Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5A0AE43E14E6936AC3BDFB148CA479087144732F2C8CCD9D909084E4D1F05B11/0/3230302e31342e33342e302f32342d3234203d3e2033333536.roa
File:                     3230302e31342e33342e302f32342d3234203d3e2033333536.roa (raw, json)
Hash identifier:          OaKtYrmu5YB3Rdhsvdsj/5N646lou9cbU2UzSZCr9dE=
Subject key identifier:   93:61:23:C1:36:11:9E:A6:8C:D8:D4:4F:9E:61:74:21:8E:14:6B:68
Certificate issuer:       /CN=9239EE97C6B39C11732B535303D9279F94576DA0
Certificate serial:       21256580C2BD431B6C313208BAA505DFDA08CAC1
Authority key identifier: 92:39:EE:97:C6:B3:9C:11:73:2B:53:53:03:D9:27:9F:94:57:6D:A0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9239EE97C6B39C11732B535303D9279F94576DA0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5A0AE43E14E6936AC3BDFB148CA479087144732F2C8CCD9D909084E4D1F05B11/0/3230302e31342e33342e302f32342d3234203d3e2033333536.roa
Signing time:             Tue 04 Mar 2025 19:11:18 +0000
ROA not before:           Tue 04 Mar 2025 19:06:18 +0000
ROA not after:            Tue 03 Mar 2026 19:11:18 +0000
asID:                     3356
IP address blocks:        200.14.34.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5A0AE43E14E6936AC3BDFB148CA479087144732F2C8CCD9D909084E4D1F05B11/0/9239EE97C6B39C11732B535303D9279F94576DA0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5A0AE43E14E6936AC3BDFB148CA479087144732F2C8CCD9D909084E4D1F05B11/0/9239EE97C6B39C11732B535303D9279F94576DA0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9239EE97C6B39C11732B535303D9279F94576DA0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 09 Apr 2025 06:41:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:25:65:80:c2:bd:43:1b:6c:31:32:08:ba:a5:05:df:da:08:ca:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9239EE97C6B39C11732B535303D9279F94576DA0
        Validity
            Not Before: Mar  4 19:06:18 2025 GMT
            Not After : Mar  3 19:11:18 2026 GMT
        Subject: CN=936123C136119EA68CD8D44F9E6174218E146B68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:69:3b:03:16:6b:a5:cc:c0:af:3a:e9:c2:73:
                    9c:08:9e:7f:ae:fc:5b:25:3a:54:a0:94:84:3c:fe:
                    5a:fa:1d:79:2a:ea:6e:9e:85:92:cf:4d:d5:8a:f6:
                    f2:03:9a:7c:ea:d6:d6:9f:6a:6d:7f:63:00:0c:b2:
                    6d:df:e3:3e:36:f8:3b:53:51:7f:65:ab:f8:71:ec:
                    24:d9:78:bd:61:8d:28:20:db:b3:5b:93:ff:af:f4:
                    8a:2a:f8:a8:29:65:2b:56:f5:8f:db:d5:1b:ca:cb:
                    e2:10:2c:7a:c6:36:d9:4e:9c:6a:24:ed:2d:05:85:
                    9b:63:ac:20:10:d8:fe:e7:1b:94:92:77:20:d7:ad:
                    2b:eb:0c:f5:03:18:c7:2c:e7:e4:43:89:aa:6e:61:
                    77:ac:2d:c6:05:9e:1b:7c:7e:37:ae:3a:3f:a6:e7:
                    f6:b2:fd:66:18:3d:bc:97:a4:ec:88:ca:e3:1a:cc:
                    c8:0e:9a:ea:f6:ff:40:4b:b6:7b:2f:b6:2b:26:c6:
                    d3:04:10:ad:d0:8e:72:7a:df:02:ca:cf:08:d4:07:
                    9f:bf:53:df:8d:fb:34:92:a6:40:e0:be:ce:e0:34:
                    7e:e9:0b:c5:56:9b:a9:50:25:d7:47:6b:36:eb:3e:
                    45:2d:77:94:53:b1:f7:22:fb:e0:c8:59:f9:c3:20:
                    49:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:61:23:C1:36:11:9E:A6:8C:D8:D4:4F:9E:61:74:21:8E:14:6B:68
            X509v3 Authority Key Identifier:
                keyid:92:39:EE:97:C6:B3:9C:11:73:2B:53:53:03:D9:27:9F:94:57:6D:A0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5A0AE43E14E6936AC3BDFB148CA479087144732F2C8CCD9D909084E4D1F05B11/0/9239EE97C6B39C11732B535303D9279F94576DA0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9239EE97C6B39C11732B535303D9279F94576DA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5A0AE43E14E6936AC3BDFB148CA479087144732F2C8CCD9D909084E4D1F05B11/0/3230302e31342e33342e302f32342d3234203d3e2033333536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.14.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:94:10:cb:c8:23:e2:65:f7:99:ad:ff:b6:2b:01:02:36:d9:
         fb:94:9b:18:a5:50:71:73:5b:34:ba:65:4e:ec:c2:6d:fe:22:
         bb:1f:65:ba:3e:34:65:e8:53:92:47:33:01:5a:a1:a1:97:8a:
         b1:77:83:dc:2b:e5:36:69:d5:cd:e1:65:39:83:75:c6:fc:09:
         24:f7:29:68:ca:93:a9:d3:5a:e3:e7:0a:26:c3:be:13:f7:2b:
         b9:a2:5c:5f:86:2f:df:95:2b:57:6c:bf:08:27:76:28:ee:0b:
         f0:9c:9f:00:c5:53:1c:fc:7f:ef:2a:09:06:01:6e:6d:1a:d6:
         f7:d5:ba:ea:8e:aa:f0:86:25:db:7c:6c:c5:e4:5d:13:47:01:
         45:00:cd:bd:65:38:11:3d:09:79:db:44:a9:bf:e1:f2:85:16:
         4a:ee:84:25:6d:e8:d0:e9:c6:8b:ec:f3:ba:6f:95:01:e0:ca:
         8f:ba:bf:56:3e:ce:11:b9:c8:12:57:d8:aa:22:8b:29:1a:db:
         36:ba:9e:b3:2b:e7:78:af:60:38:c0:69:4a:b2:4c:e1:e5:97:
         a8:6e:4d:fc:27:68:53:93:55:4b:84:3a:09:8c:12:8e:c4:89:
         5e:2f:cd:0a:58:cc:d5:f0:2b:61:66:6a:21:72:3b:5c:3c:50:
         fe:2e:7c:37
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUISVlgMK9QxtsMTIIuqUF39oIysEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTIzOUVFOTdDNkIzOUMxMTczMkI1MzUzMDNEOTI3OUY5
NDU3NkRBMDAeFw0yNTAzMDQxOTA2MThaFw0yNjAzMDMxOTExMThaMDMxMTAvBgNV
BAMTKDkzNjEyM0MxMzYxMTlFQTY4Q0Q4RDQ0RjlFNjE3NDIxOEUxNDZCNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdaTsDFmulzMCvOunCc5wInn+u
/FslOlSglIQ8/lr6HXkq6m6ehZLPTdWK9vIDmnzq1tafam1/YwAMsm3f4z42+DtT
UX9lq/hx7CTZeL1hjSgg27Nbk/+v9Ioq+KgpZStW9Y/b1RvKy+IQLHrGNtlOnGok
7S0FhZtjrCAQ2P7nG5SSdyDXrSvrDPUDGMcs5+RDiapuYXesLcYFnht8fjeuOj+m
5/ay/WYYPbyXpOyIyuMazMgOmur2/0BLtnsvtismxtMEEK3QjnJ63wLKzwjUB5+/
U9+N+zSSpkDgvs7gNH7pC8VWm6lQJddHazbrPkUtd5RTsfci++DIWfnDIEk1AgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUk2EjwTYRnqaM2NRPnmF0IY4Ua2gwHwYDVR0j
BBgwFoAUkjnul8aznBFzK1NTA9knn5RXbaAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81QTBBRTQzRTE0RTY5MzZBQzNCREZCMTQ4Q0E0NzkwODcx
NDQ3MzJGMkM4Q0NEOUQ5MDkwODRFNEQxRjA1QjExLzAvOTIzOUVFOTdDNkIzOUMx
MTczMkI1MzUzMDNEOTI3OUY5NDU3NkRBMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85MjM5RUU5N0M2QjM5QzExNzMy
QjUzNTMwM0Q5Mjc5Rjk0NTc2REEwLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUEwQUU0M0UxNEU2OTM2QUMzQkRGQjE0OENBNDc5MDg3MTQ0NzMyRjJD
OENDRDlEOTA5MDg0RTREMUYwNUIxMS8wLzMyMzAzMDJlMzEzNDJlMzMzNDJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzMzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyA4iMA0GCSqG
SIb3DQEBCwUAA4IBAQBflBDLyCPiZfeZrf+2KwECNtn7lJsYpVBxc1s0umVO7MJt
/iK7H2W6PjRl6FOSRzMBWqGhl4qxd4PcK+U2adXN4WU5g3XG/Akk9yloypOp01rj
5womw74T9yu5olxfhi/flStXbL8IJ3Yo7gvwnJ8AxVMc/H/vKgkGAW5tGtb31brq
jqrwhiXbfGzF5F0TRwFFAM29ZTgRPQl520Spv+HyhRZK7oQlbejQ6caL7PO6b5UB
4MqPur9WPs4RucgSV9iqIospGts2up6zK+d4r2A4wGlKskzh5Zeobk38J2hTk1VL
hDoJjBKOxIleL80KWMzV8CthZmohcjtcPFD+Lnw3
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:59:16 2025 by rpki-client