Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/3230312e3232312e39362e302f32302d3234203d3e203130363137.roa
File:                     3230312e3232312e39362e302f32302d3234203d3e203130363137.roa (raw, json)
Hash identifier:          yAwaM9vGEZOL5yhbATMBKIbHVRI94pMsjRnXGt30rKo=
Subject key identifier:   8B:5E:36:04:4C:96:84:D4:F8:29:0A:4D:DF:F2:85:47:33:1B:38:ED
Certificate issuer:       /CN=991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3
Certificate serial:       6BB602AA6DD67774F1C1E9BF272E95B168BA9637
Authority key identifier: 99:1C:3E:DC:C0:3E:22:70:A8:EA:AF:82:2E:C1:7B:EC:74:1B:1A:A3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/3230312e3232312e39362e302f32302d3234203d3e203130363137.roa
Signing time:             Tue 05 Mar 2024 17:50:19 +0000
ROA not before:           Tue 05 Mar 2024 17:45:19 +0000
ROA not after:            Tue 04 Mar 2025 17:50:19 +0000
asID:                     10617
IP address blocks:        201.221.96.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 17:40:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:b6:02:aa:6d:d6:77:74:f1:c1:e9:bf:27:2e:95:b1:68:ba:96:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3
        Validity
            Not Before: Mar  5 17:45:19 2024 GMT
            Not After : Mar  4 17:50:19 2025 GMT
        Subject: CN=8B5E36044C9684D4F8290A4DDFF28547331B38ED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:f7:54:74:03:e7:0e:f1:75:4c:67:01:e2:a1:
                    26:95:9e:cc:35:6c:00:f8:26:ba:d2:b6:63:49:78:
                    6d:9b:ae:77:3f:80:4a:11:37:95:d6:22:d3:de:8d:
                    ee:bc:2a:5a:a9:c7:5c:c0:48:95:44:fc:6d:3b:08:
                    3e:be:c3:24:b2:42:bf:d3:28:62:39:0a:80:64:75:
                    ae:2f:0a:69:01:26:02:bf:e1:e3:a3:c4:17:49:6f:
                    17:9c:fa:64:cd:aa:de:ae:4b:ce:e5:ae:7a:54:3d:
                    fa:b8:c0:55:69:8f:06:0c:88:6b:17:2b:3a:fd:ba:
                    5b:62:07:18:e4:7e:47:9d:bb:d3:b8:bc:c1:51:81:
                    fc:7d:7e:5e:1a:7a:a6:78:d6:5a:c6:0d:c4:c0:ab:
                    45:c4:fe:e4:75:a2:cb:60:01:9c:c8:f3:04:ea:3b:
                    b7:d7:cd:77:f0:0f:cc:58:33:f1:f5:3e:23:15:b2:
                    ae:38:ae:ef:8b:fd:b5:0c:95:24:ac:0f:90:8c:b3:
                    f6:ad:66:b2:49:83:5b:ff:0b:59:86:d2:23:9d:f1:
                    c4:60:84:dc:39:79:a3:3e:8e:3b:23:68:4d:5c:cf:
                    c3:5f:60:7c:0a:d4:1c:d5:56:ff:a9:7d:92:85:ab:
                    29:59:3c:ea:58:f9:03:e2:21:80:02:bb:b4:7f:28:
                    d9:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:5E:36:04:4C:96:84:D4:F8:29:0A:4D:DF:F2:85:47:33:1B:38:ED
            X509v3 Authority Key Identifier:
                keyid:99:1C:3E:DC:C0:3E:22:70:A8:EA:AF:82:2E:C1:7B:EC:74:1B:1A:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/3230312e3232312e39362e302f32302d3234203d3e203130363137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.221.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         4c:e4:8c:6e:8c:b9:80:e9:3d:10:9f:f9:64:2b:b9:0a:24:79:
