Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/3230302e3131322e3230362e302f32332d3233203d3e20323632313931.roa
File:                     3230302e3131322e3230362e302f32332d3233203d3e20323632313931.roa (raw, json)
Hash identifier:          AKZi1so/t4H1b2RYPjlqvZS12sWm1JN38uSwn+5487w=
Subject key identifier:   DC:63:90:7C:22:BB:DF:A1:4E:8C:AA:E2:C9:8B:E3:4F:93:5C:D4:80
Certificate issuer:       /CN=85B7D9685BA8DA2D6F481C323611ED64944F6273
Certificate serial:       7FBE1C3B010FC75D9166526E0BDD011C6ED0245B
Authority key identifier: 85:B7:D9:68:5B:A8:DA:2D:6F:48:1C:32:36:11:ED:64:94:4F:62:73
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/3230302e3131322e3230362e302f32332d3233203d3e20323632313931.roa
Signing time:             Mon 28 Oct 2024 20:45:00 +0000
ROA not before:           Mon 28 Oct 2024 20:40:00 +0000
ROA not after:            Mon 27 Oct 2025 20:45:00 +0000
asID:                     262191
IP address blocks:        200.112.206.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.crl
                          rsync://repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 07:58:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:be:1c:3b:01:0f:c7:5d:91:66:52:6e:0b:dd:01:1c:6e:d0:24:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85B7D9685BA8DA2D6F481C323611ED64944F6273
        Validity
            Not Before: Oct 28 20:40:00 2024 GMT
            Not After : Oct 27 20:45:00 2025 GMT
        Subject: CN=DC63907C22BBDFA14E8CAAE2C98BE34F935CD480
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:90:8d:7b:8e:18:83:c7:d0:a0:54:41:67:dc:
                    42:29:3d:c0:2c:50:ab:25:74:2c:51:4c:2f:2c:8a:
                    33:93:0e:8b:cf:08:cb:fe:58:67:f1:f1:3c:b3:22:
                    d2:e9:0f:c5:20:f1:eb:e9:06:d6:d2:44:8e:a3:bb:
                    27:b7:16:d8:5d:69:e6:42:b9:50:05:a5:48:a3:7c:
                    44:bd:8e:d8:3c:63:ba:37:df:39:52:67:5f:97:3a:
                    85:f3:b5:e6:6f:7a:ec:1a:bb:6d:24:3d:26:6c:2d:
                    e6:2c:aa:85:b2:01:23:de:c9:23:9b:2d:45:c1:5a:
                    6c:8c:96:58:da:95:1c:b7:84:92:dc:ef:63:f6:37:
                    65:69:5a:81:b0:f4:1f:0e:33:72:2c:ab:9d:00:c0:
                    f5:96:ee:f6:0b:39:b7:5e:2a:38:09:10:d4:93:c8:
                    82:5b:36:67:d0:0b:39:cb:84:a0:a4:20:07:59:02:
                    26:9b:72:fc:ba:21:58:e9:70:54:0d:ba:51:44:39:
                    98:58:a9:d4:d3:bb:eb:cc:8d:b1:cc:9b:c4:9f:b3:
                    b3:c1:17:4a:29:da:f0:bc:34:41:f5:be:65:f3:5d:
                    f4:d8:ba:68:68:76:97:07:a3:c2:23:ee:10:f3:32:
                    35:aa:52:15:13:fa:cc:3d:41:5a:f6:03:18:12:9b:
                    3f:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:63:90:7C:22:BB:DF:A1:4E:8C:AA:E2:C9:8B:E3:4F:93:5C:D4:80
            X509v3 Authority Key Identifier:
                keyid:85:B7:D9:68:5B:A8:DA:2D:6F:48:1C:32:36:11:ED:64:94:4F:62:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/3230302e3131322e3230362e302f32332d3233203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.112.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ad:6e:c7:c0:c8:b4:33:27:82:e6:30:48:12:c5:c7:ea:ee:97:
         37:a9:2b:07:a2:89:f3:27:c8:57:2c:a5:98:8b:c0:e7:56:1f:
         fa:32:dd:c5:f1:9d:e2:ee:66:2b:ca:3a:85:ff:86:8b:af:1a:
         2c:e5:01:6d:b5:53:55:d9:51:a1:f6:0c:f2:db:0d:26:66:96:
         ea:cd:a2:2e:f0:14:87:06:bd:50:c8:86:ba:ed:d3:4a:d1:96:
         c8:09:7e:45:f3:82:12:b0:82:cb:4d:31:40:42:30:5e:e6:c1:
         87:e8:8c:59:f6:60:6f:c7:e3:a1:ea:9a:fc:00:45:59:55:08:
         dc:10:cf:bf:a2:53:84:6e:32:1e:dc:eb:a3:13:e7:c7:85:bd:
         21:16:c9:3d:9a:26:63:3b:63:6f:04:49:5e:91:52:27:71:52:
         82:ed:aa:16:1d:96:5c:0e:d0:87:76:8f:fd:22:5f:41:6e:fd:
         74:c4:d8:ec:dc:d6:d2:7e:a1:71:b6:73:32:b6:3c:9f:ac:c4:
         fe:c2:2c:d7:f3:77:4c:d5:a9:0f:7a:d0:71:26:44:72:2d:25:
         c2:7b:79:56:8b:3c:50:b9:21:3f:7a:a3:51:04:5a:64:52:ba:
         18:cc:93:e5:f2:42:06:85:48:54:cb:33:5f:d7:a7:46:6b:99:
         8c:06:5c:61
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUf74cOwEPx12RZlJuC90BHG7QJFswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVCN0Q5Njg1QkE4REEyRDZGNDgxQzMyMzYxMUVENjQ5
NDRGNjI3MzAeFw0yNDEwMjgyMDQwMDBaFw0yNTEwMjcyMDQ1MDBaMDMxMTAvBgNV
BAMTKERDNjM5MDdDMjJCQkRGQTE0RThDQUFFMkM5OEJFMzRGOTM1Q0Q0ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHkI17jhiDx9CgVEFn3EIpPcAs
UKsldCxRTC8sijOTDovPCMv+WGfx8TyzItLpD8Ug8evpBtbSRI6juye3FthdaeZC
uVAFpUijfES9jtg8Y7o33zlSZ1+XOoXzteZveuwau20kPSZsLeYsqoWyASPeySOb
LUXBWmyMlljalRy3hJLc72P2N2VpWoGw9B8OM3Isq50AwPWW7vYLObdeKjgJENST
yIJbNmfQCznLhKCkIAdZAiabcvy6IVjpcFQNulFEOZhYqdTTu+vMjbHMm8Sfs7PB
F0op2vC8NEH1vmXzXfTYumhodpcHo8Ij7hDzMjWqUhUT+sw9QVr2AxgSmz+NAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU3GOQfCK736FOjKriyYvjT5Nc1IAwHwYDVR0j
BBgwFoAUhbfZaFuo2i1vSBwyNhHtZJRPYnMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zMTdFOTRFM0VDRkVBNzRCRUQ0MUZCQjMwNkE3MUIzQ0E4
RTcxN0ZGN0JBQjg2RjRDQjRCM0E1Q0Y3MDk5NjRDLzAvODVCN0Q5Njg1QkE4REEy
RDZGNDgxQzMyMzYxMUVENjQ5NDRGNjI3My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUI3RDk2ODVCQThEQTJENkY0
ODFDMzIzNjExRUQ2NDk0NEY2MjczLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzE3RTk0RTNFQ0ZFQTc0QkVENDFGQkIzMDZBNzFCM0NBOEU3MTdGRjdC
QUI4NkY0Q0I0QjNBNUNGNzA5OTY0Qy8wLzMyMzAzMDJlMzEzMTMyMmUzMjMwMzYy
ZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHI
cM4wDQYJKoZIhvcNAQELBQADggEBAK1ux8DItDMnguYwSBLFx+rulzepKweiifMn
yFcspZiLwOdWH/oy3cXxneLuZivKOoX/houvGizlAW21U1XZUaH2DPLbDSZmlurN
oi7wFIcGvVDIhrrt00rRlsgJfkXzghKwgstNMUBCMF7mwYfojFn2YG/H46HqmvwA
RVlVCNwQz7+iU4RuMh7c66MT58eFvSEWyT2aJmM7Y28ESV6RUidxUoLtqhYdllwO
0Id2j/0iX0Fu/XTE2Ozc1tJ+oXG2czK2PJ+sxP7CLNfzd0zVqQ960HEmRHItJcJ7
eVaLPFC5IT96o1EEWmRSuhjMk+XyQgaFSFTLM1/Xp0ZrmYwGXGE=
-----END CERTIFICATE-----
Generated at Mon Oct 28 22:52:53 2024 by rpki-client on console-fra.rpki-client.org