Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e39352e3136312e302f32342d3234203d3e203238343033.roa
File:                     3230302e39352e3136312e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          Y0wPHFeVRiZaefiNo3MGU+KjhfuWU6q4Mye0hnw8Guo=
Subject key identifier:   E6:11:9E:69:E4:E5:18:F3:E4:31:50:4B:B4:6B:EE:72:E5:B2:5B:4A
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       7A1645D1AC51E3DD0FDBF9FD32600C54FDB531A8
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e39352e3136312e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 25 Sep 2024 16:35:00 +0000
ROA not before:           Wed 25 Sep 2024 16:30:00 +0000
ROA not after:            Wed 24 Sep 2025 16:35:00 +0000
asID:                     28403
IP address blocks:        200.95.161.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:16:45:d1:ac:51:e3:dd:0f:db:f9:fd:32:60:0c:54:fd:b5:31:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep 25 16:30:00 2024 GMT
            Not After : Sep 24 16:35:00 2025 GMT
        Subject: CN=E6119E69E4E518F3E431504BB46BEE72E5B25B4A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:15:a7:8e:a9:1d:8f:86:0f:c7:9d:5c:da:e3:
                    89:eb:12:2b:17:56:55:ce:86:0c:13:a4:ca:e1:e4:
                    79:ec:8f:4f:53:ab:b0:7b:a7:65:eb:e7:86:46:6c:
                    c6:f0:9d:69:c3:a6:21:fb:2d:b9:93:b4:2f:39:dc:
                    93:d1:40:4e:da:b3:a4:4d:53:14:0d:88:dd:0e:1e:
                    36:fb:76:ea:a4:f5:1e:03:4e:4d:58:2f:78:f8:ed:
                    7a:1a:60:af:bc:e9:19:99:8f:ec:4d:76:77:95:75:
                    a1:c2:c4:f6:c3:00:0d:74:d6:8b:27:99:37:47:5b:
                    5a:7f:f4:0c:b9:05:41:da:b1:71:13:af:f3:e2:f6:
                    ed:ce:77:9a:d5:f9:cd:d0:a7:5e:72:77:21:c9:5c:
                    9d:eb:bc:0d:bb:c2:0c:c9:4c:8c:dd:d2:c9:27:75:
                    53:5b:b3:f7:58:2c:f3:20:2d:87:e0:67:45:65:2c:
                    b9:69:81:7a:ac:3c:e6:80:45:25:3c:ee:47:7d:5f:
                    5c:40:5f:f4:96:2b:97:93:17:9a:c7:6e:c7:6b:f7:
                    66:85:81:45:ac:49:6c:76:fd:a7:8b:89:b0:91:55:
                    f2:e9:9d:4a:1f:04:f6:c9:48:6c:c0:65:e0:3f:c0:
                    34:85:38:e2:f7:a1:b0:3f:14:9d:97:c4:92:95:fe:
                    a9:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:11:9E:69:E4:E5:18:F3:E4:31:50:4B:B4:6B:EE:72:E5:B2:5B:4A
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e39352e3136312e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.95.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:a4:67:02:54:ef:2f:cf:1e:63:e1:2d:61:39:06:a7:1c:6e:
         0f:ab:f8:d7:6e:bf:55:40:03:71:0d:c5:e0:92:ed:f3:69:2f:
         a1:13:d1:aa:f5:6f:9f:b3:74:60:fb:c3:c3:1a:aa:5f:42:c1:
         f1:75:67:9c:de:b1:15:09:ca:95:99:31:a7:ff:a7:a7:73:16:
         74:28:a6:c2:21:bb:68:9e:20:40:63:8d:78:dd:6b:06:3a:05:
         15:2d:9f:5b:85:95:d3:c6:1f:f6:16:c3:2e:17:1a:b2:b3:da:
         be:2e:91:c0:17:74:2b:6a:26:d5:0f:23:43:f9:ec:5a:c7:6b:
         10:69:1a:83:31:ad:c9:21:e3:a4:93:99:84:c1:34:f6:a4:ad:
         0b:27:fa:4f:5c:5d:eb:fc:c4:cf:3c:c0:0a:8d:8a:fa:05:ac:
         b9:4b:6b:19:63:63:f3:f8:bb:c2:32:d0:67:ea:6c:c9:df:8f:
         43:2b:35:c2:eb:d2:26:00:39:9d:bc:19:62:41:81:53:75:f3:
         30:d1:7d:a0:11:01:4c:43:8e:9e:a3:c7:88:a1:79:42:20:f1:
         3b:f6:42:03:1b:28:09:f3:3b:28:de:4e:38:b8:30:92:5b:d6:
         c7:b2:c8:bb:8f:f4:aa:c2:df:82:8a:f4:16:b1:41:27:e9:b0:
         8a:6d:2e:32
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUehZF0axR490P2/n9MmAMVP21MagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MjUxNjMwMDBaFw0yNTA5MjQxNjM1MDBaMDMxMTAvBgNV
BAMTKEU2MTE5RTY5RTRFNTE4RjNFNDMxNTA0QkI0NkJFRTcyRTVCMjVCNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtFaeOqR2Phg/HnVza44nrEisX
VlXOhgwTpMrh5Hnsj09Tq7B7p2Xr54ZGbMbwnWnDpiH7LbmTtC853JPRQE7as6RN
UxQNiN0OHjb7duqk9R4DTk1YL3j47XoaYK+86RmZj+xNdneVdaHCxPbDAA101osn
mTdHW1p/9Ay5BUHasXETr/Pi9u3Od5rV+c3Qp15ydyHJXJ3rvA27wgzJTIzd0skn
dVNbs/dYLPMgLYfgZ0VlLLlpgXqsPOaARSU87kd9X1xAX/SWK5eTF5rHbsdr92aF
gUWsSWx2/aeLibCRVfLpnUofBPbJSGzAZeA/wDSFOOL3obA/FJ2XxJKV/qnvAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU5hGeaeTlGPPkMVBLtGvucuWyW0owHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzkzNTJlMzEzNjMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhfoTAN
BgkqhkiG9w0BAQsFAAOCAQEAMaRnAlTvL88eY+EtYTkGpxxuD6v4126/VUADcQ3F
4JLt82kvoRPRqvVvn7N0YPvDwxqqX0LB8XVnnN6xFQnKlZkxp/+np3MWdCimwiG7
aJ4gQGONeN1rBjoFFS2fW4WV08Yf9hbDLhcasrPavi6RwBd0K2om1Q8jQ/nsWsdr
EGkagzGtySHjpJOZhME09qStCyf6T1xd6/zEzzzACo2K+gWsuUtrGWNj8/i7wjLQ
Z+psyd+PQys1wuvSJgA5nbwZYkGBU3XzMNF9oBEBTEOOnqPHiKF5QiDxO/ZCAxso
CfM7KN5OOLgwklvWx7LIu4/0qsLfgor0FrFBJ+mwim0uMg==
-----END CERTIFICATE-----
Generated at Mon Dec 9 09:12:36 2024 by rpki-client on console-ams.rpki-client.org