Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/3230302e3131322e3230302e302f32322d3232203d3e20323632313931.roa
File:                     3230302e3131322e3230302e302f32322d3232203d3e20323632313931.roa (raw, json)
Hash identifier:          9mn39jnUmFzAdIBWGuxk4tlM34O+W1NBE2o+LqjRM0I=
Subject key identifier:   C0:6A:74:51:4F:F9:5B:DA:DF:21:FD:F5:65:89:27:20:30:A9:BD:9E
Certificate issuer:       /CN=85B7D9685BA8DA2D6F481C323611ED64944F6273
Certificate serial:       1EDDA21DE3A4575AA49655F6A0D83CCA9D33FA6A
Authority key identifier: 85:B7:D9:68:5B:A8:DA:2D:6F:48:1C:32:36:11:ED:64:94:4F:62:73
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/3230302e3131322e3230302e302f32322d3232203d3e20323632313931.roa
Signing time:             Mon 28 Oct 2024 20:45:01 +0000
ROA not before:           Mon 28 Oct 2024 20:40:01 +0000
ROA not after:            Mon 27 Oct 2025 20:45:01 +0000
asID:                     262191
IP address blocks:        200.112.200.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.crl
                          rsync://repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 07:58:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:dd:a2:1d:e3:a4:57:5a:a4:96:55:f6:a0:d8:3c:ca:9d:33:fa:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85B7D9685BA8DA2D6F481C323611ED64944F6273
        Validity
            Not Before: Oct 28 20:40:01 2024 GMT
            Not After : Oct 27 20:45:01 2025 GMT
        Subject: CN=C06A74514FF95BDADF21FDF56589272030A9BD9E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:b6:0b:f7:6a:60:aa:28:69:80:da:b5:35:d1:
                    8b:eb:8a:b2:e9:df:52:0a:be:2b:f7:a6:cc:cc:dd:
                    f4:c3:97:20:14:8d:7a:54:f5:18:8a:a1:b5:16:dc:
                    d3:b0:50:e4:42:62:a4:38:68:49:7a:d0:e3:83:5b:
                    ff:52:15:44:82:43:67:3c:75:b0:1c:8d:fa:93:f4:
                    cd:ec:38:9a:9b:66:92:61:5d:7d:eb:ac:ed:d4:a0:
                    cb:41:b8:3f:35:c4:1a:2e:07:8e:a9:9f:9d:f0:84:
                    81:7b:c9:67:fb:2d:b2:68:95:70:7a:63:0e:36:24:
                    37:f0:a9:7e:dc:2f:5a:a7:d1:87:16:78:ac:ce:49:
                    d1:b0:64:ef:c1:85:b7:0a:a8:4b:bf:4c:59:ac:d3:
                    ff:3a:3f:4a:ae:3f:f9:50:c0:e3:34:57:f2:dc:19:
                    c1:63:46:18:6f:30:e3:43:5f:f4:4b:c2:da:b9:df:
                    b8:01:59:93:6f:c4:72:00:e4:42:36:d6:c5:70:37:
                    9e:83:16:ca:0f:1f:fd:a6:d8:81:63:35:de:61:6f:
                    9e:65:4c:72:d9:30:b6:cd:01:9e:9a:ab:13:be:3a:
                    d2:b9:19:96:73:19:1b:ce:26:00:a4:f6:dc:d3:20:
                    52:51:50:dc:05:bf:ed:74:2f:b4:6c:fa:98:14:85:
                    14:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:6A:74:51:4F:F9:5B:DA:DF:21:FD:F5:65:89:27:20:30:A9:BD:9E
            X509v3 Authority Key Identifier:
