Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134332e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3134332e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          mTYE3ZN18b31zFvhnOkTe3hSQt5eZHhaDv+O3+P/Znk=
Subject key identifier:   AA:48:2C:4C:5F:7C:AA:51:20:81:55:FF:09:79:49:7B:82:6E:E9:8D
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       101177272F0CE22D50959023DA15EBB235DDE030
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134332e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 15:50:01 +0000
ROA not before:           Wed 04 Sep 2024 15:45:01 +0000
ROA not after:            Wed 03 Sep 2025 15:50:01 +0000
asID:                     28403
IP address blocks:        200.68.143.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:11:77:27:2f:0c:e2:2d:50:95:90:23:da:15:eb:b2:35:dd:e0:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:45:01 2024 GMT
            Not After : Sep  3 15:50:01 2025 GMT
        Subject: CN=AA482C4C5F7CAA51208155FF0979497B826EE98D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:68:51:39:42:04:83:34:4a:c7:6f:ab:11:be:
                    cd:c5:0f:94:25:20:3b:43:9e:80:92:a9:72:2e:a4:
                    31:10:06:74:54:df:e1:69:1a:5b:97:98:89:5c:dd:
                    a3:c6:36:66:e9:22:13:55:3d:21:7a:c3:71:00:a5:
                    b1:c5:00:ac:ed:6c:02:32:4b:af:53:63:9d:a6:11:
                    82:e2:ff:45:34:d2:29:1d:88:0c:bf:50:d5:bd:28:
                    f1:23:17:11:ee:45:9f:d3:b5:1a:03:80:10:2d:df:
                    c2:e3:38:30:35:b1:86:25:92:02:a9:fc:c7:92:63:
                    2e:8b:3c:36:d1:3d:9d:00:57:e2:8c:06:cc:31:c2:
                    95:07:56:3e:18:54:41:02:b3:c2:47:47:7e:7b:f1:
                    02:d4:33:3b:5a:f4:f3:f4:e8:ce:28:83:93:f1:52:
                    18:fa:7a:07:8b:29:b5:8c:b8:2c:1b:0d:23:bb:e6:
                    51:af:13:d0:3b:7c:d8:70:7b:72:df:d6:b6:11:66:
                    15:0b:88:44:7e:74:6f:f9:6f:c2:20:8c:1f:0e:5d:
                    44:41:eb:75:82:1d:fa:4c:a6:8c:10:33:81:eb:d9:
                    5a:0c:35:86:cf:d6:2b:24:89:cc:43:e3:79:29:bc:
                    7d:c7:99:db:7c:84:f2:12:29:c1:be:75:a8:94:c8:
                    6f:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:48:2C:4C:5F:7C:AA:51:20:81:55:FF:09:79:49:7B:82:6E:E9:8D
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134332e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:b3:5f:18:c5:b9:62:1b:2a:92:5b:ca:9d:71:1d:63:cf:db:
         cc:86:43:db:a6:f6:ae:3c:a4:f0:9e:81:fd:98:d0:57:64:fd:
         47:66:7a:9d:a3:23:1f:26:4a:bd:6d:e3:d8:10:65:e2:3b:be:
         50:e8:bd:36:66:0d:64:a5:22:70:91:73:ba:ac:71:47:66:e4:
         26:3c:7e:f6:93:21:de:d1:a7:e6:43:84:32:9a:29:9f:ef:30:
         80:62:55:90:0c:12:69:23:12:ad:66:d5:e1:51:61:7e:c4:e8:
         4b:42:b8:a7:6d:52:65:43:03:73:61:15:1f:b3:b1:9f:8d:61:
         d7:12:14:cc:44:1f:ec:82:1f:f1:5a:d9:11:e5:98:80:cf:90:
         76:2d:6b:c2:be:e4:65:45:b3:f4:e5:e4:1e:72:62:cc:de:76:
         fc:0a:2d:d7:b9:09:c0:e9:3c:92:d9:b8:f0:88:d8:46:2a:a4:
         45:96:a1:a8:72:b0:8c:da:63:81:40:21:3b:7e:8e:14:51:01:
         c6:3c:28:39:40:8b:aa:44:18:bb:94:55:23:a4:14:9d:66:f9:
         75:a4:3c:9d:e7:4a:dd:b8:61:08:80:7d:4c:95:a9:4f:fb:ed:
         ea:99:0a:2c:e3:3c:bf:f4:78:59:ca:91:49:54:af:f7:6a:7a:
         7d:4b:fd:4b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUEBF3Jy8M4i1QlZAj2hXrsjXd4DAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTQ1MDFaFw0yNTA5MDMxNTUwMDFaMDMxMTAvBgNV
BAMTKEFBNDgyQzRDNUY3Q0FBNTEyMDgxNTVGRjA5Nzk0OTdCODI2RUU5OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTaFE5QgSDNErHb6sRvs3FD5Ql
IDtDnoCSqXIupDEQBnRU3+FpGluXmIlc3aPGNmbpIhNVPSF6w3EApbHFAKztbAIy
S69TY52mEYLi/0U00ikdiAy/UNW9KPEjFxHuRZ/TtRoDgBAt38LjODA1sYYlkgKp
/MeSYy6LPDbRPZ0AV+KMBswxwpUHVj4YVEECs8JHR3578QLUMzta9PP06M4og5Px
Uhj6egeLKbWMuCwbDSO75lGvE9A7fNhwe3Lf1rYRZhULiER+dG/5b8IgjB8OXURB
63WCHfpMpowQM4Hr2VoMNYbP1iskicxD43kpvH3Hmdt8hPISKcG+daiUyG9HAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUqkgsTF98qlEggVX/CXlJe4Ju6Y0wHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNDMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEjzAN
BgkqhkiG9w0BAQsFAAOCAQEACLNfGMW5YhsqklvKnXEdY8/bzIZD26b2rjyk8J6B
/ZjQV2T9R2Z6naMjHyZKvW3j2BBl4ju+UOi9NmYNZKUicJFzuqxxR2bkJjx+9pMh
3tGn5kOEMpopn+8wgGJVkAwSaSMSrWbV4VFhfsToS0K4p21SZUMDc2EVH7Oxn41h
1xIUzEQf7IIf8VrZEeWYgM+Qdi1rwr7kZUWz9OXkHnJizN52/Aot17kJwOk8ktm4
8IjYRiqkRZahqHKwjNpjgUAhO36OFFEBxjwoOUCLqkQYu5RVI6QUnWb5daQ8nedK
3bhhCIB9TJWpT/vt6pkKLOM8v/R4WcqRSVSv92p6fUv9Sw==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org