Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/3230302e31342e3234352e302f32342d3234203d3e2036343239.roa
File:                     3230302e31342e3234352e302f32342d3234203d3e2036343239.roa (raw, json)
Hash identifier:          PHlBs49WyH0Mw5LBIEou2fLJOd0F8HGQimyIhewYQSQ=
Subject key identifier:   13:FA:9D:10:4F:85:CD:70:D2:46:59:D6:75:30:EA:DD:C8:83:0A:AF
Certificate issuer:       /CN=CC3826EC9313209DAC612BC5F2610CB33D33D0E6
Certificate serial:       71A2DA52C69B4EEA2B1652D5B4ECAA2E2BDAC125
Authority key identifier: CC:38:26:EC:93:13:20:9D:AC:61:2B:C5:F2:61:0C:B3:3D:33:D0:E6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/3230302e31342e3234352e302f32342d3234203d3e2036343239.roa
Signing time:             Tue 05 Mar 2024 18:20:09 +0000
ROA not before:           Tue 05 Mar 2024 18:15:09 +0000
ROA not after:            Tue 04 Mar 2025 18:20:09 +0000
asID:                     6429
IP address blocks:        200.14.245.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:a2:da:52:c6:9b:4e:ea:2b:16:52:d5:b4:ec:aa:2e:2b:da:c1:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CC3826EC9313209DAC612BC5F2610CB33D33D0E6
        Validity
            Not Before: Mar  5 18:15:09 2024 GMT
            Not After : Mar  4 18:20:09 2025 GMT
        Subject: CN=13FA9D104F85CD70D24659D67530EADDC8830AAF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a1:00:1c:08:78:19:84:ba:54:6a:ce:a0:ab:
                    13:ba:ef:19:7b:f8:8c:8b:8e:ea:4b:ca:31:31:c4:
                    8c:ec:0b:62:c3:ad:ac:6a:e7:22:fe:c0:92:48:a2:
                    18:27:15:05:1c:66:de:ec:d6:29:37:33:87:3b:42:
                    d2:de:a9:c2:e2:58:2f:04:aa:37:7d:cd:8d:db:96:
                    32:56:9d:a1:28:2e:6d:02:ea:0e:9b:23:fe:f7:38:
                    55:6d:cd:ee:e8:cb:f9:4e:9f:74:20:bf:c6:5d:33:
                    76:86:3d:74:04:89:2c:ef:7d:30:a1:c2:57:d8:9c:
                    d8:4f:a7:06:b2:b7:70:ba:e7:cf:d2:22:6f:d5:4d:
                    05:6f:77:08:59:9b:fe:83:63:6a:6a:3b:7a:10:b7:
                    78:0c:a4:b0:10:a5:d9:d6:fc:f8:5e:14:d6:f6:04:
                    0f:e2:a7:40:3d:33:bc:d3:35:5e:89:0a:a8:ad:a8:
                    ff:29:1c:9c:ff:4f:40:d1:f4:b3:4e:af:7f:41:48:
                    39:9e:9b:43:c3:c6:e9:6b:38:c6:0d:4d:20:19:e5:
                    4b:73:71:2d:a4:d4:63:61:26:83:e7:4d:99:70:62:
                    86:72:9f:45:eb:1d:45:73:d0:df:bc:1e:66:f8:32:
                    d9:ac:51:f3:f4:6d:31:af:4f:0d:7d:32:6c:b2:e1:
                    e6:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:FA:9D:10:4F:85:CD:70:D2:46:59:D6:75:30:EA:DD:C8:83:0A:AF
            X509v3 Authority Key Identifier:
                keyid:CC:38:26:EC:93:13:20:9D:AC:61:2B:C5:F2:61:0C:B3:3D:33:D0:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/3230302e31342e3234352e302f32342d3234203d3e2036343239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.14.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:a1:99:57:c6:33:f2:8c:97:86:a5:d5:64:3f:29:8d:e5:b8:
