Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/3230302e31342e3233322e302f32312d3234203d3e203134303830.roa
File:                     3230302e31342e3233322e302f32312d3234203d3e203134303830.roa (raw, json)
Hash identifier:          H9sa2E52exNhE6d9GXF0/8/dVMbhwVjzQPl4ou9mfds=
Subject key identifier:   A6:E1:07:53:4F:8C:32:61:92:56:E8:91:89:EF:88:53:54:75:2F:4E
Certificate issuer:       /CN=CC3826EC9313209DAC612BC5F2610CB33D33D0E6
Certificate serial:       685B87F25273041D499CDAAFBA6765B3CBB45512
Authority key identifier: CC:38:26:EC:93:13:20:9D:AC:61:2B:C5:F2:61:0C:B3:3D:33:D0:E6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/3230302e31342e3233322e302f32312d3234203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 18:20:15 +0000
ROA not before:           Tue 05 Mar 2024 18:15:15 +0000
ROA not after:            Tue 04 Mar 2025 18:20:15 +0000
asID:                     14080
IP address blocks:        200.14.232.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 09:53:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:5b:87:f2:52:73:04:1d:49:9c:da:af:ba:67:65:b3:cb:b4:55:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CC3826EC9313209DAC612BC5F2610CB33D33D0E6
        Validity
            Not Before: Mar  5 18:15:15 2024 GMT
            Not After : Mar  4 18:20:15 2025 GMT
        Subject: CN=A6E107534F8C32619256E89189EF885354752F4E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4c:93:64:ab:e5:8f:f9:bf:4e:39:c3:79:80:
                    3d:70:23:d0:31:85:eb:ac:5f:24:d2:f6:e7:40:50:
                    52:ba:ee:50:18:d7:25:ea:68:3f:21:77:a6:b6:33:
                    2b:4d:10:7f:18:10:7c:09:fe:0c:3b:37:3d:32:ef:
                    1c:25:6c:2a:01:b5:6f:67:29:03:6a:9f:9b:9f:82:
                    55:19:d1:a8:08:10:d5:fd:9b:04:77:22:1e:df:e6:
                    fd:89:1d:44:18:41:73:4c:a8:fe:05:5f:54:03:1d:
                    ce:19:f6:72:05:a2:5e:25:aa:b6:1e:d3:17:27:42:
                    a8:c4:b6:b4:d4:53:bf:fd:61:9b:a8:79:3b:d9:18:
                    94:80:2f:b4:d7:e8:27:ae:35:c1:2f:03:07:58:7b:
                    19:3f:f0:71:7c:71:98:d6:6c:04:63:40:2b:c9:c9:
                    f6:07:60:4f:cb:81:73:2c:62:55:a0:7a:f9:f1:4b:
                    09:00:d8:67:e5:18:6a:9e:06:e0:05:49:4f:bc:a2:
                    48:99:40:59:e0:1e:08:13:53:f9:06:d5:b9:73:63:
                    b9:ef:8c:6e:6c:67:6c:36:96:e2:b0:ec:00:4c:ca:
                    81:d7:1a:8f:91:cf:57:a3:00:cf:27:45:a5:9f:e2:
                    9d:55:3c:25:78:cc:91:c9:86:86:76:c1:4d:1c:82:
                    9f:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:E1:07:53:4F:8C:32:61:92:56:E8:91:89:EF:88:53:54:75:2F:4E
            X509v3 Authority Key Identifier:
                keyid:CC:38:26:EC:93:13:20:9D:AC:61:2B:C5:F2:61:0C:B3:3D:33:D0:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/3230302e31342e3233322e302f32312d3234203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.14.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         ad:e1:0c:96:74:4d:95:61:54:96:97:8c:bf:ba:72:a5:51:66:
