Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3687998E84DC10F80F44DBA07D476A5AC0DCC4C86A52A468FD42B6493C56F911/0/3230302e312e3136312e302f32342d3234203d3e20323639393431.roa
File:                     3230302e312e3136312e302f32342d3234203d3e20323639393431.roa (raw, json)
Hash identifier:          nvnOotUGV8UUkIXSlvRjLxCKXlwXCo/+mSLukTn26x4=
Subject key identifier:   BA:C7:AB:61:A5:DE:65:62:DC:3E:DB:5A:21:69:16:F4:29:11:73:C1
Certificate issuer:       /CN=8FB5C88052FB05C9C4F2CED1DE5A464A20D6A37B
Certificate serial:       6D714C2AD07E48E359D6614C42BA8C342073FCFB
Authority key identifier: 8F:B5:C8:80:52:FB:05:C9:C4:F2:CE:D1:DE:5A:46:4A:20:D6:A3:7B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8FB5C88052FB05C9C4F2CED1DE5A464A20D6A37B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3687998E84DC10F80F44DBA07D476A5AC0DCC4C86A52A468FD42B6493C56F911/0/3230302e312e3136312e302f32342d3234203d3e20323639393431.roa
Signing time:             Tue 05 Mar 2024 18:10:04 +0000
ROA not before:           Tue 05 Mar 2024 18:05:04 +0000
ROA not after:            Tue 04 Mar 2025 18:10:04 +0000
asID:                     269941
IP address blocks:        200.1.161.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3687998E84DC10F80F44DBA07D476A5AC0DCC4C86A52A468FD42B6493C56F911/0/8FB5C88052FB05C9C4F2CED1DE5A464A20D6A37B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3687998E84DC10F80F44DBA07D476A5AC0DCC4C86A52A468FD42B6493C56F911/0/8FB5C88052FB05C9C4F2CED1DE5A464A20D6A37B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8FB5C88052FB05C9C4F2CED1DE5A464A20D6A37B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Dec 2024 18:44:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:71:4c:2a:d0:7e:48:e3:59:d6:61:4c:42:ba:8c:34:20:73:fc:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8FB5C88052FB05C9C4F2CED1DE5A464A20D6A37B
        Validity
            Not Before: Mar  5 18:05:04 2024 GMT
            Not After : Mar  4 18:10:04 2025 GMT
        Subject: CN=BAC7AB61A5DE6562DC3EDB5A216916F4291173C1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:5f:c7:4c:3c:73:4f:49:95:bc:ad:f0:ee:d5:
                    b5:a5:6f:7b:4b:b8:cf:ee:b3:88:7a:b5:4d:0b:92:
                    ae:33:9d:de:ca:0d:89:5f:0e:cd:3c:da:e9:4f:12:
                    82:9d:5c:3c:85:e2:36:66:d8:7c:98:74:2c:b4:28:
                    c9:e7:91:01:a7:4e:46:55:a1:cc:50:2b:19:a4:37:
                    f3:90:0c:46:f8:24:4c:91:64:18:be:7e:54:c8:da:
                    83:c4:a4:22:9a:65:bd:d0:c6:b8:47:24:78:3e:b6:
                    03:ae:71:a5:96:1d:72:35:08:56:81:5d:7d:30:ae:
                    59:e4:e3:e0:95:10:5d:6e:8e:33:90:ea:66:b2:ae:
                    e5:15:97:cc:4d:b7:07:0b:d8:c9:db:31:91:09:e3:
                    e5:9f:96:54:fe:ad:5d:eb:dd:2c:3b:d3:63:e9:97:
                    df:04:6a:29:28:af:dc:80:fc:90:52:30:27:69:6c:
                    ce:ce:57:6c:33:d6:4a:4f:63:40:9b:84:9d:98:cc:
                    2f:1f:ac:75:21:9d:5a:cb:d4:c5:84:8d:ca:86:8b:
                    b7:17:0c:31:94:6d:24:72:8e:b7:84:03:58:c6:a9:
                    e5:8a:f5:ea:99:be:58:80:8a:5d:b9:b8:21:f3:7d:
                    e1:97:68:39:ea:00:11:a0:dc:1e:53:cb:4e:fb:50:
                    c4:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:C7:AB:61:A5:DE:65:62:DC:3E:DB:5A:21:69:16:F4:29:11:73:C1
            X509v3 Authority Key Identifier:
