Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133392e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3133392e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          96pvJoym31O/8tP7rbh7VIpaG2pZyacWctNN3Fc/Otc=
Subject key identifier:   B5:64:82:67:55:FE:3E:D0:BD:98:87:19:BD:AA:9C:C1:66:36:3F:7C
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       1AB96DE0AC268D715A68821AEC31C6EA425AB447
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133392e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 15:45:01 +0000
ROA not before:           Wed 04 Sep 2024 15:40:01 +0000
ROA not after:            Wed 03 Sep 2025 15:45:01 +0000
asID:                     28403
IP address blocks:        200.68.139.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:b9:6d:e0:ac:26:8d:71:5a:68:82:1a:ec:31:c6:ea:42:5a:b4:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:40:01 2024 GMT
            Not After : Sep  3 15:45:01 2025 GMT
        Subject: CN=B564826755FE3ED0BD988719BDAA9CC166363F7C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:a8:de:b8:5f:66:b0:ce:d5:37:bd:c6:65:e1:
                    e5:33:99:02:c0:4d:7e:14:0c:e2:53:6d:0b:31:c2:
                    70:f5:77:4d:e8:b3:d9:89:a0:a3:7a:91:73:41:b8:
                    8b:17:8a:bd:90:84:1a:0c:44:06:30:95:e3:d9:c1:
                    e9:d2:53:42:cd:d7:8d:17:c7:19:67:a3:4e:c8:35:
                    66:15:90:c2:1d:f2:d5:6e:2d:e1:aa:c4:0b:fc:32:
                    9c:9e:e1:88:ab:ac:39:52:5b:69:03:3d:61:71:78:
                    5b:08:5e:13:26:e5:26:93:51:8c:89:31:fb:34:a3:
                    96:c3:1a:3c:a4:13:98:46:9c:f6:f6:1a:9e:b7:cb:
                    31:43:66:a5:5e:57:f1:38:57:4a:f0:18:b9:17:85:
                    42:a6:f0:e4:88:3c:5e:f5:95:9a:c9:da:2c:ca:60:
                    70:f3:87:e1:d5:ba:2a:99:e5:b0:43:1d:2b:2c:a8:
                    b0:cb:4e:77:c8:c7:3b:2f:52:08:79:48:f3:bf:96:
                    48:02:82:be:bc:00:a1:c4:bc:7f:9c:41:f0:6b:cb:
                    8e:e6:dd:61:2e:a0:b2:44:25:e1:fc:cd:63:e2:76:
                    92:80:1f:43:88:68:9c:e9:18:59:1c:de:8a:88:b7:
                    73:29:92:e1:58:48:b9:ef:d7:5d:0c:65:1a:d0:27:
                    e2:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:64:82:67:55:FE:3E:D0:BD:98:87:19:BD:AA:9C:C1:66:36:3F:7C
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3133392e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:d4:99:f1:ae:55:59:f3:07:18:0c:05:0c:13:21:3f:39:65:
         4e:f6:8e:b0:9c:47:60:64:52:f1:58:44:9d:a0:a8:3d:29:69:
         5c:1e:43:fc:fb:8f:56:ac:9e:08:3a:1a:68:4e:39:45:13:c2:
         a4:a5:57:c6:30:1e:e1:c2:1d:e2:a3:c9:03:66:4b:f8:de:2e:
         e3:39:cc:1b:3f:fb:54:af:30:98:01:27:33:f3:3f:b1:11:80:
         f9:4e:35:82:39:3f:24:4b:7c:22:f7:33:d4:34:61:a1:0a:82:
         74:e6:0a:72:c3:4a:2e:70:00:c4:17:e9:37:93:54:f3:06:79:
         05:a9:1f:11:49:cf:49:18:02:ec:b6:1e:b2:93:4b:a9:96:3e:
         d6:5f:e4:31:65:a7:0a:79:18:1a:aa:a3:4a:01:79:8b:3e:e1:
         71:df:e6:8b:e9:22:5b:52:18:b6:c1:d3:44:c1:6e:37:d5:2a:
         75:df:b0:66:a3:72:4f:50:d6:98:a5:0d:df:28:81:4c:5d:d5:
         c4:a6:8b:e5:f8:99:99:f3:43:67:73:e5:55:43:67:74:f2:22:
         ec:36:b6:8f:ee:f2:32:be:b5:29:fb:44:7b:97:c2:17:7d:19:
         b5:d8:00:d6:a6:ea:6b:65:3f:20:30:07:ca:26:9d:a7:e8:67:
         08:ee:8d:bf
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUGrlt4KwmjXFaaIIa7DHG6kJatEcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTQwMDFaFw0yNTA5MDMxNTQ1MDFaMDMxMTAvBgNV
BAMTKEI1NjQ4MjY3NTVGRTNFRDBCRDk4ODcxOUJEQUE5Q0MxNjYzNjNGN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMqN64X2awztU3vcZl4eUzmQLA
TX4UDOJTbQsxwnD1d03os9mJoKN6kXNBuIsXir2QhBoMRAYwlePZwenSU0LN140X
xxlno07INWYVkMId8tVuLeGqxAv8Mpye4YirrDlSW2kDPWFxeFsIXhMm5SaTUYyJ
Mfs0o5bDGjykE5hGnPb2Gp63yzFDZqVeV/E4V0rwGLkXhUKm8OSIPF71lZrJ2izK
YHDzh+HVuiqZ5bBDHSssqLDLTnfIxzsvUgh5SPO/lkgCgr68AKHEvH+cQfBry47m
3WEuoLJEJeH8zWPidpKAH0OIaJzpGFkc3oqIt3MpkuFYSLnv110MZRrQJ+I1AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUtWSCZ1X+PtC9mIcZvaqcwWY2P3wwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzMzM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEizAN
BgkqhkiG9w0BAQsFAAOCAQEADdSZ8a5VWfMHGAwFDBMhPzllTvaOsJxHYGRS8VhE
naCoPSlpXB5D/PuPVqyeCDoaaE45RRPCpKVXxjAe4cId4qPJA2ZL+N4u4znMGz/7
VK8wmAEnM/M/sRGA+U41gjk/JEt8Ivcz1DRhoQqCdOYKcsNKLnAAxBfpN5NU8wZ5
BakfEUnPSRgC7LYespNLqZY+1l/kMWWnCnkYGqqjSgF5iz7hcd/mi+kiW1IYtsHT
RMFuN9Uqdd+wZqNyT1DWmKUN3yiBTF3VxKaL5fiZmfNDZ3PlVUNndPIi7Da2j+7y
Mr61KftEe5fCF30ZtdgA1qbqa2U/IDAHyiadp+hnCO6Nvw==
-----END CERTIFICATE-----
Generated at Mon Dec 9 08:51:40 2024 by rpki-client on console-fra.rpki-client.org