Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136372e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3136372e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          Vjdr9Jac/XzroXthJ6jscLHUzOeRulwPi4ccVKk3R/o=
Subject key identifier:   D1:2C:3A:A3:7B:31:73:A4:CA:D8:2F:B7:7F:4A:DB:01:21:DD:A2:93
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       3F31C628668A3F6793DC95624B036A61882948AD
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136372e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 16:00:03 +0000
ROA not before:           Wed 04 Sep 2024 15:55:03 +0000
ROA not after:            Wed 03 Sep 2025 16:00:03 +0000
asID:                     28403
IP address blocks:        200.68.167.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:31:c6:28:66:8a:3f:67:93:dc:95:62:4b:03:6a:61:88:29:48:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:55:03 2024 GMT
            Not After : Sep  3 16:00:03 2025 GMT
        Subject: CN=D12C3AA37B3173A4CAD82FB77F4ADB0121DDA293
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:44:c9:1e:b5:4d:95:95:f3:06:73:51:83:21:
                    8c:cf:65:f5:75:a3:f6:24:2f:6b:71:9a:6f:05:36:
                    d9:a5:e8:a9:4c:74:16:25:57:25:83:08:28:40:f4:
                    b5:d0:de:f1:3f:9e:9f:a9:1f:4d:78:0b:ce:f8:a0:
                    b3:f0:76:7f:ec:a3:5f:79:8c:2c:40:bc:56:c5:11:
                    9a:57:60:20:76:5b:57:f5:42:85:7a:7f:c4:4f:c4:
                    70:e7:d8:9f:39:e5:07:5b:ef:d3:f2:35:9d:57:fd:
                    1a:be:e0:2a:61:31:ad:21:49:da:64:42:4d:13:7f:
                    f4:00:18:81:ed:cc:b8:59:94:0c:0e:9e:73:d2:b6:
                    b1:ac:43:e8:db:2c:6d:91:01:9d:b6:13:01:44:41:
                    c3:46:b9:93:51:ba:f2:c1:2e:17:d0:ba:7b:93:cc:
                    8c:f3:41:f0:41:a3:51:b4:30:6d:78:1f:bf:db:a3:
                    52:5c:27:95:30:17:c9:ab:f9:e3:bd:51:fd:63:1e:
                    c2:ba:f8:5e:02:36:db:3c:b6:26:fd:43:d3:c7:2d:
                    56:b8:43:8b:27:39:3b:83:9e:64:aa:18:99:73:70:
                    30:75:53:8f:e6:b6:64:4f:ea:7a:2d:25:81:00:94:
                    37:83:04:73:7c:25:6c:4f:4a:56:5a:ce:06:69:1a:
                    df:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:2C:3A:A3:7B:31:73:A4:CA:D8:2F:B7:7F:4A:DB:01:21:DD:A2:93
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136372e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:e9:ba:01:84:00:b1:6f:dc:fd:6c:31:3c:49:2c:1f:e7:d4:
         22:ed:ed:a8:a8:bd:8d:a6:f7:3c:a5:7b:f6:f6:4a:1e:74:56:
         6d:f7:2b:a6:1a:03:06:d1:6c:26:0d:52:32:d5:71:dc:cd:a0:
         24:18:79:5c:13:ac:43:57:89:0d:71:20:21:2e:d4:48:70:64:
         85:05:e1:ae:17:bb:a4:a7:1f:1d:e3:b5:e7:d1:dc:09:5b:cb:
         26:66:a5:20:24:50:79:d9:51:49:14:c3:9f:f1:44:3a:47:ad:
         49:4c:08:12:00:88:10:9e:95:3f:63:5d:14:fc:92:7b:67:20:
         00:46:6d:d1:a6:8d:0a:9a:c3:b8:5e:3d:78:b8:dd:9d:cd:e9:
         88:8c:4a:b9:58:ca:74:c7:12:82:b7:cf:03:de:b6:55:af:ed:
         07:2e:d1:55:7f:3c:cc:98:37:99:68:00:b8:28:3f:ad:11:59:
         b9:c4:42:d4:8c:57:5c:81:d3:39:2b:ae:78:c1:99:00:21:3c:
         9b:e8:c6:76:2c:f2:15:55:99:9b:b8:23:f7:2b:ec:76:12:e0:
         92:80:94:ff:9a:12:ee:68:02:e9:1a:bb:67:a3:01:23:22:94:
         d9:76:ab:12:59:4f:c0:04:34:49:84:79:20:b9:91:e1:c5:f6:
         6f:92:29:41
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUPzHGKGaKP2eT3JViSwNqYYgpSK0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTU1MDNaFw0yNTA5MDMxNjAwMDNaMDMxMTAvBgNV
BAMTKEQxMkMzQUEzN0IzMTczQTRDQUQ4MkZCNzdGNEFEQjAxMjFEREEyOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9RMketU2VlfMGc1GDIYzPZfV1
o/YkL2txmm8FNtml6KlMdBYlVyWDCChA9LXQ3vE/np+pH014C874oLPwdn/so195
jCxAvFbFEZpXYCB2W1f1QoV6f8RPxHDn2J855Qdb79PyNZ1X/Rq+4CphMa0hSdpk
Qk0Tf/QAGIHtzLhZlAwOnnPStrGsQ+jbLG2RAZ22EwFEQcNGuZNRuvLBLhfQunuT
zIzzQfBBo1G0MG14H7/bo1JcJ5UwF8mr+eO9Uf1jHsK6+F4CNts8tib9Q9PHLVa4
Q4snOTuDnmSqGJlzcDB1U4/mtmRP6notJYEAlDeDBHN8JWxPSlZazgZpGt8bAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU0Sw6o3sxc6TK2C+3f0rbASHdopMwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNjM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEpzAN
BgkqhkiG9w0BAQsFAAOCAQEAI+m6AYQAsW/c/WwxPEksH+fUIu3tqKi9jab3PKV7
9vZKHnRWbfcrphoDBtFsJg1SMtVx3M2gJBh5XBOsQ1eJDXEgIS7USHBkhQXhrhe7
pKcfHeO159HcCVvLJmalICRQedlRSRTDn/FEOketSUwIEgCIEJ6VP2NdFPySe2cg
AEZt0aaNCprDuF49eLjdnc3piIxKuVjKdMcSgrfPA962Va/tBy7RVX88zJg3mWgA
uCg/rRFZucRC1IxXXIHTOSuueMGZACE8m+jGdizyFVWZm7gj9yvsdhLgkoCU/5oS
7mgC6Rq7Z6MBIyKU2XarEllPwAQ0SYR5ILmR4cX2b5IpQQ==
-----END CERTIFICATE-----
Generated at Mon Dec 9 08:51:40 2024 by rpki-client on console-fra.rpki-client.org