Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3230302e3130362e3233382e302f32342d3234203d3e203532323632.roa
File:                     3230302e3130362e3233382e302f32342d3234203d3e203532323632.roa (raw, json)
Hash identifier:          8o3IHAuPPcUtfoewpQUW3NXLDjRTnsQtJTTVMSpeEpg=
Subject key identifier:   4F:DE:F5:6B:89:8F:14:48:CC:F8:9C:4A:BC:14:4F:D9:38:D1:6B:EC
Certificate issuer:       /CN=9BCCBD68EB22C37B886D81BDFC8BA77CD7312208
Certificate serial:       4D6A19250F82D923E3C76B467F5598C2B60DF657
Authority key identifier: 9B:CC:BD:68:EB:22:C3:7B:88:6D:81:BD:FC:8B:A7:7C:D7:31:22:08
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3230302e3130362e3233382e302f32342d3234203d3e203532323632.roa
Signing time:             Tue 04 Feb 2025 20:02:08 +0000
ROA not before:           Tue 04 Feb 2025 19:57:08 +0000
ROA not after:            Tue 03 Feb 2026 20:02:08 +0000
asID:                     52262
IP address blocks:        200.106.238.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Feb 2025 19:16:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:6a:19:25:0f:82:d9:23:e3:c7:6b:46:7f:55:98:c2:b6:0d:f6:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9BCCBD68EB22C37B886D81BDFC8BA77CD7312208
        Validity
            Not Before: Feb  4 19:57:08 2025 GMT
            Not After : Feb  3 20:02:08 2026 GMT
        Subject: CN=4FDEF56B898F1448CCF89C4ABC144FD938D16BEC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ea:4c:a9:92:2d:b2:b3:37:55:f3:9b:f9:3d:
                    8c:b5:f4:50:34:2a:93:e5:e2:31:c0:8e:2b:27:16:
                    4f:e4:55:8c:db:b3:f1:e3:6a:13:f9:4a:b1:1d:9d:
                    c0:35:c0:a8:68:b6:ca:dd:39:cd:53:92:01:f2:d4:
                    ca:08:58:08:a9:19:89:10:67:0b:c9:c5:bf:4b:31:
                    8c:2a:4d:94:c2:44:cb:21:bc:5b:29:e5:97:6b:1e:
                    53:fe:e7:53:34:b5:32:9e:29:f6:ba:56:ab:2a:98:
                    18:55:9b:7c:76:5e:86:29:b0:4b:87:5a:9c:34:b9:
                    b3:e6:b3:43:ff:1d:55:dd:5b:f9:7d:eb:38:31:e9:
                    a5:53:c3:e1:45:58:3d:02:4d:6b:db:63:40:3a:59:
                    45:81:6d:a5:83:c8:3d:07:58:20:99:d5:d3:ee:29:
                    58:49:15:15:24:c4:a2:64:b6:87:86:18:0b:f7:70:
                    c1:e4:2c:a2:e8:e0:71:a3:6b:51:e1:74:9d:a9:67:
                    74:c4:51:11:63:e5:5f:30:70:18:51:a4:95:dd:12:
                    cd:77:aa:50:23:04:bc:94:8d:ef:6d:32:1d:bd:66:
                    fd:8c:75:65:fc:5e:10:de:c8:3f:c1:0d:c2:9f:24:
                    88:2a:27:4c:8d:f1:60:a8:52:1d:9e:03:3f:bc:9f:
                    b4:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:DE:F5:6B:89:8F:14:48:CC:F8:9C:4A:BC:14:4F:D9:38:D1:6B:EC
            X509v3 Authority Key Identifier:
                keyid:9B:CC:BD:68:EB:22:C3:7B:88:6D:81:BD:FC:8B:A7:7C:D7:31:22:08

