Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136312e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3136312e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          LfdomWaFMxkC8WMszSsYkDWDgiRPryFR+wW7g03U69Y=
Subject key identifier:   86:7D:B7:CA:1E:E2:0C:92:4E:A5:A1:67:D9:30:43:52:1C:2E:04:5A
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       0C1E7D8115754E84A4A92084A657BBC2788E99C4
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136312e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 16:00:04 +0000
ROA not before:           Wed 04 Sep 2024 15:55:04 +0000
ROA not after:            Wed 03 Sep 2025 16:00:04 +0000
asID:                     28403
IP address blocks:        200.68.161.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:1e:7d:81:15:75:4e:84:a4:a9:20:84:a6:57:bb:c2:78:8e:99:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:55:04 2024 GMT
            Not After : Sep  3 16:00:04 2025 GMT
        Subject: CN=867DB7CA1EE20C924EA5A167D93043521C2E045A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:d1:ec:da:c8:43:19:75:a7:c6:84:8d:e6:72:
                    60:d8:ba:f7:0c:ba:19:c0:3c:64:f0:8b:ff:6a:ac:
                    78:4c:19:ee:f2:47:1c:11:43:5f:ef:9d:f4:e8:1a:
                    6e:8a:f6:06:11:21:51:11:6d:1f:7b:6c:28:19:4f:
                    bb:97:e1:ef:1b:dd:45:32:44:cf:aa:5a:e4:00:f7:
                    b0:92:76:8d:c9:cf:0c:34:fb:7c:76:ea:bf:5e:a6:
                    f5:be:5e:cf:89:aa:06:de:e3:b9:63:ce:3d:ee:ed:
                    ef:7d:82:fa:ab:47:c8:cd:d9:f3:22:dc:1d:a5:97:
                    ee:af:7a:77:bf:5d:88:04:12:5c:e1:d0:be:20:92:
                    56:73:51:24:4a:60:c8:fd:9d:d1:70:c0:9f:d8:c0:
                    6e:b0:07:00:2a:2d:e3:dd:fb:d0:b5:df:79:59:6e:
                    8e:2d:13:5e:c9:8e:41:27:29:d3:2f:27:90:0d:46:
                    56:1f:be:2f:48:b5:6f:48:39:28:c6:81:1a:37:bd:
                    ba:16:95:e6:ed:a4:34:bb:cf:1e:a8:ad:90:b0:e6:
                    27:e8:03:05:4b:b8:c4:22:f4:17:61:17:ee:bd:f5:
                    bc:6d:bd:7e:27:3d:6d:2b:47:6c:3c:08:3a:06:45:
                    01:c4:54:32:cd:06:89:36:fa:0c:2e:d6:c5:8d:96:
                    69:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:7D:B7:CA:1E:E2:0C:92:4E:A5:A1:67:D9:30:43:52:1C:2E:04:5A
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136312e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:b9:8a:bb:34:25:8c:4c:92:6b:f9:77:0e:ad:a5:07:bd:0c:
         6c:18:21:85:a8:67:fb:9b:ee:1a:8e:96:b7:56:cb:d8:50:a2:
         32:31:73:98:be:36:d1:44:3c:3d:47:af:7d:f2:55:cd:cc:4a:
         11:5e:2b:ad:04:40:27:72:8d:a7:8a:3f:97:33:e1:aa:55:62:
         d2:90:68:e5:5a:09:88:c1:00:48:5d:54:56:2d:00:ca:ee:90:
         d4:bb:0a:86:64:5b:92:33:c5:ed:52:b7:0c:40:60:f1:5c:bc:
         aa:37:7d:d7:de:22:03:55:e9:19:2f:7b:6a:c7:d0:bd:6d:e5:
         aa:ad:6a:cc:fa:3a:55:23:7c:7b:71:a5:37:3b:74:95:ff:e3:
         c1:26:ec:22:9e:e6:d4:b8:12:35:41:2b:80:b4:86:e7:75:d4:
         51:be:49:fa:a5:14:1e:cf:bb:3e:4f:01:a1:6c:30:45:4e:c6:
         65:fa:8f:91:14:ac:f0:c8:61:6c:b5:10:98:a8:97:e4:48:f0:
         b7:e2:d1:a2:34:2b:20:2c:d2:52:5c:0c:61:ec:07:0b:29:c0:
         7f:4c:05:c9:3c:0f:76:f3:80:7d:83:64:67:18:ff:45:3e:12:
         e0:df:c4:6c:12:b6:81:dd:c7:35:44:c0:10:a1:2f:b7:a1:e9:
         4b:b2:53:03
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUDB59gRV1ToSkqSCEple7wniOmcQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTU1MDRaFw0yNTA5MDMxNjAwMDRaMDMxMTAvBgNV
BAMTKDg2N0RCN0NBMUVFMjBDOTI0RUE1QTE2N0Q5MzA0MzUyMUMyRTA0NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF0ezayEMZdafGhI3mcmDYuvcM
uhnAPGTwi/9qrHhMGe7yRxwRQ1/vnfToGm6K9gYRIVERbR97bCgZT7uX4e8b3UUy
RM+qWuQA97CSdo3Jzww0+3x26r9epvW+Xs+Jqgbe47ljzj3u7e99gvqrR8jN2fMi
3B2ll+6vene/XYgEElzh0L4gklZzUSRKYMj9ndFwwJ/YwG6wBwAqLePd+9C133lZ
bo4tE17JjkEnKdMvJ5ANRlYfvi9ItW9IOSjGgRo3vboWlebtpDS7zx6orZCw5ifo
AwVLuMQi9BdhF+699bxtvX4nPW0rR2w8CDoGRQHEVDLNBok2+gwu1sWNlmkRAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUhn23yh7iDJJOpaFn2TBDUhwuBFowHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNjMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEoTAN
BgkqhkiG9w0BAQsFAAOCAQEAY7mKuzQljEySa/l3Dq2lB70MbBghhahn+5vuGo6W
t1bL2FCiMjFzmL420UQ8PUevffJVzcxKEV4rrQRAJ3KNp4o/lzPhqlVi0pBo5VoJ
iMEASF1UVi0Ayu6Q1LsKhmRbkjPF7VK3DEBg8Vy8qjd9194iA1XpGS97asfQvW3l
qq1qzPo6VSN8e3GlNzt0lf/jwSbsIp7m1LgSNUErgLSG53XUUb5J+qUUHs+7Pk8B
oWwwRU7GZfqPkRSs8MhhbLUQmKiX5Ejwt+LRojQrICzSUlwMYewHCynAf0wFyTwP
dvOAfYNkZxj/RT4S4N/EbBK2gd3HNUTAEKEvt6HpS7JTAw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 08:04:21 2024 by rpki-client on console-fra.rpki-client.org