Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3138382e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3138382e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          JlTABfdXhHmCFuwaUwuVQXba6duwpwqLstmJ1ozVc0s=
Subject key identifier:   53:21:9E:86:0B:36:75:A3:0F:19:39:F4:8C:40:CA:15:A1:1E:92:1F
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       64BA188D206CD9C85E2CD2FE2F0AFF2097705AA7
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3138382e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 11 Sep 2024 16:00:03 +0000
ROA not before:           Wed 11 Sep 2024 15:55:03 +0000
ROA not after:            Wed 10 Sep 2025 16:00:03 +0000
asID:                     28403
IP address blocks:        200.68.188.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:ba:18:8d:20:6c:d9:c8:5e:2c:d2:fe:2f:0a:ff:20:97:70:5a:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep 11 15:55:03 2024 GMT
            Not After : Sep 10 16:00:03 2025 GMT
        Subject: CN=53219E860B3675A30F1939F48C40CA15A11E921F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:93:32:13:b3:bd:3e:d5:2d:e0:0c:62:65:2c:
                    9d:bd:76:0e:53:05:7f:99:7a:37:9c:84:14:cb:26:
                    fa:7e:63:69:db:f1:a4:e1:35:69:9a:ef:ac:ac:10:
                    b9:1c:2a:8e:bb:55:aa:44:c6:60:af:df:8a:3b:db:
                    04:06:dc:6f:7b:f2:aa:c6:3c:08:1f:f0:ae:95:15:
                    28:ac:88:a4:d4:48:af:a6:98:38:eb:07:b9:2d:07:
                    91:fe:a6:59:91:78:b9:ab:23:0f:26:a6:d3:33:31:
                    07:f0:d5:dd:7a:52:11:2e:6b:de:14:e6:26:6e:f8:
                    34:2c:7a:77:1a:bc:be:66:2b:5e:bd:72:65:72:6d:
                    cc:5d:50:7f:cb:ec:4f:df:2f:54:3c:2d:4a:b0:6d:
                    04:2f:04:2c:e8:0e:17:8c:60:97:98:1b:70:42:30:
                    7a:9b:de:4d:84:6b:2c:89:d9:31:a9:a1:2c:4a:72:
                    9d:6c:33:0e:f3:78:76:12:a6:d4:a1:06:ff:a4:46:
                    07:4c:a4:88:02:41:2e:cc:81:a5:bd:72:d7:ca:44:
                    31:20:66:69:23:4f:91:a2:f0:d4:dd:c9:91:4e:74:
                    5c:be:c5:64:e8:12:b4:b4:9d:07:e9:da:82:b9:48:
                    8e:ba:a4:80:fe:b7:7f:13:16:35:d5:5e:37:b5:28:
                    50:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:21:9E:86:0B:36:75:A3:0F:19:39:F4:8C:40:CA:15:A1:1E:92:1F
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3138382e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:a8:a8:0a:be:45:a9:f0:38:c0:ac:d3:e6:db:94:0e:84:7c:
         29:21:27:ab:6e:0e:d3:ab:e6:9f:68:f2:20:64:47:ed:52:85:
         c3:fc:f6:26:b3:a0:a6:b4:ac:37:a8:c9:3b:8f:87:30:7e:57:
         f2:d8:f9:a8:14:1b:e7:eb:01:1e:11:c3:d2:77:30:16:63:ee:
         62:07:67:64:8b:c6:86:68:d1:27:52:b2:94:95:45:e8:a9:08:
         7f:3a:5a:1e:38:03:ae:fe:cf:59:0a:58:26:eb:6c:ef:9d:f4:
         8f:b9:75:3a:ba:ea:e0:6d:36:9e:0c:ee:21:ed:e0:17:85:02:
         fe:1e:b8:ad:e3:ce:f9:35:c9:16:e6:81:87:f2:8d:49:4a:27:
         cd:1f:cb:3a:35:ef:fb:4e:27:7d:5a:b9:6f:0b:91:61:4c:89:
         ab:6b:6e:a1:92:8e:fd:e2:99:35:78:9d:fa:07:f6:b9:67:4a:
         58:42:ea:7d:36:0c:0c:a0:50:64:eb:4d:ef:1c:fb:f9:43:6f:
         ad:d7:ef:97:c4:18:d1:a2:ff:60:94:fc:4d:62:f3:71:e3:3e:
         fb:d4:d8:76:fa:fb:f7:b4:6e:7c:05:9c:a3:2e:31:26:9e:b9:
         47:c0:63:66:c3:4c:32:82:e9:67:20:f4:88:d0:d2:ea:aa:e5:
         88:91:2b:1f
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUZLoYjSBs2cheLNL+Lwr/IJdwWqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MTExNTU1MDNaFw0yNTA5MTAxNjAwMDNaMDMxMTAvBgNV
BAMTKDUzMjE5RTg2MEIzNjc1QTMwRjE5MzlGNDhDNDBDQTE1QTExRTkyMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmkzITs70+1S3gDGJlLJ29dg5T
BX+ZejechBTLJvp+Y2nb8aThNWma76ysELkcKo67VapExmCv34o72wQG3G978qrG
PAgf8K6VFSisiKTUSK+mmDjrB7ktB5H+plmReLmrIw8mptMzMQfw1d16UhEua94U
5iZu+DQsencavL5mK169cmVybcxdUH/L7E/fL1Q8LUqwbQQvBCzoDheMYJeYG3BC
MHqb3k2EayyJ2TGpoSxKcp1sMw7zeHYSptShBv+kRgdMpIgCQS7MgaW9ctfKRDEg
ZmkjT5Gi8NTdyZFOdFy+xWToErS0nQfp2oK5SI66pID+t38TFjXVXje1KFBRAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUUyGehgs2daMPGTn0jEDKFaEekh8wHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzODM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEvDAN
BgkqhkiG9w0BAQsFAAOCAQEAUaioCr5FqfA4wKzT5tuUDoR8KSEnq24O06vmn2jy
IGRH7VKFw/z2JrOgprSsN6jJO4+HMH5X8tj5qBQb5+sBHhHD0ncwFmPuYgdnZIvG
hmjRJ1KylJVF6KkIfzpaHjgDrv7PWQpYJuts7530j7l1Orrq4G02ngzuIe3gF4UC
/h64rePO+TXJFuaBh/KNSUonzR/LOjXv+04nfVq5bwuRYUyJq2tuoZKO/eKZNXid
+gf2uWdKWELqfTYMDKBQZOtN7xz7+UNvrdfvl8QY0aL/YJT8TWLzceM++9TYdvr7
97RufAWcoy4xJp65R8BjZsNMMoLpZyD0iNDS6qrliJErHw==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org