Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/3230312e3234372e302e302f32302d3230203d3e203134373534.roa
File:                     3230312e3234372e302e302f32302d3230203d3e203134373534.roa (raw, json)
Hash identifier:          jAkCq3JWb8i4U2SPseLKeUmky5E+/dryphJlL1JXedo=
Subject key identifier:   19:5F:C9:80:D6:5A:9D:33:42:5D:02:E2:F0:A5:B2:A3:A7:83:BD:B9
Certificate issuer:       /CN=2015789E0A9B12EE1A82CB85A5945DD9B3185725
Certificate serial:       32EA55B620B4A8D336115EF7C120AE059EE14A34
Authority key identifier: 20:15:78:9E:0A:9B:12:EE:1A:82:CB:85:A5:94:5D:D9:B3:18:57:25
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/3230312e3234372e302e302f32302d3230203d3e203134373534.roa
Signing time:             Tue 05 Mar 2024 17:44:14 +0000
ROA not before:           Tue 05 Mar 2024 17:39:14 +0000
ROA not after:            Tue 04 Mar 2025 17:44:14 +0000
asID:                     14754
IP address blocks:        201.247.0.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.crl
                          rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 20 Jul 2024 13:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:ea:55:b6:20:b4:a8:d3:36:11:5e:f7:c1:20:ae:05:9e:e1:4a:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2015789E0A9B12EE1A82CB85A5945DD9B3185725
        Validity
            Not Before: Mar  5 17:39:14 2024 GMT
            Not After : Mar  4 17:44:14 2025 GMT
        Subject: CN=195FC980D65A9D33425D02E2F0A5B2A3A783BDB9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:67:6b:d5:0f:e5:95:7e:b5:81:76:77:f8:ad:
                    c2:3a:ea:de:00:81:af:5a:13:d5:ca:d1:ce:0a:a7:
                    76:f2:a6:a3:77:36:a0:91:a6:3c:f4:ea:b2:9d:99:
                    24:6b:0a:ee:af:9d:8b:a2:73:f2:4d:9a:a0:79:67:
                    ca:ca:61:8c:1b:5d:96:fe:99:6c:f2:a6:64:8b:82:
                    f9:21:c4:fc:4a:d5:2d:b5:bd:f3:83:94:d8:35:e7:
                    f0:d4:ea:74:d5:a5:bb:09:bc:1a:b3:ad:8f:05:9d:
                    ad:cc:c6:e8:23:eb:d3:33:c2:fc:5e:28:d4:e8:c1:
                    be:a2:2d:b9:2d:ba:74:48:02:c9:7e:02:4e:a7:92:
                    38:cb:20:44:f1:c2:7d:3c:72:11:c8:6a:ea:85:88:
                    d9:e8:e7:31:6c:b6:e7:07:db:cf:21:88:82:3f:14:
                    9e:b2:e4:65:67:8c:c8:30:c9:d6:e3:2e:7e:e0:85:
                    4f:e7:be:a8:e5:c1:cb:e9:29:71:b6:cf:54:c4:94:
                    5f:23:e3:51:79:9b:8c:d5:56:a8:11:91:38:a9:0a:
                    a8:46:fc:1c:53:91:b8:d3:7c:b0:e5:15:7f:49:29:
                    46:ee:70:66:38:43:13:5f:3e:2f:90:ef:6f:d5:e0:
                    ec:5d:d4:53:b5:f6:ed:13:df:df:59:fe:e6:6b:e9:
                    48:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:5F:C9:80:D6:5A:9D:33:42:5D:02:E2:F0:A5:B2:A3:A7:83:BD:B9
            X509v3 Authority Key Identifier:
