Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137382e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3137382e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          sSaroSKoyfXbzRyVmoLgZE0LctEZWY9rWYLkMZCZoFs=
Subject key identifier:   AD:60:CA:A6:3E:83:D4:70:1A:F9:BB:B0:E4:D7:CE:33:23:79:A6:E3
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       5C5DCE4CE5B5F7051873FE6A315CDE20C3C17E5B
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137382e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 11 Sep 2024 16:00:02 +0000
ROA not before:           Wed 11 Sep 2024 15:55:02 +0000
ROA not after:            Wed 10 Sep 2025 16:00:02 +0000
asID:                     28403
IP address blocks:        200.68.178.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:5d:ce:4c:e5:b5:f7:05:18:73:fe:6a:31:5c:de:20:c3:c1:7e:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep 11 15:55:02 2024 GMT
            Not After : Sep 10 16:00:02 2025 GMT
        Subject: CN=AD60CAA63E83D4701AF9BBB0E4D7CE332379A6E3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:27:08:53:36:bb:dc:8a:b5:aa:55:a3:92:27:
                    21:05:ac:03:a7:71:6b:b8:05:36:3c:57:6b:08:48:
                    55:b7:13:31:08:c3:4b:b5:4c:c9:f7:6d:fe:29:37:
                    08:ea:c6:1a:77:ad:16:91:22:7d:72:e6:53:d2:53:
                    bd:17:79:c5:06:a5:3a:fe:e7:a1:ea:ba:c0:67:0a:
                    47:1f:a7:c7:3c:98:d8:45:e1:02:37:b4:43:fd:0c:
                    e5:b0:73:d3:9b:ef:c7:ac:1b:11:a1:27:f5:ef:b9:
                    62:5d:79:fe:dd:59:1c:cd:3f:7a:6d:ef:91:87:2b:
                    c5:3e:66:f9:c0:d2:6e:2c:70:89:25:57:c6:19:1d:
                    a5:69:15:f8:74:da:5f:ac:e0:2b:bf:32:39:81:9c:
                    65:94:dc:74:16:24:a1:9c:4d:6a:a1:29:2d:2c:48:
                    b4:70:36:64:c2:f7:7c:2e:90:16:d6:51:0f:06:99:
                    fe:43:44:9b:d0:74:fd:33:2a:72:81:96:83:66:eb:
                    ad:43:d2:1f:60:de:b5:5e:a3:25:16:92:5d:fc:0f:
                    79:b7:a0:c0:bf:ad:dc:06:76:1c:c5:a7:f0:bc:6c:
                    01:b1:d7:4d:82:1b:6c:3e:3f:f4:cb:ee:0b:21:3f:
                    d2:6a:8a:7a:2d:f9:12:45:fc:cf:ce:d9:37:c5:b8:
                    62:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:60:CA:A6:3E:83:D4:70:1A:F9:BB:B0:E4:D7:CE:33:23:79:A6:E3
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137382e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:7c:85:3f:9b:cd:0d:32:07:ad:c3:a2:71:60:5f:4b:8d:61:
         35:86:3e:90:5f:e9:29:1d:e0:c8:64:c5:f8:e5:78:19:80:5b:
         61:7c:56:3c:28:d0:54:49:1a:7f:2c:3e:c6:71:33:42:85:e2:
         a7:e0:2d:ac:99:b0:78:71:83:cf:41:b3:dc:13:66:94:59:df:
         61:12:aa:43:d2:15:d3:77:38:cf:bd:5f:78:c2:f8:9b:c1:32:
         9a:e7:f8:97:76:bb:fe:d0:48:a5:0d:5f:ab:7b:a0:27:9f:8f:
         c4:96:c7:e1:a1:97:13:6a:5f:f7:1d:04:6d:06:05:cc:e4:b7:
         9b:de:be:6a:e5:84:4a:d8:f4:f1:5f:21:7e:36:fc:0a:1e:96:
         8a:b5:c6:b2:4e:93:97:2c:e8:1e:4a:5c:c7:06:5a:17:b5:04:
         aa:c3:15:24:8c:f8:fb:70:ce:6d:b5:da:19:49:cb:d1:df:2b:
         05:b8:20:00:65:3c:53:b9:83:76:70:80:a7:b8:bd:f8:1e:42:
         ec:95:70:91:67:2e:02:29:84:b0:87:34:75:be:dd:86:41:81:
         03:47:86:23:03:06:a3:59:d4:9c:63:ff:be:e9:73:ca:5e:ad:
         48:ab:7f:28:7b:94:ff:b0:07:cc:c1:51:b3:61:f0:25:3e:77:
         a3:a1:0d:ad
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUXF3OTOW19wUYc/5qMVzeIMPBflswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MTExNTU1MDJaFw0yNTA5MTAxNjAwMDJaMDMxMTAvBgNV
BAMTKEFENjBDQUE2M0U4M0Q0NzAxQUY5QkJCMEU0RDdDRTMzMjM3OUE2RTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3JwhTNrvcirWqVaOSJyEFrAOn
cWu4BTY8V2sISFW3EzEIw0u1TMn3bf4pNwjqxhp3rRaRIn1y5lPSU70XecUGpTr+
56HqusBnCkcfp8c8mNhF4QI3tEP9DOWwc9Ob78esGxGhJ/XvuWJdef7dWRzNP3pt
75GHK8U+ZvnA0m4scIklV8YZHaVpFfh02l+s4Cu/MjmBnGWU3HQWJKGcTWqhKS0s
SLRwNmTC93wukBbWUQ8Gmf5DRJvQdP0zKnKBloNm661D0h9g3rVeoyUWkl38D3m3
oMC/rdwGdhzFp/C8bAGx102CG2w+P/TL7gshP9Jqinot+RJF/M/O2TfFuGIlAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUrWDKpj6D1HAa+buw5NfOMyN5puMwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNzM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEsjAN
BgkqhkiG9w0BAQsFAAOCAQEAHnyFP5vNDTIHrcOicWBfS41hNYY+kF/pKR3gyGTF
+OV4GYBbYXxWPCjQVEkafyw+xnEzQoXip+AtrJmweHGDz0Gz3BNmlFnfYRKqQ9IV
03c4z71feML4m8Eymuf4l3a7/tBIpQ1fq3ugJ5+PxJbH4aGXE2pf9x0EbQYFzOS3
m96+auWEStj08V8hfjb8Ch6WirXGsk6TlyzoHkpcxwZaF7UEqsMVJIz4+3DObbXa
GUnL0d8rBbggAGU8U7mDdnCAp7i9+B5C7JVwkWcuAimEsIc0db7dhkGBA0eGIwMG
o1nUnGP/vulzyl6tSKt/KHuU/7AHzMFRs2HwJT53o6ENrQ==
-----END CERTIFICATE-----
Generated at Mon Dec 9 08:51:40 2024 by rpki-client on console-fra.rpki-client.org