Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/3230302e35392e36342e302f31382d3234203d3e203130363137.roa
File:                     3230302e35392e36342e302f31382d3234203d3e203130363137.roa (raw, json)
Hash identifier:          WGW6ax5YTXBwE43yRXbzdqgVkVMyBRGHJTXZ8BeSJuk=
Subject key identifier:   2E:3D:68:03:6A:EA:C5:AD:C8:B4:57:9A:47:02:A0:59:F3:1B:58:A7
Certificate issuer:       /CN=991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3
Certificate serial:       3728B013EBF5C3B7A4B7DF6CC2BAFD5FE79EB687
Authority key identifier: 99:1C:3E:DC:C0:3E:22:70:A8:EA:AF:82:2E:C1:7B:EC:74:1B:1A:A3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/3230302e35392e36342e302f31382d3234203d3e203130363137.roa
Signing time:             Tue 05 Mar 2024 17:50:19 +0000
ROA not before:           Tue 05 Mar 2024 17:45:19 +0000
ROA not after:            Tue 04 Mar 2025 17:50:19 +0000
asID:                     10617
IP address blocks:        200.59.64.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Dec 2024 18:44:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:28:b0:13:eb:f5:c3:b7:a4:b7:df:6c:c2:ba:fd:5f:e7:9e:b6:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3
        Validity
            Not Before: Mar  5 17:45:19 2024 GMT
            Not After : Mar  4 17:50:19 2025 GMT
        Subject: CN=2E3D68036AEAC5ADC8B4579A4702A059F31B58A7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:1c:26:26:9e:fb:38:e3:68:b0:ed:a4:1a:3b:
                    85:e5:88:17:53:98:21:a6:ae:96:04:44:25:75:da:
                    2a:d2:8c:70:c8:9e:04:6a:34:73:84:a5:fd:9e:ea:
                    48:f3:f1:a4:1c:96:43:b1:4c:2f:27:f3:bf:80:ad:
                    1b:5b:5e:63:c6:1e:7a:7b:db:f6:eb:d7:56:a6:9b:
                    3d:89:0d:93:04:04:92:1a:ee:93:c9:ab:4a:09:68:
                    f9:96:66:a6:99:d6:4c:fa:21:78:74:d3:c4:86:63:
                    a0:24:36:bf:df:11:28:95:92:fb:74:58:d3:6f:dc:
                    13:8b:b8:59:d5:83:c7:29:28:5b:19:b3:e2:0e:96:
                    bd:aa:b0:81:bb:f8:6b:a5:b5:05:f6:3f:16:e8:7b:
                    da:f1:05:bc:77:1a:24:0b:48:58:07:af:95:02:ce:
                    83:61:52:9d:b3:ca:80:d3:b8:f5:c7:b4:76:4d:88:
                    bb:a9:bd:75:56:90:2a:d2:94:5a:3c:a9:a8:31:83:
                    ea:16:cc:6d:42:ab:cb:80:2e:17:9d:80:48:30:37:
                    7c:b1:d7:46:07:93:14:66:38:0f:d3:49:4f:3c:84:
                    42:b2:10:7e:99:8d:52:b8:52:e5:3c:6e:71:2e:44:
                    d1:4d:b3:8f:f5:8e:67:8b:90:c2:df:67:06:c3:96:
                    2a:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:3D:68:03:6A:EA:C5:AD:C8:B4:57:9A:47:02:A0:59:F3:1B:58:A7
            X509v3 Authority Key Identifier:
                keyid:99:1C:3E:DC:C0:3E:22:70:A8:EA:AF:82:2E:C1:7B:EC:74:1B:1A:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/3230302e35392e36342e302f31382d3234203d3e203130363137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.59.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         ae:26:1f:47:0a:f8:ea:b1:8c:9d:32:1c:0d:8c:cd:52:b6:77:
