Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133302e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3133302e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          skkvC0qZbSteUdw/d362XwlcxYz+3XVwbDPQh+YLc+8=
Subject key identifier:   88:FE:8F:08:A1:2F:09:D9:02:F3:FB:0E:BA:85:E8:F8:C4:E9:F4:47
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       3648156FE9E107A0B175E11D2CE43CE988CD2746
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133302e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 15:45:01 +0000
ROA not before:           Wed 04 Sep 2024 15:40:01 +0000
ROA not after:            Wed 03 Sep 2025 15:45:01 +0000
asID:                     28403
IP address blocks:        200.68.130.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:48:15:6f:e9:e1:07:a0:b1:75:e1:1d:2c:e4:3c:e9:88:cd:27:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:40:01 2024 GMT
            Not After : Sep  3 15:45:01 2025 GMT
        Subject: CN=88FE8F08A12F09D902F3FB0EBA85E8F8C4E9F447
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:48:8d:b1:ba:aa:86:5c:72:84:8d:b9:a7:eb:
                    1f:4f:26:59:68:1a:6d:4c:69:1e:9a:96:87:03:83:
                    39:bf:5c:e1:6b:23:19:79:e6:90:33:5a:46:08:41:
                    df:88:a1:f8:88:56:a0:c8:64:99:63:82:34:38:6d:
                    d7:ab:f3:7a:ed:78:76:2d:c9:e3:3e:1a:6c:30:ed:
                    cb:05:c4:56:e9:eb:a2:51:e8:71:1b:fa:4b:a6:1b:
                    ca:80:5e:69:db:23:ce:29:62:c4:da:1e:12:e4:48:
                    a3:58:80:55:e8:a6:a4:80:ea:13:a4:78:2d:d4:29:
                    15:d4:33:1c:03:f5:41:8f:2a:bd:1a:21:f4:8a:43:
                    09:0b:7b:39:ec:66:71:18:67:d7:da:2f:e3:e8:1a:
                    98:24:de:0f:d7:80:d2:04:00:33:9e:11:ee:1b:1c:
                    3a:7f:41:eb:23:6f:38:e6:9f:15:96:af:02:b9:c6:
                    91:5b:56:61:79:02:37:c5:c5:2b:2a:ca:cf:38:46:
                    55:27:f8:50:23:de:0e:2f:d2:f0:89:48:51:28:c1:
                    60:58:5d:a8:56:90:0a:34:54:e6:92:d2:7f:6c:b7:
                    02:db:43:df:f2:c1:6e:80:81:2d:cd:d0:61:99:94:
                    84:33:a8:45:59:34:70:d6:47:fb:fd:7b:2d:56:4a:
                    c3:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:FE:8F:08:A1:2F:09:D9:02:F3:FB:0E:BA:85:E8:F8:C4:E9:F4:47
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133302e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:ad:66:c1:57:8e:75:10:64:c1:42:8b:7b:66:43:78:4f:68:
         93:6f:fc:62:1a:e5:86:d0:a7:13:dc:8c:9c:01:ef:e9:ca:fa:
         54:5a:46:fe:01:a7:74:7e:fd:fb:9e:0e:ef:c4:80:c0:d5:b9:
         19:8e:81:b3:09:9a:c2:46:cf:15:dc:78:86:1b:16:bc:4f:b1:
         36:0b:62:fc:ae:5b:c9:17:64:1a:ce:98:e9:b1:66:f0:eb:31:
         1e:ae:d9:6a:96:d4:8e:b1:15:c8:93:c0:df:e1:04:06:89:13:
         17:15:cd:8a:05:4b:fa:eb:06:dd:a1:44:63:cc:d0:4d:fa:10:
         79:9a:99:88:1d:a6:66:86:81:4c:20:6c:ec:d0:0a:5b:e0:74:
         d7:9f:cb:46:fa:18:60:29:a4:59:b7:74:9b:16:ba:f8:91:41:
         0a:8f:d5:b0:34:6e:b8:c4:31:72:12:b1:3f:47:87:8a:04:55:
         56:13:dc:5e:6b:50:c1:0f:73:b7:19:41:f1:9b:ed:38:bf:6f:
         12:1c:e7:d5:d7:8a:18:5b:82:e1:60:15:d8:09:77:92:c8:f2:
         f5:35:d8:7a:1e:57:73:c6:72:90:ee:4a:96:6f:50:af:31:d3:
         40:7a:a3:ba:ca:01:73:a1:77:ea:73:f7:40:c2:d9:70:ff:8c:
         2b:e9:b2:db
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUNkgVb+nhB6CxdeEdLOQ86YjNJ0YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTQwMDFaFw0yNTA5MDMxNTQ1MDFaMDMxMTAvBgNV
BAMTKDg4RkU4RjA4QTEyRjA5RDkwMkYzRkIwRUJBODVFOEY4QzRFOUY0NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFSI2xuqqGXHKEjbmn6x9PJllo
Gm1MaR6alocDgzm/XOFrIxl55pAzWkYIQd+IofiIVqDIZJljgjQ4bder83rteHYt
yeM+Gmww7csFxFbp66JR6HEb+kumG8qAXmnbI84pYsTaHhLkSKNYgFXopqSA6hOk
eC3UKRXUMxwD9UGPKr0aIfSKQwkLeznsZnEYZ9faL+PoGpgk3g/XgNIEADOeEe4b
HDp/QesjbzjmnxWWrwK5xpFbVmF5AjfFxSsqys84RlUn+FAj3g4v0vCJSFEowWBY
XahWkAo0VOaS0n9stwLbQ9/ywW6AgS3N0GGZlIQzqEVZNHDWR/v9ey1WSsM/AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUiP6PCKEvCdkC8/sOuoXo+MTp9EcwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzMzMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEgjAN
BgkqhkiG9w0BAQsFAAOCAQEAH61mwVeOdRBkwUKLe2ZDeE9ok2/8YhrlhtCnE9yM
nAHv6cr6VFpG/gGndH79+54O78SAwNW5GY6BswmawkbPFdx4hhsWvE+xNgti/K5b
yRdkGs6Y6bFm8OsxHq7ZapbUjrEVyJPA3+EEBokTFxXNigVL+usG3aFEY8zQTfoQ
eZqZiB2mZoaBTCBs7NAKW+B015/LRvoYYCmkWbd0mxa6+JFBCo/VsDRuuMQxchKx
P0eHigRVVhPcXmtQwQ9ztxlB8ZvtOL9vEhzn1deKGFuC4WAV2Al3ksjy9TXYeh5X
c8ZykO5Klm9QrzHTQHqjusoBc6F36nP3QMLZcP+MK+my2w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 08:04:21 2024 by rpki-client on console-fra.rpki-client.org