Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133322e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3133322e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          Q1rvqQWmaX1P5f4LVKQUn+MoPVh4s+jli9ij9YWpwFg=
Subject key identifier:   24:B8:9A:EF:19:9B:4F:AF:91:67:25:02:68:4C:77:28:0E:B8:DC:55
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       3B7E484CB192ACDE3ACE92F95924DA9833F9AFEA
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133322e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 15:45:02 +0000
ROA not before:           Wed 04 Sep 2024 15:40:02 +0000
ROA not after:            Wed 03 Sep 2025 15:45:02 +0000
asID:                     28403
IP address blocks:        200.68.132.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:7e:48:4c:b1:92:ac:de:3a:ce:92:f9:59:24:da:98:33:f9:af:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:40:02 2024 GMT
            Not After : Sep  3 15:45:02 2025 GMT
        Subject: CN=24B89AEF199B4FAF91672502684C77280EB8DC55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ce:de:de:68:5c:19:04:4f:8c:a6:fd:7d:82:
                    a7:55:3e:31:05:0d:d1:ee:ec:4b:fd:ed:0c:77:42:
                    88:0e:d7:dd:7a:16:65:c9:0f:b2:78:33:b6:65:60:
                    9c:12:51:ac:28:39:47:be:cd:fa:29:7a:01:5a:c2:
                    ca:23:33:5f:df:ac:4a:aa:39:18:19:fb:33:40:d6:
                    11:71:c6:3d:99:11:e0:63:74:59:52:f2:63:5b:6b:
                    e2:c9:bf:5d:bd:80:ab:3c:49:4f:61:d1:2f:54:89:
                    cd:c3:87:b6:36:6d:b6:60:68:9b:de:b0:2a:85:f4:
                    3f:4b:17:a2:9e:d6:50:9e:4a:48:07:d2:a8:84:c8:
                    36:22:86:9a:4a:4a:fd:14:d8:4e:e5:cc:b9:b9:d8:
                    e5:8e:f9:68:a2:c3:f5:bb:56:8f:8c:4e:dc:7c:48:
                    1b:7c:6c:ac:62:f6:4b:69:d0:11:88:dd:69:1c:75:
                    0d:e8:bb:43:73:c3:15:e0:c1:ef:76:83:11:b4:85:
                    9f:e4:f5:e0:8a:4d:4d:30:52:ad:5c:a0:a8:46:ec:
                    8c:5c:e8:59:f7:26:f5:02:dc:5d:44:78:67:9b:aa:
                    67:59:f7:d1:fa:f0:af:01:0b:ec:a2:66:67:f5:84:
                    0f:8e:20:ac:59:1f:df:38:b8:5a:9b:6a:23:83:f3:
                    6c:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:B8:9A:EF:19:9B:4F:AF:91:67:25:02:68:4C:77:28:0E:B8:DC:55
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133322e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:e1:a3:e2:98:4a:e7:0e:f3:7f:c9:64:e2:fa:92:b0:f2:6b:
         f7:3d:2b:d7:84:a9:97:eb:e3:bf:4e:6f:0c:2f:4b:06:55:e8:
         7a:56:d9:85:e1:a0:26:9f:89:6c:a8:0c:4a:a0:7f:a8:1d:3b:
         e3:b9:0c:90:50:b3:ce:ee:01:28:d8:18:24:9c:2e:eb:6e:47:
         80:8c:b7:4b:68:22:e4:10:37:8c:fc:02:1d:b9:ee:78:2b:0d:
         60:22:15:4b:dd:e0:7f:55:00:00:4d:9e:4d:cf:f9:eb:4d:dc:
         5a:9b:91:cc:8c:ae:00:8c:38:40:47:b2:3d:8e:7c:7f:b3:e1:
         88:57:b5:db:2f:3a:eb:42:49:b7:05:44:b1:9e:26:d3:d0:77:
         f4:eb:25:46:ab:9d:46:8e:9a:b8:82:7c:fd:0e:68:d1:1f:e2:
         55:9b:e9:23:26:34:a8:1b:94:c0:84:67:07:1d:da:1d:8a:8e:
         5f:7b:07:ad:44:14:ee:df:51:0f:61:71:8b:30:d9:3c:40:6a:
         bb:f8:f1:32:d0:cd:d8:9c:68:cd:c3:a2:75:b6:81:41:60:99:
         47:5b:87:d4:80:f5:ff:8d:8b:08:3f:73:36:d1:fd:55:43:ad:
         2f:23:4c:47:63:5f:8c:db:56:8e:11:1e:75:c1:db:99:bb:8f:
         98:d9:96:64
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUO35ITLGSrN46zpL5WSTamDP5r+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTQwMDJaFw0yNTA5MDMxNTQ1MDJaMDMxMTAvBgNV
BAMTKDI0Qjg5QUVGMTk5QjRGQUY5MTY3MjUwMjY4NEM3NzI4MEVCOERDNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAzt7eaFwZBE+Mpv19gqdVPjEF
DdHu7Ev97Qx3QogO1916FmXJD7J4M7ZlYJwSUawoOUe+zfopegFawsojM1/frEqq
ORgZ+zNA1hFxxj2ZEeBjdFlS8mNba+LJv129gKs8SU9h0S9Uic3Dh7Y2bbZgaJve
sCqF9D9LF6Ke1lCeSkgH0qiEyDYihppKSv0U2E7lzLm52OWO+Wiiw/W7Vo+MTtx8
SBt8bKxi9ktp0BGI3WkcdQ3ou0NzwxXgwe92gxG0hZ/k9eCKTU0wUq1coKhG7Ixc
6Fn3JvUC3F1EeGebqmdZ99H68K8BC+yiZmf1hA+OIKxZH984uFqbaiOD82x7AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUJLia7xmbT6+RZyUCaEx3KA643FUwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzMzMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEhDAN
BgkqhkiG9w0BAQsFAAOCAQEAQuGj4phK5w7zf8lk4vqSsPJr9z0r14Spl+vjv05v
DC9LBlXoelbZheGgJp+JbKgMSqB/qB0747kMkFCzzu4BKNgYJJwu625HgIy3S2gi
5BA3jPwCHbnueCsNYCIVS93gf1UAAE2eTc/5603cWpuRzIyuAIw4QEeyPY58f7Ph
iFe12y8660JJtwVEsZ4m09B39OslRqudRo6auIJ8/Q5o0R/iVZvpIyY0qBuUwIRn
Bx3aHYqOX3sHrUQU7t9RD2FxizDZPEBqu/jxMtDN2JxozcOidbaBQWCZR1uH1ID1
/42LCD9zNtH9VUOtLyNMR2NfjNtWjhEedcHbmbuPmNmWZA==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org