         e1:cf:e5:99:6b:9a:5c:72:68:e5:78:13:f2:3c:93:02:03:48:
         b7:d2:a3:66:8f:9a:2d:12:25:d1:f6:30:2d:c4:fc:6a:39:77:
         be:64:db:81:e8:4b:eb:45:d8:7a:af:a6:a0:3a:93:9b:40:f9:
         62:0b:f6:29:d7:22:e1:27:0b:a6:2a:05:a1:a4:2b:08:43:90:
         ad:16:eb:17:50:f9:4f:8b:f3:af:05:3a:fc:b1:75:7c:65:09:
         27:ad:70:b0:d0:0b:ff:44:e9:d5:b5:f8:32:7d:ec:b1:87:a7:
         b0:f0:9b:b9:d7:a0:9e:69:9f:cf:0b:cf:48:8d:84:57:c6:f7:
         1a:41:6e:cd:57:71:36:d1:08:9b:47:51:a0:02:67:d1:eb:c3:
         0a:38:48:83:6b:a1:d9:a8:ad:b2:83:23:f4:01:77:91:67:07:
         0b:80:f5:9e:89:f6:86:4e:5f:e2:87:55:09:11:7e:d3:24:bc:
         88:72:5e:5e:c8:e7:ec:9b:74:dd:ba:d8:cd:f6:39:dc:7f:d1:
         0c:bf:78:82:b3:4c:c1:b2:aa:8f:b7:d0:04:c6:0a:d3:1a:54:
         79:0c:54:52:cc:36:4a:20:72:1e:44:6a:ee:0f:2f:7b:34:fe:
         ed:12:86:a1
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUaFuH8lJzBB1JnNqvumdls8u0VRIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0MzODI2RUM5MzEzMjA5REFDNjEyQkM1RjI2MTBDQjMz
RDMzRDBFNjAeFw0yNDAzMDUxODE1MTVaFw0yNTAzMDQxODIwMTVaMDMxMTAvBgNV
BAMTKEE2RTEwNzUzNEY4QzMyNjE5MjU2RTg5MTg5RUY4ODUzNTQ3NTJGNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvTJNkq+WP+b9OOcN5gD1wI9Ax
heusXyTS9udAUFK67lAY1yXqaD8hd6a2MytNEH8YEHwJ/gw7Nz0y7xwlbCoBtW9n
KQNqn5ufglUZ0agIENX9mwR3Ih7f5v2JHUQYQXNMqP4FX1QDHc4Z9nIFol4lqrYe
0xcnQqjEtrTUU7/9YZuoeTvZGJSAL7TX6CeuNcEvAwdYexk/8HF8cZjWbARjQCvJ
yfYHYE/LgXMsYlWgevnxSwkA2GflGGqeBuAFSU+8okiZQFngHggTU/kG1blzY7nv
jG5sZ2w2luKw7ABMyoHXGo+Rz1ejAM8nRaWf4p1VPCV4zJHJhoZ2wU0cgp9PAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUpuEHU0+MMmGSVuiRie+IU1R1L04wHwYDVR0j
BBgwFoAUzDgm7JMTIJ2sYSvF8mEMsz0z0OYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yNDQ2Q0FERTZBRTRBNzFCQzY1NjFBN0ZDQTRGQjQxMkRB
N0M0Rjg1NkUxOEU1QzY2REQzMjQyQzk4RjE5NkIzLzAvQ0MzODI2RUM5MzEzMjA5
REFDNjEyQkM1RjI2MTBDQjMzRDMzRDBFNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQzM4MjZFQzkzMTMyMDlEQUM2
MTJCQzVGMjYxMENCMzNEMzNEMEU2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjQ0NkNBREU2QUU0QTcxQkM2NTYxQTdGQ0E0RkI0MTJEQTdDNEY4NTZF
MThFNUM2NkREMzI0MkM5OEYxOTZCMy8wLzMyMzAzMDJlMzEzNDJlMzIzMzMyMmUz
MDJmMzIzMTJkMzIzNDIwM2QzZTIwMzEzNDMwMzgzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8gO6DAN
BgkqhkiG9w0BAQsFAAOCAQEAreEMlnRNlWFUlpeMv7pypVFm4c/lmWuaXHJo5XgT
8jyTAgNIt9KjZo+aLRIl0fYwLcT8ajl3vmTbgehL60XYeq+moDqTm0D5Ygv2Kdci
4ScLpioFoaQrCEOQrRbrF1D5T4vzrwU6/LF1fGUJJ61wsNAL/0Tp1bX4Mn3ssYen
sPCbudegnmmfzwvPSI2EV8b3GkFuzVdxNtEIm0dRoAJn0evDCjhIg2uh2aitsoMj
9AF3kWcHC4D1non2hk5f4odVCRF+0yS8iHJeXsjn7Jt03brYzfY53H/RDL94grNM
wbKqj7fQBMYK0xpUeQxUUsw2SiByHkRq7g8vezT+7RKGoQ==
-----END CERTIFICATE-----
Generated at Sat Jun 22 03:17:11 2024 by rpki-client on console-fra.rpki-client.org