Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3138352e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3138352e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          x/wOxOhPVUPz1OaAnLIxqHqdanh3DPsXCPsad2LOikA=
Subject key identifier:   D8:B5:1E:8C:C9:CB:09:C6:C4:28:FF:09:B3:21:87:9A:48:D4:E5:E0
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       1E70BF4451111DA9F2F4F9C34CF45E98ECCEF18C
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3138352e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 11 Sep 2024 16:00:03 +0000
ROA not before:           Wed 11 Sep 2024 15:55:03 +0000
ROA not after:            Wed 10 Sep 2025 16:00:03 +0000
asID:                     28403
IP address blocks:        200.68.185.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:70:bf:44:51:11:1d:a9:f2:f4:f9:c3:4c:f4:5e:98:ec:ce:f1:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep 11 15:55:03 2024 GMT
            Not After : Sep 10 16:00:03 2025 GMT
        Subject: CN=D8B51E8CC9CB09C6C428FF09B321879A48D4E5E0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a6:08:b0:11:7a:1d:0a:bd:07:30:c3:1c:1e:
                    c3:96:68:1f:34:43:4a:83:df:3d:07:7d:b3:37:fd:
                    23:c4:7b:b7:c1:1b:01:36:f0:27:99:66:b2:bf:44:
                    33:e5:a5:8a:c7:4a:3a:d9:38:78:38:37:5e:98:3c:
                    dc:6b:f9:c9:3b:70:c9:5e:92:2f:1a:8a:33:f4:62:
                    5e:3b:cf:0d:2b:ab:88:12:90:ef:0d:ba:02:9c:4c:
                    9a:f8:7d:76:a6:0a:b1:7f:89:85:0d:d9:ac:de:a6:
                    68:10:1a:c5:04:03:7a:cb:b4:42:91:2b:ec:93:5e:
                    b3:ff:0f:d6:64:7f:b3:32:ab:4c:42:43:1a:cc:5d:
                    27:ee:cf:d4:37:26:a5:69:f4:fb:98:00:b0:c3:3a:
                    24:5d:40:23:e6:15:04:9e:cc:5e:8c:b6:86:a2:ed:
                    6a:a2:2d:8a:b1:a2:27:a2:db:0f:9b:49:15:7c:bb:
                    96:26:5d:24:a2:3a:fd:15:ba:67:d8:e9:7e:eb:e0:
                    9e:78:5a:4b:63:0c:c1:d4:ef:5d:f0:1c:5e:13:c2:
                    f5:97:ee:0c:be:89:f5:7e:6a:30:b8:46:42:5e:43:
                    7d:c4:6e:05:b8:96:cf:ac:10:c1:e5:e5:62:41:06:
                    6e:df:32:11:40:94:cd:94:3e:31:57:94:00:8d:01:
                    69:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:B5:1E:8C:C9:CB:09:C6:C4:28:FF:09:B3:21:87:9A:48:D4:E5:E0
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3138352e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:a4:99:b9:f7:ea:37:97:69:fe:64:ed:e0:9f:49:e4:f0:01:
         2c:f3:e8:ec:c9:6c:8b:d7:49:73:18:60:57:25:56:a9:15:83:
         a4:90:db:4e:81:e0:43:67:4c:1b:f3:c0:5d:80:78:00:74:3c:
         c6:e2:d0:3f:eb:80:e2:fb:5f:a7:b2:03:32:c8:61:cc:45:f9:
         96:26:5b:19:90:c2:f2:9a:71:20:aa:71:78:9e:75:94:50:58:
         34:00:5d:e2:23:9c:d5:69:ae:6f:bf:5a:00:4b:e6:21:44:da:
         40:51:c5:3d:de:8a:1e:3c:b7:0f:02:0b:1a:86:b1:1e:e8:c2:
         ee:7e:2f:d3:8c:bd:f0:98:7a:d6:29:84:51:48:76:99:92:b6:
         5b:19:1c:5c:8d:35:a0:2a:cf:db:4c:48:cd:98:be:88:8c:90:
         af:56:e7:a3:b6:52:a2:22:38:61:5b:99:c5:c3:bb:2a:14:a4:
         3a:04:49:09:73:bd:65:31:0e:cc:33:38:41:d9:86:90:f6:d0:
         49:fb:b0:31:d0:1b:ba:b7:f8:f7:27:ce:47:c8:ee:45:cc:76:
         a8:2d:e8:b7:16:72:dc:f2:d9:6d:09:99:fb:47:1f:d4:2b:12:
         5b:76:d4:65:1c:27:45:09:45:55:5e:0d:60:36:06:c3:22:a6:
         ae:3a:94:46
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUHnC/RFERHany9PnDTPRemOzO8YwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MTExNTU1MDNaFw0yNTA5MTAxNjAwMDNaMDMxMTAvBgNV
BAMTKEQ4QjUxRThDQzlDQjA5QzZDNDI4RkYwOUIzMjE4NzlBNDhENEU1RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVpgiwEXodCr0HMMMcHsOWaB80
Q0qD3z0HfbM3/SPEe7fBGwE28CeZZrK/RDPlpYrHSjrZOHg4N16YPNxr+ck7cMle
ki8aijP0Yl47zw0rq4gSkO8NugKcTJr4fXamCrF/iYUN2azepmgQGsUEA3rLtEKR
K+yTXrP/D9Zkf7Myq0xCQxrMXSfuz9Q3JqVp9PuYALDDOiRdQCPmFQSezF6Mtoai
7WqiLYqxoiei2w+bSRV8u5YmXSSiOv0VumfY6X7r4J54WktjDMHU713wHF4TwvWX
7gy+ifV+ajC4RkJeQ33EbgW4ls+sEMHl5WJBBm7fMhFAlM2UPjFXlACNAWkdAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU2LUejMnLCcbEKP8JsyGHmkjU5eAwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzODM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEuTAN
BgkqhkiG9w0BAQsFAAOCAQEAFaSZuffqN5dp/mTt4J9J5PABLPPo7Mlsi9dJcxhg
VyVWqRWDpJDbToHgQ2dMG/PAXYB4AHQ8xuLQP+uA4vtfp7IDMshhzEX5liZbGZDC
8ppxIKpxeJ51lFBYNABd4iOc1Wmub79aAEvmIUTaQFHFPd6KHjy3DwILGoaxHujC
7n4v04y98Jh61imEUUh2mZK2WxkcXI01oCrP20xIzZi+iIyQr1bno7ZSoiI4YVuZ
xcO7KhSkOgRJCXO9ZTEOzDM4QdmGkPbQSfuwMdAburf49yfOR8juRcx2qC3otxZy
3PLZbQmZ+0cf1CsSW3bUZRwnRQlFVV4NYDYGwyKmrjqURg==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org