Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136382e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3136382e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          3UoS9wKsVLTQjIg7dY/m82vgjYm/CV8AkmsQt4ClCUg=
Subject key identifier:   70:30:76:BD:97:BF:3E:72:77:FC:4A:79:59:90:07:79:82:A9:AA:11
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       0D3A3A5B915DB3DC16978653B3F559576BC79712
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136382e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 16:00:02 +0000
ROA not before:           Wed 04 Sep 2024 15:55:02 +0000
ROA not after:            Wed 03 Sep 2025 16:00:02 +0000
asID:                     28403
IP address blocks:        200.68.168.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:3a:3a:5b:91:5d:b3:dc:16:97:86:53:b3:f5:59:57:6b:c7:97:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 15:55:02 2024 GMT
            Not After : Sep  3 16:00:02 2025 GMT
        Subject: CN=703076BD97BF3E7277FC4A795990077982A9AA11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:19:04:0e:66:68:4d:72:63:d8:fa:52:02:67:
                    ad:e5:bb:16:6c:38:31:b9:0a:53:cd:c0:ca:ff:71:
                    42:85:7d:a2:5f:42:e7:fa:1e:c3:10:74:fa:c2:f2:
                    20:81:0e:29:96:a6:9b:a2:ff:71:e3:d9:9f:95:8f:
                    14:7d:dd:a2:66:44:78:c4:d3:fb:01:ee:62:dc:6f:
                    d8:7b:5b:33:fb:23:0e:ea:82:29:fd:7e:b2:3e:87:
                    bd:55:56:6b:26:67:40:74:b0:8e:09:22:22:91:94:
                    2b:ea:20:3d:6e:fb:07:d5:d2:df:b8:ab:ce:f7:81:
                    5a:52:78:e6:10:7e:8d:a4:c2:02:d7:bc:74:48:80:
                    6f:9f:54:7e:89:a4:8f:97:dc:a3:84:7d:56:95:a2:
                    7c:50:5b:6e:9a:ef:ae:31:73:8d:8b:f6:81:a1:12:
                    be:1e:5c:1b:24:39:8f:f3:ca:da:1c:e1:d0:3f:c8:
                    db:dc:a8:ec:7a:21:f3:93:ec:57:bc:04:cf:4e:53:
                    6f:40:76:f3:95:80:c0:16:23:8f:01:de:f9:9b:aa:
                    9a:19:03:d5:8b:a2:84:fd:4e:c6:d9:fa:d1:5f:50:
                    2f:5a:98:83:73:1a:0d:49:dc:27:a4:a9:29:32:27:
                    8f:fe:cc:34:45:77:a3:0d:09:87:32:25:4e:1e:f1:
                    53:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:30:76:BD:97:BF:3E:72:77:FC:4A:79:59:90:07:79:82:A9:AA:11
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3136382e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:49:34:d1:03:7f:a7:4c:9e:eb:06:20:da:35:c5:16:35:c9:
         83:57:08:a9:f3:4a:c7:13:1f:99:3a:31:ba:d6:89:3a:8b:f0:
         79:cb:9c:7b:e2:ac:71:cb:43:78:c7:bc:57:f3:ed:f6:be:51:
         d9:5c:3b:d0:cc:b6:ff:cd:7d:8b:68:77:83:38:ca:54:be:0a:
         c6:b8:b3:50:39:a6:b0:cb:9a:64:46:9c:4b:b9:3e:a2:05:2c:
         69:37:e8:ab:ab:ee:55:8d:8f:00:0c:31:19:ce:4a:2d:09:71:
         1c:b2:0f:87:ac:5e:4f:49:63:aa:de:55:08:06:57:08:72:5d:
         21:91:3e:ad:b0:4c:34:4a:be:a7:31:7f:52:af:be:c9:a1:7a:
         d1:79:3d:d2:b1:ba:24:bd:29:c8:d9:bf:ba:5c:76:ba:37:8a:
         2b:1a:da:d6:d2:48:1f:16:90:e8:35:31:22:4d:4c:9b:52:5e:
         e4:29:32:8f:37:4a:2b:83:02:48:d4:9e:64:9b:6a:dd:30:a1:
         e6:6f:4b:50:a5:b7:6a:8e:2b:a4:1e:32:fb:f7:e0:62:53:49:
         31:05:01:43:bd:a3:cf:af:4c:d0:86:d2:0c:05:07:65:1c:c1:
         22:60:2a:a4:99:ad:c4:a4:89:dc:b7:56:1c:78:5a:3e:0a:8d:
         6f:cb:27:74
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUDTo6W5Fds9wWl4ZTs/VZV2vHlxIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNTU1MDJaFw0yNTA5MDMxNjAwMDJaMDMxMTAvBgNV
BAMTKDcwMzA3NkJEOTdCRjNFNzI3N0ZDNEE3OTU5OTAwNzc5ODJBOUFBMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqGQQOZmhNcmPY+lICZ63luxZs
ODG5ClPNwMr/cUKFfaJfQuf6HsMQdPrC8iCBDimWppui/3Hj2Z+VjxR93aJmRHjE
0/sB7mLcb9h7WzP7Iw7qgin9frI+h71VVmsmZ0B0sI4JIiKRlCvqID1u+wfV0t+4
q873gVpSeOYQfo2kwgLXvHRIgG+fVH6JpI+X3KOEfVaVonxQW26a764xc42L9oGh
Er4eXBskOY/zytoc4dA/yNvcqOx6IfOT7Fe8BM9OU29AdvOVgMAWI48B3vmbqpoZ
A9WLooT9TsbZ+tFfUC9amINzGg1J3CekqSkyJ4/+zDRFd6MNCYcyJU4e8VNTAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUcDB2vZe/PnJ3/Ep5WZAHeYKpqhEwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNjM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEqDAN
BgkqhkiG9w0BAQsFAAOCAQEAEEk00QN/p0ye6wYg2jXFFjXJg1cIqfNKxxMfmTox
utaJOovwecuce+KscctDeMe8V/Pt9r5R2Vw70My2/819i2h3gzjKVL4KxrizUDmm
sMuaZEacS7k+ogUsaTfoq6vuVY2PAAwxGc5KLQlxHLIPh6xeT0ljqt5VCAZXCHJd
IZE+rbBMNEq+pzF/Uq++yaF60Xk90rG6JL0pyNm/ulx2ujeKKxra1tJIHxaQ6DUx
Ik1Mm1Je5CkyjzdKK4MCSNSeZJtq3TCh5m9LUKW3ao4rpB4y+/fgYlNJMQUBQ72j
z69M0IbSDAUHZRzBImAqpJmtxKSJ3LdWHHhaPgqNb8sndA==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org