Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137362e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3137362e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          NnhlRtt6/1/IpQgyEYyWILlid4eGUsawqFS3FzvGD8M=
Subject key identifier:   98:D4:97:FB:16:6E:3E:DE:D9:B4:28:77:E9:A0:E8:3C:2E:A7:17:F0
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       52FA0BC26F1ECA9AE7FF083807060F692C9EF7F3
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137362e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 22:05:00 +0000
ROA not before:           Wed 04 Sep 2024 22:00:00 +0000
ROA not after:            Wed 03 Sep 2025 22:05:00 +0000
asID:                     28403
IP address blocks:        200.68.176.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:fa:0b:c2:6f:1e:ca:9a:e7:ff:08:38:07:06:0f:69:2c:9e:f7:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 22:00:00 2024 GMT
            Not After : Sep  3 22:05:00 2025 GMT
        Subject: CN=98D497FB166E3EDED9B42877E9A0E83C2EA717F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b3:b8:b7:1b:02:84:a4:cd:b1:75:e8:89:1c:
                    4b:b3:31:c2:1d:55:c3:f5:a0:7e:26:18:b7:23:0f:
                    7e:f6:3a:f6:63:bc:c3:42:0b:fa:cb:19:24:76:d9:
                    23:4c:59:b3:e4:1f:21:b4:d4:68:82:19:49:20:4e:
                    24:f4:63:23:86:eb:bd:bd:f5:9b:a0:8b:91:a5:93:
                    64:1a:f8:7c:59:3c:da:f1:81:5b:f4:86:f0:45:e9:
                    ab:97:df:b7:50:ca:2a:df:01:c4:3b:b1:3a:d7:c9:
                    06:fc:2c:ca:a4:77:9f:55:fd:41:fa:33:d9:fc:f3:
                    0b:3f:73:14:b4:78:24:d0:03:6f:22:bc:d1:27:2a:
                    b3:1c:2b:c6:dc:5d:fd:ed:c9:18:1f:6f:d1:ce:0e:
                    ab:fb:44:2d:26:a8:c3:81:f8:bc:2b:8e:ee:92:8a:
                    78:6c:51:89:dd:91:91:06:b7:47:d0:b6:ca:f7:5e:
                    8f:d0:d5:87:4c:a7:f0:3f:05:ce:36:21:b0:b1:a4:
                    24:a4:aa:b4:ef:10:72:05:14:bc:7a:ee:51:97:e5:
                    90:b2:4f:47:8d:9c:bf:30:aa:3d:57:e3:ae:09:7c:
                    9c:b8:f5:9a:65:b2:b7:d6:97:34:d6:89:ed:18:41:
                    be:17:f0:99:a1:37:8c:86:04:38:2f:87:57:79:c8:
                    a5:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:D4:97:FB:16:6E:3E:DE:D9:B4:28:77:E9:A0:E8:3C:2E:A7:17:F0
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137362e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:52:e9:b2:83:78:d3:9e:b4:4e:de:5b:72:f0:fa:b2:ac:c8:
         f4:73:5c:54:07:74:0f:23:e5:ae:0a:75:60:23:d8:ff:de:cc:
         af:04:99:fa:96:0f:46:a0:2c:4d:b4:7b:92:31:0b:bd:d4:f9:
         4f:a9:57:a1:9d:61:23:9f:d7:21:37:ae:39:81:d8:3d:0a:8f:
         71:73:91:d3:a6:bd:4d:f8:a7:50:ab:5e:3d:41:03:ef:4e:03:
         2a:1f:d4:da:84:d9:9d:4d:11:ac:6f:51:2e:ca:3b:18:1b:c6:
         08:a8:40:7a:93:16:6b:a6:4f:3e:2d:43:44:14:f0:fe:97:76:
         36:28:4c:ff:36:77:fd:44:58:45:9b:d7:00:e1:8a:a5:a0:ed:
         d7:00:de:22:c5:e8:0a:1d:1f:4b:0b:81:30:8c:0d:4b:1e:e4:
         c9:43:6d:8a:5a:b7:6d:dc:8d:02:04:26:b0:63:c7:c3:ce:5d:
         c8:58:ac:5d:89:70:e5:1d:eb:da:60:f0:99:10:2c:5a:52:c0:
         5e:59:6a:38:a5:06:34:21:c4:0d:d2:29:fb:91:bc:ce:2f:c9:
         de:83:df:39:8b:ab:cf:44:0e:a0:a6:91:c5:56:89:37:c3:89:
         4e:9a:bd:df:dc:d7:8f:1c:93:f1:49:3e:c1:35:44:8f:a8:5c:
         83:f6:fc:2b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUUvoLwm8eyprn/wg4BwYPaSye9/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQyMjAwMDBaFw0yNTA5MDMyMjA1MDBaMDMxMTAvBgNV
BAMTKDk4RDQ5N0ZCMTY2RTNFREVEOUI0Mjg3N0U5QTBFODNDMkVBNzE3RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2s7i3GwKEpM2xdeiJHEuzMcId
VcP1oH4mGLcjD372OvZjvMNCC/rLGSR22SNMWbPkHyG01GiCGUkgTiT0YyOG6729
9Zugi5Glk2Qa+HxZPNrxgVv0hvBF6auX37dQyirfAcQ7sTrXyQb8LMqkd59V/UH6
M9n88ws/cxS0eCTQA28ivNEnKrMcK8bcXf3tyRgfb9HODqv7RC0mqMOB+Lwrju6S
inhsUYndkZEGt0fQtsr3Xo/Q1YdMp/A/Bc42IbCxpCSkqrTvEHIFFLx67lGX5ZCy
T0eNnL8wqj1X464JfJy49ZplsrfWlzTWie0YQb4X8JmhN4yGBDgvh1d5yKXTAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUmNSX+xZuPt7ZtCh36aDoPC6nF/AwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNzM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEsDAN
BgkqhkiG9w0BAQsFAAOCAQEALFLpsoN40560Tt5bcvD6sqzI9HNcVAd0DyPlrgp1
YCPY/97MrwSZ+pYPRqAsTbR7kjELvdT5T6lXoZ1hI5/XITeuOYHYPQqPcXOR06a9
TfinUKtePUED704DKh/U2oTZnU0RrG9RLso7GBvGCKhAepMWa6ZPPi1DRBTw/pd2
NihM/zZ3/URYRZvXAOGKpaDt1wDeIsXoCh0fSwuBMIwNSx7kyUNtilq3bdyNAgQm
sGPHw85dyFisXYlw5R3r2mDwmRAsWlLAXllqOKUGNCHEDdIp+5G8zi/J3oPfOYur
z0QOoKaRxVaJN8OJTpq939zXjxyT8Uk+wTVEj6hcg/b8Kw==
-----END CERTIFICATE-----
Generated at Mon Dec 9 08:51:40 2024 by rpki-client on console-fra.rpki-client.org