Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134302e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3134302e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          qw+hHu88fxub3s8wi4srlRfn0CS4BzEM9YjU1o7jWP8=
Subject key identifier:   49:58:A7:2C:7D:2E:1D:99:2B:90:76:A3:24:24:4E:7A:89:2A:87:8E
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       1D674C276A417F44B36333D460010BA54942D4B4
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134302e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 15:45:03 +0000
ROA not before:           Wed 04 Sep 2024 15:40:03 +0000
ROA not after:            Wed 03 Sep 2025 15:45:03 +0000
asID:                     28403
IP address blocks:        200.68.140.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:67:4c:27:6a:41:7f:44:b3:63:33:d4:60:01:0b:a5:49:42:d4:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:40:03 2024 GMT
            Not After : Sep  3 15:45:03 2025 GMT
        Subject: CN=4958A72C7D2E1D992B9076A324244E7A892A878E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:6e:42:8c:78:b3:74:d0:cf:b1:88:f6:82:b1:
                    fe:b7:0b:5c:cb:f5:39:a9:01:0a:31:d5:31:3d:e8:
                    11:b4:5f:88:cb:8e:38:ea:21:f5:28:45:35:cc:a6:
                    e4:95:c2:d3:b6:13:02:ee:7a:84:e2:cb:61:05:ed:
                    8d:5b:b0:a0:87:11:8c:7e:3d:10:2b:e8:eb:b2:d8:
                    fa:71:cc:e8:11:2c:ed:43:d1:93:8e:07:9d:0d:ed:
                    f4:82:cc:4c:2d:48:1f:4d:e7:81:fb:56:cd:2b:4c:
                    a5:93:00:89:6a:34:3e:17:cf:ea:9c:ec:fb:bc:59:
                    fe:d6:e0:10:03:25:a2:c8:f6:b4:c1:db:62:8b:5c:
                    3b:7a:d8:c7:7f:f6:00:29:6d:79:03:84:8d:ca:b0:
                    5d:4a:79:bf:05:e4:13:e0:fe:6e:42:f1:81:a5:05:
                    bd:64:77:3a:cc:ea:e5:37:67:03:ce:ad:7c:a3:eb:
                    96:de:fd:13:a2:8d:91:8d:fd:ac:97:e0:05:7b:14:
                    c1:d1:c1:8d:9d:a4:97:22:31:b4:34:40:cf:f6:dd:
                    45:da:c4:c4:be:f2:ae:a5:c9:8e:c9:25:80:5a:b5:
                    91:5c:88:ec:6b:c5:53:d5:a1:bc:38:c0:d2:20:48:
                    87:47:34:ed:c8:3c:ca:4f:0c:f8:d6:51:2e:b6:8e:
                    5b:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:58:A7:2C:7D:2E:1D:99:2B:90:76:A3:24:24:4E:7A:89:2A:87:8E
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134302e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:7c:e9:01:48:10:aa:30:0a:4f:9e:f6:31:36:86:5b:31:11:
         5a:10:38:1a:62:8c:a6:ae:79:58:fa:bb:03:4c:ea:ac:b0:01:
         0c:5f:11:fd:d4:fd:63:b5:f2:2c:e2:97:c5:e3:84:f1:bf:37:
         d3:0a:5d:ea:d4:3b:1a:fd:54:c2:01:1b:06:ae:a0:50:df:e8:
         7b:36:b2:3a:fe:39:5c:15:75:31:72:23:6c:54:16:a4:2c:b7:
         4e:3c:6b:43:9c:3e:5d:d6:f7:7e:f0:66:51:42:b4:c5:5e:7e:
         86:b4:68:58:b4:ac:d3:a6:52:c7:10:03:ed:30:ea:12:a7:83:
         1f:2e:cc:d8:0d:e7:95:f1:86:df:3e:90:b1:15:dd:8a:50:cd:
         74:62:5a:e0:fb:fc:66:9d:84:3e:5c:0a:47:67:6b:dc:40:4b:
         a8:93:ac:c4:f0:58:f2:19:89:b7:0f:32:99:89:25:58:85:54:
         f3:b8:af:a6:55:d9:bf:e1:ed:3c:ff:9b:24:6d:49:8f:55:76:
         ff:22:2b:b2:4d:80:90:a3:f3:56:da:d0:63:f5:c7:ca:c6:7c:
         4c:8d:2c:07:a6:12:7d:b6:b4:55:50:1e:92:11:60:57:f1:17:
         4e:ad:e6:d2:96:dc:7f:6e:ad:1e:1f:8d:6e:39:ca:f6:0c:ac:
         c1:e3:7e:56
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUHWdMJ2pBf0SzYzPUYAELpUlC1LQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTQwMDNaFw0yNTA5MDMxNTQ1MDNaMDMxMTAvBgNV
BAMTKDQ5NThBNzJDN0QyRTFEOTkyQjkwNzZBMzI0MjQ0RTdBODkyQTg3OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCabkKMeLN00M+xiPaCsf63C1zL
9TmpAQox1TE96BG0X4jLjjjqIfUoRTXMpuSVwtO2EwLueoTiy2EF7Y1bsKCHEYx+
PRAr6Ouy2PpxzOgRLO1D0ZOOB50N7fSCzEwtSB9N54H7Vs0rTKWTAIlqND4Xz+qc
7Pu8Wf7W4BADJaLI9rTB22KLXDt62Md/9gApbXkDhI3KsF1Keb8F5BPg/m5C8YGl
Bb1kdzrM6uU3ZwPOrXyj65be/ROijZGN/ayX4AV7FMHRwY2dpJciMbQ0QM/23UXa
xMS+8q6lyY7JJYBatZFciOxrxVPVobw4wNIgSIdHNO3IPMpPDPjWUS62jltLAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUSVinLH0uHZkrkHajJCROeokqh44wHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNDMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEjDAN
BgkqhkiG9w0BAQsFAAOCAQEALXzpAUgQqjAKT572MTaGWzERWhA4GmKMpq55WPq7
A0zqrLABDF8R/dT9Y7XyLOKXxeOE8b830wpd6tQ7Gv1UwgEbBq6gUN/oezayOv45
XBV1MXIjbFQWpCy3TjxrQ5w+Xdb3fvBmUUK0xV5+hrRoWLSs06ZSxxAD7TDqEqeD
Hy7M2A3nlfGG3z6QsRXdilDNdGJa4Pv8Zp2EPlwKR2dr3EBLqJOsxPBY8hmJtw8y
mYklWIVU87ivplXZv+HtPP+bJG1Jj1V2/yIrsk2AkKPzVtrQY/XHysZ8TI0sB6YS
fba0VVAekhFgV/EXTq3m0pbcf26tHh+NbjnK9gysweN+Vg==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org