Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137372e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3137372e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          ydJCwj3a/zAjkKKvIno56+zbeXGyonmnmPDxdbcs60U=
Subject key identifier:   D8:29:AB:87:48:C6:D2:56:D7:FD:5E:25:FE:B4:A0:A3:11:28:E6:3E
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       5B0F2FF936CC1986A02846980E6BAB904AB43075
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137372e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 22:05:00 +0000
ROA not before:           Wed 04 Sep 2024 22:00:00 +0000
ROA not after:            Wed 03 Sep 2025 22:05:00 +0000
asID:                     28403
IP address blocks:        200.68.177.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:0f:2f:f9:36:cc:19:86:a0:28:46:98:0e:6b:ab:90:4a:b4:30:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 22:00:00 2024 GMT
            Not After : Sep  3 22:05:00 2025 GMT
        Subject: CN=D829AB8748C6D256D7FD5E25FEB4A0A31128E63E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:5f:41:32:36:1a:70:f3:38:20:2d:ff:00:97:
                    3e:ff:9f:55:9f:cb:10:1a:80:31:16:25:33:42:e0:
                    a2:8b:34:0a:00:69:71:ba:44:e8:e5:28:48:36:94:
                    e3:45:57:8e:4d:d9:28:06:bd:4f:da:a1:04:48:93:
                    53:9e:d8:f6:79:8e:32:ea:7d:66:78:a5:55:00:46:
                    47:51:99:e1:d6:41:f3:47:96:9c:a9:8f:a2:6c:13:
                    06:b5:1c:98:eb:8c:25:c5:f2:d3:1b:10:25:8c:86:
                    e6:b8:36:66:ab:a4:c0:56:08:00:f6:81:1b:c6:fe:
                    1c:2c:67:7f:c3:b5:10:fc:9a:85:43:8c:ef:81:aa:
                    c0:dc:60:51:e2:cf:5f:95:50:6d:b1:cc:52:75:29:
                    0a:ba:ca:15:56:9b:79:87:fe:22:4f:e8:a4:1e:81:
                    a5:82:db:2a:00:fa:82:62:d9:58:f3:57:cd:80:43:
                    81:c2:7a:4b:22:57:49:54:56:bb:72:bb:90:8c:8d:
                    45:51:ac:0f:68:14:34:47:b8:db:f6:d0:eb:b4:68:
                    56:7a:27:eb:59:ee:93:6e:6b:bc:69:c6:6e:c4:01:
                    c8:25:17:1d:07:d2:1a:0f:8a:3e:37:69:24:4a:42:
                    c5:f3:93:c3:ab:f8:ba:0a:e0:7f:ef:a1:d2:b9:27:
                    a0:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:29:AB:87:48:C6:D2:56:D7:FD:5E:25:FE:B4:A0:A3:11:28:E6:3E
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137372e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:57:f9:41:5b:48:54:3b:ac:1f:87:ef:81:b5:7b:09:79:5b:
         e8:f3:71:83:24:72:be:4b:f1:6f:a3:a3:8b:34:64:de:91:b2:
         3a:57:3a:8d:e5:3f:d8:87:79:ca:68:62:2b:67:20:fa:8b:38:
         cb:51:8b:56:da:35:d5:2b:a2:1e:26:1d:31:5b:66:d3:53:c7:
         20:00:8e:91:8d:db:cd:fd:ef:3e:4f:d9:d6:ee:21:5f:45:ba:
         c9:51:b4:9e:57:35:60:45:61:2e:91:67:4e:3a:9d:14:b2:d1:
         50:d7:d9:3f:8a:76:ba:ec:44:b8:c9:19:4d:9e:cd:aa:51:ce:
         a4:4b:b1:8b:b5:47:59:2f:4e:1e:4b:68:2e:5e:10:53:d3:14:
         9a:98:4d:86:03:af:b2:06:14:8b:01:59:5b:51:7e:4e:5f:e6:
         75:1e:75:aa:91:71:a3:69:b7:b5:64:44:ee:2d:2b:12:3f:b0:
         bc:4c:d7:85:48:b2:6f:8b:04:9c:91:cb:c3:a7:ab:6f:d5:c3:
         13:b4:ff:5b:14:53:4c:72:6c:75:d4:7b:19:c6:0e:33:e8:d7:
         0f:01:5f:af:ce:2e:da:07:58:e9:7a:aa:16:08:68:9f:20:ee:
         8a:f2:24:e8:61:00:1a:8f:a9:82:a6:4d:77:03:47:5e:d2:b5:
         91:74:03:7e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUWw8v+TbMGYagKEaYDmurkEq0MHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQyMjAwMDBaFw0yNTA5MDMyMjA1MDBaMDMxMTAvBgNV
BAMTKEQ4MjlBQjg3NDhDNkQyNTZEN0ZENUUyNUZFQjRBMEEzMTEyOEU2M0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYX0EyNhpw8zggLf8Alz7/n1Wf
yxAagDEWJTNC4KKLNAoAaXG6ROjlKEg2lONFV45N2SgGvU/aoQRIk1Oe2PZ5jjLq
fWZ4pVUARkdRmeHWQfNHlpypj6JsEwa1HJjrjCXF8tMbECWMhua4NmarpMBWCAD2
gRvG/hwsZ3/DtRD8moVDjO+BqsDcYFHiz1+VUG2xzFJ1KQq6yhVWm3mH/iJP6KQe
gaWC2yoA+oJi2VjzV82AQ4HCeksiV0lUVrtyu5CMjUVRrA9oFDRHuNv20Ou0aFZ6
J+tZ7pNua7xpxm7EAcglFx0H0hoPij43aSRKQsXzk8Or+LoK4H/vodK5J6B5AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU2Cmrh0jG0lbX/V4l/rSgoxEo5j4wHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNzM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEsTAN
BgkqhkiG9w0BAQsFAAOCAQEAK1f5QVtIVDusH4fvgbV7CXlb6PNxgyRyvkvxb6Oj
izRk3pGyOlc6jeU/2Id5ymhiK2cg+os4y1GLVto11SuiHiYdMVtm01PHIACOkY3b
zf3vPk/Z1u4hX0W6yVG0nlc1YEVhLpFnTjqdFLLRUNfZP4p2uuxEuMkZTZ7NqlHO
pEuxi7VHWS9OHktoLl4QU9MUmphNhgOvsgYUiwFZW1F+Tl/mdR51qpFxo2m3tWRE
7i0rEj+wvEzXhUiyb4sEnJHLw6erb9XDE7T/WxRTTHJsddR7GcYOM+jXDwFfr84u
2gdY6XqqFghonyDuivIk6GEAGo+pgqZNdwNHXtK1kXQDfg==
-----END CERTIFICATE-----
Generated at Mon Dec 9 08:51:40 2024 by rpki-client on console-fra.rpki-client.org