Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134382e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3134382e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          jinnqi4ZXCAxpUZI+2X7oLmG1Sm0tQns3qze4P9fx4Y=
Subject key identifier:   91:5D:CA:D8:1F:61:5C:FB:2E:F3:3A:B2:7E:D6:75:CE:F1:50:C5:68
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       2C0F77B62A59BFB38F57C36AC7C7FA5250BC690F
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134382e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 15:55:00 +0000
ROA not before:           Wed 04 Sep 2024 15:50:00 +0000
ROA not after:            Wed 03 Sep 2025 15:55:00 +0000
asID:                     28403
IP address blocks:        200.68.148.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:0f:77:b6:2a:59:bf:b3:8f:57:c3:6a:c7:c7:fa:52:50:bc:69:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:50:00 2024 GMT
            Not After : Sep  3 15:55:00 2025 GMT
        Subject: CN=915DCAD81F615CFB2EF33AB27ED675CEF150C568
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b8:2d:64:09:58:58:6a:d5:f5:f1:5f:eb:a0:
                    48:a6:98:ac:04:66:5b:67:8b:3f:9d:e1:d9:65:39:
                    e0:98:a1:35:70:ac:6d:21:9a:44:78:08:6c:18:83:
                    d3:b6:1d:0c:bb:c6:d6:f0:02:ea:28:11:bb:36:6f:
                    e7:db:8a:ca:45:c6:bc:cc:97:8f:cf:c7:62:52:af:
                    63:20:cd:fd:aa:46:a1:6f:ef:34:d9:1a:8d:a7:0a:
                    22:af:ea:a0:da:47:cc:21:5e:fd:c1:79:e6:eb:7f:
                    56:98:0c:2b:85:62:fa:cb:7f:ac:80:e0:2a:05:80:
                    ad:9f:46:55:45:f0:a4:b2:e1:73:a4:15:e4:06:52:
                    ea:f2:db:10:2c:52:77:cf:e9:59:aa:1e:11:c5:e1:
                    62:40:96:c5:7c:0e:12:5c:d4:b9:df:7a:ee:0b:5e:
                    99:b0:a2:5f:f5:60:0a:88:c0:f1:28:bf:ab:8e:00:
                    aa:9e:1b:3c:ec:1d:09:3a:0e:23:c6:d7:75:f6:bd:
                    cb:21:01:f5:bb:5c:df:44:c2:85:ab:72:c3:54:65:
                    b3:e7:7f:81:bc:eb:f0:51:2b:59:37:4e:83:00:49:
                    a7:33:41:ed:e1:d0:a0:de:36:48:95:ef:ac:e2:3e:
                    26:67:41:b5:c6:b0:5c:13:98:5d:03:7a:fa:f7:59:
                    4b:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:5D:CA:D8:1F:61:5C:FB:2E:F3:3A:B2:7E:D6:75:CE:F1:50:C5:68
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134382e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:85:b7:11:09:a1:46:f5:43:17:fc:01:67:a8:87:41:5c:f9:
         2a:53:30:8a:68:bf:c6:2d:98:6f:45:e2:dd:c4:b9:a8:c6:11:
         45:fc:f8:f2:4d:e7:33:83:fd:aa:da:a9:fc:8c:a5:65:02:9b:
         aa:a3:da:47:6d:7e:2d:06:79:16:13:f9:58:58:6c:d2:83:3b:
         43:f2:a2:4c:85:ef:68:db:41:61:09:61:a0:d2:d7:d8:66:a6:
         c9:37:be:26:62:3b:78:a3:33:4f:a3:d1:a0:01:4c:6d:ce:61:
         0d:5d:57:34:17:10:3d:9c:68:13:c3:3d:06:42:dd:6d:c3:2d:
         de:a1:51:41:be:db:26:c8:09:e5:0d:43:24:9b:ec:e4:90:88:
         41:07:4f:97:a1:ef:c9:8c:d2:42:c9:33:5d:3b:42:4c:bc:09:
         23:f6:20:bc:c0:31:90:49:78:07:9d:39:7e:6a:35:1b:12:a9:
         d6:4a:11:3b:22:79:9c:76:8b:35:13:b9:dd:73:84:2e:e0:4e:
         96:92:98:30:80:29:51:f4:fe:53:ef:ee:14:b6:58:f3:05:e7:
         85:5f:b1:23:46:34:2b:97:5c:65:d4:a7:f9:83:19:43:2b:e1:
         8a:94:39:77:c4:c7:96:19:de:03:14:18:20:aa:eb:48:68:1d:
         db:4a:7a:e4
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIULA93tipZv7OPV8Nqx8f6UlC8aQ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTUwMDBaFw0yNTA5MDMxNTU1MDBaMDMxMTAvBgNV
BAMTKDkxNURDQUQ4MUY2MTVDRkIyRUYzM0FCMjdFRDY3NUNFRjE1MEM1NjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIuC1kCVhYatX18V/roEimmKwE
Zltniz+d4dllOeCYoTVwrG0hmkR4CGwYg9O2HQy7xtbwAuooEbs2b+fbispFxrzM
l4/Px2JSr2Mgzf2qRqFv7zTZGo2nCiKv6qDaR8whXv3Beebrf1aYDCuFYvrLf6yA
4CoFgK2fRlVF8KSy4XOkFeQGUury2xAsUnfP6VmqHhHF4WJAlsV8DhJc1Lnfeu4L
Xpmwol/1YAqIwPEov6uOAKqeGzzsHQk6DiPG13X2vcshAfW7XN9EwoWrcsNUZbPn
f4G86/BRK1k3ToMASaczQe3h0KDeNkiV76ziPiZnQbXGsFwTmF0Devr3WUthAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUkV3K2B9hXPsu8zqyftZ1zvFQxWgwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNDM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhElDAN
BgkqhkiG9w0BAQsFAAOCAQEAUYW3EQmhRvVDF/wBZ6iHQVz5KlMwimi/xi2Yb0Xi
3cS5qMYRRfz48k3nM4P9qtqp/IylZQKbqqPaR21+LQZ5FhP5WFhs0oM7Q/KiTIXv
aNtBYQlhoNLX2GamyTe+JmI7eKMzT6PRoAFMbc5hDV1XNBcQPZxoE8M9BkLdbcMt
3qFRQb7bJsgJ5Q1DJJvs5JCIQQdPl6HvyYzSQskzXTtCTLwJI/YgvMAxkEl4B505
fmo1GxKp1koROyJ5nHaLNRO53XOELuBOlpKYMIApUfT+U+/uFLZY8wXnhV+xI0Y0
K5dcZdSn+YMZQyvhipQ5d8THlhneAxQYIKrrSGgd20p65A==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org