Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133312e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3133312e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          83nHdgQQSzNtXB5jnYkogQZK84oBx9Wijj6oDjsE3u4=
Subject key identifier:   91:25:CF:45:55:A4:B0:1B:72:20:E0:5A:EF:C6:6F:1E:94:3A:E8:07
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       4125E9E000391387D910B2850BE687DF64AD8EF9
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133312e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 15:45:00 +0000
ROA not before:           Wed 04 Sep 2024 15:40:00 +0000
ROA not after:            Wed 03 Sep 2025 15:45:00 +0000
asID:                     28403
IP address blocks:        200.68.131.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:25:e9:e0:00:39:13:87:d9:10:b2:85:0b:e6:87:df:64:ad:8e:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:40:00 2024 GMT
            Not After : Sep  3 15:45:00 2025 GMT
        Subject: CN=9125CF4555A4B01B7220E05AEFC66F1E943AE807
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:89:7e:d5:b5:d3:93:c5:dd:0d:ae:1b:b7:d9:
                    2c:b1:03:03:ab:4a:63:cf:39:c1:e0:8a:fc:ee:65:
                    f3:c8:5f:a5:1a:43:15:25:e3:b2:5d:53:b8:6b:8f:
                    bb:5b:ba:d2:ed:1c:29:09:b3:3f:87:0b:aa:03:e7:
                    22:23:07:c4:cf:66:ab:56:4c:ef:37:03:3f:1d:e6:
                    a6:35:dc:6e:04:f7:32:d4:57:b7:6f:d3:38:4b:52:
                    92:e0:fa:fd:4e:ee:e1:e5:f5:35:70:ff:0e:c3:e0:
                    11:f9:f2:e3:e9:d1:31:1e:68:b1:86:04:f5:b6:5d:
                    7b:25:ee:85:cd:6b:f7:d8:f1:6f:8c:97:47:6d:83:
                    cf:11:24:3e:15:24:c3:ea:21:4c:9c:12:f7:08:0d:
                    2c:30:bf:f2:b7:80:81:d6:a7:56:5a:68:cb:13:02:
                    ae:31:de:13:fe:7d:3e:df:e2:96:06:dd:d8:04:26:
                    14:0a:61:3c:ca:e8:9d:54:c5:90:14:27:ba:3c:8e:
                    bc:a3:97:6d:c9:54:28:ae:c2:c1:98:4a:89:46:5a:
                    bf:c9:3b:5a:c3:da:1d:79:a3:50:4b:55:7d:51:c4:
                    9c:a0:68:de:5a:a2:12:28:45:d4:d6:11:6e:33:3c:
                    5b:50:cf:23:b5:04:00:92:97:fc:83:73:c9:af:36:
                    42:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:25:CF:45:55:A4:B0:1B:72:20:E0:5A:EF:C6:6F:1E:94:3A:E8:07
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133312e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:02:3f:be:2e:1d:62:ef:af:cc:2a:36:5a:f6:02:70:63:71:
         71:c5:24:2a:93:60:3d:d5:7b:ca:2f:00:7c:4f:7f:82:a4:3c:
         f8:6b:1c:2d:68:5d:60:87:aa:58:68:d3:dc:66:63:9a:4d:38:
         c8:3e:65:df:a7:b4:38:95:b4:b6:5b:cd:f3:1c:af:99:7d:6a:
         97:05:2b:74:e7:46:f2:52:f2:a5:89:45:f6:7d:84:1b:66:a5:
         e1:bd:bf:f5:47:31:28:ba:b7:e6:ae:79:74:d8:83:f4:69:94:
         a7:e5:6d:0c:ee:d3:c7:89:94:e0:ae:0a:fb:f9:41:da:f9:c6:
         5b:aa:58:c9:ff:e8:3a:5e:49:22:c1:a9:06:cc:a9:e1:79:c4:
         7c:e0:e9:3e:3c:f3:11:c0:d5:eb:eb:71:07:32:d2:4e:c9:c9:
         2d:ab:bd:0a:9d:03:0e:83:36:e6:96:1c:67:7f:f8:e8:b7:7f:
         b6:f0:07:c6:5a:2a:d7:a2:68:30:e6:15:33:95:3c:1a:9e:ef:
         51:dc:4e:87:6e:3a:b4:b9:0c:2b:94:0b:2e:2b:b3:57:e3:2d:
         19:77:85:d6:a0:96:08:3f:76:87:be:0a:8e:91:62:32:86:b6:
         70:41:38:84:ca:70:4a:bf:db:b3:3c:bf:f1:6b:01:2f:bb:54:
         90:96:26:7e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUQSXp4AA5E4fZELKFC+aH32StjvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTQwMDBaFw0yNTA5MDMxNTQ1MDBaMDMxMTAvBgNV
BAMTKDkxMjVDRjQ1NTVBNEIwMUI3MjIwRTA1QUVGQzY2RjFFOTQzQUU4MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYiX7VtdOTxd0Nrhu32SyxAwOr
SmPPOcHgivzuZfPIX6UaQxUl47JdU7hrj7tbutLtHCkJsz+HC6oD5yIjB8TPZqtW
TO83Az8d5qY13G4E9zLUV7dv0zhLUpLg+v1O7uHl9TVw/w7D4BH58uPp0TEeaLGG
BPW2XXsl7oXNa/fY8W+Ml0dtg88RJD4VJMPqIUycEvcIDSwwv/K3gIHWp1ZaaMsT
Aq4x3hP+fT7f4pYG3dgEJhQKYTzK6J1UxZAUJ7o8jryjl23JVCiuwsGYSolGWr/J
O1rD2h15o1BLVX1RxJygaN5aohIoRdTWEW4zPFtQzyO1BACSl/yDc8mvNkJxAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUkSXPRVWksBtyIOBa78ZvHpQ66AcwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzMzMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEgzAN
BgkqhkiG9w0BAQsFAAOCAQEAaQI/vi4dYu+vzCo2WvYCcGNxccUkKpNgPdV7yi8A
fE9/gqQ8+GscLWhdYIeqWGjT3GZjmk04yD5l36e0OJW0tlvN8xyvmX1qlwUrdOdG
8lLypYlF9n2EG2al4b2/9UcxKLq35q55dNiD9GmUp+VtDO7Tx4mU4K4K+/lB2vnG
W6pYyf/oOl5JIsGpBsyp4XnEfODpPjzzEcDV6+txBzLSTsnJLau9Cp0DDoM25pYc
Z3/46Ld/tvAHxloq16JoMOYVM5U8Gp7vUdxOh246tLkMK5QLLiuzV+MtGXeF1qCW
CD92h74KjpFiMoa2cEE4hMpwSr/bszy/8WsBL7tUkJYmfg==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org