Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3AFA8110500BB8EC0C91399CAF9D4C04060B943465FB1F27F28B5B30DBFE0E2E/0/3230302e36332e34382e302f32312d3232203d3e203237393639.roa
File:                     3230302e36332e34382e302f32312d3232203d3e203237393639.roa (raw, json)
Hash identifier:          LyWl5qkHuk54u0RWDOP2JJ8z2KZ/VB34e/M1iEX5wq0=
Subject key identifier:   CA:42:1F:71:16:E4:F1:73:A1:41:A4:48:87:BF:93:9E:CA:44:33:34
Certificate issuer:       /CN=346CA526892F0D074D2B9816B2769025CFE97FF5
Certificate serial:       1960F8C7A3A6E71549D4668ACF5DB49FCB190DC9
Authority key identifier: 34:6C:A5:26:89:2F:0D:07:4D:2B:98:16:B2:76:90:25:CF:E9:7F:F5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/346CA526892F0D074D2B9816B2769025CFE97FF5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3AFA8110500BB8EC0C91399CAF9D4C04060B943465FB1F27F28B5B30DBFE0E2E/0/3230302e36332e34382e302f32312d3232203d3e203237393639.roa
Signing time:             Tue 05 Mar 2024 18:12:26 +0000
ROA not before:           Tue 05 Mar 2024 18:07:26 +0000
ROA not after:            Tue 04 Mar 2025 18:12:26 +0000
asID:                     27969
IP address blocks:        200.63.48.0/21 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3AFA8110500BB8EC0C91399CAF9D4C04060B943465FB1F27F28B5B30DBFE0E2E/0/346CA526892F0D074D2B9816B2769025CFE97FF5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3AFA8110500BB8EC0C91399CAF9D4C04060B943465FB1F27F28B5B30DBFE0E2E/0/346CA526892F0D074D2B9816B2769025CFE97FF5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/346CA526892F0D074D2B9816B2769025CFE97FF5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:60:f8:c7:a3:a6:e7:15:49:d4:66:8a:cf:5d:b4:9f:cb:19:0d:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=346CA526892F0D074D2B9816B2769025CFE97FF5
        Validity
            Not Before: Mar  5 18:07:26 2024 GMT
            Not After : Mar  4 18:12:26 2025 GMT
        Subject: CN=CA421F7116E4F173A141A44887BF939ECA443334
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:ad:cb:e8:5e:01:e5:5a:dd:c7:3f:ff:9a:01:
                    ac:48:b8:7e:da:29:8a:9a:da:ae:a6:5d:2a:5f:49:
                    62:77:25:a8:19:b3:04:dd:c6:3b:f7:a9:ba:22:e5:
                    08:9a:bf:7c:3d:d9:77:e7:51:b8:cc:d6:7d:3a:6e:
                    3a:08:06:71:b9:f2:24:48:ed:06:01:18:e1:c4:29:
                    11:85:86:35:33:3a:98:9b:2d:88:3a:da:31:9e:ed:
                    ab:36:77:2f:6b:75:95:09:6b:7a:9c:64:9b:0e:00:
                    ce:c8:fd:1c:7a:dd:fe:6d:41:b3:bd:0b:5f:e8:db:
                    58:62:16:0a:c4:96:1f:36:11:67:56:38:41:36:b9:
                    0c:a8:8e:38:d5:9a:4b:71:33:60:0d:37:6b:e5:33:
                    2f:63:93:e0:f1:22:71:72:d3:0f:0f:6d:2f:d3:02:
                    6f:d7:c3:2c:3f:eb:8f:20:58:2f:b5:e3:ec:c3:c7:
                    e6:ce:04:69:99:8f:90:5f:82:95:a2:34:23:cb:fd:
                    46:80:4b:98:f5:b6:5f:ea:7a:ee:84:11:01:b1:12:
                    53:78:b9:0e:45:35:f7:a3:85:26:20:46:34:ea:94:
                    bf:ae:0e:19:e4:e1:51:bd:e5:81:54:4a:c8:03:88:
                    93:38:23:0c:ba:46:de:bb:30:5a:12:8c:ee:12:69:
                    56:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:42:1F:71:16:E4:F1:73:A1:41:A4:48:87:BF:93:9E:CA:44:33:34
            X509v3 Authority Key Identifier:
