Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133372e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3133372e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          a1T/chfEQJBCleqFDADUZ1DZJUaLceTrVWxjxbTcP7A=
Subject key identifier:   6C:7C:7F:D3:41:77:F2:A2:DB:B1:D2:C8:A8:D1:FA:38:64:B5:1C:BA
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       08E11B0E0772004E36F71DEFBE4A70184EB51093
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133372e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 15:45:00 +0000
ROA not before:           Wed 04 Sep 2024 15:40:00 +0000
ROA not after:            Wed 03 Sep 2025 15:45:00 +0000
asID:                     28403
IP address blocks:        200.68.137.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:e1:1b:0e:07:72:00:4e:36:f7:1d:ef:be:4a:70:18:4e:b5:10:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:40:00 2024 GMT
            Not After : Sep  3 15:45:00 2025 GMT
        Subject: CN=6C7C7FD34177F2A2DBB1D2C8A8D1FA3864B51CBA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:a3:f7:5f:f5:ae:a0:f5:a6:44:be:0b:dd:90:
                    2c:78:d4:e1:46:57:eb:08:3c:d2:fe:66:ef:58:d7:
                    e7:f6:b9:09:09:4d:44:96:c4:1a:c0:81:7c:45:d7:
                    87:d5:41:48:f7:74:3d:5d:c4:4b:7f:e0:5d:78:c3:
                    41:0b:9d:56:6a:26:d3:48:e9:8c:f6:b0:1c:b4:d1:
                    00:1d:24:d0:da:fb:29:cd:5f:e4:db:89:35:b1:6a:
                    b7:3c:ed:90:fa:09:f0:40:2e:f3:5c:f0:fb:47:1b:
                    c3:35:64:e7:d9:a1:c1:0e:4a:c0:c4:36:a6:0a:ac:
                    fe:8c:60:d1:42:0c:a8:f4:d2:96:4d:f5:88:aa:dc:
                    b4:d0:d3:ac:86:f2:86:15:52:9a:9d:6c:5e:e3:e1:
                    5b:c0:70:13:dd:63:8b:da:64:50:af:a1:ab:ca:93:
                    73:ad:fc:90:0e:83:c3:d4:18:74:bb:a6:b8:03:7b:
                    cc:1b:a7:26:1f:b0:9c:ea:f1:d4:cd:f9:b1:7e:ca:
                    e4:b7:71:2a:27:4e:17:22:f5:b6:67:3f:23:c6:98:
                    a5:05:16:3b:70:0b:d6:af:f0:b7:d7:2e:f4:81:3d:
                    7d:5d:57:0f:f3:40:95:4d:9c:e3:9f:69:fa:75:67:
                    65:a9:a2:29:3e:0b:c1:d7:64:05:7d:8e:33:07:2c:
                    53:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:7C:7F:D3:41:77:F2:A2:DB:B1:D2:C8:A8:D1:FA:38:64:B5:1C:BA
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133372e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:00:43:75:c4:b0:7f:a0:8e:0f:e0:3a:c0:0f:84:a8:d5:d4:
         88:69:af:7f:3e:40:94:be:84:11:da:ca:76:86:08:c8:87:94:
         0a:aa:25:56:66:a7:5c:37:cb:bf:3c:51:ec:ab:1c:f5:4c:1d:
         54:a7:af:9c:56:75:f9:75:09:66:28:85:9c:70:11:13:eb:99:
         84:79:6a:64:62:ad:68:8c:92:4a:3b:9a:0e:85:65:2d:c7:43:
         32:d1:60:13:74:2b:a3:c1:75:b4:29:78:4e:61:70:3b:a4:2a:
         dd:5c:c6:60:55:dd:f8:4c:7f:63:bc:ce:75:9c:7a:e3:53:00:
         e5:2f:69:fc:03:f2:eb:7f:2f:e9:d6:b3:ca:46:4c:55:5b:f1:
         62:50:a8:26:a5:87:56:8f:b0:f0:f2:d6:cf:9b:2a:43:cf:81:
         62:c5:71:5d:ff:30:93:54:9a:7c:54:6a:3e:23:26:e8:c9:e7:
         9e:f2:ab:31:96:d5:69:aa:8e:d3:c9:81:2b:37:0b:c3:3a:0b:
         28:55:5d:a9:c6:31:e1:dc:51:79:ff:e1:3e:0c:46:67:c9:b9:
         8b:61:93:53:ab:6b:ba:51:ca:de:a9:94:24:59:1b:ae:72:b0:
         9a:25:bd:b8:4b:ed:0a:f9:23:ae:ab:06:af:a0:c0:df:32:d4:
         f8:11:64:dd
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUCOEbDgdyAE429x3vvkpwGE61EJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTQwMDBaFw0yNTA5MDMxNTQ1MDBaMDMxMTAvBgNV
BAMTKDZDN0M3RkQzNDE3N0YyQTJEQkIxRDJDOEE4RDFGQTM4NjRCNTFDQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXo/df9a6g9aZEvgvdkCx41OFG
V+sIPNL+Zu9Y1+f2uQkJTUSWxBrAgXxF14fVQUj3dD1dxEt/4F14w0ELnVZqJtNI
6Yz2sBy00QAdJNDa+ynNX+TbiTWxarc87ZD6CfBALvNc8PtHG8M1ZOfZocEOSsDE
NqYKrP6MYNFCDKj00pZN9Yiq3LTQ06yG8oYVUpqdbF7j4VvAcBPdY4vaZFCvoavK
k3Ot/JAOg8PUGHS7prgDe8wbpyYfsJzq8dTN+bF+yuS3cSonThci9bZnPyPGmKUF
FjtwC9av8LfXLvSBPX1dVw/zQJVNnOOfafp1Z2Wpoik+C8HXZAV9jjMHLFMlAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUbHx/00F38qLbsdLIqNH6OGS1HLowHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzMzM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEiTAN
BgkqhkiG9w0BAQsFAAOCAQEAKQBDdcSwf6COD+A6wA+EqNXUiGmvfz5AlL6EEdrK
doYIyIeUCqolVmanXDfLvzxR7Ksc9UwdVKevnFZ1+XUJZiiFnHARE+uZhHlqZGKt
aIySSjuaDoVlLcdDMtFgE3Qro8F1tCl4TmFwO6Qq3VzGYFXd+Ex/Y7zOdZx641MA
5S9p/APy638v6dazykZMVVvxYlCoJqWHVo+w8PLWz5sqQ8+BYsVxXf8wk1SafFRq
PiMm6MnnnvKrMZbVaaqO08mBKzcLwzoLKFVdqcYx4dxRef/hPgxGZ8m5i2GTU6tr
ulHK3qmUJFkbrnKwmiW9uEvtCvkjrqsGr6DA3zLU+BFk3Q==
-----END CERTIFICATE-----
Generated at Mon Dec 9 08:51:40 2024 by rpki-client on console-fra.rpki-client.org