Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5D1A5E65ACB417339855ADA5A6C5416DC041CCF0640803843898BE56C4DF6C32/0/AS10834.roa
File:                     AS10834.roa (raw, json)
Hash identifier:          SBeCvkKq4RBY7moMb3Z3zNjRrwjyG2lQOfkjc30ugnU=
Subject key identifier:   55:21:18:A1:1C:98:76:6F:D7:7A:0D:9F:6F:C5:5F:E9:4D:FC:1E:AC
Certificate issuer:       /CN=410819C7C9B4C85CE0B1D22741BE5E40A1F0E7B1
Certificate serial:       0EE52EB591D574178F9AF0AB1873EC5ADDC9A276
Authority key identifier: 41:08:19:C7:C9:B4:C8:5C:E0:B1:D2:27:41:BE:5E:40:A1:F0:E7:B1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/410819C7C9B4C85CE0B1D22741BE5E40A1F0E7B1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5D1A5E65ACB417339855ADA5A6C5416DC041CCF0640803843898BE56C4DF6C32/0/AS10834.roa
Signing time:             Tue 05 Mar 2024 18:07:52 +0000
ROA not before:           Tue 05 Mar 2024 18:02:52 +0000
ROA not after:            Tue 04 Mar 2025 18:07:52 +0000
asID:                     10834
IP address blocks:        200.0.193.0/24 maxlen: 24
                          200.0.224.0/19 maxlen: 24
                          200.5.64.0/18 maxlen: 24
                          200.5.192.0/18 maxlen: 24
                          200.9.235.0/24 maxlen: 24
                          200.10.96.0/19 maxlen: 24
                          200.16.128.0/17 maxlen: 24
                          200.32.32.0/19 maxlen: 24
                          200.41.128.0/17 maxlen: 24
                          200.51.0.0/16 maxlen: 24
                          200.63.128.0/18 maxlen: 24
                          200.70.0.0/16 maxlen: 24
                          209.13.0.0/16 maxlen: 24
                          2800:381::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5D1A5E65ACB417339855ADA5A6C5416DC041CCF0640803843898BE56C4DF6C32/0/410819C7C9B4C85CE0B1D22741BE5E40A1F0E7B1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5D1A5E65ACB417339855ADA5A6C5416DC041CCF0640803843898BE56C4DF6C32/0/410819C7C9B4C85CE0B1D22741BE5E40A1F0E7B1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/410819C7C9B4C85CE0B1D22741BE5E40A1F0E7B1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 22 Jun 2024 03:06:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:e5:2e:b5:91:d5:74:17:8f:9a:f0:ab:18:73:ec:5a:dd:c9:a2:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=410819C7C9B4C85CE0B1D22741BE5E40A1F0E7B1
        Validity
            Not Before: Mar  5 18:02:52 2024 GMT
            Not After : Mar  4 18:07:52 2025 GMT
        Subject: CN=552118A11C98766FD77A0D9F6FC55FE94DFC1EAC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:73:8c:ed:4b:f3:8f:1b:aa:cf:e9:db:dd:da:
                    6f:aa:2b:0f:23:b5:14:7a:db:aa:7c:c4:17:5e:74:
                    aa:1d:7b:d7:01:5d:7f:35:e5:78:53:15:4c:6b:54:
                    32:99:f5:2c:1f:21:d7:0e:f7:7b:1f:5b:75:8d:fc:
                    fa:f1:07:61:62:d2:de:53:bb:cc:1b:93:1a:47:d0:
                    7d:d6:1c:86:ea:5c:29:b7:8c:5a:ff:30:d1:4e:fc:
                    8d:45:9f:09:a8:ff:7d:f7:42:45:75:94:da:94:68:
                    94:86:5c:cc:f1:43:d3:22:38:43:63:0e:33:07:e5:
                    d1:a6:17:84:f3:eb:ab:30:61:81:1a:bf:11:6c:09:
                    d7:c0:24:e3:2e:69:81:e6:f9:bc:cc:26:02:24:e5:
                    de:72:31:f2:5a:70:8d:38:cd:05:ca:fb:2f:45:0d:
                    57:2b:2d:39:4c:80:f4:de:58:e4:a9:13:5e:fd:7a:
                    da:c2:ad:e2:ca:04:04:de:bf:ac:3a:d4:c9:10:ad:
                    60:28:e5:38:cf:a0:ed:3c:f0:b3:dc:34:c7:86:19:
                    61:ba:c8:0d:80:1d:6b:7c:a5:5c:63:c3:79:a6:64:
                    9c:2a:63:dd:89:d9:54:9a:22:b6:f1:8d:78:1d:89:
                    f8:b4:ea:96:d0:0e:26:6b:7e:ca:1a:5a:55:fe:0a:
                    00:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:21:18:A1:1C:98:76:6F:D7:7A:0D:9F:6F:C5:5F:E9:4D:FC:1E:AC
            X509v3 Authority Key Identifier:
