Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3135332e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3135332e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          TeaxTX5RvelnOtCghfDf6Eq+12In8+2G8WWkFu1kLUA=
Subject key identifier:   70:0E:54:D5:98:7A:30:92:6B:80:BB:9B:FC:0C:A3:E8:E0:14:C6:A6
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       7453BB045BF523EA374464854AFB2FCF64FB04A9
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3135332e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 16:00:03 +0000
ROA not before:           Wed 04 Sep 2024 15:55:03 +0000
ROA not after:            Wed 03 Sep 2025 16:00:03 +0000
asID:                     28403
IP address blocks:        200.68.153.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:53:bb:04:5b:f5:23:ea:37:44:64:85:4a:fb:2f:cf:64:fb:04:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:55:03 2024 GMT
            Not After : Sep  3 16:00:03 2025 GMT
        Subject: CN=700E54D5987A30926B80BB9BFC0CA3E8E014C6A6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:89:cb:c5:bf:f8:81:16:e5:d0:b2:64:9a:31:
                    a7:f2:da:7f:1f:fa:38:3d:55:9e:cf:47:e5:b8:ff:
                    17:70:0f:fe:f8:1c:8b:bf:62:74:82:94:40:7a:7f:
                    cb:c2:fb:42:78:d6:80:d3:cc:87:92:60:fd:74:54:
                    84:57:e3:b8:93:d1:bd:56:16:62:c3:8d:24:fa:1b:
                    ea:a4:12:44:df:d9:ea:76:3d:d5:ef:a7:e3:63:59:
                    43:1f:98:d8:4e:3a:d4:05:d0:aa:b2:c1:98:b1:52:
                    0a:41:77:82:ff:d0:ab:e9:e7:35:d7:08:63:41:38:
                    28:c0:3c:06:e9:46:4d:fe:2f:78:34:46:a6:1e:2c:
                    74:fe:26:4e:31:4c:b1:0e:09:08:a5:b9:f0:92:44:
                    63:9f:11:b3:85:f9:b3:2a:65:21:e4:60:f6:ec:71:
                    1a:6c:b0:04:44:3f:8c:52:13:31:fa:2b:ee:9f:f5:
                    40:0b:68:ea:b6:47:36:10:49:22:c6:f9:95:6a:0e:
                    c4:1a:e8:9a:c1:4d:cd:3d:31:9f:ab:94:bf:c1:32:
                    53:4c:cc:ab:3e:b8:76:3f:65:9c:8a:8b:fd:fc:a8:
                    e5:f5:cd:4b:b7:70:1d:ec:8e:36:d1:f6:bc:a1:25:
                    d6:29:07:16:12:4a:12:01:39:e2:7b:47:63:55:6b:
                    d6:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:0E:54:D5:98:7A:30:92:6B:80:BB:9B:FC:0C:A3:E8:E0:14:C6:A6
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3135332e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:07:02:e3:d6:1e:a4:8f:d1:28:05:90:03:a5:d2:0e:52:01:
         9b:0a:85:af:e6:b0:6d:5f:78:5e:33:18:fa:9a:a4:7a:b2:e5:
         ab:09:cb:29:44:80:c6:bf:19:72:4e:3b:00:00:09:f8:58:2d:
         8b:27:9f:cc:c4:97:e3:88:61:0b:76:bc:40:dc:b5:27:ee:e1:
         42:26:ef:ee:8f:17:79:d4:f9:a2:cf:ab:ab:47:6b:91:82:3c:
         2e:47:9e:49:5b:0e:c0:8d:d4:39:82:7b:bc:0b:e9:07:96:5e:
         84:eb:33:b7:22:5a:4a:ba:78:28:a9:d1:32:7b:b3:ab:49:92:
         1e:ca:5e:e2:f7:2b:51:8a:da:b9:58:a7:01:6a:aa:63:42:ba:
         a2:3d:f3:bc:39:14:f1:8b:5f:fc:3f:ad:5f:61:1e:a0:ba:01:
         e2:98:42:8c:54:80:60:1d:c0:3d:43:e3:d1:b3:3b:2c:2d:3a:
         2f:a8:ac:88:53:1a:73:ed:ea:73:5a:9d:b8:b2:fc:f5:27:1e:
         6a:92:ca:24:61:0e:6a:b8:ba:d6:09:3d:81:cd:ab:54:15:3e:
         00:2a:90:01:51:60:14:f9:5d:9b:8d:2d:0b:b2:e1:75:d1:44:
         e4:1e:99:c2:06:b7:d3:23:c5:cd:57:38:e7:21:16:c1:ee:e6:
         81:60:16:66
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUdFO7BFv1I+o3RGSFSvsvz2T7BKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTU1MDNaFw0yNTA5MDMxNjAwMDNaMDMxMTAvBgNV
BAMTKDcwMEU1NEQ1OTg3QTMwOTI2QjgwQkI5QkZDMENBM0U4RTAxNEM2QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQicvFv/iBFuXQsmSaMafy2n8f
+jg9VZ7PR+W4/xdwD/74HIu/YnSClEB6f8vC+0J41oDTzIeSYP10VIRX47iT0b1W
FmLDjST6G+qkEkTf2ep2PdXvp+NjWUMfmNhOOtQF0KqywZixUgpBd4L/0Kvp5zXX
CGNBOCjAPAbpRk3+L3g0RqYeLHT+Jk4xTLEOCQilufCSRGOfEbOF+bMqZSHkYPbs
cRpssAREP4xSEzH6K+6f9UALaOq2RzYQSSLG+ZVqDsQa6JrBTc09MZ+rlL/BMlNM
zKs+uHY/ZZyKi/38qOX1zUu3cB3sjjbR9ryhJdYpBxYSShIBOeJ7R2NVa9YBAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUcA5U1Zh6MJJrgLub/Ayj6OAUxqYwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNTMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEmTAN
BgkqhkiG9w0BAQsFAAOCAQEAigcC49YepI/RKAWQA6XSDlIBmwqFr+awbV94XjMY
+pqkerLlqwnLKUSAxr8Zck47AAAJ+FgtiyefzMSX44hhC3a8QNy1J+7hQibv7o8X
edT5os+rq0drkYI8LkeeSVsOwI3UOYJ7vAvpB5ZehOsztyJaSrp4KKnRMnuzq0mS
Hspe4vcrUYrauVinAWqqY0K6oj3zvDkU8Ytf/D+tX2EeoLoB4phCjFSAYB3APUPj
0bM7LC06L6isiFMac+3qc1qduLL89SceapLKJGEOari61gk9gc2rVBU+ACqQAVFg
FPldm40tC7LhddFE5B6Zwga30yPFzVc45yEWwe7mgWAWZg==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org