Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3138332e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3138332e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          +qhqsLlDTj3JxXrUcldPerUp5eKGxYVulFlbLbkPeB4=
Subject key identifier:   0F:21:1B:66:88:95:AF:97:36:DD:10:59:BB:41:3C:32:0F:27:A8:4C
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       277137E4673008A04BBBC72B57A10E68767B1A86
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3138332e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 11 Sep 2024 16:00:00 +0000
ROA not before:           Wed 11 Sep 2024 15:55:00 +0000
ROA not after:            Wed 10 Sep 2025 16:00:00 +0000
asID:                     28403
IP address blocks:        200.68.183.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:71:37:e4:67:30:08:a0:4b:bb:c7:2b:57:a1:0e:68:76:7b:1a:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep 11 15:55:00 2024 GMT
            Not After : Sep 10 16:00:00 2025 GMT
        Subject: CN=0F211B668895AF9736DD1059BB413C320F27A84C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:5e:3f:2d:7f:fa:c7:7c:38:e4:91:ad:12:d3:
                    c0:2e:35:b2:be:89:3d:fa:f9:3c:cf:65:ac:50:09:
                    05:52:13:8d:0b:16:05:3e:76:31:c5:54:c8:65:2c:
                    c7:68:ba:3c:04:14:b2:f0:01:82:1c:37:83:29:a5:
                    f1:fe:3b:21:c4:d7:f9:8e:77:ca:54:91:7c:14:96:
                    95:0e:45:e8:3c:ae:d9:08:9d:3a:35:87:f0:48:6d:
                    f8:e8:cd:a3:8b:96:cc:2f:11:9a:26:41:15:a7:39:
                    64:f7:ea:ce:04:6b:09:a6:91:c1:d9:0c:81:65:7b:
                    40:11:b4:66:90:01:b8:7a:a3:0b:0a:a7:d4:18:78:
                    69:85:8d:71:d3:54:63:45:1d:a5:c7:89:25:a8:05:
                    2e:4a:0f:17:c3:1e:84:12:35:20:43:38:78:1c:ce:
                    cb:f7:b8:e4:8e:f4:8b:8f:fe:39:28:1d:c3:77:32:
                    36:ed:49:3a:8c:9c:73:e1:34:20:6e:37:f9:01:ac:
                    4c:24:29:91:be:76:ab:8c:e4:08:bc:46:1e:a4:b7:
                    98:c6:73:20:35:fd:47:18:f4:55:cc:62:cc:68:8e:
                    ef:13:ea:9f:e9:b2:e0:2b:42:67:d5:df:44:a5:ad:
                    14:fa:ba:9b:fe:ff:b2:c9:76:15:8f:bd:84:fd:6a:
                    e3:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:21:1B:66:88:95:AF:97:36:DD:10:59:BB:41:3C:32:0F:27:A8:4C
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3138332e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:aa:3a:af:66:77:51:35:a9:9a:d8:69:c3:64:dd:e3:3c:bd:
         4a:57:3b:25:70:cc:0e:a6:2e:0b:9d:70:74:77:26:39:df:f8:
         16:41:a5:bf:da:c2:28:6e:d1:81:e7:db:78:c6:26:84:0d:11:
         83:4f:c5:4a:89:49:25:48:14:49:09:c0:68:28:8f:65:26:e4:
         1e:f7:b5:5a:bc:ae:97:c1:ef:3f:92:36:0e:53:74:4a:80:25:
         3e:ad:c6:79:16:88:bc:57:76:e8:12:31:9c:90:b4:0a:c7:82:
         75:3a:5f:9e:ae:f2:79:55:d1:b4:da:db:04:0d:6c:15:a4:28:
         67:6d:0d:06:13:d3:59:bd:0a:e7:22:4d:b3:48:09:8e:a3:01:
         22:80:bb:a4:44:0e:ad:58:c3:c3:b4:e4:15:43:7c:b1:65:83:
         41:e1:b3:f6:60:be:4d:76:f5:5e:56:df:93:5a:e2:d3:18:3c:
         9e:e3:b5:1e:6a:db:be:a5:e1:21:95:a3:2b:a0:a2:7c:a6:39:
         32:3c:01:7d:60:41:21:5e:b2:bc:eb:d7:67:0e:88:db:a3:16:
         00:47:48:b6:aa:81:cf:18:75:1d:6f:63:6c:e3:27:85:83:54:
         a9:9f:bf:fe:5e:2f:f0:ee:0b:32:fb:35:55:64:31:fc:87:34:
         c8:51:07:46
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUJ3E35GcwCKBLu8crV6EOaHZ7GoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MTExNTU1MDBaFw0yNTA5MTAxNjAwMDBaMDMxMTAvBgNV
BAMTKDBGMjExQjY2ODg5NUFGOTczNkREMTA1OUJCNDEzQzMyMEYyN0E4NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Xj8tf/rHfDjkka0S08AuNbK+
iT36+TzPZaxQCQVSE40LFgU+djHFVMhlLMdoujwEFLLwAYIcN4MppfH+OyHE1/mO
d8pUkXwUlpUOReg8rtkInTo1h/BIbfjozaOLlswvEZomQRWnOWT36s4EawmmkcHZ
DIFle0ARtGaQAbh6owsKp9QYeGmFjXHTVGNFHaXHiSWoBS5KDxfDHoQSNSBDOHgc
zsv3uOSO9IuP/jkoHcN3MjbtSTqMnHPhNCBuN/kBrEwkKZG+dquM5Ai8Rh6kt5jG
cyA1/UcY9FXMYsxoju8T6p/psuArQmfV30SlrRT6upv+/7LJdhWPvYT9auO3AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUDyEbZoiVr5c23RBZu0E8Mg8nqEwwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzODMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEtzAN
BgkqhkiG9w0BAQsFAAOCAQEAd6o6r2Z3UTWpmthpw2Td4zy9Slc7JXDMDqYuC51w
dHcmOd/4FkGlv9rCKG7RgefbeMYmhA0Rg0/FSolJJUgUSQnAaCiPZSbkHve1Wryu
l8HvP5I2DlN0SoAlPq3GeRaIvFd26BIxnJC0CseCdTpfnq7yeVXRtNrbBA1sFaQo
Z20NBhPTWb0K5yJNs0gJjqMBIoC7pEQOrVjDw7TkFUN8sWWDQeGz9mC+TXb1Xlbf
k1ri0xg8nuO1HmrbvqXhIZWjK6CifKY5MjwBfWBBIV6yvOvXZw6I26MWAEdItqqB
zxh1HW9jbOMnhYNUqZ+//l4v8O4LMvs1VWQx/Ic0yFEHRg==
-----END CERTIFICATE-----
Generated at Mon Dec 9 08:51:40 2024 by rpki-client on console-fra.rpki-client.org