                keyid:8F:B5:C8:80:52:FB:05:C9:C4:F2:CE:D1:DE:5A:46:4A:20:D6:A3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3687998E84DC10F80F44DBA07D476A5AC0DCC4C86A52A468FD42B6493C56F911/0/8FB5C88052FB05C9C4F2CED1DE5A464A20D6A37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8FB5C88052FB05C9C4F2CED1DE5A464A20D6A37B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3687998E84DC10F80F44DBA07D476A5AC0DCC4C86A52A468FD42B6493C56F911/0/3230302e312e3136312e302f32342d3234203d3e20323639393431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.1.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:b8:a7:48:fd:d3:ee:bb:d3:d7:1d:83:e1:c6:8c:2c:2a:c9:
         52:1f:04:32:12:ba:0a:b0:c8:1d:05:a0:da:80:47:0d:c7:a8:
         cd:3b:fd:69:94:ab:7c:35:60:5b:a2:7c:65:b5:24:6e:fa:65:
         9a:89:ac:82:86:5e:9d:41:da:46:52:8c:4f:b9:d4:99:1a:4d:
         0d:4c:9a:1f:ed:ad:21:b7:ba:69:38:da:1c:ca:d5:b1:20:b0:
         0d:aa:2f:d8:ee:ff:a7:46:61:2d:35:c7:83:dc:8f:a1:33:09:
         07:c1:04:bb:d4:43:f8:9e:3b:18:a2:cd:c2:b7:b4:a6:40:6e:
         a3:be:0b:d6:94:ba:f6:da:19:c9:e4:98:84:3b:ee:06:20:ad:
         dd:d8:f5:78:8c:ee:f4:2f:35:fd:8a:7b:9d:a7:31:f7:59:6e:
         68:55:c4:29:9d:52:60:b8:40:1a:39:c0:ae:c5:8f:2b:1f:6b:
         22:c2:95:60:d3:ae:c7:07:d7:73:7b:de:3f:f8:2d:86:ef:85:
         7d:d7:a6:32:49:e8:db:ef:b4:6c:d0:9d:ee:d7:e2:a3:8c:ac:
         dd:65:b5:bc:6e:65:8a:c7:4c:26:51:c9:51:79:e1:4e:c9:b3:
         9f:32:f0:d0:e4:10:cd:2b:2b:ed:2b:d3:c5:25:8e:fc:d3:9e:
         8b:6a:67:8a
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUbXFMKtB+SONZ1mFMQrqMNCBz/PswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEZCNUM4ODA1MkZCMDVDOUM0RjJDRUQxREU1QTQ2NEEy
MEQ2QTM3QjAeFw0yNDAzMDUxODA1MDRaFw0yNTAzMDQxODEwMDRaMDMxMTAvBgNV
BAMTKEJBQzdBQjYxQTVERTY1NjJEQzNFREI1QTIxNjkxNkY0MjkxMTczQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaX8dMPHNPSZW8rfDu1bWlb3tL
uM/us4h6tU0Lkq4znd7KDYlfDs082ulPEoKdXDyF4jZm2HyYdCy0KMnnkQGnTkZV
ocxQKxmkN/OQDEb4JEyRZBi+flTI2oPEpCKaZb3QxrhHJHg+tgOucaWWHXI1CFaB
XX0wrlnk4+CVEF1ujjOQ6mayruUVl8xNtwcL2MnbMZEJ4+WfllT+rV3r3Sw702Pp
l98Eaikor9yA/JBSMCdpbM7OV2wz1kpPY0CbhJ2YzC8frHUhnVrL1MWEjcqGi7cX
DDGUbSRyjreEA1jGqeWK9eqZvliAil25uCHzfeGXaDnqABGg3B5Ty077UMRBAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUuserYaXeZWLcPttaIWkW9CkRc8EwHwYDVR0j
BBgwFoAUj7XIgFL7BcnE8s7R3lpGSiDWo3swDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNjg3OTk4RTg0REMxMEY4MEY0NERCQTA3RDQ3NkE1QUMw
RENDNEM4NkE1MkE0NjhGRDQyQjY0OTNDNTZGOTExLzAvOEZCNUM4ODA1MkZCMDVD
OUM0RjJDRUQxREU1QTQ2NEEyMEQ2QTM3Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RkI1Qzg4MDUyRkIwNUM5QzRG
MkNFRDFERTVBNDY0QTIwRDZBMzdCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzY4Nzk5OEU4NERDMTBGODBGNDREQkEwN0Q0NzZBNUFDMERDQzRDODZB
NTJBNDY4RkQ0MkI2NDkzQzU2RjkxMS8wLzMyMzAzMDJlMzEyZTMxMzYzMTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzOTM5MzQzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMgBoTAN
BgkqhkiG9w0BAQsFAAOCAQEAUrinSP3T7rvT1x2D4caMLCrJUh8EMhK6CrDIHQWg
2oBHDceozTv9aZSrfDVgW6J8ZbUkbvplmomsgoZenUHaRlKMT7nUmRpNDUyaH+2t
Ibe6aTjaHMrVsSCwDaov2O7/p0ZhLTXHg9yPoTMJB8EEu9RD+J47GKLNwre0pkBu
o74L1pS69toZyeSYhDvuBiCt3dj1eIzu9C81/Yp7nacx91luaFXEKZ1SYLhAGjnA
rsWPKx9rIsKVYNOuxwfXc3veP/gthu+FfdemMkno2++0bNCd7tfio4ys3WW1vG5l
isdMJlHJUXnhTsmznzLw0OQQzSsr7SvTxSWO/NOei2pnig==
-----END CERTIFICATE-----
Generated at Sun Dec 8 15:43:57 2024 by rpki-client on console-ams.rpki-client.org