                keyid:41:08:19:C7:C9:B4:C8:5C:E0:B1:D2:27:41:BE:5E:40:A1:F0:E7:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5D1A5E65ACB417339855ADA5A6C5416DC041CCF0640803843898BE56C4DF6C32/0/410819C7C9B4C85CE0B1D22741BE5E40A1F0E7B1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/410819C7C9B4C85CE0B1D22741BE5E40A1F0E7B1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5D1A5E65ACB417339855ADA5A6C5416DC041CCF0640803843898BE56C4DF6C32/0/AS10834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.0.193.0/24
                  200.0.224.0/19
                  200.5.64.0/18
                  200.5.192.0/18
                  200.9.235.0/24
                  200.10.96.0/19
                  200.16.128.0/17
                  200.32.32.0/19
                  200.41.128.0/17
                  200.51.0.0/16
                  200.63.128.0/18
                  200.70.0.0/16
                  209.13.0.0/16
                IPv6:
                  2800:381::/32

    Signature Algorithm: sha256WithRSAEncryption
         17:7e:3a:89:bb:89:db:14:9b:84:4d:a6:83:86:83:da:fb:67:
         61:b6:98:a3:8b:af:ff:3a:e0:ec:b8:ff:b5:b7:c6:2d:7d:f3:
         89:b6:d7:f7:a7:5d:c4:2b:5a:9a:cf:9a:7a:d2:2a:b6:1e:78:
         51:b0:b3:93:f8:d6:3f:49:de:9f:11:2c:a1:c1:dd:40:61:3a:
         92:67:67:c1:ed:84:48:05:cc:97:06:62:f7:6c:a2:25:a3:77:
         ef:c3:10:96:6d:5c:42:4d:0f:11:20:74:f1:32:32:df:d7:dd:
         f8:6d:3b:ab:ba:ba:15:90:a3:eb:27:b3:c1:27:38:7b:1f:fa:
         06:06:40:4f:61:2c:66:5a:86:17:0f:12:1c:92:d8:b2:11:1e:
         59:17:de:0d:9b:63:79:d9:f8:14:95:85:70:df:78:b9:40:10:
         43:20:a0:82:05:0c:56:c6:92:3c:f5:0c:b4:85:23:d7:fa:ae:
         32:4b:94:94:aa:05:e4:65:c4:3e:7c:53:15:59:b5:d9:b3:73:
         6e:7f:7c:30:64:dc:4a:a5:8e:07:58:34:c8:f7:a6:d8:39:39:
         93:52:88:ee:16:31:3c:e2:71:3b:df:af:92:ec:0f:cf:9b:57:
         ff:d6:0e:10:f9:f7:5c:a6:95:51:9d:ef:ae:29:27:94:d7:43:
         b7:cf:d5:bd
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgIUDuUutZHVdBePmvCrGHPsWt3JonYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDEwODE5QzdDOUI0Qzg1Q0UwQjFEMjI3NDFCRTVFNDBB
MUYwRTdCMTAeFw0yNDAzMDUxODAyNTJaFw0yNTAzMDQxODA3NTJaMDMxMTAvBgNV
BAMTKDU1MjExOEExMUM5ODc2NkZENzdBMEQ5RjZGQzU1RkU5NERGQzFFQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEc4ztS/OPG6rP6dvd2m+qKw8j
tRR626p8xBdedKode9cBXX815XhTFUxrVDKZ9SwfIdcO93sfW3WN/PrxB2Fi0t5T
u8wbkxpH0H3WHIbqXCm3jFr/MNFO/I1Fnwmo/333QkV1lNqUaJSGXMzxQ9MiOENj
DjMH5dGmF4Tz66swYYEavxFsCdfAJOMuaYHm+bzMJgIk5d5yMfJacI04zQXK+y9F
DVcrLTlMgPTeWOSpE179etrCreLKBATev6w61MkQrWAo5TjPoO088LPcNMeGGWG6
yA2AHWt8pVxjw3mmZJwqY92J2VSaIrbxjXgdifi06pbQDiZrfsoaWlX+CgAbAgMB
AAGjggLsMIIC6DAdBgNVHQ4EFgQUVSEYoRyYdm/Xeg2fb8Vf6U38HqwwHwYDVR0j
BBgwFoAUQQgZx8m0yFzgsdInQb5eQKHw57EwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81RDFBNUU2NUFDQjQxNzMzOTg1NUFEQTVBNkM1NDE2REMw
NDFDQ0YwNjQwODAzODQzODk4QkU1NkM0REY2QzMyLzAvNDEwODE5QzdDOUI0Qzg1
Q0UwQjFEMjI3NDFCRTVFNDBBMUYwRTdCMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80MTA4MTlDN0M5QjRDODVDRTBC
MUQyMjc0MUJFNUU0MEExRjBFN0IxLmNlcjCBlwYIKwYBBQUHAQsEgYowgYcwgYQG
CCsGAQUFBzALhnhyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy81RDFBNUU2NUFDQjQxNzMzOTg1NUFEQTVBNkM1NDE2REMwNDFDQ0YwNjQw
ODAzODQzODk4QkU1NkM0REY2QzMyLzAvQVMxMDgzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBzBggrBgEFBQcBBwEB/wRkMGIwUQQCAAEwSwMEAMgAwQME
BcgA4AMEBsgFQAMEBsgFwAMEAMgJ6wMEBcgKYAMEB8gQgAMEBcggIAMEB8gpgAMD
AMgzAwQGyD+AAwMAyEYDAwDRDTANBAIAAjAHAwUAKAADgTANBgkqhkiG9w0BAQsF
AAOCAQEAF346ibuJ2xSbhE2mg4aD2vtnYbaYo4uv/zrg7Lj/tbfGLX3zibbX96dd
xCtams+aetIqth54UbCzk/jWP0nenxEsocHdQGE6kmdnwe2ESAXMlwZi92yiJaN3
78MQlm1cQk0PESB08TIy39fd+G07q7q6FZCj6yezwSc4ex/6BgZAT2EsZlqGFw8S
HJLYshEeWRfeDZtjedn4FJWFcN94uUAQQyCgggUMVsaSPPUMtIUj1/quMkuUlKoF
5GXEPnxTFVm12bNzbn98MGTcSqWOB1g0yPem2Dk5k1KI7hYxPOJxO9+vkuwPz5tX
/9YOEPn3XKaVUZ3vriknlNdDt8/VvQ==
-----END CERTIFICATE-----
Generated at Wed Jun 19 03:48:23 2024 by rpki-client on console-ams.rpki-client.org