Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134392e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3134392e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          Tnoe1rscf9dh1f1F9n2Dpl5vp0CmgNYTK+geFEcB3Es=
Subject key identifier:   A1:88:09:70:67:3A:0F:A0:82:1F:88:BE:D8:43:A3:D0:9B:00:77:37
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       15A39F141322C46B6C17B29302B44B4EF15B6582
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134392e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 15:55:01 +0000
ROA not before:           Wed 04 Sep 2024 15:50:01 +0000
ROA not after:            Wed 03 Sep 2025 15:55:01 +0000
asID:                     28403
IP address blocks:        200.68.149.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:a3:9f:14:13:22:c4:6b:6c:17:b2:93:02:b4:4b:4e:f1:5b:65:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:50:01 2024 GMT
            Not After : Sep  3 15:55:01 2025 GMT
        Subject: CN=A1880970673A0FA0821F88BED843A3D09B007737
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:8a:20:ba:8e:48:7c:e3:fa:31:80:f5:4e:65:
                    b2:5c:e4:84:f0:c7:d9:54:14:40:bc:0b:d4:53:07:
                    9f:c7:2c:b3:42:3e:a6:75:72:11:07:ed:22:fe:12:
                    7c:7e:0e:38:92:65:a4:00:6d:27:f2:bc:67:90:40:
                    bc:63:27:3b:6c:f9:15:0e:22:16:97:2e:67:09:63:
                    56:9e:5e:4c:29:98:0c:6f:60:64:8b:52:32:67:b1:
                    54:52:cd:3a:cd:73:14:93:04:d7:b5:73:ca:09:f1:
                    a6:e9:ac:19:36:e3:65:85:24:a8:48:1e:dc:62:ca:
                    49:a8:11:33:ab:97:b3:79:7f:d3:1b:5b:a2:94:94:
                    71:80:0e:a7:5a:02:68:69:e0:b8:b6:58:e2:ae:87:
                    36:1a:4b:33:ca:c3:da:c0:03:63:25:57:45:74:bb:
                    13:45:fa:6f:48:ba:6d:45:7a:27:98:49:0a:44:d3:
                    fa:20:d6:8e:33:52:85:78:a9:6f:6c:31:92:78:d7:
                    03:43:88:00:02:00:77:2a:48:cb:9b:0b:c6:86:e3:
                    35:1e:dc:22:c7:54:1d:c1:d6:c4:21:47:49:e8:a1:
                    cd:7e:e5:0b:75:62:8d:d5:ab:2c:86:3c:be:9f:1d:
                    a1:5a:3e:92:c8:28:35:5e:71:5e:70:7e:43:52:40:
                    1b:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:88:09:70:67:3A:0F:A0:82:1F:88:BE:D8:43:A3:D0:9B:00:77:37
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3134392e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:de:15:db:42:86:27:b2:08:f7:aa:ec:bf:84:cf:2e:74:da:
         f6:e1:28:7f:b4:1c:8c:e4:75:bc:c1:d8:12:10:24:97:2d:c7:
         47:49:31:a7:c3:47:b4:9a:d2:e8:23:45:0f:5f:07:e4:54:2b:
         54:1a:53:fa:01:0a:99:d8:a3:72:77:07:bf:03:e1:31:e2:1d:
         a3:df:da:fa:95:fb:74:f7:03:48:43:63:12:76:76:14:38:29:
         82:79:ea:8b:d3:89:ec:b0:91:e1:a5:b9:63:1a:98:d8:5e:d0:
         2f:e1:d6:f1:e8:1a:dc:c9:17:11:5c:3f:61:38:67:0e:1f:0c:
         9c:82:78:e0:be:d4:a2:70:3a:1e:fe:81:79:65:6c:ec:b1:47:
         ba:86:2b:b5:dd:a5:9e:72:d9:e9:98:a3:67:ad:a8:14:d2:2b:
         1f:9f:44:a5:ef:c3:33:cc:47:71:c3:4a:ce:55:26:70:55:d8:
         a5:28:e1:0a:6f:48:0b:f7:f3:fb:df:f2:3e:4c:7d:71:c3:bb:
         3f:17:e8:ae:c6:da:df:42:ae:cf:42:6b:e0:d6:01:94:ca:c1:
         3a:0a:82:4c:c8:b7:cd:a6:c5:06:71:0e:b8:13:03:be:86:9c:
         98:67:83:d2:67:06:9e:3e:99:b3:17:57:9f:03:e1:d9:b4:8f:
         1e:4f:fb:cd
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUFaOfFBMixGtsF7KTArRLTvFbZYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTUwMDFaFw0yNTA5MDMxNTU1MDFaMDMxMTAvBgNV
BAMTKEExODgwOTcwNjczQTBGQTA4MjFGODhCRUQ4NDNBM0QwOUIwMDc3MzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmiiC6jkh84/oxgPVOZbJc5ITw
x9lUFEC8C9RTB5/HLLNCPqZ1chEH7SL+Enx+DjiSZaQAbSfyvGeQQLxjJzts+RUO
IhaXLmcJY1aeXkwpmAxvYGSLUjJnsVRSzTrNcxSTBNe1c8oJ8abprBk242WFJKhI
HtxiykmoETOrl7N5f9MbW6KUlHGADqdaAmhp4Li2WOKuhzYaSzPKw9rAA2MlV0V0
uxNF+m9Ium1FeieYSQpE0/og1o4zUoV4qW9sMZJ41wNDiAACAHcqSMubC8aG4zUe
3CLHVB3B1sQhR0nooc1+5Qt1Yo3VqyyGPL6fHaFaPpLIKDVecV5wfkNSQBvXAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUoYgJcGc6D6CCH4i+2EOj0JsAdzcwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNDM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhElTAN
BgkqhkiG9w0BAQsFAAOCAQEAj94V20KGJ7II96rsv4TPLnTa9uEof7QcjOR1vMHY
EhAkly3HR0kxp8NHtJrS6CNFD18H5FQrVBpT+gEKmdijcncHvwPhMeIdo9/a+pX7
dPcDSENjEnZ2FDgpgnnqi9OJ7LCR4aW5YxqY2F7QL+HW8ega3MkXEVw/YThnDh8M
nIJ44L7UonA6Hv6BeWVs7LFHuoYrtd2lnnLZ6ZijZ62oFNIrH59Epe/DM8xHccNK
zlUmcFXYpSjhCm9IC/fz+9/yPkx9ccO7Pxforsba30Kuz0Jr4NYBlMrBOgqCTMi3
zabFBnEOuBMDvoacmGeD0mcGnj6ZsxdXnwPh2bSPHk/7zQ==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org