Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136342e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3136342e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          b1zvjuto8CZh4XxIUy5bY/DKMW+ZWW2x+3ljWYd2jEE=
Subject key identifier:   24:B1:9C:C0:8D:B9:55:F2:25:C7:2B:CB:F9:B1:47:09:94:2D:F9:03
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       243EB9E1DC7442460EF80A2A59E8CFC9925198CD
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136342e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 16:00:04 +0000
ROA not before:           Wed 04 Sep 2024 15:55:04 +0000
ROA not after:            Wed 03 Sep 2025 16:00:04 +0000
asID:                     28403
IP address blocks:        200.68.164.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:3e:b9:e1:dc:74:42:46:0e:f8:0a:2a:59:e8:cf:c9:92:51:98:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:55:04 2024 GMT
            Not After : Sep  3 16:00:04 2025 GMT
        Subject: CN=24B19CC08DB955F225C72BCBF9B14709942DF903
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:03:d2:18:74:1a:af:8c:80:7d:3f:05:15:c2:
                    f4:72:63:22:e0:b6:c3:08:be:c8:85:5b:fb:8c:c5:
                    d8:e3:cf:0c:c0:f8:a4:c7:48:84:f7:ee:56:55:4a:
                    20:b1:dd:be:6e:d1:dd:6c:9c:22:fd:e3:68:75:3d:
                    34:c7:80:db:81:c5:ed:bf:a6:b3:4b:38:04:0d:79:
                    e6:87:32:7d:ff:72:88:d7:fa:51:b4:a0:e5:ef:07:
                    3c:6a:f3:6e:4f:1c:31:35:87:63:6d:49:fb:59:65:
                    bb:c8:8c:73:4b:fe:0f:b5:7b:4a:34:3c:86:78:e1:
                    74:5a:84:a4:06:0f:22:6c:8f:50:7d:bb:a0:14:74:
                    04:35:43:3c:ec:28:5f:b5:6f:23:6e:0c:d0:92:4d:
                    59:af:37:10:fb:47:63:de:7b:c4:c4:a2:9a:bd:98:
                    ce:29:06:b2:ea:7c:43:e9:13:51:51:be:b6:0d:ef:
                    00:e0:27:c6:0c:b2:c9:9a:96:3c:13:b4:fe:99:f7:
                    35:13:d1:21:7a:b7:a0:2d:2f:b4:6c:06:ba:da:46:
                    59:81:e0:4a:1e:d9:e9:8d:54:e4:7b:af:74:48:5c:
                    67:58:34:dd:b6:a1:7c:e0:1b:ba:90:74:cc:38:07:
                    c2:3f:bf:23:e3:08:de:84:99:c9:9a:c2:55:32:70:
                    06:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:B1:9C:C0:8D:B9:55:F2:25:C7:2B:CB:F9:B1:47:09:94:2D:F9:03
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136342e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:ef:1c:d5:e6:cf:fd:0b:99:f5:1b:cd:10:cf:9c:a2:0d:0b:
         3c:22:70:ab:7c:cb:88:a9:51:ec:34:1c:f5:6a:c7:f2:37:a2:
         25:09:ee:a5:fd:4f:d3:0b:cb:24:e5:53:0b:cf:09:64:d8:63:
         b6:9c:34:e8:49:51:00:c9:24:7c:7c:de:49:f2:07:92:7e:40:
         9a:96:82:8e:22:2b:a5:e2:d3:30:41:d5:e4:ef:3d:ac:c7:52:
         60:c0:bb:4f:5b:3c:8b:d8:62:fa:83:c9:82:b3:10:2a:88:2e:
         ba:04:09:b5:6b:ac:29:91:94:44:11:4a:89:98:67:95:2d:2d:
         3c:6f:80:4f:d3:00:80:72:15:50:52:d7:9c:96:dc:4b:1a:52:
         72:8f:7e:2b:56:93:a8:48:9e:fd:20:f7:9f:87:c5:aa:e5:00:
         2f:a4:19:e0:11:f3:7a:cc:86:1c:3e:6d:f9:48:01:ed:38:19:
         a1:43:62:46:c2:7d:16:9e:16:33:ca:aa:fe:82:12:c4:5c:1c:
         56:4a:39:d3:30:c0:1d:8e:85:b8:94:5a:e8:89:24:e3:5e:4e:
         53:ca:d8:9f:18:68:13:ba:de:1c:a6:b6:f8:dc:7b:62:0a:73:
         f6:af:4b:0b:12:c1:c3:ae:47:8e:5f:6d:11:31:c5:ba:e9:c1:
         4a:f2:ac:41
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUJD654dx0QkYO+AoqWejPyZJRmM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTU1MDRaFw0yNTA5MDMxNjAwMDRaMDMxMTAvBgNV
BAMTKDI0QjE5Q0MwOERCOTU1RjIyNUM3MkJDQkY5QjE0NzA5OTQyREY5MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0A9IYdBqvjIB9PwUVwvRyYyLg
tsMIvsiFW/uMxdjjzwzA+KTHSIT37lZVSiCx3b5u0d1snCL942h1PTTHgNuBxe2/
prNLOAQNeeaHMn3/cojX+lG0oOXvBzxq825PHDE1h2NtSftZZbvIjHNL/g+1e0o0
PIZ44XRahKQGDyJsj1B9u6AUdAQ1QzzsKF+1byNuDNCSTVmvNxD7R2Pee8TEopq9
mM4pBrLqfEPpE1FRvrYN7wDgJ8YMssmaljwTtP6Z9zUT0SF6t6AtL7RsBrraRlmB
4Eoe2emNVOR7r3RIXGdYNN22oXzgG7qQdMw4B8I/vyPjCN6EmcmawlUycAb3AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUJLGcwI25VfIlxyvL+bFHCZQt+QMwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNjM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEpDAN
BgkqhkiG9w0BAQsFAAOCAQEAiu8c1ebP/QuZ9RvNEM+cog0LPCJwq3zLiKlR7DQc
9WrH8jeiJQnupf1P0wvLJOVTC88JZNhjtpw06ElRAMkkfHzeSfIHkn5AmpaCjiIr
peLTMEHV5O89rMdSYMC7T1s8i9hi+oPJgrMQKoguugQJtWusKZGURBFKiZhnlS0t
PG+AT9MAgHIVUFLXnJbcSxpSco9+K1aTqEie/SD3n4fFquUAL6QZ4BHzesyGHD5t
+UgB7TgZoUNiRsJ9Fp4WM8qq/oISxFwcVko50zDAHY6FuJRa6Ikk415OU8rYnxho
E7reHKa2+Nx7Ygpz9q9LCxLBw65Hjl9tETHFuunBSvKsQQ==
-----END CERTIFICATE-----
Generated at Mon Dec 9 08:51:40 2024 by rpki-client on console-fra.rpki-client.org