Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3135392e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3135392e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          gTvxH/uc/BBbLrB9aIiupgpnDuwoky4irqC72aAshJg=
Subject key identifier:   2A:9C:85:36:42:B7:15:B0:21:6A:43:62:A8:8F:70:0A:39:3F:C7:97
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       5D4AF988E6357B8653EDB4274E56BC7EB51FBAB2
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3135392e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 25 Sep 2024 16:30:00 +0000
ROA not before:           Wed 25 Sep 2024 16:25:00 +0000
ROA not after:            Wed 24 Sep 2025 16:30:00 +0000
asID:                     28403
IP address blocks:        200.68.159.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:4a:f9:88:e6:35:7b:86:53:ed:b4:27:4e:56:bc:7e:b5:1f:ba:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep 25 16:25:00 2024 GMT
            Not After : Sep 24 16:30:00 2025 GMT
        Subject: CN=2A9C853642B715B0216A4362A88F700A393FC797
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:35:75:32:ed:62:ff:dc:2b:0a:26:77:e4:c8:
                    e3:33:b9:4c:0a:df:f4:8c:ef:6c:c9:95:16:5e:af:
                    74:11:93:37:b7:b4:da:20:29:ff:6f:92:14:0d:5c:
                    8f:8b:18:40:3f:50:22:b6:38:d0:08:79:84:07:22:
                    a0:a4:72:0e:3e:ee:89:49:10:7e:c0:d7:20:f7:64:
                    8b:0b:4f:68:42:24:02:b6:12:72:bc:ee:f1:ab:57:
                    62:b4:1e:3e:6b:ba:d3:85:a7:07:18:26:0f:99:fc:
                    31:b5:dd:d1:37:6b:c2:c3:80:7a:e9:9e:ca:19:18:
                    0a:86:39:b7:5a:19:e9:00:50:c7:0e:8b:a2:a5:b4:
                    dc:2d:bd:b9:3e:f7:5c:38:69:5a:bd:c1:a3:c0:b1:
                    12:36:bd:1b:c4:1e:76:f7:4c:33:61:9a:34:ab:0a:
                    9c:8e:05:c8:9d:fe:65:e5:e2:1b:be:5e:5e:31:ec:
                    f2:ec:b7:7f:4c:ea:70:4d:0f:17:3e:07:77:ae:e4:
                    38:22:e1:12:ba:af:01:7b:b3:25:97:47:3f:8a:62:
                    cb:42:25:f6:2d:af:e0:1e:79:75:c3:d9:35:39:b7:
                    d9:30:40:74:fe:cc:6d:ea:ed:11:86:cf:54:1b:99:
                    63:3c:26:2e:1d:0f:23:d3:c1:43:13:87:15:27:66:
                    b4:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:9C:85:36:42:B7:15:B0:21:6A:43:62:A8:8F:70:0A:39:3F:C7:97
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3135392e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:d3:54:af:8a:64:ea:e1:f6:00:da:52:39:86:88:d9:d9:31:
         ff:76:19:68:33:30:79:51:ee:c4:17:4c:cc:76:70:b8:45:8f:
         cc:53:62:76:93:07:3e:82:db:e7:cc:80:d7:d3:69:a6:f9:d5:
         06:98:ed:4a:e8:4e:59:72:c0:3f:63:06:57:0a:b0:c3:b0:a0:
         a1:a6:2b:c0:dd:a7:ec:cf:58:51:75:52:a7:b0:82:4a:72:e3:
         85:31:fe:4c:24:a4:e0:e1:73:e1:64:c2:2a:70:0e:9e:9c:19:
         e0:3c:38:31:ac:8b:7a:1f:4a:ec:ac:c7:9a:59:5a:a3:7d:f5:
         87:6f:57:23:3b:96:56:00:77:7d:97:e1:cf:53:b8:36:c2:25:
         4c:76:bf:51:0d:3e:65:14:7f:44:3a:0f:fa:8f:a2:72:37:6d:
         0a:58:bb:a4:61:ee:6f:64:79:fd:5a:f6:24:81:97:db:8d:e8:
         0f:2b:92:a4:39:48:66:18:67:34:ce:e1:44:d2:34:9a:6b:a2:
         32:42:5d:5d:61:18:06:cf:30:60:2c:03:f0:fe:4a:d2:76:27:
         5e:41:bc:2c:c1:dd:5c:c1:ef:0b:d6:15:e9:39:10:1d:bf:7d:
         2e:34:d0:c9:ab:9f:0f:e0:13:22:68:04:bb:ea:20:bf:87:7c:
         a4:10:33:ab
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUXUr5iOY1e4ZT7bQnTla8frUfurIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MjUxNjI1MDBaFw0yNTA5MjQxNjMwMDBaMDMxMTAvBgNV
BAMTKDJBOUM4NTM2NDJCNzE1QjAyMTZBNDM2MkE4OEY3MDBBMzkzRkM3OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDINXUy7WL/3CsKJnfkyOMzuUwK
3/SM72zJlRZer3QRkze3tNogKf9vkhQNXI+LGEA/UCK2ONAIeYQHIqCkcg4+7olJ
EH7A1yD3ZIsLT2hCJAK2EnK87vGrV2K0Hj5rutOFpwcYJg+Z/DG13dE3a8LDgHrp
nsoZGAqGObdaGekAUMcOi6KltNwtvbk+91w4aVq9waPAsRI2vRvEHnb3TDNhmjSr
CpyOBcid/mXl4hu+Xl4x7PLst39M6nBNDxc+B3eu5Dgi4RK6rwF7syWXRz+KYstC
JfYtr+AeeXXD2TU5t9kwQHT+zG3q7RGGz1QbmWM8Ji4dDyPTwUMThxUnZrRJAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUKpyFNkK3FbAhakNiqI9wCjk/x5cwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNTM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEnzAN
BgkqhkiG9w0BAQsFAAOCAQEAZ9NUr4pk6uH2ANpSOYaI2dkx/3YZaDMweVHuxBdM
zHZwuEWPzFNidpMHPoLb58yA19NppvnVBpjtSuhOWXLAP2MGVwqww7CgoaYrwN2n
7M9YUXVSp7CCSnLjhTH+TCSk4OFz4WTCKnAOnpwZ4Dw4MayLeh9K7KzHmllao331
h29XIzuWVgB3fZfhz1O4NsIlTHa/UQ0+ZRR/RDoP+o+icjdtCli7pGHub2R5/Vr2
JIGX243oDyuSpDlIZhhnNM7hRNI0mmuiMkJdXWEYBs8wYCwD8P5K0nYnXkG8LMHd
XMHvC9YV6TkQHb99LjTQyaufD+ATImgEu+ogv4d8pBAzqw==
-----END CERTIFICATE-----
Generated at Mon Dec 9 08:51:40 2024 by rpki-client on console-fra.rpki-client.org