Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/3230312e3234372e302e302f31362d3234203d3e203134373534.roa
File:                     3230312e3234372e302e302f31362d3234203d3e203134373534.roa (raw, json)
Hash identifier:          gSZBTtVA0zXEqDU8u/bl9H0LDxhNBIRae1GP14lOmfk=
Subject key identifier:   C9:36:D0:22:00:8C:84:33:93:13:E8:92:19:72:B9:96:B8:A3:23:82
Certificate issuer:       /CN=2015789E0A9B12EE1A82CB85A5945DD9B3185725
Certificate serial:       352E8ED6649269E221DF0FDE77FFE8218D555C75
Authority key identifier: 20:15:78:9E:0A:9B:12:EE:1A:82:CB:85:A5:94:5D:D9:B3:18:57:25
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/3230312e3234372e302e302f31362d3234203d3e203134373534.roa
Signing time:             Tue 05 Mar 2024 17:44:14 +0000
ROA not before:           Tue 05 Mar 2024 17:39:14 +0000
ROA not after:            Tue 04 Mar 2025 17:44:14 +0000
asID:                     14754
IP address blocks:        201.247.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.crl
                          rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 20 Jul 2024 13:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:2e:8e:d6:64:92:69:e2:21:df:0f:de:77:ff:e8:21:8d:55:5c:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2015789E0A9B12EE1A82CB85A5945DD9B3185725
        Validity
            Not Before: Mar  5 17:39:14 2024 GMT
            Not After : Mar  4 17:44:14 2025 GMT
        Subject: CN=C936D022008C84339313E8921972B996B8A32382
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:fb:1d:d9:6c:74:54:fa:04:94:d6:a3:3d:79:
                    a7:e6:40:04:38:33:82:c8:23:62:75:a6:f2:95:5d:
                    2e:98:ed:fb:26:08:01:14:fa:05:0d:20:a8:91:67:
                    ee:98:99:07:0d:c2:86:ae:cf:c1:17:20:a0:ea:d1:
                    21:8e:c9:e9:dd:6c:64:33:27:01:97:7b:cb:7c:1b:
                    f3:55:e5:15:f6:ad:5f:8e:57:f6:52:2f:e8:ee:39:
                    3a:82:91:77:ea:5b:97:89:b4:17:72:a1:45:e2:ac:
                    64:d5:3f:4a:b8:c9:ac:c5:87:c1:40:27:0b:38:ff:
                    88:59:50:d8:6b:ba:5f:d5:bb:5e:0d:3e:bb:8f:34:
                    59:b3:d4:a6:7f:32:18:a7:66:92:37:fb:f2:eb:4d:
                    eb:5c:7d:46:ce:5e:bb:32:f3:40:59:df:75:9b:56:
                    e6:2c:9a:53:9b:85:41:d8:17:cd:cd:e7:9a:f3:d3:
                    e7:14:34:0a:1d:6b:44:52:8e:12:e9:b4:07:a9:01:
                    17:6d:c3:ba:53:be:9e:10:af:ca:55:cb:85:85:f4:
                    8e:d8:f3:88:10:33:55:a5:b2:6a:e6:ca:2f:c6:bc:
                    6c:f1:02:2b:3d:7e:56:1e:35:1b:04:b8:ac:d3:f1:
                    ba:9e:98:dc:5a:f2:3b:17:97:f8:31:6f:89:87:8d:
                    70:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:36:D0:22:00:8C:84:33:93:13:E8:92:19:72:B9:96:B8:A3:23:82
            X509v3 Authority Key Identifier:
