Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/278B39519F38D9CF4B886A90BEA8C666D8C3215F50353FC7D2121D5E936EAF17/0/3230302e35392e3232342e302f31392d3234203d3e203237373531.roa
File:                     3230302e35392e3232342e302f31392d3234203d3e203237373531.roa (raw, json)
Hash identifier:          +vEonuaHAup1fpXz3rSWoyFCL4j43S95Zd6s6OGG9zQ=
Subject key identifier:   56:DE:A4:DA:F4:FA:99:94:F6:5F:DA:11:A7:2C:24:2F:63:98:70:28
Certificate issuer:       /CN=49986AF9BE70C9F7A7BBDEB5E3E872038F597D4E
Certificate serial:       2D8B3C8B661020FD64B59452FA69DBD81A10FE3D
Authority key identifier: 49:98:6A:F9:BE:70:C9:F7:A7:BB:DE:B5:E3:E8:72:03:8F:59:7D:4E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/49986AF9BE70C9F7A7BBDEB5E3E872038F597D4E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/278B39519F38D9CF4B886A90BEA8C666D8C3215F50353FC7D2121D5E936EAF17/0/3230302e35392e3232342e302f31392d3234203d3e203237373531.roa
Signing time:             Mon 28 Oct 2024 15:35:00 +0000
ROA not before:           Mon 28 Oct 2024 15:30:00 +0000
ROA not after:            Mon 27 Oct 2025 15:35:00 +0000
asID:                     27751
IP address blocks:        200.59.224.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/278B39519F38D9CF4B886A90BEA8C666D8C3215F50353FC7D2121D5E936EAF17/0/49986AF9BE70C9F7A7BBDEB5E3E872038F597D4E.crl
                          rsync://repository.lacnic.net/rpki/lacnic/278B39519F38D9CF4B886A90BEA8C666D8C3215F50353FC7D2121D5E936EAF17/0/49986AF9BE70C9F7A7BBDEB5E3E872038F597D4E.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/49986AF9BE70C9F7A7BBDEB5E3E872038F597D4E.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 07:58:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:8b:3c:8b:66:10:20:fd:64:b5:94:52:fa:69:db:d8:1a:10:fe:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49986AF9BE70C9F7A7BBDEB5E3E872038F597D4E
        Validity
            Not Before: Oct 28 15:30:00 2024 GMT
            Not After : Oct 27 15:35:00 2025 GMT
        Subject: CN=56DEA4DAF4FA9994F65FDA11A72C242F63987028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:a9:1a:5c:b6:f3:9b:18:a8:b2:54:2f:53:60:
                    13:ce:dd:89:45:3a:75:72:a1:63:4d:e6:35:a9:eb:
                    12:61:37:50:5a:af:cb:e0:10:5e:e3:c3:36:06:a4:
                    d7:3f:8c:8c:4d:0a:57:7b:2b:57:85:b4:0e:72:d4:
                    81:98:05:a5:64:18:24:af:d6:71:cf:b4:08:d0:55:
                    ab:2d:94:6b:31:57:52:29:84:55:73:9c:db:67:18:
                    8d:f7:dd:7c:61:31:ea:ea:a9:49:dc:62:80:25:76:
                    0c:3f:1b:46:53:b1:ed:31:ef:f1:1c:af:2f:f3:c4:
                    e0:0a:3e:c1:eb:15:c0:ce:d4:14:3c:cc:fd:d4:2b:
                    d7:48:e2:b0:38:5c:43:30:bf:4f:8b:c3:dc:1f:53:
                    21:34:15:ef:1d:64:3b:97:45:4a:84:01:49:6b:91:
                    57:16:ed:19:f7:8b:32:59:30:db:6b:40:31:94:0e:
                    e0:02:fa:c8:e8:2a:8a:8d:75:ac:a5:7a:67:8d:24:
                    7a:b4:b4:a9:57:cc:9e:fd:cd:91:8a:64:98:23:8f:
                    c6:78:51:12:b2:c6:b7:58:64:32:92:d0:4f:1c:0e:
                    67:6a:78:71:fc:0a:83:4b:14:91:ed:dd:00:a3:e6:
                    1a:ce:6a:84:d7:b9:86:58:94:08:7f:11:36:06:22:
                    eb:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:DE:A4:DA:F4:FA:99:94:F6:5F:DA:11:A7:2C:24:2F:63:98:70:28
            X509v3 Authority Key Identifier:
