Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133352e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3133352e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          OKt0HTiu/tXY/da6emx7aRBjPe5nQcYgGDIj4tDxsMk=
Subject key identifier:   03:AE:07:A5:98:A4:C2:15:A9:9F:EE:34:13:C2:D8:FF:93:7D:B6:D6
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       2C84FBF8546183E11125082DEB1822BBB01C8BB3
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133352e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 15:45:02 +0000
ROA not before:           Wed 04 Sep 2024 15:40:02 +0000
ROA not after:            Wed 03 Sep 2025 15:45:02 +0000
asID:                     28403
IP address blocks:        200.68.135.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:84:fb:f8:54:61:83:e1:11:25:08:2d:eb:18:22:bb:b0:1c:8b:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:40:02 2024 GMT
            Not After : Sep  3 15:45:02 2025 GMT
        Subject: CN=03AE07A598A4C215A99FEE3413C2D8FF937DB6D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:11:f1:b0:71:da:75:d5:09:89:ad:2b:c5:c9:
                    b4:e5:ad:ea:9e:c6:27:d6:08:e2:42:35:cc:e0:fb:
                    6c:b3:5f:8b:78:ef:3f:60:d9:c2:a4:2c:60:0b:2d:
                    ae:19:27:94:25:fb:9d:96:0d:3f:46:eb:19:ce:69:
                    20:a3:b3:19:8f:97:99:07:37:45:c5:62:49:48:3f:
                    c1:58:5b:aa:92:dc:e6:1d:42:57:3b:6d:a4:b4:3d:
                    00:84:84:1e:f5:0a:36:67:66:5f:35:a5:11:0a:04:
                    72:c1:74:fc:a0:56:a7:76:12:4c:bc:77:59:cb:88:
                    51:cc:8d:e1:4d:b0:3e:be:62:19:c2:50:17:b1:b1:
                    87:a6:79:d2:63:d7:07:49:be:10:38:e2:ba:2f:a0:
                    82:3a:52:8f:d4:d6:e1:d7:cc:11:7d:64:9e:44:50:
                    8a:88:a0:e4:4e:f5:cc:68:09:d1:9c:b0:41:29:93:
                    47:0c:33:ec:7e:a8:41:73:1f:3e:22:c6:17:8c:93:
                    e5:c5:d6:e9:d2:d8:30:e1:ce:b1:b0:a9:ad:66:5e:
                    aa:87:c9:23:9b:6c:6a:8b:91:fe:ee:42:13:1f:86:
                    73:3e:32:db:73:77:65:3c:06:1f:53:2f:60:15:e2:
                    b6:d3:78:02:6a:99:dd:bd:53:29:9a:d7:83:3c:cf:
                    49:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:AE:07:A5:98:A4:C2:15:A9:9F:EE:34:13:C2:D8:FF:93:7D:B6:D6
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133352e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:53:66:09:05:6e:63:7d:c9:28:66:83:c2:d4:12:73:5a:07:
         50:2a:ae:1d:d1:d9:74:79:a3:9c:b4:c7:ef:8c:28:3c:8b:f3:
         a4:23:f6:8b:f2:4a:af:66:62:6d:d8:a5:18:05:a4:24:75:c8:
         0d:88:a4:fb:73:b6:83:2a:e1:84:ea:ab:db:99:bc:da:df:48:
         ec:9b:0c:df:fb:fe:cc:d3:02:eb:a6:a5:0a:8a:d2:4e:cc:a4:
         35:24:97:4a:4e:1e:44:25:32:d5:89:b3:75:16:3f:43:f8:a9:
         19:95:50:5c:6b:56:de:60:1e:82:bc:f2:a4:a7:f9:4a:1a:2e:
         5a:ed:b9:47:0b:b1:d1:57:38:11:7d:f9:61:6c:0b:cf:ba:c4:
         89:d0:16:86:12:d5:f5:83:4a:a7:cc:46:d1:45:ea:1b:0f:86:
         44:d6:78:17:9b:ba:eb:97:48:12:7c:72:9e:ed:d3:e2:2b:41:
         f2:4d:a2:bd:ca:e8:52:7f:4a:67:d9:a5:de:47:b9:fa:42:a4:
         d5:cd:ae:cb:56:c5:3a:a1:a0:0d:cb:e2:a6:c0:89:67:94:6a:
         f0:bf:db:9c:ae:82:5f:e8:dd:69:eb:9c:e4:e4:02:b0:85:69:
         d7:60:7e:99:00:b3:d9:f1:73:59:4e:1c:6d:3c:fa:f5:01:ad:
         0e:d5:a6:97
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIULIT7+FRhg+ERJQgt6xgiu7Aci7MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTQwMDJaFw0yNTA5MDMxNTQ1MDJaMDMxMTAvBgNV
BAMTKDAzQUUwN0E1OThBNEMyMTVBOTlGRUUzNDEzQzJEOEZGOTM3REI2RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7EfGwcdp11QmJrSvFybTlreqe
xifWCOJCNczg+2yzX4t47z9g2cKkLGALLa4ZJ5Ql+52WDT9G6xnOaSCjsxmPl5kH
N0XFYklIP8FYW6qS3OYdQlc7baS0PQCEhB71CjZnZl81pREKBHLBdPygVqd2Eky8
d1nLiFHMjeFNsD6+YhnCUBexsYemedJj1wdJvhA44rovoII6Uo/U1uHXzBF9ZJ5E
UIqIoORO9cxoCdGcsEEpk0cMM+x+qEFzHz4ixheMk+XF1unS2DDhzrGwqa1mXqqH
ySObbGqLkf7uQhMfhnM+Mttzd2U8Bh9TL2AV4rbTeAJqmd29Uyma14M8z0mZAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUA64HpZikwhWpn+40E8LY/5N9ttYwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzMzM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEhzAN
BgkqhkiG9w0BAQsFAAOCAQEAHFNmCQVuY33JKGaDwtQSc1oHUCquHdHZdHmjnLTH
74woPIvzpCP2i/JKr2ZibdilGAWkJHXIDYik+3O2gyrhhOqr25m82t9I7JsM3/v+
zNMC66alCorSTsykNSSXSk4eRCUy1YmzdRY/Q/ipGZVQXGtW3mAegrzypKf5Shou
Wu25Rwux0Vc4EX35YWwLz7rEidAWhhLV9YNKp8xG0UXqGw+GRNZ4F5u665dIEnxy
nu3T4itB8k2ivcroUn9KZ9ml3ke5+kKk1c2uy1bFOqGgDcvipsCJZ5Rq8L/bnK6C
X+jdaeuc5OQCsIVp12B+mQCz2fFzWU4cbTz69QGtDtWmlw==
-----END CERTIFICATE-----
Generated at Mon Dec 9 08:51:40 2024 by rpki-client on console-fra.rpki-client.org