Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4F2FFFB0B3834045F7C4282AEB4C645DD9461750CCD5338F8CC6FD65F5AE1CCA/0/3230312e3134302e38302e302f32302d3234203d3e203138373334.roa
File:                     3230312e3134302e38302e302f32302d3234203d3e203138373334.roa (raw, json)
Hash identifier:          NDYuZi1O6tFmjeoZDTV3yDDdqwxSxqen/nAj2mhtNfQ=
Subject key identifier:   DE:5D:FD:A4:8D:57:CC:7C:11:75:0C:78:90:FA:98:46:2D:E2:08:4F
Certificate issuer:       /CN=7997A25836B429E9E6D15518DC739700B6C9C4FD
Certificate serial:       635904B86C60BC16E86AAB63501E69EBF9447798
Authority key identifier: 79:97:A2:58:36:B4:29:E9:E6:D1:55:18:DC:73:97:00:B6:C9:C4:FD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7997A25836B429E9E6D15518DC739700B6C9C4FD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4F2FFFB0B3834045F7C4282AEB4C645DD9461750CCD5338F8CC6FD65F5AE1CCA/0/3230312e3134302e38302e302f32302d3234203d3e203138373334.roa
Signing time:             Tue 05 Mar 2024 17:50:44 +0000
ROA not before:           Tue 05 Mar 2024 17:45:44 +0000
ROA not after:            Tue 04 Mar 2025 17:50:44 +0000
asID:                     18734
IP address blocks:        201.140.80.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4F2FFFB0B3834045F7C4282AEB4C645DD9461750CCD5338F8CC6FD65F5AE1CCA/0/7997A25836B429E9E6D15518DC739700B6C9C4FD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4F2FFFB0B3834045F7C4282AEB4C645DD9461750CCD5338F8CC6FD65F5AE1CCA/0/7997A25836B429E9E6D15518DC739700B6C9C4FD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7997A25836B429E9E6D15518DC739700B6C9C4FD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:59:04:b8:6c:60:bc:16:e8:6a:ab:63:50:1e:69:eb:f9:44:77:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7997A25836B429E9E6D15518DC739700B6C9C4FD
        Validity
            Not Before: Mar  5 17:45:44 2024 GMT
            Not After : Mar  4 17:50:44 2025 GMT
        Subject: CN=DE5DFDA48D57CC7C11750C7890FA98462DE2084F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:49:5d:49:c9:61:81:af:1c:db:e4:64:08:55:
                    5a:49:61:ca:e4:38:5b:f4:21:0f:d6:0e:e2:f6:f2:
                    d1:f4:4e:b6:4d:17:50:56:f7:d3:29:37:a5:9f:1a:
                    e8:aa:14:b3:e8:74:dd:98:58:ed:66:a6:a2:bd:5b:
                    90:e9:5d:9f:b9:e4:0d:8b:41:55:c9:17:bb:3d:ea:
                    b4:89:cd:4a:bb:1d:b2:44:14:9c:0a:47:d0:71:71:
                    12:2e:d9:89:26:2e:52:12:90:3a:1c:e8:6f:c6:10:
                    ed:ae:b6:7a:a7:fc:6b:d7:af:66:00:6c:e2:7c:68:
                    1b:28:23:3b:47:92:0f:71:98:c7:06:45:53:37:4f:
                    72:b2:5a:00:4a:0a:c3:b5:cb:88:51:f8:d2:8f:9f:
                    4e:a3:e2:58:89:8d:3b:6e:f7:15:7e:7e:ea:66:a0:
                    6b:4d:49:57:0a:62:8a:aa:be:79:78:3c:76:22:04:
                    67:2e:38:b9:bc:6a:e6:6e:93:c3:48:95:5f:13:05:
                    59:4d:f0:4a:ab:fb:ac:59:41:41:14:cb:19:4d:d1:
                    ec:3b:15:74:ba:0d:6b:78:08:ff:0a:82:57:99:a2:
                    b5:42:2b:37:f0:18:fd:dc:d0:6e:b2:c9:8c:43:24:
                    85:14:20:20:7d:2b:06:5d:c1:d1:c4:35:dc:31:30:
                    d9:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:5D:FD:A4:8D:57:CC:7C:11:75:0C:78:90:FA:98:46:2D:E2:08:4F
            X509v3 Authority Key Identifier:
                keyid:79:97:A2:58:36:B4:29:E9:E6:D1:55:18:DC:73:97:00:B6:C9:C4:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4F2FFFB0B3834045F7C4282AEB4C645DD9461750CCD5338F8CC6FD65F5AE1CCA/0/7997A25836B429E9E6D15518DC739700B6C9C4FD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7997A25836B429E9E6D15518DC739700B6C9C4FD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4F2FFFB0B3834045F7C4282AEB4C645DD9461750CCD5338F8CC6FD65F5AE1CCA/0/3230312e3134302e38302e302f32302d3234203d3e203138373334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.140.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         60:98:6b:1a:d8:86:36:4d:51:d2:47:de:58:fd:3d:50:ac:14:
         dc:6c:27:43:7d:e6:19:06:fc:77:d6:90:ed:5d:01:41:e7:d8:
         2d:a6:92:e8:f6:c5:d1:44:1f:f4:ce:08:1b:0a:fb:af:19:93:
         e7:3b:dc:e4:1f:ec:47:78:72:b2:ba:b1:db:ab:bf:3e:5e:7a:
         16:62:32:64:f7:b9:b2:66:42:69:31:8a:27:03:7a:0c:fc:5c:
         37:47:a1:91:b7:a0:0d:15:40:9d:c5:08:d2:6f:ea:20:19:81:
         a7:0b:3b:61:73:8d:91:45:06:c6:f6:4e:c6:6a:c5:fd:96:ed:
         d0:f3:e6:3a:27:b8:61:77:e5:e0:91:6b:e3:34:74:f1:54:87:
         9f:45:47:3e:14:3f:11:d1:43:82:3d:8f:32:be:7b:20:52:b0:
         db:24:45:c8:25:0e:01:98:81:b3:66:0e:69:cd:9c:ce:5a:eb:
         f2:9b:10:f9:fe:5d:76:da:a0:ec:f3:2b:f5:41:9f:4a:bb:de:
         d8:23:c7:ca:71:3e:18:2e:5b:2b:02:9f:25:a5:21:28:72:eb:
         0f:cb:0f:3b:3a:93:e5:5a:38:44:05:b3:ba:ee:15:e2:f7:0e:
         34:4e:ba:20:bc:25:aa:70:d4:21:e8:5b:8b:c9:97:bb:19:ca:
         a0:5a:6e:26
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUY1kEuGxgvBboaqtjUB5p6/lEd5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5N0EyNTgzNkI0MjlFOUU2RDE1NTE4REM3Mzk3MDBC
NkM5QzRGRDAeFw0yNDAzMDUxNzQ1NDRaFw0yNTAzMDQxNzUwNDRaMDMxMTAvBgNV
BAMTKERFNURGREE0OEQ1N0NDN0MxMTc1MEM3ODkwRkE5ODQ2MkRFMjA4NEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKSV1JyWGBrxzb5GQIVVpJYcrk
OFv0IQ/WDuL28tH0TrZNF1BW99MpN6WfGuiqFLPodN2YWO1mpqK9W5DpXZ+55A2L
QVXJF7s96rSJzUq7HbJEFJwKR9BxcRIu2YkmLlISkDoc6G/GEO2utnqn/GvXr2YA
bOJ8aBsoIztHkg9xmMcGRVM3T3KyWgBKCsO1y4hR+NKPn06j4liJjTtu9xV+fupm
oGtNSVcKYoqqvnl4PHYiBGcuOLm8auZuk8NIlV8TBVlN8Eqr+6xZQUEUyxlN0ew7
FXS6DWt4CP8KgleZorVCKzfwGP3c0G6yyYxDJIUUICB9KwZdwdHENdwxMNmrAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU3l39pI1XzHwRdQx4kPqYRi3iCE8wHwYDVR0j
BBgwFoAUeZeiWDa0Kenm0VUY3HOXALbJxP0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80RjJGRkZCMEIzODM0MDQ1RjdDNDI4MkFFQjRDNjQ1REQ5
NDYxNzUwQ0NENTMzOEY4Q0M2RkQ2NUY1QUUxQ0NBLzAvNzk5N0EyNTgzNkI0MjlF
OUU2RDE1NTE4REM3Mzk3MDBCNkM5QzRGRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83OTk3QTI1ODM2QjQyOUU5RTZE
MTU1MThEQzczOTcwMEI2QzlDNEZELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNEYyRkZGQjBCMzgzNDA0NUY3QzQyODJBRUI0QzY0NUREOTQ2MTc1MEND
RDUzMzhGOENDNkZENjVGNUFFMUNDQS8wLzMyMzAzMTJlMzEzNDMwMmUzODMwMmUz
MDJmMzIzMDJkMzIzNDIwM2QzZTIwMzEzODM3MzMzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMmMUDAN
BgkqhkiG9w0BAQsFAAOCAQEAYJhrGtiGNk1R0kfeWP09UKwU3GwnQ33mGQb8d9aQ
7V0BQefYLaaS6PbF0UQf9M4IGwr7rxmT5zvc5B/sR3hysrqx26u/Pl56FmIyZPe5
smZCaTGKJwN6DPxcN0ehkbegDRVAncUI0m/qIBmBpws7YXONkUUGxvZOxmrF/Zbt
0PPmOie4YXfl4JFr4zR08VSHn0VHPhQ/EdFDgj2PMr57IFKw2yRFyCUOAZiBs2YO
ac2czlrr8psQ+f5ddtqg7PMr9UGfSrve2CPHynE+GC5bKwKfJaUhKHLrD8sPOzqT
5Vo4RAWzuu4V4vcONE66ILwlqnDUIehbi8mXuxnKoFpuJg==
-----END CERTIFICATE-----
Generated at Wed Nov 20 08:53:05 2024 by rpki-client on console-ams.rpki-client.org