Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/30127BBDF1288CD0BA539012212C6F5AC05F1A32BDC9A82FAD01CF9435C1615C/0/3230302e31342e36332e302f32342d3234203d3e20323731383935.roa
File:                     3230302e31342e36332e302f32342d3234203d3e20323731383935.roa (raw, json)
Hash identifier:          XEVqr48nhvidrmpq9EO5b17HQxverB8SR/xF3arks5E=
Subject key identifier:   E0:C7:E1:37:AE:E1:2C:D0:B8:A5:44:8D:88:CA:4E:90:DC:1E:86:B1
Certificate issuer:       /CN=35DDCBBB8168CAB40A53D8B5D3F8CDF858D3A99C
Certificate serial:       50AC9062EB0F7E91F07AA5D44B50F36A2C305799
Authority key identifier: 35:DD:CB:BB:81:68:CA:B4:0A:53:D8:B5:D3:F8:CD:F8:58:D3:A9:9C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/35DDCBBB8168CAB40A53D8B5D3F8CDF858D3A99C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/30127BBDF1288CD0BA539012212C6F5AC05F1A32BDC9A82FAD01CF9435C1615C/0/3230302e31342e36332e302f32342d3234203d3e20323731383935.roa
Signing time:             Tue 05 Mar 2024 18:22:25 +0000
ROA not before:           Tue 05 Mar 2024 18:17:25 +0000
ROA not after:            Tue 04 Mar 2025 18:22:25 +0000
asID:                     271895
IP address blocks:        200.14.63.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/30127BBDF1288CD0BA539012212C6F5AC05F1A32BDC9A82FAD01CF9435C1615C/0/35DDCBBB8168CAB40A53D8B5D3F8CDF858D3A99C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/30127BBDF1288CD0BA539012212C6F5AC05F1A32BDC9A82FAD01CF9435C1615C/0/35DDCBBB8168CAB40A53D8B5D3F8CDF858D3A99C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/35DDCBBB8168CAB40A53D8B5D3F8CDF858D3A99C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 22 Nov 2024 14:52:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:ac:90:62:eb:0f:7e:91:f0:7a:a5:d4:4b:50:f3:6a:2c:30:57:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35DDCBBB8168CAB40A53D8B5D3F8CDF858D3A99C
        Validity
            Not Before: Mar  5 18:17:25 2024 GMT
            Not After : Mar  4 18:22:25 2025 GMT
        Subject: CN=E0C7E137AEE12CD0B8A5448D88CA4E90DC1E86B1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:91:18:f9:54:92:14:ca:c9:5a:81:d7:2a:81:
                    f6:95:3d:80:07:e7:4a:3c:3d:d8:ea:d5:ec:8c:22:
                    f9:02:62:04:d9:c9:35:c6:68:2f:7d:bd:f1:84:cf:
                    e0:2f:a2:19:1d:1c:52:82:ce:e1:6a:24:91:6c:2a:
                    86:23:e7:92:a5:d2:22:a7:7e:a1:dd:c8:83:88:06:
                    c5:3f:20:cb:43:48:11:62:b4:38:9b:f3:7f:0f:51:
                    0c:7f:5a:46:66:78:ed:62:3c:42:15:f9:91:7f:27:
                    3f:ea:06:f3:db:2b:31:f4:b8:ec:8c:8a:4d:58:c0:
                    1f:d0:44:96:1e:b1:dd:59:cb:e5:88:7d:23:49:c0:
                    c0:d5:59:f9:6d:4a:18:28:38:22:48:6a:9d:21:cf:
                    5c:05:fa:08:b5:a9:4a:56:a4:0c:8c:70:98:98:1f:
                    15:13:3c:d4:b4:e5:8d:40:b3:b3:d7:7e:3d:3f:ea:
                    14:79:35:82:cf:c5:9b:0d:31:79:ca:a7:40:29:c5:
                    ce:34:6d:12:db:ee:42:82:7c:6f:6d:5e:f4:a9:b1:
                    a6:2f:b6:79:d8:00:77:9c:d2:b7:bc:71:28:1e:4f:
                    6d:f2:89:d4:9a:66:e7:a6:3b:2b:24:de:1d:fc:92:
                    22:6e:11:da:94:bc:80:1a:68:e6:ef:c9:5b:05:4f:
                    fd:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:C7:E1:37:AE:E1:2C:D0:B8:A5:44:8D:88:CA:4E:90:DC:1E:86:B1
            X509v3 Authority Key Identifier:
