Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137312e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3137312e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          U044WTEe5OpaPqYiXrW3Dx3LEMqEokUsFWTHqi28L4c=
Subject key identifier:   16:3F:37:69:78:A1:3B:C4:22:AA:46:D2:8C:97:E9:09:C2:4E:AD:DB
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       02A78DCEE4D610CA34EE990401ADB9171BB225B8
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137312e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 16:05:01 +0000
ROA not before:           Wed 04 Sep 2024 16:00:01 +0000
ROA not after:            Wed 03 Sep 2025 16:05:01 +0000
asID:                     28403
IP address blocks:        200.68.171.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:a7:8d:ce:e4:d6:10:ca:34:ee:99:04:01:ad:b9:17:1b:b2:25:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 16:00:01 2024 GMT
            Not After : Sep  3 16:05:01 2025 GMT
        Subject: CN=163F376978A13BC422AA46D28C97E909C24EADDB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:f7:eb:68:46:7c:80:f6:db:ad:19:ac:8e:57:
                    f1:0d:1f:3f:6c:c2:4d:ef:03:f0:c5:31:92:d0:a8:
                    82:88:0b:40:ca:1e:30:e9:cf:3e:19:c7:74:0a:58:
                    de:55:80:ef:ea:6f:c5:de:ef:0c:94:e7:30:2b:85:
                    0f:dc:54:3b:30:04:c3:0a:70:df:2f:9c:b5:60:a2:
                    34:c7:1d:7d:de:f6:6a:48:db:b0:41:91:5d:e1:0b:
                    b1:b4:67:71:f9:d9:27:02:3d:1d:47:a5:b9:6a:10:
                    e8:8a:8c:21:c5:74:30:bf:98:73:83:13:68:87:55:
                    08:74:31:7b:dd:c8:bd:4f:d9:10:5a:d4:57:77:2a:
                    64:61:ac:fe:4d:52:2e:16:eb:d0:3d:87:a2:be:01:
                    94:e6:43:87:87:c9:8e:83:66:0e:b8:e7:c2:ab:76:
                    90:36:cb:48:1e:e4:19:4f:98:5a:2d:e9:73:25:b9:
                    58:8f:68:ab:bb:75:a2:4d:c3:90:23:bc:d1:31:02:
                    9e:9c:71:30:bb:56:9a:37:4b:77:9e:ac:5f:cd:8c:
                    22:52:b8:47:43:53:07:e1:19:4b:79:12:63:2b:34:
                    c8:d1:b5:c9:65:21:a8:dc:22:1f:24:ac:05:70:29:
                    1e:58:f3:a2:93:84:5a:24:0a:b7:1a:9e:dc:27:df:
                    cb:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:3F:37:69:78:A1:3B:C4:22:AA:46:D2:8C:97:E9:09:C2:4E:AD:DB
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137312e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:c2:3c:61:c0:93:27:00:d9:e9:07:a9:a7:5e:09:52:b5:42:
         b8:f0:08:ed:17:6f:97:78:e1:ab:39:d0:3f:04:7f:5c:d4:76:
         d0:ae:2f:32:40:13:a6:66:3d:e9:68:8b:ca:63:a3:20:f8:09:
         cd:f5:6a:ae:d6:f5:c7:fa:0c:75:e7:1f:1b:28:69:cd:cf:79:
         5c:d9:a0:27:63:e8:0f:27:7b:25:fd:f9:d9:e1:b7:5b:57:52:
         97:27:43:d3:3a:5f:3d:02:78:54:dd:49:22:dd:37:9e:b0:d6:
         01:b9:a5:84:29:ad:86:c6:31:63:94:ae:27:ca:61:a5:09:10:
         d6:7b:5a:4a:d5:a1:5c:e1:28:29:6a:60:0f:99:3d:ea:02:d9:
         5d:10:1e:04:d3:e5:9e:ac:54:c2:2d:da:9c:db:ff:f1:4e:9d:
         70:56:57:8d:6c:ea:06:2a:48:c6:f6:93:f7:f3:43:4c:4d:dd:
         ef:22:b7:a0:e9:51:c2:b7:13:68:cc:b1:c6:de:d3:a6:db:fe:
         8e:8f:03:0b:bd:e5:b5:dc:81:8c:aa:d1:09:80:c3:5b:05:dc:
         b6:3b:6b:22:eb:aa:9e:44:7d:bf:3c:9d:ef:00:9e:56:84:91:
         07:ee:d5:6c:83:b9:9f:ac:d8:eb:f4:97:4f:94:44:75:03:46:
         ae:d0:e2:ec
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUAqeNzuTWEMo07pkEAa25FxuyJbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNjAwMDFaFw0yNTA5MDMxNjA1MDFaMDMxMTAvBgNV
BAMTKDE2M0YzNzY5NzhBMTNCQzQyMkFBNDZEMjhDOTdFOTA5QzI0RUFEREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa9+toRnyA9tutGayOV/ENHz9s
wk3vA/DFMZLQqIKIC0DKHjDpzz4Zx3QKWN5VgO/qb8Xe7wyU5zArhQ/cVDswBMMK
cN8vnLVgojTHHX3e9mpI27BBkV3hC7G0Z3H52ScCPR1HpblqEOiKjCHFdDC/mHOD
E2iHVQh0MXvdyL1P2RBa1Fd3KmRhrP5NUi4W69A9h6K+AZTmQ4eHyY6DZg6458Kr
dpA2y0ge5BlPmFot6XMluViPaKu7daJNw5AjvNExAp6ccTC7Vpo3S3eerF/NjCJS
uEdDUwfhGUt5EmMrNMjRtcllIajcIh8krAVwKR5Y86KThFokCrcantwn38s9AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUFj83aXihO8QiqkbSjJfpCcJOrdswHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNzMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEqzAN
BgkqhkiG9w0BAQsFAAOCAQEALsI8YcCTJwDZ6Qepp14JUrVCuPAI7Rdvl3jhqznQ
PwR/XNR20K4vMkATpmY96WiLymOjIPgJzfVqrtb1x/oMdecfGyhpzc95XNmgJ2Po
Dyd7Jf352eG3W1dSlydD0zpfPQJ4VN1JIt03nrDWAbmlhCmthsYxY5SuJ8phpQkQ
1ntaStWhXOEoKWpgD5k96gLZXRAeBNPlnqxUwi3anNv/8U6dcFZXjWzqBipIxvaT
9/NDTE3d7yK3oOlRwrcTaMyxxt7Tptv+jo8DC73ltdyBjKrRCYDDWwXctjtrIuuq
nkR9vzyd7wCeVoSRB+7VbIO5n6zY6/SXT5REdQNGrtDi7A==
-----END CERTIFICATE-----
Generated at Mon Dec 9 08:51:40 2024 by rpki-client on console-fra.rpki-client.org