                keyid:85:B7:D9:68:5B:A8:DA:2D:6F:48:1C:32:36:11:ED:64:94:4F:62:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/3230302e3131322e3230302e302f32322d3232203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.112.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         23:27:51:7a:f1:17:fd:54:50:47:f6:cb:a5:c6:30:be:34:fd:
         99:b3:70:69:c9:0a:3b:c2:f6:41:62:1b:c5:45:f5:ed:8c:08:
         69:53:fb:38:57:22:59:8b:96:33:ad:ce:83:3b:e6:e5:4d:44:
         e7:42:87:c7:e2:5c:70:08:55:61:16:22:0a:78:33:96:87:fe:
         e5:90:8a:8f:38:dc:f3:89:72:8c:8a:25:d0:8a:a2:f5:ef:d8:
         1c:7d:43:87:34:37:29:be:94:16:ab:70:a6:9b:21:53:51:6e:
         d1:4e:b6:a3:e8:54:a3:42:89:f5:f8:93:85:d4:b7:09:1b:4e:
         6b:28:cb:30:cc:37:22:71:79:b4:cd:c4:78:7f:1b:ba:73:3a:
         94:e4:e9:8e:48:8a:82:36:7f:fb:e1:88:ca:98:c3:e9:b5:70:
         a7:5c:20:b9:c4:db:53:10:ba:dd:f2:9c:4e:1e:c1:c2:2f:90:
         65:e3:ce:2f:47:27:8f:b7:7a:3c:9c:ac:98:1a:55:5c:5c:eb:
         1d:16:ec:62:7d:26:1b:59:59:89:47:6b:07:e1:a2:d8:0d:bf:
         de:82:a1:0d:17:14:29:bc:1b:77:cc:5d:60:83:d7:ce:2a:91:
         6b:30:2e:26:bd:92:3b:cd:d1:52:81:03:4b:2e:b5:ad:9e:e1:
         8c:a4:a4:76
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUHt2iHeOkV1qkllX2oNg8yp0z+mowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVCN0Q5Njg1QkE4REEyRDZGNDgxQzMyMzYxMUVENjQ5
NDRGNjI3MzAeFw0yNDEwMjgyMDQwMDFaFw0yNTEwMjcyMDQ1MDFaMDMxMTAvBgNV
BAMTKEMwNkE3NDUxNEZGOTVCREFERjIxRkRGNTY1ODkyNzIwMzBBOUJEOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDatgv3amCqKGmA2rU10YvrirLp
31IKviv3pszM3fTDlyAUjXpU9RiKobUW3NOwUORCYqQ4aEl60OODW/9SFUSCQ2c8
dbAcjfqT9M3sOJqbZpJhXX3rrO3UoMtBuD81xBouB46pn53whIF7yWf7LbJolXB6
Yw42JDfwqX7cL1qn0YcWeKzOSdGwZO/BhbcKqEu/TFms0/86P0quP/lQwOM0V/Lc
GcFjRhhvMONDX/RLwtq537gBWZNvxHIA5EI21sVwN56DFsoPH/2m2IFjNd5hb55l
THLZMLbNAZ6aqxO+OtK5GZZzGRvOJgCk9tzTIFJRUNwFv+10L7Rs+pgUhRRPAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUwGp0UU/5W9rfIf31ZYknIDCpvZ4wHwYDVR0j
BBgwFoAUhbfZaFuo2i1vSBwyNhHtZJRPYnMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zMTdFOTRFM0VDRkVBNzRCRUQ0MUZCQjMwNkE3MUIzQ0E4
RTcxN0ZGN0JBQjg2RjRDQjRCM0E1Q0Y3MDk5NjRDLzAvODVCN0Q5Njg1QkE4REEy
RDZGNDgxQzMyMzYxMUVENjQ5NDRGNjI3My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUI3RDk2ODVCQThEQTJENkY0
ODFDMzIzNjExRUQ2NDk0NEY2MjczLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzE3RTk0RTNFQ0ZFQTc0QkVENDFGQkIzMDZBNzFCM0NBOEU3MTdGRjdC
QUI4NkY0Q0I0QjNBNUNGNzA5OTY0Qy8wLzMyMzAzMDJlMzEzMTMyMmUzMjMwMzAy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALI
cMgwDQYJKoZIhvcNAQELBQADggEBACMnUXrxF/1UUEf2y6XGML40/ZmzcGnJCjvC
9kFiG8VF9e2MCGlT+zhXIlmLljOtzoM75uVNROdCh8fiXHAIVWEWIgp4M5aH/uWQ
io843POJcoyKJdCKovXv2Bx9Q4c0Nym+lBarcKabIVNRbtFOtqPoVKNCifX4k4XU
twkbTmsoyzDMNyJxebTNxHh/G7pzOpTk6Y5IioI2f/vhiMqYw+m1cKdcILnE21MQ
ut3ynE4ewcIvkGXjzi9HJ4+3ejycrJgaVVxc6x0W7GJ9JhtZWYlHawfhotgNv96C
oQ0XFCm8G3fMXWCD184qkWswLia9kjvN0VKBA0suta2e4YykpHY=
-----END CERTIFICATE-----
Generated at Mon Oct 28 22:52:53 2024 by rpki-client on console-fra.rpki-client.org