         0e:08:75:76:55:16:70:85:52:8f:b0:41:d4:87:52:8c:31:e1:
         21:ee:98:50:94:5d:f2:40:58:fb:bc:78:f7:c3:c9:fb:94:5b:
         88:15:15:19:1b:06:8b:af:1d:35:a7:c5:10:d1:49:7b:49:1a:
         36:95:b3:57:4e:93:a4:aa:2e:30:fd:51:5b:da:f1:ed:ae:7e:
         67:93:7b:3e:16:24:fc:dd:a1:dc:a5:b7:11:84:c3:b0:0b:c9:
         23:c1:fc:13:b6:46:e3:e3:69:3a:b6:dc:af:d3:0e:68:06:69:
         af:27:e0:59:99:5c:e5:6f:ba:45:2d:8d:a6:ee:56:23:2a:20:
         91:98:1e:4e:cf:6a:08:fe:05:b6:ea:54:7e:37:32:27:e4:26:
         fe:b3:89:8a:c5:ec:0b:98:e0:62:54:f0:22:b2:61:96:49:e3:
         13:fd:76:ff:d6:e5:79:d0:1b:f8:a9:c9:a7:9d:d0:17:57:72:
         bb:13:ce:af:20:3e:8c:21:7f:c3:e3:c0:12:bf:e9:1d:74:44:
         70:65:ee:f3:ab:4b:29:dd:46:02:e6:38:ae:88:8e:2f:c4:8a:
         b7:97:fb:b7:76:70:d5:58:3a:a8:d3:ac:10:3e:00:ab:be:44:
         38:ab:84:11
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUcaLaUsabTuorFlLVtOyqLivawSUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0MzODI2RUM5MzEzMjA5REFDNjEyQkM1RjI2MTBDQjMz
RDMzRDBFNjAeFw0yNDAzMDUxODE1MDlaFw0yNTAzMDQxODIwMDlaMDMxMTAvBgNV
BAMTKDEzRkE5RDEwNEY4NUNENzBEMjQ2NTlENjc1MzBFQUREQzg4MzBBQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxoQAcCHgZhLpUas6gqxO67xl7
+IyLjupLyjExxIzsC2LDraxq5yL+wJJIohgnFQUcZt7s1ik3M4c7QtLeqcLiWC8E
qjd9zY3bljJWnaEoLm0C6g6bI/73OFVtze7oy/lOn3Qgv8ZdM3aGPXQEiSzvfTCh
wlfYnNhPpwayt3C658/SIm/VTQVvdwhZm/6DY2pqO3oQt3gMpLAQpdnW/PheFNb2
BA/ip0A9M7zTNV6JCqitqP8pHJz/T0DR9LNOr39BSDmem0PDxulrOMYNTSAZ5Utz
cS2k1GNhJoPnTZlwYoZyn0XrHUVz0N+8Hmb4MtmsUfP0bTGvTw19Mmyy4eZrAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUE/qdEE+FzXDSRlnWdTDq3ciDCq8wHwYDVR0j
BBgwFoAUzDgm7JMTIJ2sYSvF8mEMsz0z0OYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yNDQ2Q0FERTZBRTRBNzFCQzY1NjFBN0ZDQTRGQjQxMkRB
N0M0Rjg1NkUxOEU1QzY2REQzMjQyQzk4RjE5NkIzLzAvQ0MzODI2RUM5MzEzMjA5
REFDNjEyQkM1RjI2MTBDQjMzRDMzRDBFNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQzM4MjZFQzkzMTMyMDlEQUM2
MTJCQzVGMjYxMENCMzNEMzNEMEU2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjQ0NkNBREU2QUU0QTcxQkM2NTYxQTdGQ0E0RkI0MTJEQTdDNEY4NTZF
MThFNUM2NkREMzI0MkM5OEYxOTZCMy8wLzMyMzAzMDJlMzEzNDJlMzIzNDM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzNDMyMzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIDvUwDQYJ
KoZIhvcNAQELBQADggEBACKhmVfGM/KMl4al1WQ/KY3luA4IdXZVFnCFUo+wQdSH
Uowx4SHumFCUXfJAWPu8ePfDyfuUW4gVFRkbBouvHTWnxRDRSXtJGjaVs1dOk6Sq
LjD9UVva8e2ufmeTez4WJPzdodyltxGEw7ALySPB/BO2RuPjaTq23K/TDmgGaa8n
4FmZXOVvukUtjabuViMqIJGYHk7Pagj+BbbqVH43MifkJv6ziYrF7AuY4GJU8CKy
YZZJ4xP9dv/W5XnQG/ipyaed0BdXcrsTzq8gPowhf8PjwBK/6R10RHBl7vOrSynd
RgLmOK6Iji/EireX+7d2cNVYOqjTrBA+AKu+RDirhBE=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:38:01 2024 by rpki-client on console-ams.rpki-client.org