Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e39352e3136392e302f32342d3234203d3e203238343033.roa
File:                     3230302e39352e3136392e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          tgWkZskYaCEiVWoDw5sn5HXI0uKa414hTFOiYCC5qhk=
Subject key identifier:   5D:DF:10:DA:2B:16:23:50:4A:94:0F:5B:82:16:49:CD:FE:E1:F6:0B
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       0E3016CB1A5112923A12A93B3F5674B9FC1E93D0
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e39352e3136392e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 25 Sep 2024 16:35:00 +0000
ROA not before:           Wed 25 Sep 2024 16:30:00 +0000
ROA not after:            Wed 24 Sep 2025 16:35:00 +0000
asID:                     28403
IP address blocks:        200.95.169.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl
                          rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:30:16:cb:1a:51:12:92:3a:12:a9:3b:3f:56:74:b9:fc:1e:93:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep 25 16:30:00 2024 GMT
            Not After : Sep 24 16:35:00 2025 GMT
        Subject: CN=5DDF10DA2B1623504A940F5B821649CDFEE1F60B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:4e:d3:6f:73:f5:0e:33:82:6e:83:7e:9d:a1:
                    4d:3d:09:2e:77:fc:02:20:1e:18:84:08:cb:d3:bc:
                    b3:38:2f:66:af:84:9e:d7:e3:90:94:88:c9:d8:de:
                    84:87:ac:ba:a3:ce:a6:81:15:ee:15:e2:d8:66:10:
                    52:d7:16:78:a3:cb:f2:ac:8a:63:78:fc:b6:74:ee:
                    a9:12:c0:45:b8:79:6a:78:32:e0:b6:20:16:74:43:
                    f9:d1:75:18:a0:8a:d2:b7:69:21:16:0f:37:c7:b5:
                    cd:c4:f4:58:35:7b:30:ea:5e:25:e2:30:75:f7:58:
                    75:31:67:ae:b0:6c:54:d7:bf:8d:be:f0:fc:97:99:
                    cf:7b:c7:3a:79:72:ad:2b:62:37:45:7c:bd:d8:09:
                    98:31:8e:66:84:d5:e0:81:df:af:c4:14:02:55:cb:
                    8e:ad:e1:77:61:6f:dc:08:f2:21:0f:2c:8c:c9:ac:
                    52:80:cf:5f:54:d7:34:a7:21:ab:ce:5d:12:3b:6d:
                    d7:d9:32:22:05:ed:31:12:64:22:1f:76:20:2a:13:
                    c6:1e:df:84:c2:ea:7e:5a:d9:33:1d:a6:ea:bd:18:
                    c9:0f:2e:8d:23:da:09:15:07:99:11:75:93:da:79:
                    05:0a:29:35:c1:d5:4d:6f:b6:e4:04:dc:8f:46:cd:
                    0e:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:DF:10:DA:2B:16:23:50:4A:94:0F:5B:82:16:49:CD:FE:E1:F6:0B
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e39352e3136392e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.95.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:7c:0e:99:16:fd:2b:06:0f:d8:5c:1a:df:87:66:d6:00:4c:
         2f:73:69:07:7c:3a:f3:8e:90:8c:b6:52:0a:e9:bc:1b:d6:30:
         0f:16:90:ce:4a:3e:7f:1a:d7:e1:4c:c1:cb:c0:03:bd:bf:87:
         ae:4e:7d:d3:7e:21:71:f7:96:2a:64:94:9c:a7:ee:85:18:b7:
         28:ce:8e:60:8c:05:f5:d3:a9:9c:12:f1:b9:2e:af:ca:cf:25:
         04:e5:02:1b:0c:b0:20:76:d9:96:b0:9c:67:06:e6:9e:dc:78:
         03:ce:54:1b:f7:4f:e4:41:97:99:74:84:8f:e8:07:19:27:72:
         99:a2:c8:c2:97:fa:c7:21:ee:15:7c:06:b4:d0:36:2a:0f:9a:
         09:97:ad:4b:52:b2:9e:ec:43:d6:30:ba:c1:e2:6d:44:52:33:
         84:da:a1:65:8d:ed:a1:10:bc:11:1b:ae:47:30:a9:51:32:15:
         41:bc:b9:67:73:0f:c9:8e:54:59:fa:41:5e:6b:80:25:6b:26:
         66:25:9b:8c:fa:17:27:45:71:47:a6:81:07:93:15:27:dc:67:
         88:e8:3e:39:93:13:13:93:02:96:05:9b:71:9f:17:43:d8:92:
         f3:b4:4d:97:f9:75:96:f6:a5:3b:a2:c1:ad:16:4d:7f:0a:34:
         15:c6:3b:ec
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUDjAWyxpREpI6Eqk7P1Z0ufwek9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MjUxNjMwMDBaFw0yNTA5MjQxNjM1MDBaMDMxMTAvBgNV
BAMTKDVEREYxMERBMkIxNjIzNTA0QTk0MEY1QjgyMTY0OUNERkVFMUY2MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChTtNvc/UOM4Jug36doU09CS53
/AIgHhiECMvTvLM4L2avhJ7X45CUiMnY3oSHrLqjzqaBFe4V4thmEFLXFnijy/Ks
imN4/LZ07qkSwEW4eWp4MuC2IBZ0Q/nRdRigitK3aSEWDzfHtc3E9Fg1ezDqXiXi
MHX3WHUxZ66wbFTXv42+8PyXmc97xzp5cq0rYjdFfL3YCZgxjmaE1eCB36/EFAJV
y46t4Xdhb9wI8iEPLIzJrFKAz19U1zSnIavOXRI7bdfZMiIF7TESZCIfdiAqE8Ye
34TC6n5a2TMdpuq9GMkPLo0j2gkVB5kRdZPaeQUKKTXB1U1vtuQE3I9GzQ4JAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUXd8Q2isWI1BKlA9bghZJzf7h9gswHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzkzNTJlMzEzNjM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhfqTAN
BgkqhkiG9w0BAQsFAAOCAQEALHwOmRb9KwYP2Fwa34dm1gBML3NpB3w6846QjLZS
Cum8G9YwDxaQzko+fxrX4UzBy8ADvb+Hrk59034hcfeWKmSUnKfuhRi3KM6OYIwF
9dOpnBLxuS6vys8lBOUCGwywIHbZlrCcZwbmntx4A85UG/dP5EGXmXSEj+gHGSdy
maLIwpf6xyHuFXwGtNA2Kg+aCZetS1KynuxD1jC6weJtRFIzhNqhZY3toRC8ERuu
RzCpUTIVQby5Z3MPyY5UWfpBXmuAJWsmZiWbjPoXJ0VxR6aBB5MVJ9xniOg+OZMT
E5MClgWbcZ8XQ9iS87RNl/l1lvalO6LBrRZNfwo0FcY77A==
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:07:23 2024 by rpki-client on console-ams.rpki-client.org