Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136322e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3136322e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          oMsAJ48OxGzDKY2014jOQtluqkOG73XVfmG1N28aG4c=
Subject key identifier:   B4:48:C2:62:DD:4D:4C:A4:70:BE:F4:AB:4D:79:44:59:75:92:7A:5D
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       53C0B8DE4CCE1D671556B84A0E4305C8D1D055C3
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136322e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 16:00:02 +0000
ROA not before:           Wed 04 Sep 2024 15:55:02 +0000
ROA not after:            Wed 03 Sep 2025 16:00:02 +0000
asID:                     28403
IP address blocks:        200.68.162.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:c0:b8:de:4c:ce:1d:67:15:56:b8:4a:0e:43:05:c8:d1:d0:55:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:55:02 2024 GMT
            Not After : Sep  3 16:00:02 2025 GMT
        Subject: CN=B448C262DD4D4CA470BEF4AB4D79445975927A5D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:82:5d:4d:32:e8:d2:37:86:b6:64:c9:fe:f4:
                    07:71:bf:e0:fd:61:0c:50:5f:e8:73:4c:1e:f8:81:
                    72:95:66:af:01:91:49:6f:e0:16:ee:15:4d:7b:fe:
                    ac:2c:97:b1:20:03:ae:d4:50:c6:7e:e4:94:89:62:
                    38:8c:49:f3:a5:c3:2f:6a:43:08:8e:1b:7b:ba:35:
                    c4:c0:aa:16:c3:bb:3c:84:a8:2a:b3:04:24:ed:c9:
                    fb:3b:6d:1d:c2:9b:9f:6f:c5:11:ed:39:93:42:5a:
                    e8:75:ed:de:99:03:da:56:a1:0c:59:07:6a:ec:dd:
                    d4:08:05:99:f3:5c:c4:ae:d3:8c:54:47:1a:f9:3a:
                    2e:27:22:fc:c4:6d:ca:fb:de:ef:2a:f8:9a:cb:8a:
                    04:d6:cc:e4:dc:47:14:58:1a:7f:43:2d:60:d2:ee:
                    b4:c7:fa:59:e0:1b:6a:3a:05:38:1b:27:d7:0d:e7:
                    34:f5:34:25:23:10:fc:08:1c:58:49:6d:97:4a:37:
                    ad:da:08:7d:48:93:e5:d4:7e:e8:ea:f0:35:8d:7b:
                    c2:d8:29:4b:c0:b3:d5:88:22:da:75:4f:5a:9a:27:
                    06:ca:10:ed:ac:6d:09:72:c6:9f:f4:71:e5:0a:47:
                    56:71:75:87:2c:1c:a8:27:57:6c:64:d5:38:1a:d7:
                    dd:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:48:C2:62:DD:4D:4C:A4:70:BE:F4:AB:4D:79:44:59:75:92:7A:5D
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136322e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:0e:19:12:f3:96:c1:c5:0d:5e:25:2c:53:8a:8c:6f:cf:53:
         9f:73:b8:8c:96:03:e2:18:b1:50:75:df:21:c0:e3:80:54:d8:
         e3:b4:da:be:70:29:75:4f:45:2c:7a:6e:68:02:a6:44:de:fc:
         a2:62:7c:3d:3e:6b:3b:5b:1d:fc:32:54:17:c2:cd:f8:30:b6:
         80:49:92:38:c3:dc:f9:a1:df:2b:22:52:a0:cd:b4:64:88:68:
         1c:64:d5:4c:9b:ee:3e:5d:48:27:7a:8b:3c:7c:75:82:24:74:
         44:0f:57:de:34:85:42:9c:ff:d8:4e:93:ce:a9:5c:05:ff:7e:
         06:63:a6:6b:36:6a:53:04:4c:11:db:0c:94:d9:56:d5:f6:c0:
         f4:b5:83:95:1c:bd:9c:04:d8:ca:ad:d8:a1:ef:93:ae:ed:1d:
         3f:81:dd:7b:6c:6c:07:0e:66:a1:24:c0:cb:dd:2d:fe:ab:58:
         91:06:b3:f2:95:d4:a1:a8:c3:41:a3:5a:75:e6:1a:3f:63:0a:
         24:0f:ef:af:c6:60:f0:b9:09:7b:2f:38:a1:d8:d8:76:58:43:
         c4:f0:b2:9b:c8:f5:f6:67:72:cc:af:44:6d:a6:d3:6b:3b:5a:
         b0:56:a1:16:d3:7b:bb:c6:8c:09:1b:68:03:1a:ab:8a:df:52:
         44:ef:b9:ec
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUU8C43kzOHWcVVrhKDkMFyNHQVcMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTU1MDJaFw0yNTA5MDMxNjAwMDJaMDMxMTAvBgNV
BAMTKEI0NDhDMjYyREQ0RDRDQTQ3MEJFRjRBQjRENzk0NDU5NzU5MjdBNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTgl1NMujSN4a2ZMn+9Adxv+D9
YQxQX+hzTB74gXKVZq8BkUlv4BbuFU17/qwsl7EgA67UUMZ+5JSJYjiMSfOlwy9q
QwiOG3u6NcTAqhbDuzyEqCqzBCTtyfs7bR3Cm59vxRHtOZNCWuh17d6ZA9pWoQxZ
B2rs3dQIBZnzXMSu04xURxr5Oi4nIvzEbcr73u8q+JrLigTWzOTcRxRYGn9DLWDS
7rTH+lngG2o6BTgbJ9cN5zT1NCUjEPwIHFhJbZdKN63aCH1Ik+XUfujq8DWNe8LY
KUvAs9WIItp1T1qaJwbKEO2sbQlyxp/0ceUKR1ZxdYcsHKgnV2xk1Tga191zAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUtEjCYt1NTKRwvvSrTXlEWXWSel0wHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNjMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEojAN
BgkqhkiG9w0BAQsFAAOCAQEAkg4ZEvOWwcUNXiUsU4qMb89Tn3O4jJYD4hixUHXf
IcDjgFTY47TavnApdU9FLHpuaAKmRN78omJ8PT5rO1sd/DJUF8LN+DC2gEmSOMPc
+aHfKyJSoM20ZIhoHGTVTJvuPl1IJ3qLPHx1giR0RA9X3jSFQpz/2E6TzqlcBf9+
BmOmazZqUwRMEdsMlNlW1fbA9LWDlRy9nATYyq3Yoe+Tru0dP4Hde2xsBw5moSTA
y90t/qtYkQaz8pXUoajDQaNadeYaP2MKJA/vr8Zg8LkJey84odjYdlhDxPCym8j1
9mdyzK9EbabTaztasFahFtN7u8aMCRtoAxqrit9SRO+57A==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org