Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137392e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3137392e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          me8+266Z5VKpQhHvbZWEE+le5yr+fzUNizTIANK+n8Q=
Subject key identifier:   A2:66:5C:3D:DA:25:B4:CA:AD:40:0B:AF:18:76:FB:D5:F7:58:05:03
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       49E89B2099A26BD2BCB019416C2201191B0B5A3F
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137392e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 11 Sep 2024 16:00:00 +0000
ROA not before:           Wed 11 Sep 2024 15:55:00 +0000
ROA not after:            Wed 10 Sep 2025 16:00:00 +0000
asID:                     28403
IP address blocks:        200.68.179.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:e8:9b:20:99:a2:6b:d2:bc:b0:19:41:6c:22:01:19:1b:0b:5a:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep 11 15:55:00 2024 GMT
            Not After : Sep 10 16:00:00 2025 GMT
        Subject: CN=A2665C3DDA25B4CAAD400BAF1876FBD5F7580503
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:be:3e:1f:39:2d:04:ff:98:9a:41:fa:d9:f8:
                    aa:c6:92:67:28:e1:bf:99:37:d4:14:18:da:4e:df:
                    e6:9d:54:96:33:98:69:d5:82:94:44:61:ce:3d:d4:
                    28:d6:d7:54:a1:15:7e:ce:49:39:28:b1:ea:bb:b3:
                    dc:a0:1d:f1:7a:3a:23:2a:6a:96:11:bf:a2:01:51:
                    26:fc:5f:9b:7b:1c:1a:e2:7f:f7:28:1c:55:92:51:
                    c9:31:43:2f:94:7d:2f:71:ff:fb:78:34:d1:46:cd:
                    db:a5:af:83:5f:a4:9e:21:e4:8a:77:d0:d7:9d:bb:
                    73:ec:f0:e3:4a:74:c7:32:78:e3:30:2e:26:d9:ac:
                    9a:28:24:9f:6b:80:30:9e:3d:e0:93:0c:e2:20:0a:
                    7e:b9:03:24:3c:36:b9:27:76:69:67:2a:c3:dd:4e:
                    2b:d5:0e:63:c8:9e:ff:1f:72:df:4b:54:0b:77:83:
                    52:7c:94:ef:f6:48:24:59:19:68:b4:5a:3f:5a:45:
                    ae:24:f6:73:91:89:f4:8a:5a:22:7e:53:63:2b:03:
                    04:e6:c9:10:7f:ff:34:d1:50:6e:59:2c:01:a0:a4:
                    8f:6d:ca:a0:d4:83:70:c4:df:10:bb:98:e3:ce:ed:
                    06:74:5a:77:cd:9e:56:e4:a0:20:50:9f:a4:28:3e:
                    fa:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:66:5C:3D:DA:25:B4:CA:AD:40:0B:AF:18:76:FB:D5:F7:58:05:03
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137392e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:24:ae:6d:b4:ad:c1:14:b3:79:2b:da:80:35:d1:b2:f0:a1:
         52:a0:eb:a5:33:e5:d0:68:a9:f9:36:1d:58:2a:f2:8a:d2:dc:
         ff:3d:85:54:d1:6c:73:ca:25:48:01:b1:be:65:4a:cf:9d:0e:
         4f:19:34:93:55:16:a9:4e:19:7f:d5:a0:76:af:ae:70:79:bc:
         e3:bc:35:f4:0c:f4:e5:cc:1a:ed:ac:cc:e8:a3:46:f4:06:7c:
         2a:2b:46:8b:1a:5e:e0:42:02:d5:7f:47:b9:7d:03:2e:bc:c9:
         58:d7:f4:65:a4:96:df:38:4d:89:74:c9:f7:ea:f6:54:b1:b2:
         d4:dc:62:3a:da:92:90:b9:7e:31:25:ed:72:55:78:83:88:86:
         6f:f8:06:18:50:44:1e:27:46:f0:7e:cd:73:de:07:69:c9:c4:
         04:8f:85:bd:ea:bc:a8:9c:be:07:15:7e:3c:00:fe:66:22:82:
         5b:3c:be:f7:ba:47:e2:2b:ab:19:31:ba:34:18:dd:68:26:c7:
         eb:d9:03:1d:e4:e5:b8:cb:b1:ff:0a:12:83:31:12:29:dc:13:
         ea:0a:61:6a:bb:3b:d7:03:b5:a2:7b:d1:d2:1d:74:ba:02:ea:
         ed:93:bd:05:f5:0c:1e:09:d5:0d:79:bd:df:c4:38:0a:25:09:
         a2:21:7d:f4
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUSeibIJmia9K8sBlBbCIBGRsLWj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MTExNTU1MDBaFw0yNTA5MTAxNjAwMDBaMDMxMTAvBgNV
BAMTKEEyNjY1QzNEREEyNUI0Q0FBRDQwMEJBRjE4NzZGQkQ1Rjc1ODA1MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCavj4fOS0E/5iaQfrZ+KrGkmco
4b+ZN9QUGNpO3+adVJYzmGnVgpREYc491CjW11ShFX7OSTkoseq7s9ygHfF6OiMq
apYRv6IBUSb8X5t7HBrif/coHFWSUckxQy+UfS9x//t4NNFGzdulr4NfpJ4h5Ip3
0Nedu3Ps8ONKdMcyeOMwLibZrJooJJ9rgDCePeCTDOIgCn65AyQ8NrkndmlnKsPd
TivVDmPInv8fct9LVAt3g1J8lO/2SCRZGWi0Wj9aRa4k9nORifSKWiJ+U2MrAwTm
yRB//zTRUG5ZLAGgpI9tyqDUg3DE3xC7mOPO7QZ0WnfNnlbkoCBQn6QoPvozAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUomZcPdoltMqtQAuvGHb71fdYBQMwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNzM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEszAN
BgkqhkiG9w0BAQsFAAOCAQEAJSSubbStwRSzeSvagDXRsvChUqDrpTPl0Gip+TYd
WCryitLc/z2FVNFsc8olSAGxvmVKz50OTxk0k1UWqU4Zf9Wgdq+ucHm847w19Az0
5cwa7azM6KNG9AZ8KitGixpe4EIC1X9HuX0DLrzJWNf0ZaSW3zhNiXTJ9+r2VLGy
1NxiOtqSkLl+MSXtclV4g4iGb/gGGFBEHidG8H7Nc94HacnEBI+Fveq8qJy+BxV+
PAD+ZiKCWzy+97pH4iurGTG6NBjdaCbH69kDHeTluMux/woSgzESKdwT6gphars7
1wO1onvR0h10ugLq7ZO9BfUMHgnVDXm938Q4CiUJoiF99A==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org