Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5CEE6A499802F08368698010BB5F172F52680D2631E4BE244AE1DC14BF8F267B/0/3230302e33362e3135392e302f32342d3234203d3e20323731383739.roa
File:                     3230302e33362e3135392e302f32342d3234203d3e20323731383739.roa (raw, json)
Hash identifier:          GGOfiJEo1GY1MBAMepehuSb3HpsvDxfsEKeJCdqUvjY=
Subject key identifier:   8F:4D:01:D1:A8:FC:94:DF:F7:27:EE:D1:30:DB:62:BB:E5:F9:4C:8B
Certificate issuer:       /CN=921EE12BA5D853FB5CAD767EF47D2E0E62A2D437
Certificate serial:       062DB86D8777B7EF751FE35325886B8B12EBD741
Authority key identifier: 92:1E:E1:2B:A5:D8:53:FB:5C:AD:76:7E:F4:7D:2E:0E:62:A2:D4:37
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/921EE12BA5D853FB5CAD767EF47D2E0E62A2D437.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5CEE6A499802F08368698010BB5F172F52680D2631E4BE244AE1DC14BF8F267B/0/3230302e33362e3135392e302f32342d3234203d3e20323731383739.roa
Signing time:             Tue 24 Sep 2024 00:20:00 +0000
ROA not before:           Tue 24 Sep 2024 00:15:00 +0000
ROA not after:            Tue 23 Sep 2025 00:20:00 +0000
asID:                     271879
IP address blocks:        200.36.159.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5CEE6A499802F08368698010BB5F172F52680D2631E4BE244AE1DC14BF8F267B/0/921EE12BA5D853FB5CAD767EF47D2E0E62A2D437.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5CEE6A499802F08368698010BB5F172F52680D2631E4BE244AE1DC14BF8F267B/0/921EE12BA5D853FB5CAD767EF47D2E0E62A2D437.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/921EE12BA5D853FB5CAD767EF47D2E0E62A2D437.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:2d:b8:6d:87:77:b7:ef:75:1f:e3:53:25:88:6b:8b:12:eb:d7:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=921EE12BA5D853FB5CAD767EF47D2E0E62A2D437
        Validity
            Not Before: Sep 24 00:15:00 2024 GMT
            Not After : Sep 23 00:20:00 2025 GMT
        Subject: CN=8F4D01D1A8FC94DFF727EED130DB62BBE5F94C8B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:12:65:9c:e0:37:e7:da:a2:ab:ca:84:c9:c4:
                    f7:5e:71:08:9d:df:58:40:9b:39:0d:53:b5:ed:97:
                    99:b8:88:25:d4:f4:39:17:f6:fc:de:92:9c:ca:a6:
                    0d:e5:11:92:16:cd:f1:78:ea:74:84:6c:29:1f:9b:
                    ea:db:7f:e0:e3:63:23:b5:24:29:37:f6:b4:0c:78:
                    9a:37:0d:0f:c5:9a:16:10:26:8b:5f:a0:54:f4:a4:
                    86:97:5e:df:9d:7e:69:b5:6b:0f:98:c4:c2:ca:0d:
                    77:7e:31:ed:13:43:6b:6f:6e:67:fe:0d:03:9f:77:
                    db:06:ed:3e:3e:64:57:d5:20:fb:34:39:c6:9b:38:
                    6e:86:38:b9:b5:5b:61:09:9e:dd:f5:e2:0e:0c:21:
                    a4:6a:a1:97:cd:85:b2:d1:0b:6c:9e:3d:df:33:82:
                    67:1b:87:29:8a:1c:66:3b:ef:48:d8:72:3d:71:89:
                    95:17:65:42:64:a7:7e:2e:bf:30:b7:b0:f7:7f:8d:
                    9c:bc:ea:63:15:07:62:83:c3:a0:71:a3:25:61:af:
                    28:f4:57:fa:ca:2e:36:78:6b:0e:a0:68:f0:ad:44:
                    ea:05:6c:77:f1:6e:f5:70:99:4f:f3:9f:86:2b:65:
                    43:b1:ef:6c:d3:8e:b3:c9:74:9e:bb:70:ad:7e:08:
                    ca:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:4D:01:D1:A8:FC:94:DF:F7:27:EE:D1:30:DB:62:BB:E5:F9:4C:8B
            X509v3 Authority Key Identifier:
                keyid:92:1E:E1:2B:A5:D8:53:FB:5C:AD:76:7E:F4:7D:2E:0E:62:A2:D4:37

