Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134352e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3134352e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          B25iw/A90VaFWsKV0F7KuuhsLXJ4KXf/dAgPOQt0LsQ=
Subject key identifier:   3E:EC:65:4F:0B:46:E0:A6:B3:2D:AE:56:B9:DF:70:43:A2:53:09:16
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       28A2AB84A18C056DDD84360ECA9BEAE229A9E25D
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134352e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 09 Oct 2024 18:00:00 +0000
ROA not before:           Wed 09 Oct 2024 17:55:00 +0000
ROA not after:            Wed 08 Oct 2025 18:00:00 +0000
asID:                     28403
IP address blocks:        200.68.145.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:a2:ab:84:a1:8c:05:6d:dd:84:36:0e:ca:9b:ea:e2:29:a9:e2:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Oct  9 17:55:00 2024 GMT
            Not After : Oct  8 18:00:00 2025 GMT
        Subject: CN=3EEC654F0B46E0A6B32DAE56B9DF7043A2530916
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:bc:1e:78:a1:7b:ba:ad:a6:af:a9:c6:f2:ad:
                    e3:fa:de:c0:40:bf:e9:b0:24:f9:c2:7a:7c:b2:29:
                    82:e5:fb:f2:38:ba:96:11:e0:47:ca:97:1a:ce:28:
                    a5:5f:42:d6:25:4d:b6:54:fd:c4:da:fe:c4:28:bc:
                    f0:6a:12:99:f6:82:72:b2:a9:39:f3:d1:8a:4d:35:
                    ce:f8:ed:79:79:38:7a:df:96:66:a8:51:6b:5c:6f:
                    05:d0:05:8b:97:bd:ea:55:3a:a6:7d:07:63:b0:b9:
                    ae:51:6b:a1:75:f1:30:51:ed:ec:48:6f:ff:3d:d0:
                    5f:87:85:81:24:bf:93:c3:33:73:a3:5e:fd:23:ab:
                    57:ab:d8:ad:89:28:13:dd:33:6a:cd:8c:40:49:97:
                    b6:cf:a5:91:74:53:b3:20:dd:09:ef:5c:39:d5:58:
                    0d:69:c2:0e:cc:1c:84:12:fd:fb:d9:09:9e:96:d6:
                    26:53:4a:c3:7d:9e:db:12:18:7e:4b:9b:ff:2c:5b:
                    07:c3:b7:78:dd:e4:ce:47:af:bf:82:b6:3f:51:ce:
                    8d:8a:3b:a2:7b:83:2a:e8:27:f1:36:c2:65:db:43:
                    58:f2:39:3b:98:3c:dd:43:bd:10:37:0b:c9:cc:60:
                    91:ec:4a:3e:22:38:5a:21:83:05:0b:c0:65:5d:0a:
                    8e:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:EC:65:4F:0B:46:E0:A6:B3:2D:AE:56:B9:DF:70:43:A2:53:09:16
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134352e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:15:04:d9:41:13:e7:83:91:fc:4c:83:90:ba:46:2b:a1:0f:
         f7:6b:5d:62:cc:5a:7e:d9:0f:85:86:be:81:10:4e:76:c7:8a:
         4e:6f:a3:07:b0:1f:3f:76:d4:4d:3a:89:bc:34:3e:98:d0:a1:
         fb:8b:e2:58:dc:ad:7a:e2:4f:05:61:61:d0:1a:bd:61:ae:6b:
         b8:23:2c:1a:15:18:b2:6a:c1:59:8f:d3:fa:6f:5e:09:38:b3:
         ca:29:b9:f5:62:78:30:84:12:b9:17:8e:f2:80:2d:08:e5:7f:
         a7:0b:5c:37:86:c9:38:f1:25:60:ac:8d:72:9b:36:a5:03:35:
         72:f2:0b:6a:0e:a6:8f:39:cc:e2:a9:48:f4:2c:0b:47:3d:77:
         ac:96:ce:61:41:72:d8:b2:ee:e9:28:ea:50:a2:aa:4b:46:ed:
         3b:bb:5a:28:a0:d2:77:8b:40:38:68:3d:be:ae:64:c1:ff:e0:
         46:01:bc:6e:5d:45:26:d2:b6:2b:86:dd:48:0d:a2:dd:49:83:
         40:f4:91:5b:50:7d:fb:44:00:12:9f:5f:a3:45:2a:af:28:c7:
         d6:ba:69:6e:7c:75:c6:92:a9:31:47:0d:b1:b3:5b:c2:70:a1:
         de:e6:da:6e:2c:2a:6e:eb:a8:93:69:57:d9:c9:1d:27:81:a7:
         d2:56:c4:a3
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUKKKrhKGMBW3dhDYOypvq4imp4l0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDEwMDkxNzU1MDBaFw0yNTEwMDgxODAwMDBaMDMxMTAvBgNV
BAMTKDNFRUM2NTRGMEI0NkUwQTZCMzJEQUU1NkI5REY3MDQzQTI1MzA5MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQvB54oXu6raavqcbyreP63sBA
v+mwJPnCenyyKYLl+/I4upYR4EfKlxrOKKVfQtYlTbZU/cTa/sQovPBqEpn2gnKy
qTnz0YpNNc747Xl5OHrflmaoUWtcbwXQBYuXvepVOqZ9B2Owua5Ra6F18TBR7exI
b/890F+HhYEkv5PDM3OjXv0jq1er2K2JKBPdM2rNjEBJl7bPpZF0U7Mg3QnvXDnV
WA1pwg7MHIQS/fvZCZ6W1iZTSsN9ntsSGH5Lm/8sWwfDt3jd5M5Hr7+Ctj9Rzo2K
O6J7gyroJ/E2wmXbQ1jyOTuYPN1DvRA3C8nMYJHsSj4iOFohgwULwGVdCo75AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUPuxlTwtG4KazLa5Wud9wQ6JTCRYwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNDM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEkTAN
BgkqhkiG9w0BAQsFAAOCAQEAahUE2UET54OR/EyDkLpGK6EP92tdYsxaftkPhYa+
gRBOdseKTm+jB7AfP3bUTTqJvDQ+mNCh+4viWNyteuJPBWFh0Bq9Ya5ruCMsGhUY
smrBWY/T+m9eCTizyim59WJ4MIQSuReO8oAtCOV/pwtcN4bJOPElYKyNcps2pQM1
cvILag6mjznM4qlI9CwLRz13rJbOYUFy2LLu6SjqUKKqS0btO7taKKDSd4tAOGg9
vq5kwf/gRgG8bl1FJtK2K4bdSA2i3UmDQPSRW1B9+0QAEp9fo0UqryjH1rppbnx1
xpKpMUcNsbNbwnCh3ubabiwqbuuok2lX2ckdJ4Gn0lbEow==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org