Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3132382e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3132382e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          sVgibQb6TgpFoH6oFwzwIHZLcEJEJvvTQ+737ple8hU=
Subject key identifier:   A4:1F:53:FB:AD:43:30:04:2F:19:C2:5C:B1:C8:A6:A3:48:32:79:E4
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       35C7ED2D9AD953DF5E516E3C0C54AEAD18B098D4
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3132382e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 15:45:03 +0000
ROA not before:           Wed 04 Sep 2024 15:40:03 +0000
ROA not after:            Wed 03 Sep 2025 15:45:03 +0000
asID:                     28403
IP address blocks:        200.68.128.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:c7:ed:2d:9a:d9:53:df:5e:51:6e:3c:0c:54:ae:ad:18:b0:98:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:40:03 2024 GMT
            Not After : Sep  3 15:45:03 2025 GMT
        Subject: CN=A41F53FBAD4330042F19C25CB1C8A6A3483279E4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:60:cb:bf:0f:d0:3e:28:08:e1:14:dc:ae:7d:
                    1c:7f:ee:86:70:48:9e:c5:c5:53:80:2c:c4:9a:a5:
                    cd:0b:fb:f1:e7:41:59:b7:f4:af:3f:33:5c:99:78:
                    9f:38:d1:5d:3c:a5:4b:7c:ce:ea:aa:7b:5e:15:f0:
                    43:6a:08:d6:ee:80:93:aa:0e:2a:c2:00:0d:16:7b:
                    2b:70:b5:c1:c8:67:f3:ab:16:86:97:8f:ba:2e:28:
                    28:4e:62:9c:59:de:32:b0:12:73:33:03:43:2e:51:
                    9a:bc:9f:28:63:df:a4:bc:7f:fb:d7:10:6c:c2:dc:
                    62:02:0c:28:1c:c2:69:3d:17:8b:86:d6:35:c6:8e:
                    6b:dc:f8:31:93:37:ef:99:b2:a4:33:05:00:b4:6c:
                    0d:0a:ec:48:e3:16:af:2a:b4:7a:96:24:40:3c:96:
                    b0:6a:06:91:70:63:50:76:4d:58:c7:41:98:74:2e:
                    53:6a:5f:b2:c0:48:af:04:91:73:5c:21:d9:0f:5e:
                    d2:b0:55:60:17:d9:c1:2f:ae:df:d0:c1:6d:59:d7:
                    4f:1d:df:51:19:da:32:d4:b1:85:16:55:40:dd:63:
                    90:fd:3d:62:5f:34:61:ec:ac:67:8e:31:56:cc:a2:
                    3c:20:30:4b:66:d7:ff:c3:7f:a9:29:77:aa:bd:5e:
                    d6:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:1F:53:FB:AD:43:30:04:2F:19:C2:5C:B1:C8:A6:A3:48:32:79:E4
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3132382e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:71:b0:68:7a:a7:dc:d2:98:6c:d0:de:95:8e:b8:10:d4:fc:
         f7:81:e1:72:4f:8f:f6:c8:86:ff:27:59:54:c1:df:55:0e:3a:
         ab:d1:05:d9:cd:4d:0b:55:7a:b1:58:a1:eb:c2:f6:e9:03:1d:
         50:87:42:b3:12:d8:36:cc:7d:73:b8:86:21:0c:41:3b:5f:cf:
         09:5c:3d:d9:a6:af:08:c9:7e:39:b7:84:47:61:64:8d:bc:34:
         c9:bc:9b:39:95:55:5e:ae:69:1f:91:94:49:b9:56:25:e7:55:
         ae:d7:d2:40:5f:b8:08:fb:1b:87:5e:3a:d1:f0:8e:97:4c:5c:
         b0:69:17:16:e3:3a:9a:49:b3:a5:ec:6b:53:a8:99:f2:e3:c0:
         a1:cb:19:db:6e:90:63:ea:bf:fc:93:a0:73:ee:03:02:a0:6a:
         5b:da:c2:53:45:4c:06:60:ef:3a:78:09:db:e1:93:e9:38:77:
         06:a9:cf:bf:50:d8:02:61:63:b6:58:97:9e:f0:04:1a:f3:05:
         fd:35:37:35:bd:0e:a6:c1:b9:e2:e3:dc:f3:c5:36:74:a2:d4:
         c6:2a:d2:76:1e:bd:dc:25:6f:e8:2d:04:12:c8:33:eb:cf:ae:
         e6:0d:93:4a:f2:ca:ca:79:ca:11:c4:a1:ad:23:7b:0e:0e:cf:
         2a:bd:b4:77
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUNcftLZrZU99eUW48DFSurRiwmNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTQwMDNaFw0yNTA5MDMxNTQ1MDNaMDMxMTAvBgNV
BAMTKEE0MUY1M0ZCQUQ0MzMwMDQyRjE5QzI1Q0IxQzhBNkEzNDgzMjc5RTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOYMu/D9A+KAjhFNyufRx/7oZw
SJ7FxVOALMSapc0L+/HnQVm39K8/M1yZeJ840V08pUt8zuqqe14V8ENqCNbugJOq
DirCAA0WeytwtcHIZ/OrFoaXj7ouKChOYpxZ3jKwEnMzA0MuUZq8nyhj36S8f/vX
EGzC3GICDCgcwmk9F4uG1jXGjmvc+DGTN++ZsqQzBQC0bA0K7EjjFq8qtHqWJEA8
lrBqBpFwY1B2TVjHQZh0LlNqX7LASK8EkXNcIdkPXtKwVWAX2cEvrt/QwW1Z108d
31EZ2jLUsYUWVUDdY5D9PWJfNGHsrGeOMVbMojwgMEtm1//Df6kpd6q9XtY5AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUpB9T+61DMAQvGcJcscimo0gyeeQwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzMjM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEgDAN
BgkqhkiG9w0BAQsFAAOCAQEAPHGwaHqn3NKYbNDelY64ENT894Hhck+P9siG/ydZ
VMHfVQ46q9EF2c1NC1V6sVih68L26QMdUIdCsxLYNsx9c7iGIQxBO1/PCVw92aav
CMl+ObeER2Fkjbw0ybybOZVVXq5pH5GUSblWJedVrtfSQF+4CPsbh1460fCOl0xc
sGkXFuM6mkmzpexrU6iZ8uPAocsZ226QY+q//JOgc+4DAqBqW9rCU0VMBmDvOngJ
2+GT6Th3BqnPv1DYAmFjtliXnvAEGvMF/TU3Nb0OpsG54uPc88U2dKLUxirSdh69
3CVv6C0EEsgz68+u5g2TSvLKynnKEcShrSN7Dg7PKr20dw==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org