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5CEE6A499802F08368698010BB5F172F52680D2631E4BE244AE1DC14BF8F267B/0/921EE12BA5D853FB5CAD767EF47D2E0E62A2D437.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/921EE12BA5D853FB5CAD767EF47D2E0E62A2D437.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5CEE6A499802F08368698010BB5F172F52680D2631E4BE244AE1DC14BF8F267B/0/3230302e33362e3135392e302f32342d3234203d3e20323731383739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.36.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:89:67:27:f1:e0:7a:22:87:13:32:a6:22:62:91:e7:58:54:
         73:3e:c1:96:fd:67:a1:f7:a4:0b:40:84:b1:b2:73:35:dd:48:
         83:fd:bf:e0:b9:f1:8f:11:6c:e4:00:e4:39:23:e4:6c:17:9c:
         6e:60:50:83:2f:18:a6:d4:d5:a5:7d:1b:20:c9:18:15:4e:3b:
         2b:2f:66:ce:d0:6d:31:5a:c7:1e:72:ab:72:05:1b:10:e6:39:
         42:db:7c:f9:c5:23:34:4e:6d:f3:6d:92:53:6b:61:c5:2f:38:
         0e:09:0f:8e:b2:15:50:33:89:5c:43:68:75:5f:36:73:df:3d:
         27:d5:29:8d:7f:47:8e:86:d8:c3:7d:75:e0:56:ee:1d:8b:6c:
         b5:7c:70:8c:5f:f1:50:f9:d1:4c:17:18:7a:7a:72:df:69:94:
         4b:51:21:1b:ab:c6:62:b5:a5:9a:43:13:cc:bb:4a:7b:2e:50:
         6d:67:a0:fb:8d:6f:cc:95:11:09:7d:7c:8b:e7:ec:31:db:de:
         2b:69:72:05:5b:9d:97:02:22:dd:6b:4d:84:0e:b1:48:c2:dc:
         c4:ae:c8:20:c8:af:ea:dd:23:f5:cc:4b:dc:24:0d:5b:5e:47:
         b6:8c:24:6a:5f:85:25:18:58:64:a5:4f:33:da:b6:fb:48:b1:
         70:f1:ef:60
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUBi24bYd3t+91H+NTJYhrixLr10EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTIxRUUxMkJBNUQ4NTNGQjVDQUQ3NjdFRjQ3RDJFMEU2
MkEyRDQzNzAeFw0yNDA5MjQwMDE1MDBaFw0yNTA5MjMwMDIwMDBaMDMxMTAvBgNV
BAMTKDhGNEQwMUQxQThGQzk0REZGNzI3RUVEMTMwREI2MkJCRTVGOTRDOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDEmWc4Dfn2qKryoTJxPdecQid
31hAmzkNU7Xtl5m4iCXU9DkX9vzekpzKpg3lEZIWzfF46nSEbCkfm+rbf+DjYyO1
JCk39rQMeJo3DQ/FmhYQJotfoFT0pIaXXt+dfmm1aw+YxMLKDXd+Me0TQ2tvbmf+
DQOfd9sG7T4+ZFfVIPs0OcabOG6GOLm1W2EJnt314g4MIaRqoZfNhbLRC2yePd8z
gmcbhymKHGY770jYcj1xiZUXZUJkp34uvzC3sPd/jZy86mMVB2KDw6BxoyVhryj0
V/rKLjZ4aw6gaPCtROoFbHfxbvVwmU/zn4YrZUOx72zTjrPJdJ67cK1+CMqzAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUj00B0aj8lN/3J+7RMNtiu+X5TIswHwYDVR0j
BBgwFoAUkh7hK6XYU/tcrXZ+9H0uDmKi1DcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81Q0VFNkE0OTk4MDJGMDgzNjg2OTgwMTBCQjVGMTcyRjUy
NjgwRDI2MzFFNEJFMjQ0QUUxREMxNEJGOEYyNjdCLzAvOTIxRUUxMkJBNUQ4NTNG
QjVDQUQ3NjdFRjQ3RDJFMEU2MkEyRDQzNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85MjFFRTEyQkE1RDg1M0ZCNUNB
RDc2N0VGNDdEMkUwRTYyQTJENDM3LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUNFRTZBNDk5ODAyRjA4MzY4Njk4MDEwQkI1RjE3MkY1MjY4MEQyNjMx
RTRCRTI0NEFFMURDMTRCRjhGMjY3Qi8wLzMyMzAzMDJlMzMzNjJlMzEzNTM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzMxMzgzNzM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyCSf
MA0GCSqGSIb3DQEBCwUAA4IBAQCoiWcn8eB6IocTMqYiYpHnWFRzPsGW/Weh96QL
QISxsnM13UiD/b/gufGPEWzkAOQ5I+RsF5xuYFCDLxim1NWlfRsgyRgVTjsrL2bO
0G0xWscecqtyBRsQ5jlC23z5xSM0Tm3zbZJTa2HFLzgOCQ+OshVQM4lcQ2h1XzZz
3z0n1SmNf0eOhtjDfXXgVu4di2y1fHCMX/FQ+dFMFxh6enLfaZRLUSEbq8ZitaWa
QxPMu0p7LlBtZ6D7jW/MlREJfXyL5+wx294raXIFW52XAiLda02EDrFIwtzErsgg
yK/q3SP1zEvcJA1bXke2jCRqX4UlGFhkpU8z2rb7SLFw8e9g
-----END CERTIFICATE-----
Generated at Wed Nov 20 01:20:21 2024 by rpki-client on console-ams.rpki-client.org