Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133382e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3133382e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          3WY7qUxQ4SQrWXbMGdDVpdnR1WeOLS5coP3ZE7/7xxg=
Subject key identifier:   C3:C8:36:10:44:23:6D:90:9B:AE:DF:55:3F:F3:39:7A:1C:A4:88:6D
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       526DD9F8D3768D9389C0CCD1359E0F1877AE6A47
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133382e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 15:45:03 +0000
ROA not before:           Wed 04 Sep 2024 15:40:03 +0000
ROA not after:            Wed 03 Sep 2025 15:45:03 +0000
asID:                     28403
IP address blocks:        200.68.138.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:6d:d9:f8:d3:76:8d:93:89:c0:cc:d1:35:9e:0f:18:77:ae:6a:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:40:03 2024 GMT
            Not After : Sep  3 15:45:03 2025 GMT
        Subject: CN=C3C8361044236D909BAEDF553FF3397A1CA4886D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:59:26:a5:23:45:18:01:31:29:ac:0a:b3:4e:
                    72:0a:d2:95:6d:45:46:f5:50:53:27:42:96:d5:6e:
                    c8:31:b3:60:1d:22:4b:4a:52:93:8f:7f:20:e7:3b:
                    cb:b0:86:98:94:25:be:05:32:ba:8c:72:3d:59:52:
                    98:93:17:0d:f1:53:dd:1a:40:b5:3b:27:84:4d:4a:
                    bc:9f:69:4d:c8:d4:08:6d:36:e2:99:46:96:47:a8:
                    de:25:ae:27:f9:1a:8c:f4:b2:48:5f:cc:5f:44:6d:
                    aa:c8:08:80:bc:05:50:95:91:7f:d0:e7:31:14:67:
                    ca:07:59:c2:e2:79:68:b1:62:07:bd:98:b9:6c:e3:
                    59:13:84:b9:9f:e8:07:30:90:8c:04:03:cb:ba:91:
                    5b:b2:f6:f8:ef:5e:1f:74:4a:87:98:c8:40:10:a6:
                    f0:9c:c1:2f:52:26:f5:48:a5:01:da:33:c0:78:98:
                    79:50:40:92:a3:a1:2a:4f:c9:84:a2:5f:63:50:2e:
                    ed:5d:62:6a:50:d3:b1:c9:9d:ed:6c:99:77:77:09:
                    15:20:b0:e2:51:38:46:16:bf:f8:c8:cb:7f:c6:5b:
                    3f:2e:29:4a:69:ea:ef:4c:15:e9:d5:48:9f:26:94:
                    92:db:a7:30:22:15:0e:f3:94:ec:be:ac:b5:c1:60:
                    40:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:C8:36:10:44:23:6D:90:9B:AE:DF:55:3F:F3:39:7A:1C:A4:88:6D
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133382e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:fd:a4:2c:c4:30:90:c1:ea:03:93:60:18:0b:d0:5c:d7:4e:
         4a:ca:83:8a:f3:c5:06:b6:07:e7:ea:19:93:da:15:c8:a5:c2:
         e9:d0:eb:a3:5d:33:dc:62:62:b3:d9:81:36:41:7e:81:ce:6a:
         42:7e:26:57:93:05:ab:ce:39:72:53:48:9f:ca:a0:0a:22:5b:
         4f:ff:4c:60:0b:ac:0a:d2:d7:de:97:3c:66:c2:e9:6f:c9:48:
         a3:a3:39:58:e9:be:bc:71:9e:19:d1:ef:43:84:1b:3e:6a:41:
         89:68:cb:02:2c:e7:60:56:1c:1c:c4:b2:a3:bd:97:4c:fd:3f:
         91:e2:8c:40:7c:8b:a8:34:d4:84:24:a2:eb:df:62:01:d3:ba:
         d1:2c:39:0e:fc:ba:cf:25:d2:1f:82:29:ac:08:87:1f:a7:da:
         12:89:a5:f2:78:3d:46:98:a4:61:89:2b:c1:49:12:07:8e:07:
         9e:c1:a2:29:d0:32:92:07:f8:e4:9f:ad:ed:74:c7:67:9f:17:
         b2:32:dc:00:aa:69:10:42:fb:82:5d:25:5c:52:8d:0a:29:c2:
         61:0d:cf:d6:47:e2:53:de:fe:ed:71:4e:fc:ab:7e:56:99:68:
         1b:af:52:32:cb:1d:e3:7c:10:64:11:2d:b4:da:80:aa:98:1f:
         ce:a7:dc:f4
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUUm3Z+NN2jZOJwMzRNZ4PGHeuakcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTQwMDNaFw0yNTA5MDMxNTQ1MDNaMDMxMTAvBgNV
BAMTKEMzQzgzNjEwNDQyMzZEOTA5QkFFREY1NTNGRjMzOTdBMUNBNDg4NkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/WSalI0UYATEprAqzTnIK0pVt
RUb1UFMnQpbVbsgxs2AdIktKUpOPfyDnO8uwhpiUJb4FMrqMcj1ZUpiTFw3xU90a
QLU7J4RNSryfaU3I1AhtNuKZRpZHqN4lrif5Goz0skhfzF9EbarICIC8BVCVkX/Q
5zEUZ8oHWcLieWixYge9mLls41kThLmf6AcwkIwEA8u6kVuy9vjvXh90SoeYyEAQ
pvCcwS9SJvVIpQHaM8B4mHlQQJKjoSpPyYSiX2NQLu1dYmpQ07HJne1smXd3CRUg
sOJROEYWv/jIy3/GWz8uKUpp6u9MFenVSJ8mlJLbpzAiFQ7zlOy+rLXBYEBvAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUw8g2EEQjbZCbrt9VP/M5ehykiG0wHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzMzM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEijAN
BgkqhkiG9w0BAQsFAAOCAQEAgP2kLMQwkMHqA5NgGAvQXNdOSsqDivPFBrYH5+oZ
k9oVyKXC6dDro10z3GJis9mBNkF+gc5qQn4mV5MFq845clNIn8qgCiJbT/9MYAus
CtLX3pc8ZsLpb8lIo6M5WOm+vHGeGdHvQ4QbPmpBiWjLAiznYFYcHMSyo72XTP0/
keKMQHyLqDTUhCSi699iAdO60Sw5Dvy6zyXSH4IprAiHH6faEoml8ng9RpikYYkr
wUkSB44HnsGiKdAykgf45J+t7XTHZ58XsjLcAKppEEL7gl0lXFKNCinCYQ3P1kfi
U97+7XFO/Kt+VploG69SMssd43wQZBEttNqAqpgfzqfc9A==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org