Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/417BEAF2DA1622668D73BDC590D6641D842D85D7AB797E655342936D8C9C2512/0/3230302e3131322e3232312e302f32342d3234203d3e20323636393034.roa
File:                     3230302e3131322e3232312e302f32342d3234203d3e20323636393034.roa (raw, json)
Hash identifier:          35r4aKSKyOFiglS1qC0L9BGPWlOyBIhlY659fU1HCfM=
Subject key identifier:   CA:6D:88:55:A3:68:79:DA:F2:A7:91:69:48:1F:A9:87:9A:09:94:21
Certificate issuer:       /CN=2BF2EA70064C593F25670D65BD2C1425EAE424A1
Certificate serial:       078307A6B219CAC23B51076D38ADDFEED64077F3
Authority key identifier: 2B:F2:EA:70:06:4C:59:3F:25:67:0D:65:BD:2C:14:25:EA:E4:24:A1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2BF2EA70064C593F25670D65BD2C1425EAE424A1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/417BEAF2DA1622668D73BDC590D6641D842D85D7AB797E655342936D8C9C2512/0/3230302e3131322e3232312e302f32342d3234203d3e20323636393034.roa
Signing time:             Fri 27 Sep 2024 17:35:00 +0000
ROA not before:           Fri 27 Sep 2024 17:30:00 +0000
ROA not after:            Fri 26 Sep 2025 17:35:00 +0000
asID:                     266904
IP address blocks:        200.112.221.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/417BEAF2DA1622668D73BDC590D6641D842D85D7AB797E655342936D8C9C2512/0/2BF2EA70064C593F25670D65BD2C1425EAE424A1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/417BEAF2DA1622668D73BDC590D6641D842D85D7AB797E655342936D8C9C2512/0/2BF2EA70064C593F25670D65BD2C1425EAE424A1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2BF2EA70064C593F25670D65BD2C1425EAE424A1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 07:58:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:83:07:a6:b2:19:ca:c2:3b:51:07:6d:38:ad:df:ee:d6:40:77:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2BF2EA70064C593F25670D65BD2C1425EAE424A1
        Validity
            Not Before: Sep 27 17:30:00 2024 GMT
            Not After : Sep 26 17:35:00 2025 GMT
        Subject: CN=CA6D8855A36879DAF2A79169481FA9879A099421
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:32:37:dc:3f:6f:71:7b:23:37:58:2d:73:cc:
                    be:d9:c8:04:bb:34:7a:0a:c6:15:35:ff:36:d2:df:
                    cb:a8:66:ce:a3:bf:38:34:de:be:b3:22:91:ac:b4:
                    2a:77:d7:95:72:c1:7b:6f:40:02:82:8e:32:77:c0:
                    29:4b:80:4e:8c:1c:8b:99:f8:cc:b7:fe:52:77:7a:
                    1f:f0:3f:a9:7c:be:66:f9:db:a7:93:7d:ce:c9:0d:
                    50:ff:80:b3:7f:ce:ea:f3:21:6f:5c:e4:0c:ac:b1:
                    7c:54:03:4c:37:5f:fd:67:ea:00:52:b1:67:45:0d:
                    33:13:67:a1:46:f0:42:7e:80:ce:1f:46:60:2e:e3:
                    8a:4d:65:33:e9:87:2e:61:55:ab:78:bf:b6:96:02:
                    42:0a:a6:1d:fa:d3:33:6c:9d:e2:0e:91:82:8d:32:
                    5c:7d:dd:ce:67:f9:e9:45:84:17:2a:7d:d5:aa:dc:
                    7e:91:8f:0c:eb:6d:d1:14:ad:fc:0f:2e:85:15:5c:
                    b1:b7:98:3e:e2:c2:8b:6a:eb:35:07:2f:28:64:34:
                    5e:42:bb:8d:cb:74:ab:d1:fb:f8:20:40:a8:bb:11:
                    19:87:4f:b0:50:13:fd:3d:2d:03:63:56:5f:43:d2:
                    34:9d:ae:ff:26:3d:3c:0b:4b:1f:cb:57:50:ad:08:
                    9e:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:6D:88:55:A3:68:79:DA:F2:A7:91:69:48:1F:A9:87:9A:09:94:21
            X509v3 Authority Key Identifier:
                keyid:2B:F2:EA:70:06:4C:59:3F:25:67:0D:65:BD:2C:14:25:EA:E4:24:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/417BEAF2DA1622668D73BDC590D6641D842D85D7AB797E655342936D8C9C2512/0/2BF2EA70064C593F25670D65BD2C1425EAE424A1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2BF2EA70064C593F25670D65BD2C1425EAE424A1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/417BEAF2DA1622668D73BDC590D6641D842D85D7AB797E655342936D8C9C2512/0/3230302e3131322e3232312e302f32342d3234203d3e20323636393034.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.112.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:9a:93:2f:08:36:58:b2:5f:8b:61:c9:91:58:85:ac:2b:ae:
         6b:bb:7f:9a:bc:13:be:7d:68:00:c1:21:82:73:40:78:f5:9f:
         ba:a0:88:35:1e:b2:78:9b:62:bd:c9:1c:4d:bb:66:58:b8:ee:
         46:35:8b:68:d6:a6:e1:59:1d:f0:08:b8:7f:88:2b:82:71:c8:
         6a:c3:86:8e:7f:1b:fc:af:db:9e:c5:5e:ab:74:41:6c:54:a3:
         c8:11:09:e2:21:d1:6c:38:83:96:2c:8d:7b:64:7a:48:a2:7f:
         69:dd:66:b8:6d:8f:c9:c5:30:b9:f4:38:b8:5f:60:84:04:f8:
         eb:c5:f2:9a:9c:e5:d2:95:5a:82:15:6b:b5:80:89:9a:94:71:
         c6:6a:c0:ec:db:f3:01:bd:4c:ec:59:74:62:0b:f5:05:8b:79:
         8c:2a:d7:07:8d:0f:56:25:6b:20:04:eb:99:8e:92:63:7e:32:
         cf:31:b9:1b:51:89:3c:fe:7c:22:ce:be:cb:1e:4f:8c:6c:fd:
         7b:0f:bb:36:18:76:66:81:2e:3e:e9:07:01:e4:f3:c4:3d:63:
         1b:c0:da:12:7a:99:37:26:e6:05:f1:99:45:df:c5:9a:3c:c1:
         98:0b:44:95:23:6d:d2:39:7b:07:b5:f7:36:97:fc:59:04:c0:
         e3:03:cc:55
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUB4MHprIZysI7UQdtOK3f7tZAd/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkJGMkVBNzAwNjRDNTkzRjI1NjcwRDY1QkQyQzE0MjVF
QUU0MjRBMTAeFw0yNDA5MjcxNzMwMDBaFw0yNTA5MjYxNzM1MDBaMDMxMTAvBgNV
BAMTKENBNkQ4ODU1QTM2ODc5REFGMkE3OTE2OTQ4MUZBOTg3OUEwOTk0MjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnMjfcP29xeyM3WC1zzL7ZyAS7
NHoKxhU1/zbS38uoZs6jvzg03r6zIpGstCp315VywXtvQAKCjjJ3wClLgE6MHIuZ
+My3/lJ3eh/wP6l8vmb526eTfc7JDVD/gLN/zurzIW9c5AyssXxUA0w3X/1n6gBS
sWdFDTMTZ6FG8EJ+gM4fRmAu44pNZTPphy5hVat4v7aWAkIKph360zNsneIOkYKN
Mlx93c5n+elFhBcqfdWq3H6RjwzrbdEUrfwPLoUVXLG3mD7iwotq6zUHLyhkNF5C
u43LdKvR+/ggQKi7ERmHT7BQE/09LQNjVl9D0jSdrv8mPTwLSx/LV1CtCJ5hAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUym2IVaNoedryp5FpSB+ph5oJlCEwHwYDVR0j
BBgwFoAUK/LqcAZMWT8lZw1lvSwUJerkJKEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80MTdCRUFGMkRBMTYyMjY2OEQ3M0JEQzU5MEQ2NjQxRDg0
MkQ4NUQ3QUI3OTdFNjU1MzQyOTM2RDhDOUMyNTEyLzAvMkJGMkVBNzAwNjRDNTkz
RjI1NjcwRDY1QkQyQzE0MjVFQUU0MjRBMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yQkYyRUE3MDA2NEM1OTNGMjU2
NzBENjVCRDJDMTQyNUVBRTQyNEExLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDE3QkVBRjJEQTE2MjI2NjhENzNCREM1OTBENjY0MUQ4NDJEODVEN0FC
Nzk3RTY1NTM0MjkzNkQ4QzlDMjUxMi8wLzMyMzAzMDJlMzEzMTMyMmUzMjMyMzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzYzOTMwMzQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADI
cN0wDQYJKoZIhvcNAQELBQADggEBACiaky8INliyX4thyZFYhawrrmu7f5q8E759
aADBIYJzQHj1n7qgiDUesnibYr3JHE27Zli47kY1i2jWpuFZHfAIuH+IK4JxyGrD
ho5/G/yv257FXqt0QWxUo8gRCeIh0Ww4g5YsjXtkekiif2ndZrhtj8nFMLn0OLhf
YIQE+OvF8pqc5dKVWoIVa7WAiZqUccZqwOzb8wG9TOxZdGIL9QWLeYwq1weND1Yl
ayAE65mOkmN+Ms8xuRtRiTz+fCLOvsseT4xs/XsPuzYYdmaBLj7pBwHk88Q9YxvA
2hJ6mTcm5gXxmUXfxZo8wZgLRJUjbdI5ewe19zaX/FkEwOMDzFU=
-----END CERTIFICATE-----
Generated at Tue Oct 29 05:58:47 2024 by rpki-client on console-fra.rpki-client.org