                keyid:20:15:78:9E:0A:9B:12:EE:1A:82:CB:85:A5:94:5D:D9:B3:18:57:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/3230312e3234372e302e302f32302d3230203d3e203134373534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.247.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         67:4d:8b:af:e7:80:66:06:13:8d:07:1f:6c:e0:75:eb:58:69:
         cf:38:0a:9d:51:57:19:39:4e:2c:8f:fd:be:43:2e:03:89:ce:
         4a:ed:c9:77:95:54:46:a2:05:7f:dc:57:ef:0a:de:fb:67:4f:
         4b:52:f8:bb:34:6b:dd:9f:50:0d:4c:f8:63:e1:f7:6f:7d:6d:
         5b:a9:26:3c:f9:54:29:47:1a:db:34:b0:72:f5:f7:f8:39:d4:
         25:ef:ea:37:ba:e0:f5:1e:1e:94:4c:c3:13:43:16:0d:b3:24:
         43:6b:98:eb:d0:ba:b2:74:f7:73:29:af:fb:14:4c:57:b5:52:
         6a:a9:bb:d4:01:e1:5f:19:8b:97:26:e5:55:f8:1a:cb:0e:91:
         f0:ed:60:61:b9:6b:37:84:3e:90:26:e3:d9:51:2c:ad:55:e9:
         d9:22:18:97:38:6f:b0:a3:b3:b8:0e:ba:2e:d9:a1:c7:74:b8:
         6c:b2:86:bc:df:23:d3:3f:4e:10:42:4b:9d:a4:86:50:18:71:
         92:5e:b1:8f:0a:34:96:17:0e:e3:59:3a:ce:a9:62:7d:aa:cf:
         6b:a2:dc:8f:5d:43:fd:f2:bf:e9:b7:86:f7:fd:f9:9c:b3:71:
         3a:0a:ac:8a:34:28:d7:3a:46:42:8f:ba:34:f2:57:51:86:f8:
         71:71:5c:e2
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUMupVtiC0qNM2EV73wSCuBZ7hSjQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjAxNTc4OUUwQTlCMTJFRTFBODJDQjg1QTU5NDVERDlC
MzE4NTcyNTAeFw0yNDAzMDUxNzM5MTRaFw0yNTAzMDQxNzQ0MTRaMDMxMTAvBgNV
BAMTKDE5NUZDOTgwRDY1QTlEMzM0MjVEMDJFMkYwQTVCMkEzQTc4M0JEQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8Z2vVD+WVfrWBdnf4rcI66t4A
ga9aE9XK0c4Kp3bypqN3NqCRpjz06rKdmSRrCu6vnYuic/JNmqB5Z8rKYYwbXZb+
mWzypmSLgvkhxPxK1S21vfODlNg15/DU6nTVpbsJvBqzrY8Fna3Mxugj69Mzwvxe
KNTowb6iLbktunRIAsl+Ak6nkjjLIETxwn08chHIauqFiNno5zFstucH288hiII/
FJ6y5GVnjMgwydbjLn7ghU/nvqjlwcvpKXG2z1TElF8j41F5m4zVVqgRkTipCqhG
/BxTkbjTfLDlFX9JKUbucGY4QxNfPi+Q72/V4Oxd1FO19u0T399Z/uZr6UhtAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUGV/JgNZanTNCXQLi8KWyo6eDvbkwHwYDVR0j
BBgwFoAUIBV4ngqbEu4agsuFpZRd2bMYVyUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82MjEwNThEMTc5Q0E1QzFDMDU2QzFCRjdCODJDOTI3QTVB
RkNCMUIxOTA5MUFENUNDN0RFMDFBNEQyQkEzM0I1LzAvMjAxNTc4OUUwQTlCMTJF
RTFBODJDQjg1QTU5NDVERDlCMzE4NTcyNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMDE1Nzg5RTBBOUIxMkVFMUE4
MkNCODVBNTk0NUREOUIzMTg1NzI1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjIxMDU4RDE3OUNBNUMxQzA1NkMxQkY3QjgyQzkyN0E1QUZDQjFCMTkw
OTFBRDVDQzdERTAxQTREMkJBMzNCNS8wLzMyMzAzMTJlMzIzNDM3MmUzMDJlMzAy
ZjMyMzAyZDMyMzAyMDNkM2UyMDMxMzQzNzM1MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATJ9wAwDQYJ
KoZIhvcNAQELBQADggEBAGdNi6/ngGYGE40HH2zgdetYac84Cp1RVxk5TiyP/b5D
LgOJzkrtyXeVVEaiBX/cV+8K3vtnT0tS+Ls0a92fUA1M+GPh9299bVupJjz5VClH
Gts0sHL19/g51CXv6je64PUeHpRMwxNDFg2zJENrmOvQurJ093Mpr/sUTFe1Umqp
u9QB4V8Zi5cm5VX4GssOkfDtYGG5azeEPpAm49lRLK1V6dkiGJc4b7Cjs7gOui7Z
ocd0uGyyhrzfI9M/ThBCS52khlAYcZJesY8KNJYXDuNZOs6pYn2qz2ui3I9dQ/3y
v+m3hvf9+ZyzcToKrIo0KNc6RkKPujTyV1GG+HFxXOI=
-----END CERTIFICATE-----
Generated at Tue Jul 16 11:33:23 2024 by rpki-client on console-ams.rpki-client.org