Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5A0AE43E14E6936AC3BDFB148CA479087144732F2C8CCD9D909084E4D1F05B11/0/3230302e31342e33342e302f32342d3234203d3e2033333536.roa
File:                     3230302e31342e33342e302f32342d3234203d3e2033333536.roa (raw, json)
Hash identifier:          hUokeNfG+2j/iqpIRG2dWNBuWBgKbw/RnV8nYCqZ6V4=
Subject key identifier:   B3:3B:1F:B7:C0:F6:5D:AA:AD:8E:67:0B:11:40:D6:0D:FA:87:FF:04
Certificate issuer:       /CN=9239EE97C6B39C11732B535303D9279F94576DA0
Certificate serial:       2F8DC6BC84AB9C2473C7EC59B8846D501A2CFF93
Authority key identifier: 92:39:EE:97:C6:B3:9C:11:73:2B:53:53:03:D9:27:9F:94:57:6D:A0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9239EE97C6B39C11732B535303D9279F94576DA0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5A0AE43E14E6936AC3BDFB148CA479087144732F2C8CCD9D909084E4D1F05B11/0/3230302e31342e33342e302f32342d3234203d3e2033333536.roa
Signing time:             Tue 02 Apr 2024 19:10:00 +0000
ROA not before:           Tue 02 Apr 2024 19:05:00 +0000
ROA not after:            Tue 01 Apr 2025 19:10:00 +0000
asID:                     3356
IP address blocks:        200.14.34.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5A0AE43E14E6936AC3BDFB148CA479087144732F2C8CCD9D909084E4D1F05B11/0/9239EE97C6B39C11732B535303D9279F94576DA0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5A0AE43E14E6936AC3BDFB148CA479087144732F2C8CCD9D909084E4D1F05B11/0/9239EE97C6B39C11732B535303D9279F94576DA0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9239EE97C6B39C11732B535303D9279F94576DA0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:8d:c6:bc:84:ab:9c:24:73:c7:ec:59:b8:84:6d:50:1a:2c:ff:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9239EE97C6B39C11732B535303D9279F94576DA0
        Validity
            Not Before: Apr  2 19:05:00 2024 GMT
            Not After : Apr  1 19:10:00 2025 GMT
        Subject: CN=B33B1FB7C0F65DAAAD8E670B1140D60DFA87FF04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f7:54:7a:4e:24:26:c8:58:bf:b4:81:3f:7f:
                    91:33:cb:6c:2a:cf:4c:09:9a:c3:63:6b:c9:40:24:
                    8d:89:7b:66:6c:ca:2b:6f:4b:39:03:f2:19:33:e2:
                    a9:84:da:55:85:ce:e1:92:55:ba:59:5e:7e:83:6e:
                    b4:f4:0a:44:5b:03:a0:ff:48:00:03:78:eb:3e:f6:
                    37:95:c0:b4:9b:0e:3c:bc:2b:03:fd:9f:6b:ab:20:
                    3b:19:ea:e5:ae:76:4f:6a:34:2c:52:8f:ab:02:2d:
                    73:ce:d5:0e:52:54:8c:af:03:8b:9d:16:d1:2b:a1:
                    fb:a6:2e:a8:47:21:c7:e0:d5:e4:9c:fc:20:7f:03:
                    a9:7e:9e:0d:fa:db:c8:d5:b8:06:6b:03:9f:ff:9d:
                    14:9c:1a:9f:fb:4d:bb:f0:1e:87:06:37:a5:27:72:
                    00:ec:c5:c9:a0:20:a7:9c:f0:55:ef:44:0a:41:92:
                    f5:08:6e:87:cb:c7:f6:90:38:37:14:e8:25:c3:d3:
                    6e:59:7d:5c:6d:e4:5b:c0:ad:2b:32:80:20:d1:c4:
                    ec:72:a5:10:61:fa:6c:91:f9:22:58:ec:a4:15:d7:
                    a7:34:54:cc:ea:d0:d9:d6:8e:d9:40:6f:cb:52:91:
                    25:9f:7c:41:38:d0:31:62:1d:76:f4:0d:23:dc:e6:
                    05:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:3B:1F:B7:C0:F6:5D:AA:AD:8E:67:0B:11:40:D6:0D:FA:87:FF:04
            X509v3 Authority Key Identifier:
                keyid:92:39:EE:97:C6:B3:9C:11:73:2B:53:53:03:D9:27:9F:94:57:6D:A0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5A0AE43E14E6936AC3BDFB148CA479087144732F2C8CCD9D909084E4D1F05B11/0/9239EE97C6B39C11732B535303D9279F94576DA0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9239EE97C6B39C11732B535303D9279F94576DA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5A0AE43E14E6936AC3BDFB148CA479087144732F2C8CCD9D909084E4D1F05B11/0/3230302e31342e33342e302f32342d3234203d3e2033333536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.14.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:c2:d7:6c:84:23:ba:a2:62:90:a0:ac:fc:75:4d:56:bc:b6:
         55:5a:b3:d1:dc:aa:2f:ce:d5:82:5b:c4:65:68:e5:86:a3:41:
         99:d9:c8:0b:c8:22:f7:d7:f1:c2:be:a9:10:26:f8:5c:57:a1:
         8f:29:52:89:3f:43:2f:77:71:46:4e:22:6b:2f:6e:88:b8:20:
         04:30:4a:d0:38:13:7e:a0:42:84:0a:02:4a:47:ed:56:15:c3:
         7e:ba:0c:91:0c:aa:e0:e4:56:36:53:6b:f8:91:34:b5:60:7f:
         6d:18:4d:dd:bc:61:b3:7e:c9:88:2f:a4:1b:5d:68:db:e2:6c:
         8f:c4:a6:00:41:1d:e3:44:ec:f5:fd:5b:b0:1e:bd:1d:94:f2:
         f9:e8:3e:4d:84:9a:55:6e:1c:ad:40:06:ad:71:dd:64:36:25:
         98:73:4b:62:c3:4b:95:6f:2f:ed:9b:0f:5d:e6:dc:38:2c:0f:
         d1:5b:0c:10:73:a7:c9:ce:6f:35:64:0c:52:fe:8e:70:4d:e0:
         53:5f:51:1c:df:33:82:65:27:29:b3:db:df:5f:5d:c9:85:e7:
         95:35:b1:cf:3a:77:27:cb:de:8a:f8:ae:0c:bd:2c:68:be:df:
         10:18:31:4b:c1:7f:3c:d7:cf:b6:ac:ad:fd:84:d5:70:0e:7e:
         5f:a2:ab:22
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUL43GvISrnCRzx+xZuIRtUBos/5MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTIzOUVFOTdDNkIzOUMxMTczMkI1MzUzMDNEOTI3OUY5
NDU3NkRBMDAeFw0yNDA0MDIxOTA1MDBaFw0yNTA0MDExOTEwMDBaMDMxMTAvBgNV
BAMTKEIzM0IxRkI3QzBGNjVEQUFBRDhFNjcwQjExNDBENjBERkE4N0ZGMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC691R6TiQmyFi/tIE/f5Ezy2wq
z0wJmsNja8lAJI2Je2ZsyitvSzkD8hkz4qmE2lWFzuGSVbpZXn6DbrT0CkRbA6D/
SAADeOs+9jeVwLSbDjy8KwP9n2urIDsZ6uWudk9qNCxSj6sCLXPO1Q5SVIyvA4ud
FtErofumLqhHIcfg1eSc/CB/A6l+ng3628jVuAZrA5//nRScGp/7TbvwHocGN6Un
cgDsxcmgIKec8FXvRApBkvUIbofLx/aQODcU6CXD025ZfVxt5FvArSsygCDRxOxy
pRBh+myR+SJY7KQV16c0VMzq0NnWjtlAb8tSkSWffEE40DFiHXb0DSPc5gVPAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUszsft8D2XaqtjmcLEUDWDfqH/wQwHwYDVR0j
BBgwFoAUkjnul8aznBFzK1NTA9knn5RXbaAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81QTBBRTQzRTE0RTY5MzZBQzNCREZCMTQ4Q0E0NzkwODcx
NDQ3MzJGMkM4Q0NEOUQ5MDkwODRFNEQxRjA1QjExLzAvOTIzOUVFOTdDNkIzOUMx
MTczMkI1MzUzMDNEOTI3OUY5NDU3NkRBMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85MjM5RUU5N0M2QjM5QzExNzMy
QjUzNTMwM0Q5Mjc5Rjk0NTc2REEwLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUEwQUU0M0UxNEU2OTM2QUMzQkRGQjE0OENBNDc5MDg3MTQ0NzMyRjJD
OENDRDlEOTA5MDg0RTREMUYwNUIxMS8wLzMyMzAzMDJlMzEzNDJlMzMzNDJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzMzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyA4iMA0GCSqG
SIb3DQEBCwUAA4IBAQAiwtdshCO6omKQoKz8dU1WvLZVWrPR3KovztWCW8RlaOWG
o0GZ2cgLyCL31/HCvqkQJvhcV6GPKVKJP0Mvd3FGTiJrL26IuCAEMErQOBN+oEKE
CgJKR+1WFcN+ugyRDKrg5FY2U2v4kTS1YH9tGE3dvGGzfsmIL6QbXWjb4myPxKYA
QR3jROz1/VuwHr0dlPL56D5NhJpVbhytQAatcd1kNiWYc0tiw0uVby/tmw9d5tw4
LA/RWwwQc6fJzm81ZAxS/o5wTeBTX1Ec3zOCZScps9vfX13JheeVNbHPOncny96K
+K4MvSxovt8QGDFLwX8818+2rK39hNVwDn5foqsi
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:45:26 2024 by rpki-client on console-ams.rpki-client.org