                keyid:20:15:78:9E:0A:9B:12:EE:1A:82:CB:85:A5:94:5D:D9:B3:18:57:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/3230312e3234372e302e302f31362d3234203d3e203134373534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.247.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         cd:4a:dc:67:fe:89:31:f7:e9:a0:8c:32:f0:a2:6d:21:bf:08:
         24:ea:62:da:c2:da:bb:b0:ec:57:2d:44:a7:f3:8c:da:d8:4a:
         f0:49:3f:03:c2:96:40:db:4c:38:57:fa:db:10:f0:54:c3:93:
         c8:67:ee:ab:3b:a9:ef:c4:72:5b:87:79:8c:bb:c0:c6:fe:b5:
         e4:fb:2b:ad:ce:04:cf:48:4f:8e:5e:4d:42:0b:5f:a2:69:12:
         73:f6:2d:d3:98:dd:cd:f5:e0:62:47:8e:c1:e9:81:e3:9d:7b:
         e0:e1:ea:43:b0:de:23:9b:08:39:34:dc:b4:15:06:2d:9a:4b:
         44:e2:76:0c:51:be:a8:fc:32:ad:b6:76:81:6a:cb:8e:f3:99:
         c3:fc:8b:f0:06:0c:24:77:31:28:ab:bf:b6:00:6f:23:d9:d4:
         87:8c:cc:2f:b2:f1:94:81:05:15:a6:fa:a4:42:89:ba:5a:9e:
         52:92:bc:72:78:59:33:ad:dd:9f:47:db:2e:7d:fb:da:1b:de:
         fa:8e:50:c7:e5:66:a4:36:1d:bb:aa:ca:38:fa:69:e0:65:9e:
         1b:3c:12:f0:ac:db:97:7b:29:4c:83:d5:e9:d1:52:26:f0:fc:
         55:58:42:fd:86:a9:25:f6:69:0e:75:39:4c:5d:ef:91:a4:95:
         33:8b:4b:2e
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUNS6O1mSSaeIh3w/ed//oIY1VXHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjAxNTc4OUUwQTlCMTJFRTFBODJDQjg1QTU5NDVERDlC
MzE4NTcyNTAeFw0yNDAzMDUxNzM5MTRaFw0yNTAzMDQxNzQ0MTRaMDMxMTAvBgNV
BAMTKEM5MzZEMDIyMDA4Qzg0MzM5MzEzRTg5MjE5NzJCOTk2QjhBMzIzODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt+x3ZbHRU+gSU1qM9eafmQAQ4
M4LII2J1pvKVXS6Y7fsmCAEU+gUNIKiRZ+6YmQcNwoauz8EXIKDq0SGOyendbGQz
JwGXe8t8G/NV5RX2rV+OV/ZSL+juOTqCkXfqW5eJtBdyoUXirGTVP0q4yazFh8FA
Jws4/4hZUNhrul/Vu14NPruPNFmz1KZ/MhinZpI3+/LrTetcfUbOXrsy80BZ33Wb
VuYsmlObhUHYF83N55rz0+cUNAoda0RSjhLptAepARdtw7pTvp4Qr8pVy4WF9I7Y
84gQM1Wlsmrmyi/GvGzxAis9flYeNRsEuKzT8bqemNxa8jsXl/gxb4mHjXDjAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUyTbQIgCMhDOTE+iSGXK5lrijI4IwHwYDVR0j
BBgwFoAUIBV4ngqbEu4agsuFpZRd2bMYVyUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82MjEwNThEMTc5Q0E1QzFDMDU2QzFCRjdCODJDOTI3QTVB
RkNCMUIxOTA5MUFENUNDN0RFMDFBNEQyQkEzM0I1LzAvMjAxNTc4OUUwQTlCMTJF
RTFBODJDQjg1QTU5NDVERDlCMzE4NTcyNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMDE1Nzg5RTBBOUIxMkVFMUE4
MkNCODVBNTk0NUREOUIzMTg1NzI1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjIxMDU4RDE3OUNBNUMxQzA1NkMxQkY3QjgyQzkyN0E1QUZDQjFCMTkw
OTFBRDVDQzdERTAxQTREMkJBMzNCNS8wLzMyMzAzMTJlMzIzNDM3MmUzMDJlMzAy
ZjMxMzYyZDMyMzQyMDNkM2UyMDMxMzQzNzM1MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDJ9zANBgkq
hkiG9w0BAQsFAAOCAQEAzUrcZ/6JMffpoIwy8KJtIb8IJOpi2sLau7DsVy1Ep/OM
2thK8Ek/A8KWQNtMOFf62xDwVMOTyGfuqzup78RyW4d5jLvAxv615Psrrc4Ez0hP
jl5NQgtfomkSc/Yt05jdzfXgYkeOwemB45174OHqQ7DeI5sIOTTctBUGLZpLROJ2
DFG+qPwyrbZ2gWrLjvOZw/yL8AYMJHcxKKu/tgBvI9nUh4zML7LxlIEFFab6pEKJ
ulqeUpK8cnhZM63dn0fbLn372hve+o5Qx+VmpDYdu6rKOPpp4GWeGzwS8Kzbl3sp
TIPV6dFSJvD8VVhC/YapJfZpDnU5TF3vkaSVM4tLLg==
-----END CERTIFICATE-----
Generated at Tue Jul 16 11:33:23 2024 by rpki-client on console-ams.rpki-client.org