee:99:7d:e3:7b:0f:a3:c4:af:82:
                    7f:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:76:3B:9E:3F:47:72:ED:E1:C7:55:7C:11:BD:B0:A6:B0:31:C0:6A
            X509v3 Authority Key Identifier:
                keyid:DE:D9:DD:B6:E0:5D:26:D9:3F:76:D4:43:4C:06:0C:7E:1D:26:E6:C2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DED9DDB6E05D26D93F76D4434C060C7E1D26E6C2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/23C75C911B352DF0BC9691D4FFEA0118290A296B48618F95A0D7BBF42C21BB43/0/3230302e39312e36342e302f31382d3234203d3e2033333536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.91.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         6e:d2:bf:8d:68:00:7a:9d:0a:22:fc:f8:10:0b:9a:10:17:95:
         64:ef:60:0f:c3:9a:08:5a:cd:5a:c8:ef:59:4d:55:2b:37:22:
         26:ff:f2:b9:f3:4a:9b:b4:b0:31:8d:f3:99:c6:c6:ca:28:42:
         6e:05:91:cc:e0:f1:6e:4b:fd:43:91:02:64:51:a0:08:6b:cc:
         12:6b:6c:46:c9:3e:b7:e7:07:2f:80:eb:46:5b:b3:f1:e8:97:
         1e:97:a7:d5:40:a0:ed:73:61:71:62:2f:93:2c:bd:db:f5:6d:
         97:ea:2c:33:07:0b:b6:16:69:a1:a0:34:4a:d5:55:6d:0f:20:
         80:fa:9b:a4:ed:19:2d:25:ef:fa:9c:4b:f5:43:44:ec:cd:24:
         0d:87:87:5c:f3:cc:a8:5a:7f:0d:eb:17:c0:12:13:11:ad:73:
         8c:7f:42:75:50:23:59:0c:63:39:f7:14:c3:f3:58:ed:f3:6c:
         34:f6:70:51:1f:cd:11:ae:45:2d:d6:40:1c:30:d8:85:ca:a5:
         78:06:18:49:0f:4c:8d:ec:ca:c4:da:f1:c1:45:e3:ad:58:c5:
         bd:ca:c9:36:02:97:ac:7a:2e:93:24:8a:b2:79:06:b3:f9:2e:
         97:97:48:00:0c:0f:9c:56:17:b0:41:f9:c9:c4:6b:6b:26:3d:
         1f:40:58:b2
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUPEMZkLNFnUykZYT+WWGpu6TCis0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREVEOUREQjZFMDVEMjZEOTNGNzZENDQzNEMwNjBDN0Ux
RDI2RTZDMjAeFw0yNDAzMDUxNzU3NTBaFw0yNTAzMDQxODAyNTBaMDMxMTAvBgNV
BAMTKDBGNzYzQjlFM0Y0NzcyRURFMUM3NTU3QzExQkRCMEE2QjAzMUMwNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXC9Oeh69iEMJIDAdnvDKqGU1U
n6i+kDjfiU7D9mcx8RowkiSFEu5vCO0qDMjrRrctViH4xDQYu6lt0uKm4c9F/4DV
55EGm0zzzmxb3721ZYhVHDXv1KST2N0rhH0bwxvzih+r//iW5KAQ4893S+it4Vh8
s07E8S2RwS1Z+pq5AM/DnSWopVrYjattJwK0GLFgLRGrFUNZZvpPJ7TeSNgTXPPc
hVYjOfjxkoLmcKmFME3oJ+BHVl0MM2tERV850493rCulKtboE37CY/Cd1/UhGU5h
4k9tgRTlFS259viphtACUT8QfFNh4k62XV5T5ce6/Qp77pl943sPo8Svgn8bAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUD3Y7nj9Hcu3hx1V8Eb2wprAxwGowHwYDVR0j
BBgwFoAU3tndtuBdJtk/dtRDTAYMfh0m5sIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yM0M3NUM5MTFCMzUyREYwQkM5NjkxRDRGRkVBMDExODI5
MEEyOTZCNDg2MThGOTVBMEQ3QkJGNDJDMjFCQjQzLzAvREVEOUREQjZFMDVEMjZE
OTNGNzZENDQzNEMwNjBDN0UxRDI2RTZDMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERUQ5RERCNkUwNUQyNkQ5M0Y3
NkQ0NDM0QzA2MEM3RTFEMjZFNkMyLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjNDNzVDOTExQjM1MkRGMEJDOTY5MUQ0RkZFQTAxMTgyOTBBMjk2QjQ4
NjE4Rjk1QTBEN0JCRjQyQzIxQkI0My8wLzMyMzAzMDJlMzkzMTJlMzYzNDJlMzAy
ZjMxMzgyZDMyMzQyMDNkM2UyMDMzMzMzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGyFtAMA0GCSqG
SIb3DQEBCwUAA4IBAQBu0r+NaAB6nQoi/PgQC5oQF5Vk72APw5oIWs1ayO9ZTVUr
NyIm//K580qbtLAxjfOZxsbKKEJuBZHM4PFuS/1DkQJkUaAIa8wSa2xGyT635wcv
gOtGW7Px6Jcel6fVQKDtc2FxYi+TLL3b9W2X6iwzBwu2FmmhoDRK1VVtDyCA+puk
7RktJe/6nEv1Q0TszSQNh4dc88yoWn8N6xfAEhMRrXOMf0J1UCNZDGM59xTD81jt
82w09nBRH80RrkUt1kAcMNiFyqV4BhhJD0yN7MrE2vHBReOtWMW9ysk2Apesei6T
JIqyeQaz+S6Xl0gADA+cVhewQfnJxGtrJj0fQFiy
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:21:44 2024 by rpki-client on console-fra.rpki-client.org