         37:98:da:b4:2c:23:04:2b:aa:a0:68:29:31:31:e0:a5:06:e3:
         f3:39:54:d5:f9:fe:a5:a1:ef:ce:85:10:d7:ae:3b:39:dc:59:
         52:e9:7b:67:11:76:80:7e:72:d6:43:fe:fe:e0:c4:2e:71:48:
         cd:a9:4c:c6:ed:45:58:ff:ff:dd:db:60:2f:25:bd:1c:ba:ce:
         68:bb:46:34:1e:bc:ec:ed:f6:90:d5:65:f7:73:8b:f1:d1:8e:
         30:bd:9d:7d:80:ee:fa:ed:f9:24:7d:b2:26:00:23:9c:d6:f6:
         f0:b2:89:5b:15:0f:1e:98:28:2c:a2:bf:6d:71:16:1a:fa:88:
         b5:48:3d:06:ef:26:d5:a4:14:de:f1:c4:37:8b:0e:4a:ca:7f:
         5e:e7:0d:6a:dc:c2:a3:e4:ca:a2:1d:0b:2c:c4:25:6c:ec:79:
         d9:c4:8b:83:ae:08:81:79:0c:dd:65:b9:9a:40:1a:3b:2b:52:
         b1:64:23:ed:af:8f:f5:cd:cf:5e:d0:e1:1a:bc:36:93:44:2d:
         bf:5c:d6:1c:9c:d1:4f:8a:6f:4f:d9:f6:a0:77:5a:4e:ba:db:
         c1:e4:78:17:48:a5:80:56:e2:15:dc:8a:b2:f3:1c:a0:4f:fb:
         4b:b1:04:ae
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUNyiwE+v1w7ekt99swrr9X+eetocwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTkxQzNFRENDMDNFMjI3MEE4RUFBRjgyMkVDMTdCRUM3
NDFCMUFBMzAeFw0yNDAzMDUxNzQ1MTlaFw0yNTAzMDQxNzUwMTlaMDMxMTAvBgNV
BAMTKDJFM0Q2ODAzNkFFQUM1QURDOEI0NTc5QTQ3MDJBMDU5RjMxQjU4QTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrHCYmnvs442iw7aQaO4XliBdT
mCGmrpYERCV12irSjHDIngRqNHOEpf2e6kjz8aQclkOxTC8n87+ArRtbXmPGHnp7
2/br11ammz2JDZMEBJIa7pPJq0oJaPmWZqaZ1kz6IXh008SGY6AkNr/fESiVkvt0
WNNv3BOLuFnVg8cpKFsZs+IOlr2qsIG7+GultQX2Pxboe9rxBbx3GiQLSFgHr5UC
zoNhUp2zyoDTuPXHtHZNiLupvXVWkCrSlFo8qagxg+oWzG1Cq8uALhedgEgwN3yx
10YHkxRmOA/TSU88hEKyEH6ZjVK4UuU8bnEuRNFNs4/1jmeLkMLfZwbDlio/AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQULj1oA2rqxa3ItFeaRwKgWfMbWKcwHwYDVR0j
BBgwFoAUmRw+3MA+InCo6q+CLsF77HQbGqMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NjJGRkYzM0MzMUM3ODlCMzgxMDYwRDE4NzY0RUZDMUIz
OUY2NzdGQTg5NTAzQzg5OUEyNjA5MDNCRjUyQUU1LzAvOTkxQzNFRENDMDNFMjI3
MEE4RUFBRjgyMkVDMTdCRUM3NDFCMUFBMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OTFDM0VEQ0MwM0UyMjcwQThF
QUFGODIyRUMxN0JFQzc0MUIxQUEzLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDYyRkZGMzNDMzFDNzg5QjM4MTA2MEQxODc2NEVGQzFCMzlGNjc3RkE4
OTUwM0M4OTlBMjYwOTAzQkY1MkFFNS8wLzMyMzAzMDJlMzUzOTJlMzYzNDJlMzAy
ZjMxMzgyZDMyMzQyMDNkM2UyMDMxMzAzNjMxMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbIO0AwDQYJ
KoZIhvcNAQELBQADggEBAK4mH0cK+OqxjJ0yHA2MzVK2dzeY2rQsIwQrqqBoKTEx
4KUG4/M5VNX5/qWh786FENeuOzncWVLpe2cRdoB+ctZD/v7gxC5xSM2pTMbtRVj/
/93bYC8lvRy6zmi7RjQevOzt9pDVZfdzi/HRjjC9nX2A7vrt+SR9siYAI5zW9vCy
iVsVDx6YKCyiv21xFhr6iLVIPQbvJtWkFN7xxDeLDkrKf17nDWrcwqPkyqIdCyzE
JWzsednEi4OuCIF5DN1luZpAGjsrUrFkI+2vj/XNz17Q4Rq8NpNELb9c1hyc0U+K
b0/Z9qB3Wk6628HkeBdIpYBW4hXcirLzHKBP+0uxBK4=
-----END CERTIFICATE-----
Generated at Sat Dec 7 01:34:14 2024 by rpki-client on console-ams.rpki-client.org