Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/3230302e3132342e3132372e302f32342d3234203d3e203532323836.roa
File:                     3230302e3132342e3132372e302f32342d3234203d3e203532323836.roa (raw, json)
Hash identifier:          5XsryA0YxHcbo729uIdWytxeQqfgGnYcDxEe22JYNnU=
Subject key identifier:   F0:91:73:31:E9:A0:BE:EF:FB:85:2E:21:89:1C:F7:29:40:5D:75:C6
Certificate issuer:       /CN=241DE049AC3C932631785D79E6569AB7CF57A340
Certificate serial:       4AEE987DA2BA4DB71CCD7611AE1BA09412D5538E
Authority key identifier: 24:1D:E0:49:AC:3C:93:26:31:78:5D:79:E6:56:9A:B7:CF:57:A3:40
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/241DE049AC3C932631785D79E6569AB7CF57A340.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/3230302e3132342e3132372e302f32342d3234203d3e203532323836.roa
Signing time:             Tue 05 Mar 2024 17:54:32 +0000
ROA not before:           Tue 05 Mar 2024 17:49:32 +0000
ROA not after:            Tue 04 Mar 2025 17:54:32 +0000
asID:                     52286
IP address blocks:        200.124.127.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/241DE049AC3C932631785D79E6569AB7CF57A340.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/241DE049AC3C932631785D79E6569AB7CF57A340.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/241DE049AC3C932631785D79E6569AB7CF57A340.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:ee:98:7d:a2:ba:4d:b7:1c:cd:76:11:ae:1b:a0:94:12:d5:53:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=241DE049AC3C932631785D79E6569AB7CF57A340
        Validity
            Not Before: Mar  5 17:49:32 2024 GMT
            Not After : Mar  4 17:54:32 2025 GMT
        Subject: CN=F0917331E9A0BEEFFB852E21891CF729405D75C6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:ea:ef:66:d2:68:b0:83:8d:ba:55:c9:01:2a:
                    11:3e:01:fe:20:18:6e:1c:15:82:e8:6d:00:1b:9c:
                    d8:e0:46:ce:82:94:a4:74:6b:36:6f:09:be:eb:ee:
                    bb:ab:c9:82:6a:51:64:01:32:ed:2e:cb:a0:0e:f2:
                    d1:3d:46:a1:74:0b:a6:c0:73:b2:2b:89:c3:c0:a7:
                    07:29:90:4c:af:26:74:f7:56:1f:e5:1a:58:b1:57:
                    44:07:24:c1:d7:99:97:7a:e1:0b:e4:94:01:17:17:
                    7b:c3:6e:8c:62:37:4f:40:41:98:7c:17:90:f0:43:
                    b9:16:e4:80:08:b2:8d:be:27:a8:6d:ac:37:78:d5:
                    ba:fa:1b:c7:64:d1:aa:31:2d:11:e6:bb:65:6f:cc:
                    d8:74:16:58:ed:72:3e:9a:f9:30:b4:60:d8:68:49:
                    7e:d7:06:40:aa:c1:ee:a3:e3:b1:e3:71:82:41:02:
                    d0:f0:9d:08:78:3c:a5:94:b1:ae:02:8e:ac:c7:bc:
                    d2:72:84:40:33:26:eb:ef:ec:1b:fa:67:9c:ff:48:
                    1b:ad:6b:af:39:1b:b3:f7:9b:12:10:16:f8:d1:f2:
                    47:27:ce:e4:b4:da:e7:56:c1:a3:c6:da:58:39:f0:
                    de:cf:2a:34:de:12:c5:6b:cc:32:93:bc:93:41:ae:
                    ce:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:91:73:31:E9:A0:BE:EF:FB:85:2E:21:89:1C:F7:29:40:5D:75:C6
            X509v3 Authority Key Identifier:
                keyid:24:1D:E0:49:AC:3C:93:26:31:78:5D:79:E6:56:9A:B7:CF:57:A3:40

