Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/3230312e3234372e302e302f31372d3234203d3e203134373534.roa
File:                     3230312e3234372e302e302f31372d3234203d3e203134373534.roa (raw, json)
Hash identifier:          tZ9088qtmdBtTKCyXnRIT+KqHNAWHZqx++oMqS4TV+I=
Subject key identifier:   57:43:16:D3:52:18:14:94:B3:5A:20:69:33:A2:FC:80:86:2C:EE:6F
Certificate issuer:       /CN=2015789E0A9B12EE1A82CB85A5945DD9B3185725
Certificate serial:       15254A97949DECCA7E0801D7DCEF1BC113CDA857
Authority key identifier: 20:15:78:9E:0A:9B:12:EE:1A:82:CB:85:A5:94:5D:D9:B3:18:57:25
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/3230312e3234372e302e302f31372d3234203d3e203134373534.roa
Signing time:             Tue 05 Mar 2024 17:44:15 +0000
ROA not before:           Tue 05 Mar 2024 17:39:15 +0000
ROA not after:            Tue 04 Mar 2025 17:44:15 +0000
asID:                     14754
IP address blocks:        201.247.0.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.crl
                          rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 20 Jul 2024 13:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:25:4a:97:94:9d:ec:ca:7e:08:01:d7:dc:ef:1b:c1:13:cd:a8:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2015789E0A9B12EE1A82CB85A5945DD9B3185725
        Validity
            Not Before: Mar  5 17:39:15 2024 GMT
            Not After : Mar  4 17:44:15 2025 GMT
        Subject: CN=574316D352181494B35A206933A2FC80862CEE6F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:d2:eb:72:d8:ff:e2:f8:4e:e3:17:21:4d:98:
                    34:22:8b:ed:01:90:57:9b:e0:fe:3c:d8:03:86:de:
                    86:86:f4:ee:a4:93:9f:68:51:a9:ff:65:dc:da:bf:
                    01:08:ca:d1:c7:8f:c7:5c:52:2a:61:53:4d:4d:aa:
                    a5:36:46:33:e2:d9:c7:b0:8b:99:58:35:31:4c:84:
                    b8:3a:48:e8:a7:12:a8:50:d0:dc:fd:7b:52:3d:6a:
                    5b:93:41:c2:3d:ed:80:ea:f3:f5:21:84:c4:6d:48:
                    e0:4c:36:2c:b5:48:03:e4:6f:3b:b7:9c:f7:53:bb:
                    78:4e:26:4c:56:3b:a4:d8:1d:cf:70:b0:5b:7f:1c:
                    4a:b5:09:9a:8c:bd:fa:99:83:4c:64:36:4b:85:f0:
                    0e:d7:42:29:8e:43:43:86:45:a3:65:15:ba:3c:e4:
                    f1:8b:ce:3e:68:fd:e9:9b:29:21:47:ae:2e:54:e6:
                    59:2f:dc:f8:f1:09:6c:f8:f8:ca:94:9c:02:1f:b0:
                    cc:e7:0f:31:ff:e7:e4:fc:a1:2e:9f:cb:7d:40:f1:
                    69:af:93:28:68:b6:c5:5d:58:7b:44:ac:b5:8c:df:
                    1d:02:20:04:4c:1e:71:71:49:35:84:3c:93:a1:e7:
                    33:7f:4e:ec:b9:71:b2:55:d0:8f:23:75:ac:85:51:
                    a7:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:43:16:D3:52:18:14:94:B3:5A:20:69:33:A2:FC:80:86:2C:EE:6F
            X509v3 Authority Key Identifier:
                keyid:20:15:78:9E:0A:9B:12:EE:1A:82:CB:85:A5:94:5D:D9:B3:18:57:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/3230312e3234372e302e302f31372d3234203d3e203134373534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.247.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         6e:3a:dd:7c:7b:49:61:80:6f:60:a4:d8:80:5b:63:56:90:7c:
         bc:e0:8c:bc:31:77:58:84:ed:61:08:e8:0c:45:9c:dc:bc:d9:
         52:c8:d8:cf:52:9e:c5:f7:0e:ab:ca:9d:3a:a3:86:8f:cb:31:
         c8:4c:64:e2:21:fa:d2:f5:07:07:cb:5c:d5:6e:ab:ae:d2:13:
         83:76:28:d8:9b:32:95:99:93:0f:7a:39:b3:fd:c0:d4:38:28:
         18:09:20:50:45:59:8e:f7:7c:af:2f:55:0a:26:7e:13:37:94:
         a6:a6:97:e1:8c:e5:7b:df:a1:92:9d:84:e0:31:af:7e:39:9e:
         2b:df:36:f1:c0:93:79:4d:a1:59:dc:83:50:fc:83:e3:c1:08:
         fa:10:16:7f:5c:ff:11:de:fa:1b:6d:d8:dc:43:6a:9b:19:e4:
         06:de:c7:c7:0e:85:75:89:e3:3e:1f:dd:0a:9f:04:72:49:78:
         3a:d4:d6:71:38:27:e6:aa:a1:a0:a6:50:12:14:e0:71:91:a5:
         42:1d:ee:98:4c:09:43:69:c3:8f:c7:a0:69:78:7c:e6:02:f7:
         71:aa:c1:a2:6b:6b:68:2f:b3:26:ee:56:d7:98:43:24:51:3e:
         c9:1d:f6:d4:91:7e:a2:55:85:97:38:86:d7:9b:05:21:fb:08:
         b3:11:37:d6
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUFSVKl5Sd7Mp+CAHX3O8bwRPNqFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjAxNTc4OUUwQTlCMTJFRTFBODJDQjg1QTU5NDVERDlC
MzE4NTcyNTAeFw0yNDAzMDUxNzM5MTVaFw0yNTAzMDQxNzQ0MTVaMDMxMTAvBgNV
BAMTKDU3NDMxNkQzNTIxODE0OTRCMzVBMjA2OTMzQTJGQzgwODYyQ0VFNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh0uty2P/i+E7jFyFNmDQii+0B
kFeb4P482AOG3oaG9O6kk59oUan/ZdzavwEIytHHj8dcUiphU01NqqU2RjPi2cew
i5lYNTFMhLg6SOinEqhQ0Nz9e1I9aluTQcI97YDq8/UhhMRtSOBMNiy1SAPkbzu3
nPdTu3hOJkxWO6TYHc9wsFt/HEq1CZqMvfqZg0xkNkuF8A7XQimOQ0OGRaNlFbo8
5PGLzj5o/embKSFHri5U5lkv3PjxCWz4+MqUnAIfsMznDzH/5+T8oS6fy31A8Wmv
kyhotsVdWHtErLWM3x0CIARMHnFxSTWEPJOh5zN/Tuy5cbJV0I8jdayFUafXAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUV0MW01IYFJSzWiBpM6L8gIYs7m8wHwYDVR0j
BBgwFoAUIBV4ngqbEu4agsuFpZRd2bMYVyUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82MjEwNThEMTc5Q0E1QzFDMDU2QzFCRjdCODJDOTI3QTVB
RkNCMUIxOTA5MUFENUNDN0RFMDFBNEQyQkEzM0I1LzAvMjAxNTc4OUUwQTlCMTJF
RTFBODJDQjg1QTU5NDVERDlCMzE4NTcyNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMDE1Nzg5RTBBOUIxMkVFMUE4
MkNCODVBNTk0NUREOUIzMTg1NzI1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjIxMDU4RDE3OUNBNUMxQzA1NkMxQkY3QjgyQzkyN0E1QUZDQjFCMTkw
OTFBRDVDQzdERTAxQTREMkJBMzNCNS8wLzMyMzAzMTJlMzIzNDM3MmUzMDJlMzAy
ZjMxMzcyZDMyMzQyMDNkM2UyMDMxMzQzNzM1MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAfJ9wAwDQYJ
KoZIhvcNAQELBQADggEBAG463Xx7SWGAb2Ck2IBbY1aQfLzgjLwxd1iE7WEI6AxF
nNy82VLI2M9SnsX3DqvKnTqjho/LMchMZOIh+tL1BwfLXNVuq67SE4N2KNibMpWZ
kw96ObP9wNQ4KBgJIFBFWY73fK8vVQomfhM3lKaml+GM5XvfoZKdhOAxr345nivf
NvHAk3lNoVncg1D8g+PBCPoQFn9c/xHe+htt2NxDapsZ5Abex8cOhXWJ4z4f3Qqf
BHJJeDrU1nE4J+aqoaCmUBIU4HGRpUId7phMCUNpw4/HoGl4fOYC93GqwaJra2gv
sybuVteYQyRRPskd9tSRfqJVhZc4htebBSH7CLMRN9Y=
-----END CERTIFICATE-----
Generated at Tue Jul 16 11:33:23 2024 by rpki-client on console-ams.rpki-client.org