                keyid:35:DD:CB:BB:81:68:CA:B4:0A:53:D8:B5:D3:F8:CD:F8:58:D3:A9:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/30127BBDF1288CD0BA539012212C6F5AC05F1A32BDC9A82FAD01CF9435C1615C/0/35DDCBBB8168CAB40A53D8B5D3F8CDF858D3A99C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/35DDCBBB8168CAB40A53D8B5D3F8CDF858D3A99C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/30127BBDF1288CD0BA539012212C6F5AC05F1A32BDC9A82FAD01CF9435C1615C/0/3230302e31342e36332e302f32342d3234203d3e20323731383935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.14.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:44:48:6a:b1:47:06:f3:79:12:0e:f9:5e:b8:b2:ad:44:f1:
         34:65:e1:bf:39:35:ed:a1:3c:fd:44:e6:f0:06:b6:26:59:be:
         c3:81:68:b4:91:a0:6f:16:1d:28:b8:a0:5c:2a:d0:c8:b7:dc:
         46:29:d9:39:b9:54:cd:ba:db:78:9a:c7:42:40:67:3b:f8:2f:
         f8:21:eb:b8:31:f3:79:9d:a8:5f:80:53:5a:67:1c:f4:35:3c:
         83:15:d8:39:31:7f:a3:5e:0a:4a:ee:04:fc:c5:3a:a6:39:a2:
         8d:a5:1b:16:db:15:c3:b1:35:11:0d:d8:cd:54:bf:92:cc:8c:
         cc:bf:2c:3e:da:d1:42:95:30:67:5b:ef:54:41:e9:f1:e5:64:
         50:42:61:4a:1b:f8:12:72:7c:1b:80:94:e8:bf:7f:ef:b7:0d:
         79:56:fc:86:86:88:bc:08:f6:07:8d:2d:a1:af:c5:42:4f:ed:
         69:0a:64:ea:b2:88:9e:eb:3d:ad:be:89:b7:e7:03:5c:17:83:
         06:11:e4:00:24:89:a2:7f:7d:e6:d2:c4:8c:b4:85:6d:7c:90:
         aa:15:58:bc:ad:93:a1:5a:5a:fb:bf:92:15:e6:b4:cd:37:72:
         97:3d:3e:a9:f0:40:dd:3a:c5:4f:a8:82:a2:ed:2b:bf:c7:f2:
         b5:fc:32:24
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUUKyQYusPfpHweqXUS1DzaiwwV5kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzVERENCQkI4MTY4Q0FCNDBBNTNEOEI1RDNGOENERjg1
OEQzQTk5QzAeFw0yNDAzMDUxODE3MjVaFw0yNTAzMDQxODIyMjVaMDMxMTAvBgNV
BAMTKEUwQzdFMTM3QUVFMTJDRDBCOEE1NDQ4RDg4Q0E0RTkwREMxRTg2QjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfkRj5VJIUyslagdcqgfaVPYAH
50o8Pdjq1eyMIvkCYgTZyTXGaC99vfGEz+AvohkdHFKCzuFqJJFsKoYj55Kl0iKn
fqHdyIOIBsU/IMtDSBFitDib838PUQx/WkZmeO1iPEIV+ZF/Jz/qBvPbKzH0uOyM
ik1YwB/QRJYesd1Zy+WIfSNJwMDVWfltShgoOCJIap0hz1wF+gi1qUpWpAyMcJiY
HxUTPNS05Y1As7PXfj0/6hR5NYLPxZsNMXnKp0Apxc40bRLb7kKCfG9tXvSpsaYv
tnnYAHec0re8cSgeT23yidSaZuemOysk3h38kiJuEdqUvIAaaObvyVsFT/1ZAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU4MfhN67hLNC4pUSNiMpOkNwehrEwHwYDVR0j
BBgwFoAUNd3Lu4FoyrQKU9i10/jN+FjTqZwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zMDEyN0JCREYxMjg4Q0QwQkE1MzkwMTIyMTJDNkY1QUMw
NUYxQTMyQkRDOUE4MkZBRDAxQ0Y5NDM1QzE2MTVDLzAvMzVERENCQkI4MTY4Q0FC
NDBBNTNEOEI1RDNGOENERjg1OEQzQTk5Qy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zNUREQ0JCQjgxNjhDQUI0MEE1
M0Q4QjVEM0Y4Q0RGODU4RDNBOTlDLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzAxMjdCQkRGMTI4OENEMEJBNTM5MDEyMjEyQzZGNUFDMDVGMUEzMkJE
QzlBODJGQUQwMUNGOTQzNUMxNjE1Qy8wLzMyMzAzMDJlMzEzNDJlMzYzMzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczMTM4MzkzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMgOPzAN
BgkqhkiG9w0BAQsFAAOCAQEAp0RIarFHBvN5Eg75XriyrUTxNGXhvzk17aE8/UTm
8Aa2Jlm+w4FotJGgbxYdKLigXCrQyLfcRinZOblUzbrbeJrHQkBnO/gv+CHruDHz
eZ2oX4BTWmcc9DU8gxXYOTF/o14KSu4E/MU6pjmijaUbFtsVw7E1EQ3YzVS/ksyM
zL8sPtrRQpUwZ1vvVEHp8eVkUEJhShv4EnJ8G4CU6L9/77cNeVb8hoaIvAj2B40t
oa/FQk/taQpk6rKInus9rb6Jt+cDXBeDBhHkACSJon995tLEjLSFbXyQqhVYvK2T
oVpa+7+SFea0zTdylz0+qfBA3TrFT6iCou0rv8fytfwyJA==
-----END CERTIFICATE-----
Generated at Tue Nov 19 09:16:36 2024 by rpki-client on console-fra.rpki-client.org