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/241DE049AC3C932631785D79E6569AB7CF57A340.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/241DE049AC3C932631785D79E6569AB7CF57A340.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/3230302e3132342e3132372e302f32342d3234203d3e203532323836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.124.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:1e:64:1e:7f:f6:99:6d:f4:85:2f:b2:63:ee:d5:aa:18:d4:
         2e:0c:1d:59:fb:8b:79:4a:46:0e:99:98:39:f0:1d:2e:06:6f:
         bc:86:33:66:79:87:5e:2c:31:28:56:ea:c5:93:57:3b:3c:3a:
         68:87:7a:8c:5f:bc:f6:bd:81:17:fb:36:41:14:97:31:bb:68:
         71:5c:af:0a:c2:e1:32:dc:cc:0c:4f:f6:8e:94:19:08:2f:5c:
         c7:81:57:a9:32:a9:eb:05:94:d4:eb:37:40:37:eb:5f:c7:25:
         6c:ee:c6:62:a0:de:97:46:cb:07:cb:a0:93:19:6b:9c:2a:0b:
         37:2c:38:9a:38:a7:71:bb:71:b7:18:a1:dd:49:13:28:75:86:
         32:b6:07:e4:ac:0a:b4:25:7f:95:6b:5c:54:2c:27:76:30:e8:
         12:a0:12:78:0e:d1:a8:9b:d8:10:57:23:74:4d:3e:75:db:26:
         7c:c4:64:84:b7:99:fc:52:0f:63:47:91:72:f8:f8:4b:0e:c8:
         18:ea:58:74:1b:7e:da:d4:1b:bb:93:b3:86:21:77:de:4f:6f:
         22:46:43:5e:ee:7d:82:e0:9b:9c:09:c1:b0:d8:d0:58:fe:b6:
         8c:79:79:b5:3f:b9:66:e5:73:23:8d:d4:55:67:d6:14:da:99:
         77:a9:67:68
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUSu6YfaK6TbcczXYRrhuglBLVU44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjQxREUwNDlBQzNDOTMyNjMxNzg1RDc5RTY1NjlBQjdD
RjU3QTM0MDAeFw0yNDAzMDUxNzQ5MzJaFw0yNTAzMDQxNzU0MzJaMDMxMTAvBgNV
BAMTKEYwOTE3MzMxRTlBMEJFRUZGQjg1MkUyMTg5MUNGNzI5NDA1RDc1QzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu6u9m0miwg426VckBKhE+Af4g
GG4cFYLobQAbnNjgRs6ClKR0azZvCb7r7ruryYJqUWQBMu0uy6AO8tE9RqF0C6bA
c7IricPApwcpkEyvJnT3Vh/lGlixV0QHJMHXmZd64QvklAEXF3vDboxiN09AQZh8
F5DwQ7kW5IAIso2+J6htrDd41br6G8dk0aoxLRHmu2VvzNh0Fljtcj6a+TC0YNho
SX7XBkCqwe6j47HjcYJBAtDwnQh4PKWUsa4CjqzHvNJyhEAzJuvv7Bv6Z5z/SBut
a685G7P3mxIQFvjR8kcnzuS02udWwaPG2lg58N7PKjTeEsVrzDKTvJNBrs53AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU8JFzMemgvu/7hS4hiRz3KUBddcYwHwYDVR0j
BBgwFoAUJB3gSaw8kyYxeF155laat89Xo0AwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81RDhGNTFCMUQxNjU3QkYzNjY2MTQ1MTFBMjA1ODFCREVE
MDNCMzJGQkNENUU5RDQ3MUFGOTg2QkE0MzYyMTFCLzAvMjQxREUwNDlBQzNDOTMy
NjMxNzg1RDc5RTY1NjlBQjdDRjU3QTM0MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNDFERTA0OUFDM0M5MzI2MzE3
ODVENzlFNjU2OUFCN0NGNTdBMzQwLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUQ4RjUxQjFEMTY1N0JGMzY2NjE0NTExQTIwNTgxQkRFRDAzQjMyRkJD
RDVFOUQ0NzFBRjk4NkJBNDM2MjExQi8wLzMyMzAzMDJlMzEzMjM0MmUzMTMyMzcy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzIzODM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyHx/
MA0GCSqGSIb3DQEBCwUAA4IBAQAxHmQef/aZbfSFL7Jj7tWqGNQuDB1Z+4t5SkYO
mZg58B0uBm+8hjNmeYdeLDEoVurFk1c7PDpoh3qMX7z2vYEX+zZBFJcxu2hxXK8K
wuEy3MwMT/aOlBkIL1zHgVepMqnrBZTU6zdAN+tfxyVs7sZioN6XRssHy6CTGWuc
Kgs3LDiaOKdxu3G3GKHdSRModYYytgfkrAq0JX+Va1xULCd2MOgSoBJ4DtGom9gQ
VyN0TT512yZ8xGSEt5n8Ug9jR5Fy+PhLDsgY6lh0G37a1Bu7k7OGIXfeT28iRkNe
7n2C4JucCcGw2NBY/raMeXm1P7lm5XMjjdRVZ9YU2pl3qWdo
-----END CERTIFICATE-----
Generated at Thu Nov 21 17:25:51 2024 by rpki-client on console-fra.rpki-client.org