                keyid:49:98:6A:F9:BE:70:C9:F7:A7:BB:DE:B5:E3:E8:72:03:8F:59:7D:4E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/278B39519F38D9CF4B886A90BEA8C666D8C3215F50353FC7D2121D5E936EAF17/0/49986AF9BE70C9F7A7BBDEB5E3E872038F597D4E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/49986AF9BE70C9F7A7BBDEB5E3E872038F597D4E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/278B39519F38D9CF4B886A90BEA8C666D8C3215F50353FC7D2121D5E936EAF17/0/3230302e35392e3232342e302f31392d3234203d3e203237373531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.59.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         7c:7d:75:4d:bd:b7:07:e4:5b:1c:39:01:f5:a4:b2:00:4d:94:
         9f:8d:30:5f:8b:e9:d4:9d:e1:ce:60:96:dc:4e:2e:6a:ca:22:
         da:50:d3:2b:09:21:27:f3:51:d9:67:e9:2d:7f:d8:3e:84:8c:
         48:e1:7f:cc:44:38:b8:c6:51:5a:e2:c7:1e:ac:1e:cc:25:e4:
         58:bb:1e:40:ad:c9:7c:2d:f1:39:87:c8:c3:ae:ae:06:5c:2d:
         40:14:cd:d8:60:b5:e8:45:f1:7b:c8:23:3c:0d:71:94:c9:95:
         fd:3e:41:1b:6f:27:e9:b4:b9:ba:15:53:6e:2f:b0:72:74:30:
         f6:d2:2b:3f:c6:d4:be:bd:1d:98:2d:56:d7:da:b9:cd:78:37:
         2b:c1:02:10:f4:05:58:e8:a9:8d:92:1a:bd:2d:aa:87:d7:b6:
         bd:9b:7a:1c:8d:d2:cc:69:66:28:93:95:e1:3d:38:b7:66:16:
         a4:f1:4d:d6:9a:45:6d:93:c7:96:52:7e:c2:f9:7a:e8:f3:cd:
         29:14:a0:52:6a:d1:2d:ef:69:43:e0:94:44:2d:20:4b:c3:bf:
         42:d2:69:fb:91:41:ae:24:3a:27:7a:97:dd:af:0f:07:36:6d:
         3b:07:7a:fb:39:3c:cc:41:62:54:b9:b9:b9:de:26:05:d5:5d:
         59:01:e5:1c
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIULYs8i2YQIP1ktZRS+mnb2BoQ/j0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDk5ODZBRjlCRTcwQzlGN0E3QkJERUI1RTNFODcyMDM4
RjU5N0Q0RTAeFw0yNDEwMjgxNTMwMDBaFw0yNTEwMjcxNTM1MDBaMDMxMTAvBgNV
BAMTKDU2REVBNERBRjRGQTk5OTRGNjVGREExMUE3MkMyNDJGNjM5ODcwMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfqRpctvObGKiyVC9TYBPO3YlF
OnVyoWNN5jWp6xJhN1Bar8vgEF7jwzYGpNc/jIxNCld7K1eFtA5y1IGYBaVkGCSv
1nHPtAjQVastlGsxV1IphFVznNtnGI333XxhMerqqUncYoAldgw/G0ZTse0x7/Ec
ry/zxOAKPsHrFcDO1BQ8zP3UK9dI4rA4XEMwv0+Lw9wfUyE0Fe8dZDuXRUqEAUlr
kVcW7Rn3izJZMNtrQDGUDuAC+sjoKoqNdaylemeNJHq0tKlXzJ79zZGKZJgjj8Z4
URKyxrdYZDKS0E8cDmdqeHH8CoNLFJHt3QCj5hrOaoTXuYZYlAh/ETYGIuvNAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUVt6k2vT6mZT2X9oRpywkL2OYcCgwHwYDVR0j
BBgwFoAUSZhq+b5wyfenu9614+hyA49ZfU4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yNzhCMzk1MTlGMzhEOUNGNEI4ODZBOTBCRUE4QzY2NkQ4
QzMyMTVGNTAzNTNGQzdEMjEyMUQ1RTkzNkVBRjE3LzAvNDk5ODZBRjlCRTcwQzlG
N0E3QkJERUI1RTNFODcyMDM4RjU5N0Q0RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80OTk4NkFGOUJFNzBDOUY3QTdC
QkRFQjVFM0U4NzIwMzhGNTk3RDRFLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjc4QjM5NTE5RjM4RDlDRjRCODg2QTkwQkVBOEM2NjZEOEMzMjE1RjUw
MzUzRkM3RDIxMjFENUU5MzZFQUYxNy8wLzMyMzAzMDJlMzUzOTJlMzIzMjM0MmUz
MDJmMzEzOTJkMzIzNDIwM2QzZTIwMzIzNzM3MzUzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcg74DAN
BgkqhkiG9w0BAQsFAAOCAQEAfH11Tb23B+RbHDkB9aSyAE2Un40wX4vp1J3hzmCW
3E4uasoi2lDTKwkhJ/NR2WfpLX/YPoSMSOF/zEQ4uMZRWuLHHqwezCXkWLseQK3J
fC3xOYfIw66uBlwtQBTN2GC16EXxe8gjPA1xlMmV/T5BG28n6bS5uhVTbi+wcnQw
9tIrP8bUvr0dmC1W19q5zXg3K8ECEPQFWOipjZIavS2qh9e2vZt6HI3SzGlmKJOV
4T04t2YWpPFN1ppFbZPHllJ+wvl66PPNKRSgUmrRLe9pQ+CURC0gS8O/QtJp+5FB
riQ6J3qX3a8PBzZtOwd6+zk8zEFiVLm5ud4mBdVdWQHlHA==
-----END CERTIFICATE-----
Generated at Tue Oct 29 18:43:31 2024 by rpki-client on console-fra.rpki-client.org