Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32332d3233203d3e203532333939.roa
File:                     3230302e372e3135322e302f32332d3233203d3e203532333939.roa (raw, json)
Hash identifier:          949Ab/rHRSzQEhuK18cJN5JL358k++OL5Kz4jTZHoEA=
Subject key identifier:   15:60:29:97:CE:15:51:B6:31:AA:79:0B:51:90:F0:6D:D4:AE:7C:C5
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       2D190C6305459DAE29A69C8730FB759C1F039F80
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32332d3233203d3e203532333939.roa
Signing time:             Tue 05 Mar 2024 17:42:59 +0000
ROA not before:           Tue 05 Mar 2024 17:37:59 +0000
ROA not after:            Tue 04 Mar 2025 17:42:59 +0000
asID:                     52399
IP address blocks:        200.7.152.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:19:0c:63:05:45:9d:ae:29:a6:9c:87:30:fb:75:9c:1f:03:9f:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Mar  5 17:37:59 2024 GMT
            Not After : Mar  4 17:42:59 2025 GMT
        Subject: CN=15602997CE1551B631AA790B5190F06DD4AE7CC5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:5c:2b:70:0f:f0:3d:11:83:44:01:f7:c0:69:
                    34:f6:7f:5b:0a:22:10:32:a4:fd:14:8b:1c:b1:bd:
                    1a:73:1f:f5:98:1c:58:e5:16:9f:c4:48:7e:11:1e:
                    5d:2c:19:e1:d2:29:f5:11:69:bf:73:12:ed:55:9e:
                    16:4f:60:d0:5a:2c:43:31:a8:6a:96:2e:0a:43:7d:
                    d3:7f:af:fc:49:da:84:9a:d4:26:8a:33:e1:54:5b:
                    c2:5a:1c:2d:98:3c:9f:a6:02:f3:a6:92:87:65:e1:
                    e2:9e:a0:bd:25:46:ad:8b:29:63:ac:d6:35:a1:e5:
                    4d:12:2d:84:88:ae:b3:f4:6c:95:42:de:9d:65:22:
                    67:3a:80:f6:fa:13:bf:5d:e0:12:19:a7:99:ea:ba:
                    bb:27:d3:09:27:13:42:49:10:6c:16:3c:01:03:4e:
                    6c:25:a2:c1:e1:c0:4e:37:f0:85:aa:6b:f9:cb:5a:
                    a3:21:64:2b:9e:54:12:8c:e8:9b:7c:0d:d8:2a:80:
                    eb:2d:e3:3c:9b:9a:28:04:b5:78:e8:b8:2c:39:b3:
                    21:b9:33:fa:77:e8:1b:1d:2a:09:a3:aa:5e:3e:21:
                    fb:c2:02:61:89:99:cb:8f:44:79:19:1f:c2:a8:c7:
                    02:15:27:25:09:f4:24:18:58:bd:14:42:5e:dd:d1:
                    3c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:60:29:97:CE:15:51:B6:31:AA:79:0B:51:90:F0:6D:D4:AE:7C:C5
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32332d3233203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.152.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5f:eb:dd:35:26:2b:91:46:66:b8:4f:31:49:2c:c2:60:d9:eb:
         81:47:b7:34:da:b0:f9:83:de:36:bd:78:e9:d4:f7:d7:1d:a2:
         1d:b1:2f:9f:8b:5e:72:cd:92:d9:9d:99:3a:d0:ce:3e:8b:43:
         f9:ae:c7:47:54:35:c7:f8:86:e0:23:43:10:df:fc:71:9c:13:
         e1:02:4a:4a:0a:af:09:0e:84:8b:93:a3:1f:c6:62:82:6a:eb:
         9b:26:88:4b:10:8f:74:36:e3:2a:83:42:d4:e5:28:26:f4:e7:
         9d:1d:17:2c:ca:1c:b9:1b:d3:55:94:ec:34:bf:09:25:18:10:
         4f:80:b3:e7:36:b9:41:43:3d:67:e7:2d:0e:36:6e:9b:97:e9:
         ec:84:68:14:a2:f5:ad:29:51:51:33:36:61:6f:7c:9a:83:e0:
         2c:48:06:fc:d8:3e:f5:5b:4d:ee:f6:37:70:6c:74:70:f0:78:
         d8:25:94:f5:64:32:7c:43:d7:2e:2d:9a:78:91:2b:73:b1:cd:
         ea:07:a8:ed:12:87:24:85:1d:2d:5a:56:6b:39:f6:d2:57:67:
         f8:81:32:d5:3d:71:bf:4a:35:e0:85:e9:a9:3d:00:d5:aa:07:
         d9:6b:24:d2:37:65:4a:df:b1:95:16:07:df:e1:9f:b4:86:6a:
         d3:4c:30:c0
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIULRkMYwVFna4pppyHMPt1nB8Dn4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNDAzMDUxNzM3NTlaFw0yNTAzMDQxNzQyNTlaMDMxMTAvBgNV
BAMTKDE1NjAyOTk3Q0UxNTUxQjYzMUFBNzkwQjUxOTBGMDZERDRBRTdDQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUXCtwD/A9EYNEAffAaTT2f1sK
IhAypP0UixyxvRpzH/WYHFjlFp/ESH4RHl0sGeHSKfURab9zEu1VnhZPYNBaLEMx
qGqWLgpDfdN/r/xJ2oSa1CaKM+FUW8JaHC2YPJ+mAvOmkodl4eKeoL0lRq2LKWOs
1jWh5U0SLYSIrrP0bJVC3p1lImc6gPb6E79d4BIZp5nqursn0wknE0JJEGwWPAED
TmwlosHhwE438IWqa/nLWqMhZCueVBKM6Jt8DdgqgOst4zybmigEtXjouCw5syG5
M/p36BsdKgmjql4+IfvCAmGJmcuPRHkZH8KoxwIVJyUJ9CQYWL0UQl7d0TxJAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUFWApl84VUbYxqnkLUZDwbdSufMUwHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzAzMDJlMzcyZTMxMzUzMjJlMzAy
ZjMyMzMyZDMyMzMyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHIB5gwDQYJ
KoZIhvcNAQELBQADggEBAF/r3TUmK5FGZrhPMUkswmDZ64FHtzTasPmD3ja9eOnU
99cdoh2xL5+LXnLNktmdmTrQzj6LQ/mux0dUNcf4huAjQxDf/HGcE+ECSkoKrwkO
hIuTox/GYoJq65smiEsQj3Q24yqDQtTlKCb0550dFyzKHLkb01WU7DS/CSUYEE+A
s+c2uUFDPWfnLQ42bpuX6eyEaBSi9a0pUVEzNmFvfJqD4CxIBvzYPvVbTe72N3Bs
dHDweNgllPVkMnxD1y4tmniRK3OxzeoHqO0ShySFHS1aVms59tJXZ/iBMtU9cb9K
NeCF6ak9ANWqB9lrJNI3ZUrfsZUWB9/hn7SGatNMMMA=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:10:55 2024 by rpki-client on console-fra.rpki-client.org