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3230302e3130362e3233382e302f32342d3234203d3e203532323632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.106.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:c7:a7:c9:45:ba:06:26:78:34:9f:83:da:ba:60:8d:87:f7:
         f7:b8:b6:f8:c1:e4:c3:d8:cc:56:20:78:46:61:50:36:df:18:
         9c:b3:72:e2:fb:f8:0b:22:f0:19:cd:41:32:32:81:a6:3a:55:
         86:ac:ac:2e:a3:38:1c:fa:15:52:6c:d2:94:9f:7e:a4:82:46:
         4d:ce:b5:69:df:f5:b2:3a:96:10:3a:85:f0:86:08:90:a9:88:
         c7:4a:de:5d:47:7e:2b:ed:c7:19:ca:8a:6f:1d:6b:a6:75:bc:
         37:26:fc:fc:3a:82:05:71:16:46:70:dc:96:1b:f1:51:4c:e4:
         df:cc:8b:14:ac:74:34:20:b8:19:b7:be:2f:96:a2:d9:4c:75:
         c6:20:21:5f:f4:b9:40:a5:91:b4:a5:96:86:a5:b9:7c:16:bc:
         a1:05:97:cc:2c:b2:c8:51:bf:25:7a:d9:70:54:21:76:de:64:
         83:a1:34:54:f4:3c:9b:5c:0f:c5:07:c0:f6:a4:92:4d:02:44:
         44:00:c5:50:0b:fc:0e:39:ef:e7:16:0e:ea:41:c2:5a:07:73:
         13:f6:84:25:93:1a:08:3c:9d:ba:48:f5:89:44:d5:a9:e3:57:
         42:66:29:89:49:17:ab:ce:b4:91:5c:8e:6c:7f:a0:38:79:16:
         b4:67:44:6d
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUTWoZJQ+C2SPjx2tGf1WYwrYN9lcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUJDQ0JENjhFQjIyQzM3Qjg4NkQ4MUJERkM4QkE3N0NE
NzMxMjIwODAeFw0yNTAyMDQxOTU3MDhaFw0yNjAyMDMyMDAyMDhaMDMxMTAvBgNV
BAMTKDRGREVGNTZCODk4RjE0NDhDQ0Y4OUM0QUJDMTQ0RkQ5MzhEMTZCRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe6kypki2yszdV85v5PYy19FA0
KpPl4jHAjisnFk/kVYzbs/HjahP5SrEdncA1wKhotsrdOc1TkgHy1MoIWAipGYkQ
ZwvJxb9LMYwqTZTCRMshvFsp5ZdrHlP+51M0tTKeKfa6VqsqmBhVm3x2XoYpsEuH
Wpw0ubPms0P/HVXdW/l96zgx6aVTw+FFWD0CTWvbY0A6WUWBbaWDyD0HWCCZ1dPu
KVhJFRUkxKJktoeGGAv3cMHkLKLo4HGja1HhdJ2pZ3TEURFj5V8wcBhRpJXdEs13
qlAjBLyUje9tMh29Zv2MdWX8XhDeyD/BDcKfJIgqJ0yN8WCoUh2eAz+8n7RBAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUT971a4mPFEjM+JxKvBRP2TjRa+wwHwYDVR0j
BBgwFoAUm8y9aOsiw3uIbYG9/IunfNcxIggwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQTVGMkY4N0QxMTc4NkZCM0ZDQURBQTA0MzQzMUVCMDEz
Q0RCQUQwMDI0N0VEQjdBNjUwMkJGRkQ4QjRDQzI0LzAvOUJDQ0JENjhFQjIyQzM3
Qjg4NkQ4MUJERkM4QkE3N0NENzMxMjIwOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85QkNDQkQ2OEVCMjJDMzdCODg2
RDgxQkRGQzhCQTc3Q0Q3MzEyMjA4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E1RjJGODdEMTE3ODZGQjNGQ0FEQUEwNDM0MzFFQjAxM0NEQkFEMDAy
NDdFREI3QTY1MDJCRkZEOEI0Q0MyNC8wLzMyMzAzMDJlMzEzMDM2MmUzMjMzMzgy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzIzNjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyGru
MA0GCSqGSIb3DQEBCwUAA4IBAQCdx6fJRboGJng0n4PaumCNh/f3uLb4weTD2MxW
IHhGYVA23xics3Li+/gLIvAZzUEyMoGmOlWGrKwuozgc+hVSbNKUn36kgkZNzrVp
3/WyOpYQOoXwhgiQqYjHSt5dR34r7ccZyopvHWumdbw3Jvz8OoIFcRZGcNyWG/FR
TOTfzIsUrHQ0ILgZt74vlqLZTHXGICFf9LlApZG0pZaGpbl8FryhBZfMLLLIUb8l
etlwVCF23mSDoTRU9DybXA/FB8D2pJJNAkREAMVQC/wOOe/nFg7qQcJaB3MT9oQl
kxoIPJ26SPWJRNWp41dCZimJSRerzrSRXI5sf6A4eRa0Z0Rt
-----END CERTIFICATE-----
Generated at Thu Feb 13 17:59:49 2025 by rpki-client