Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137322e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3137322e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          G/Ehu0sUzmphtpllJxEn9wta9lZO04O48+zcKUKjnGI=
Subject key identifier:   10:72:67:87:31:57:7A:B8:66:2E:89:F4:C5:C0:65:4D:87:D9:57:9E
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       4A6B9A0C2D28D3EB07F8C64BDDF687FED5F8405F
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137322e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 16:05:00 +0000
ROA not before:           Wed 04 Sep 2024 16:00:00 +0000
ROA not after:            Wed 03 Sep 2025 16:05:00 +0000
asID:                     28403
IP address blocks:        200.68.172.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:6b:9a:0c:2d:28:d3:eb:07:f8:c6:4b:dd:f6:87:fe:d5:f8:40:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 16:00:00 2024 GMT
            Not After : Sep  3 16:05:00 2025 GMT
        Subject: CN=1072678731577AB8662E89F4C5C0654D87D9579E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:45:7f:c8:47:2b:92:f8:ee:91:b2:f6:bf:ec:
                    78:26:98:25:15:d4:fc:25:ff:37:88:a0:64:51:b9:
                    df:c8:58:bc:f7:42:b1:0d:4d:60:4e:ee:e4:cc:9d:
                    5a:04:f6:92:43:86:d9:5c:40:3c:ad:22:9f:95:5d:
                    90:e2:2d:b6:34:2b:0e:49:c8:55:e5:9b:43:78:1c:
                    47:39:74:99:ff:f1:f4:50:5d:34:ed:89:69:e8:59:
                    5e:01:6d:75:a3:20:c3:11:90:26:60:68:69:b7:0b:
                    ac:96:50:03:6e:4b:19:dd:49:bb:99:71:54:28:e8:
                    23:b9:43:6b:59:ec:14:6c:ee:4a:69:9e:55:04:a8:
                    2e:7d:8d:5f:6b:5c:aa:6f:86:f4:29:42:52:4a:69:
                    41:15:56:3e:97:bb:80:2b:60:6e:33:50:01:f2:d3:
                    31:3a:48:3c:73:7b:a7:e4:87:93:98:e3:30:1c:da:
                    f6:b8:db:b6:6d:36:b4:8d:a2:1d:55:ed:e5:bc:cc:
                    1e:e9:80:1a:e8:99:b0:a9:96:91:c9:c4:65:07:54:
                    5b:2d:1d:30:8c:54:42:62:0d:75:a0:64:97:29:fa:
                    0a:9d:e2:8c:c5:5e:b7:15:27:0a:24:6a:af:2a:8e:
                    56:78:a9:78:50:b6:14:cc:9e:b9:9f:9c:e9:84:a5:
                    ea:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:72:67:87:31:57:7A:B8:66:2E:89:F4:C5:C0:65:4D:87:D9:57:9E
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137322e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:f3:33:fe:0d:03:64:fc:9a:be:a6:5b:d5:4e:01:37:c4:f6:
         ac:4b:ad:3c:b2:84:12:a1:28:76:7e:af:39:d2:93:8d:8c:81:
         18:57:99:a0:31:49:dd:fb:5b:6d:da:10:67:6b:ac:ed:48:de:
         31:d5:a2:3e:7f:de:6e:40:06:5e:94:01:93:f5:12:dd:b6:b0:
         f3:cb:22:37:25:97:a8:6c:76:b4:82:de:8d:24:0c:56:f2:23:
         87:35:67:85:41:ad:78:d8:ae:a3:44:08:40:6f:02:e6:62:49:
         8d:b0:29:dc:23:34:f1:01:1b:5d:40:b9:eb:95:4a:b4:e0:6f:
         ec:bd:22:a5:69:79:cf:6e:53:9a:fa:be:a6:45:08:58:b3:1a:
         df:66:91:8d:9f:43:02:a6:d7:18:39:43:e2:68:4f:95:6e:6d:
         1b:4b:dd:ed:c8:60:6d:fc:a5:22:12:b8:9b:4f:b1:23:72:29:
         0c:fe:df:91:a6:b7:41:28:65:7b:eb:bf:c6:b2:42:3a:04:f0:
         57:a7:f0:25:f2:d2:ef:3b:5b:e2:9a:98:52:30:f5:70:3b:b7:
         15:aa:40:3f:59:b2:41:dd:3d:6b:c7:5c:f3:2f:2e:a5:89:13:
         e8:3c:1f:fe:40:4d:c0:31:a9:56:ea:b8:4e:82:f6:2d:f6:3f:
         d8:dd:50:50
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUSmuaDC0o0+sH+MZL3faH/tX4QF8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNjAwMDBaFw0yNTA5MDMxNjA1MDBaMDMxMTAvBgNV
BAMTKDEwNzI2Nzg3MzE1NzdBQjg2NjJFODlGNEM1QzA2NTREODdEOTU3OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxRX/IRyuS+O6Rsva/7HgmmCUV
1Pwl/zeIoGRRud/IWLz3QrENTWBO7uTMnVoE9pJDhtlcQDytIp+VXZDiLbY0Kw5J
yFXlm0N4HEc5dJn/8fRQXTTtiWnoWV4BbXWjIMMRkCZgaGm3C6yWUANuSxndSbuZ
cVQo6CO5Q2tZ7BRs7kppnlUEqC59jV9rXKpvhvQpQlJKaUEVVj6Xu4ArYG4zUAHy
0zE6SDxze6fkh5OY4zAc2va427ZtNrSNoh1V7eW8zB7pgBrombCplpHJxGUHVFst
HTCMVEJiDXWgZJcp+gqd4ozFXrcVJwokaq8qjlZ4qXhQthTMnrmfnOmEpepfAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUEHJnhzFXerhmLon0xcBlTYfZV54wHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNzMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhErDAN
BgkqhkiG9w0BAQsFAAOCAQEAYPMz/g0DZPyavqZb1U4BN8T2rEutPLKEEqEodn6v
OdKTjYyBGFeZoDFJ3ftbbdoQZ2us7UjeMdWiPn/ebkAGXpQBk/US3baw88siNyWX
qGx2tILejSQMVvIjhzVnhUGteNiuo0QIQG8C5mJJjbAp3CM08QEbXUC565VKtOBv
7L0ipWl5z25Tmvq+pkUIWLMa32aRjZ9DAqbXGDlD4mhPlW5tG0vd7chgbfylIhK4
m0+xI3IpDP7fkaa3QShle+u/xrJCOgTwV6fwJfLS7ztb4pqYUjD1cDu3FapAP1my
Qd09a8dc8y8upYkT6Dwf/kBNwDGpVuq4ToL2LfY/2N1QUA==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org