         18:05:33:b3:36:19:85:f8:df:8d:6f:3b:a6:0e:c7:4d:2b:59:
         80:b3:1e:74:b6:bd:67:15:ef:2e:b1:04:32:b4:db:c7:4c:bd:
         ae:88:f1:ed:04:76:a1:9e:ea:e4:a7:8b:78:9d:27:be:4a:f7:
         e9:e8:7c:1f:71:31:99:ed:34:e8:0b:3e:c5:2e:b5:e4:88:d2:
         25:95:a1:54:2b:af:ee:6e:59:56:bb:68:ca:9c:e9:3d:79:39:
         07:90:c8:bb:5b:a6:be:f7:f0:5c:ad:fd:47:74:75:87:8a:c9:
         87:04:6d:86:63:b3:e7:07:3c:d6:6b:8e:98:a1:0b:dd:51:74:
         4f:a8:22:5d:63:71:fe:35:71:6c:9c:06:12:cd:55:d6:c5:83:
         da:5a:25:0d:33:f3:ef:f0:cd:76:cd:6b:43:c3:0e:74:e4:12:
         00:e8:bc:8a:c7:6f:4d:db:33:ee:5f:40:4b:65:c6:d9:41:68:
         cd:5e:e6:ef:68:03:80:9c:34:ee:67:e3:74:5f:6c:75:1b:23:
         b7:3f:12:0a:3c:d5:8c:7f:a2:93:f4:32:29:ae:fb:ee:05:07:
         6d:ac:f0:8d:37:ca:7c:11:6c:ff:eb:88:cd:ae:5b:88:8d:84:
         bf:fb:68:c6
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUa7YCqm3Wd3Txwem/Jy6VsWi6ljcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTkxQzNFRENDMDNFMjI3MEE4RUFBRjgyMkVDMTdCRUM3
NDFCMUFBMzAeFw0yNDAzMDUxNzQ1MTlaFw0yNTAzMDQxNzUwMTlaMDMxMTAvBgNV
BAMTKDhCNUUzNjA0NEM5Njg0RDRGODI5MEE0RERGRjI4NTQ3MzMxQjM4RUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh91R0A+cO8XVMZwHioSaVnsw1
bAD4JrrStmNJeG2brnc/gEoRN5XWItPeje68Klqpx1zASJVE/G07CD6+wySyQr/T
KGI5CoBkda4vCmkBJgK/4eOjxBdJbxec+mTNqt6uS87lrnpUPfq4wFVpjwYMiGsX
Kzr9ultiBxjkfkedu9O4vMFRgfx9fl4aeqZ41lrGDcTAq0XE/uR1ostgAZzI8wTq
O7fXzXfwD8xYM/H1PiMVsq44ru+L/bUMlSSsD5CMs/atZrJJg1v/C1mG0iOd8cRg
hNw5eaM+jjsjaE1cz8NfYHwK1BzVVv+pfZKFqylZPOpY+QPiIYACu7R/KNkbAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUi142BEyWhNT4KQpN3/KFRzMbOO0wHwYDVR0j
BBgwFoAUmRw+3MA+InCo6q+CLsF77HQbGqMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NjJGRkYzM0MzMUM3ODlCMzgxMDYwRDE4NzY0RUZDMUIz
OUY2NzdGQTg5NTAzQzg5OUEyNjA5MDNCRjUyQUU1LzAvOTkxQzNFRENDMDNFMjI3
MEE4RUFBRjgyMkVDMTdCRUM3NDFCMUFBMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OTFDM0VEQ0MwM0UyMjcwQThF
QUFGODIyRUMxN0JFQzc0MUIxQUEzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDYyRkZGMzNDMzFDNzg5QjM4MTA2MEQxODc2NEVGQzFCMzlGNjc3RkE4
OTUwM0M4OTlBMjYwOTAzQkY1MkFFNS8wLzMyMzAzMTJlMzIzMjMxMmUzOTM2MmUz
MDJmMzIzMDJkMzIzNDIwM2QzZTIwMzEzMDM2MzEzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMndYDAN
BgkqhkiG9w0BAQsFAAOCAQEATOSMboy5gOk9EJ/5ZCu5CiR5GAUzszYZhfjfjW87
pg7HTStZgLMedLa9ZxXvLrEEMrTbx0y9rojx7QR2oZ7q5KeLeJ0nvkr36eh8H3Ex
me006As+xS615IjSJZWhVCuv7m5ZVrtoypzpPXk5B5DIu1umvvfwXK39R3R1h4rJ
hwRthmOz5wc81muOmKEL3VF0T6giXWNx/jVxbJwGEs1V1sWD2lolDTPz7/DNds1r
Q8MOdOQSAOi8isdvTdsz7l9AS2XG2UFozV7m72gDgJw07mfjdF9sdRsjtz8SCjzV
jH+ik/QyKa777gUHbazwjTfKfBFs/+uIza5biI2Ev/toxg==
-----END CERTIFICATE-----
Generated at Mon Dec 9 13:59:06 2024 by rpki-client on console-fra.rpki-client.org