                keyid:34:6C:A5:26:89:2F:0D:07:4D:2B:98:16:B2:76:90:25:CF:E9:7F:F5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3AFA8110500BB8EC0C91399CAF9D4C04060B943465FB1F27F28B5B30DBFE0E2E/0/346CA526892F0D074D2B9816B2769025CFE97FF5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/346CA526892F0D074D2B9816B2769025CFE97FF5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3AFA8110500BB8EC0C91399CAF9D4C04060B943465FB1F27F28B5B30DBFE0E2E/0/3230302e36332e34382e302f32312d3232203d3e203237393639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.63.48.0/21

    Signature Algorithm: sha256WithRSAEncryption
         56:cf:0c:61:6c:b6:4f:a0:c6:72:32:f9:f9:12:d8:03:19:71:
         da:72:8e:db:96:f8:82:00:43:ea:ad:fd:d5:67:18:c1:78:b0:
         d2:00:4d:2b:7e:05:eb:4b:56:af:d3:3b:54:0f:87:f1:08:7d:
         67:9c:fb:14:2c:d6:a5:a9:49:96:06:e0:22:e1:f3:8d:b3:78:
         76:d2:4d:19:3c:15:c8:a8:74:71:7d:7c:4e:78:35:db:03:10:
         a6:46:e6:01:6f:62:48:b4:b3:73:79:62:0c:b0:89:b5:f2:43:
         9a:de:89:7c:0a:01:38:ba:54:cc:d4:7b:2e:e5:09:60:31:5e:
         9b:8d:23:df:3c:30:34:c3:70:b6:bc:a3:80:ab:c3:21:13:56:
         98:28:09:5e:7e:fc:68:f6:79:95:00:ea:79:f1:7f:e5:60:51:
         e3:b9:87:f6:54:ed:ce:77:8e:fa:3e:1c:7e:43:e0:d5:0d:2a:
         42:63:fe:5a:d4:dc:27:6c:d4:7f:df:c0:93:d8:52:7e:3e:3a:
         6b:df:b0:13:c6:c8:97:96:f2:d0:aa:ef:67:0d:6c:10:8a:95:
         c7:bc:0b:6c:6f:fa:de:b9:55:fe:f3:56:23:c4:1d:cd:a9:e4:
         eb:94:a9:2e:5d:42:4e:12:14:89:a4:8b:5b:0d:8d:b7:f4:e6:
         cf:37:83:8d
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUGWD4x6Om5xVJ1GaKz120n8sZDckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzQ2Q0E1MjY4OTJGMEQwNzREMkI5ODE2QjI3NjkwMjVD
RkU5N0ZGNTAeFw0yNDAzMDUxODA3MjZaFw0yNTAzMDQxODEyMjZaMDMxMTAvBgNV
BAMTKENBNDIxRjcxMTZFNEYxNzNBMTQxQTQ0ODg3QkY5MzlFQ0E0NDMzMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgrcvoXgHlWt3HP/+aAaxIuH7a
KYqa2q6mXSpfSWJ3JagZswTdxjv3qboi5Qiav3w92XfnUbjM1n06bjoIBnG58iRI
7QYBGOHEKRGFhjUzOpibLYg62jGe7as2dy9rdZUJa3qcZJsOAM7I/Rx63f5tQbO9
C1/o21hiFgrElh82EWdWOEE2uQyojjjVmktxM2ANN2vlMy9jk+DxInFy0w8PbS/T
Am/Xwyw/648gWC+14+zDx+bOBGmZj5BfgpWiNCPL/UaAS5j1tl/qeu6EEQGxElN4
uQ5FNfejhSYgRjTqlL+uDhnk4VG95YFUSsgDiJM4Iwy6Rt67MFoSjO4SaVY7AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUykIfcRbk8XOhQaRIh7+TnspEMzQwHwYDVR0j
BBgwFoAUNGylJokvDQdNK5gWsnaQJc/pf/UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQUZBODExMDUwMEJCOEVDMEM5MTM5OUNBRjlENEMwNDA2
MEI5NDM0NjVGQjFGMjdGMjhCNUIzMERCRkUwRTJFLzAvMzQ2Q0E1MjY4OTJGMEQw
NzREMkI5ODE2QjI3NjkwMjVDRkU5N0ZGNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zNDZDQTUyNjg5MkYwRDA3NEQy
Qjk4MTZCMjc2OTAyNUNGRTk3RkY1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0FGQTgxMTA1MDBCQjhFQzBDOTEzOTlDQUY5RDRDMDQwNjBCOTQzNDY1
RkIxRjI3RjI4QjVCMzBEQkZFMEUyRS8wLzMyMzAzMDJlMzYzMzJlMzQzODJlMzAy
ZjMyMzEyZDMyMzIyMDNkM2UyMDMyMzczOTM2Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPIPzAwDQYJ
KoZIhvcNAQELBQADggEBAFbPDGFstk+gxnIy+fkS2AMZcdpyjtuW+IIAQ+qt/dVn
GMF4sNIATSt+BetLVq/TO1QPh/EIfWec+xQs1qWpSZYG4CLh842zeHbSTRk8Fcio
dHF9fE54NdsDEKZG5gFvYki0s3N5YgywibXyQ5reiXwKATi6VMzUey7lCWAxXpuN
I988MDTDcLa8o4CrwyETVpgoCV5+/Gj2eZUA6nnxf+VgUeO5h/ZU7c53jvo+HH5D
4NUNKkJj/lrU3Cds1H/fwJPYUn4+OmvfsBPGyJeW8tCq72cNbBCKlce8C2xv+t65
Vf7zViPEHc2p5OuUqS5dQk4SFImki1sNjbf05s83g40=
-----END CERTIFICATE-----
Generated at Mon Dec 9 04:18:27 2024 by rpki-client on console-fra.rpki-client.org