Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3135302e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3135302e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          DJS3b9CQhyoQ9hSxq8/5TGh9R8hGtEPQiy3CYGLkN9g=
Subject key identifier:   ED:9C:0B:9E:8F:7C:B1:8D:F2:9F:FD:11:80:DA:A9:9B:0E:8B:E1:D7
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       28D85C6806848B6D7BDE3E4224B6308A43DA2CCA
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3135302e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 15:55:00 +0000
ROA not before:           Wed 04 Sep 2024 15:50:00 +0000
ROA not after:            Wed 03 Sep 2025 15:55:00 +0000
asID:                     28403
IP address blocks:        200.68.150.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:d8:5c:68:06:84:8b:6d:7b:de:3e:42:24:b6:30:8a:43:da:2c:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:50:00 2024 GMT
            Not After : Sep  3 15:55:00 2025 GMT
        Subject: CN=ED9C0B9E8F7CB18DF29FFD1180DAA99B0E8BE1D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:28:2c:fb:a1:b1:84:73:9c:f2:b0:b6:80:f5:
                    4a:27:06:c5:0f:91:2a:ac:83:85:9a:e0:2f:e0:c8:
                    c7:f3:ba:b3:a6:23:97:8b:3e:6d:c1:3a:8f:84:60:
                    b6:62:38:e7:21:b0:0a:8c:8c:f1:a6:9e:93:3a:f1:
                    c3:14:00:02:ef:04:20:02:f4:f1:07:42:71:06:cf:
                    b4:d5:b7:18:0b:7d:9f:8c:96:13:62:96:91:23:0c:
                    19:d7:d5:87:d0:87:d7:d0:51:b1:99:eb:05:e2:0e:
                    9d:d3:b1:9c:ae:62:4d:7b:78:55:a5:4c:2b:1e:0c:
                    c6:9c:ae:af:a4:8b:99:ea:8a:66:28:ee:34:a4:69:
                    0b:16:15:8d:96:c9:e4:b2:17:13:b2:55:1b:b8:c1:
                    d7:1c:70:f3:19:31:d1:31:bc:d3:57:e7:bd:47:b5:
                    9c:34:d4:e2:b3:89:bc:dc:5c:42:f9:1f:30:2a:7c:
                    aa:db:21:cf:f7:f4:c5:26:c0:73:a4:3c:0f:d8:65:
                    24:e0:40:5f:47:0b:49:0e:65:58:9d:8b:18:00:39:
                    fc:0e:ed:d9:71:6f:29:1a:9f:60:97:4c:54:ab:93:
                    34:61:72:5e:b2:9a:c8:9b:f1:a6:d2:4e:ff:b2:db:
                    0b:7e:ae:ae:9a:d5:af:db:11:0a:01:48:df:e4:4e:
                    fb:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:9C:0B:9E:8F:7C:B1:8D:F2:9F:FD:11:80:DA:A9:9B:0E:8B:E1:D7
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3135302e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:44:0e:fc:9c:44:2d:87:01:ad:17:06:81:f4:44:a9:71:67:
         83:84:ee:d8:4e:c0:83:d3:f4:a8:01:9e:b6:da:d6:c0:53:c7:
         a9:f7:35:01:f3:af:6d:77:cc:64:a8:ef:ab:24:89:91:24:27:
         b1:7a:27:d7:d4:7a:3e:9c:6a:f2:2b:d2:0c:f2:57:43:76:e2:
         7e:69:ce:e7:03:d1:25:73:b6:6f:b5:c9:55:d3:82:0c:7e:f4:
         dd:74:0e:78:01:1e:df:d2:55:f7:90:56:03:a3:c4:b8:8c:b1:
         f4:aa:35:40:08:19:1e:ca:07:53:7c:b1:1e:67:08:f6:19:3c:
         09:dc:51:40:38:1e:96:05:92:98:6f:f0:17:10:0d:46:9f:e9:
         cd:33:39:0f:6c:e1:9d:ce:55:fe:1e:5e:c0:59:79:27:91:77:
         26:4d:2c:dc:69:28:37:6d:31:e1:08:d5:80:d4:9c:00:81:37:
         2d:fe:88:90:ac:af:c3:62:2d:21:80:c5:fa:1a:4f:24:7f:45:
         e5:48:a7:e9:3f:cf:e9:cc:d6:da:08:75:e0:22:df:10:07:03:
         25:26:1a:b7:b2:30:e1:35:c5:f8:a0:e0:10:f2:7e:63:57:b3:
         90:22:51:ae:c8:1a:2d:3e:05:65:9e:6e:cd:bd:d0:28:98:e1:
         4f:a4:05:ee
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUKNhcaAaEi2173j5CJLYwikPaLMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTUwMDBaFw0yNTA5MDMxNTU1MDBaMDMxMTAvBgNV
BAMTKEVEOUMwQjlFOEY3Q0IxOERGMjlGRkQxMTgwREFBOTlCMEU4QkUxRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9KCz7obGEc5zysLaA9UonBsUP
kSqsg4Wa4C/gyMfzurOmI5eLPm3BOo+EYLZiOOchsAqMjPGmnpM68cMUAALvBCAC
9PEHQnEGz7TVtxgLfZ+MlhNilpEjDBnX1YfQh9fQUbGZ6wXiDp3TsZyuYk17eFWl
TCseDMacrq+ki5nqimYo7jSkaQsWFY2WyeSyFxOyVRu4wdcccPMZMdExvNNX571H
tZw01OKzibzcXEL5HzAqfKrbIc/39MUmwHOkPA/YZSTgQF9HC0kOZVidixgAOfwO
7dlxbykan2CXTFSrkzRhcl6ymsib8abSTv+y2wt+rq6a1a/bEQoBSN/kTvtfAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU7ZwLno98sY3yn/0RgNqpmw6L4dcwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNTMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEljAN
BgkqhkiG9w0BAQsFAAOCAQEAT0QO/JxELYcBrRcGgfREqXFng4Tu2E7Ag9P0qAGe
ttrWwFPHqfc1AfOvbXfMZKjvqySJkSQnsXon19R6Ppxq8ivSDPJXQ3bifmnO5wPR
JXO2b7XJVdOCDH703XQOeAEe39JV95BWA6PEuIyx9Ko1QAgZHsoHU3yxHmcI9hk8
CdxRQDgelgWSmG/wFxANRp/pzTM5D2zhnc5V/h5ewFl5J5F3Jk0s3GkoN20x4QjV
gNScAIE3Lf6IkKyvw2ItIYDF+hpPJH9F5Uin6T/P6czW2gh14CLfEAcDJSYat7Iw
4TXF+KDgEPJ+Y1ezkCJRrsgaLT4FZZ5uzb3QKJjhT6QF7g==
-----END CERTIFICATE-----
Generated at Mon Dec 9 08:51:40 2024 by rpki-client on console-fra.rpki-client.org