Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/3230312e3234372e3132382e302f31382d3234203d3e203134373534.roa
File:                     3230312e3234372e3132382e302f31382d3234203d3e203134373534.roa (raw, json)
Hash identifier:          y0HpJBCMoMFXohT/xY+Nn4OY1xw/vFYBSxWxILmpWTI=
Subject key identifier:   8F:34:96:8E:68:E5:92:1C:39:C4:78:0F:87:43:04:9B:C4:27:96:04
Certificate issuer:       /CN=2015789E0A9B12EE1A82CB85A5945DD9B3185725
Certificate serial:       6D80BF28CD60A33BEE2C5B33B65B4B807DC197BC
Authority key identifier: 20:15:78:9E:0A:9B:12:EE:1A:82:CB:85:A5:94:5D:D9:B3:18:57:25
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/3230312e3234372e3132382e302f31382d3234203d3e203134373534.roa
Signing time:             Tue 05 Mar 2024 17:44:15 +0000
ROA not before:           Tue 05 Mar 2024 17:39:15 +0000
ROA not after:            Tue 04 Mar 2025 17:44:15 +0000
asID:                     14754
IP address blocks:        201.247.128.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.crl
                          rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 20 Jul 2024 13:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:80:bf:28:cd:60:a3:3b:ee:2c:5b:33:b6:5b:4b:80:7d:c1:97:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2015789E0A9B12EE1A82CB85A5945DD9B3185725
        Validity
            Not Before: Mar  5 17:39:15 2024 GMT
            Not After : Mar  4 17:44:15 2025 GMT
        Subject: CN=8F34968E68E5921C39C4780F8743049BC4279604
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:c7:f6:7f:f0:44:f1:00:b5:f4:a7:56:fa:1b:
                    ad:d5:5f:37:bd:8c:1e:2d:a8:fd:32:1f:dc:ba:d6:
                    2a:fb:27:42:83:b8:fc:ae:53:86:ed:fb:1c:a4:1f:
                    e7:97:32:78:44:9c:0a:c9:c0:8d:a7:57:9f:d6:da:
                    27:da:ef:22:fe:b8:4a:a9:56:1c:99:00:e0:20:85:
                    8c:af:d5:9d:a8:7f:91:a6:f7:77:09:b8:8f:63:8d:
                    81:0e:6c:e7:c3:97:d1:3d:68:f3:1c:69:05:70:cc:
                    72:33:18:a0:65:62:a1:6f:6b:88:96:96:32:7e:be:
                    a7:ae:b2:d3:bd:e5:46:2e:10:15:6c:09:b9:ee:5d:
                    20:93:67:0b:c4:cf:fe:31:f0:8e:38:16:bc:89:3a:
                    9d:d0:3c:30:71:47:95:30:46:2b:8d:9e:b7:fd:2d:
                    34:1e:e4:d2:3b:0d:d1:eb:83:af:41:3a:f2:31:f5:
                    21:6a:14:8e:4f:6d:b8:ad:1c:1b:80:c1:b3:34:69:
                    31:96:6a:9d:48:bd:ee:fb:2b:b3:99:df:b8:7b:89:
                    4c:f3:ed:f7:1a:9f:73:e2:0d:f7:1c:e1:1e:f2:fe:
                    20:f4:82:2f:2f:6c:54:6d:cc:01:d3:5d:e3:fe:af:
                    a1:31:ab:73:98:c8:f9:5c:eb:b8:f0:b9:57:1e:35:
                    8e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:34:96:8E:68:E5:92:1C:39:C4:78:0F:87:43:04:9B:C4:27:96:04
            X509v3 Authority Key Identifier:
                keyid:20:15:78:9E:0A:9B:12:EE:1A:82:CB:85:A5:94:5D:D9:B3:18:57:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2015789E0A9B12EE1A82CB85A5945DD9B3185725.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/621058D179CA5C1C056C1BF7B82C927A5AFCB1B19091AD5CC7DE01A4D2BA33B5/0/3230312e3234372e3132382e302f31382d3234203d3e203134373534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.247.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         bb:15:96:1c:21:8f:7a:3e:fc:85:aa:97:ca:5f:48:53:bf:02:
         b0:95:77:95:26:ea:1c:c4:ba:dc:44:c5:17:b3:a2:39:b5:14:
         f1:d3:86:c5:b7:eb:7e:e2:f6:eb:da:cf:4b:85:d2:a8:a4:8e:
         16:b8:c8:48:f5:89:b4:23:d9:b7:e7:2d:11:40:10:27:9e:a5:
         12:b8:b8:c6:85:34:39:f9:f5:a0:be:fe:c1:1a:0a:30:30:de:
         4b:8a:4a:af:ab:21:cc:87:2a:d1:86:e6:7f:ad:98:e0:53:3b:
         a5:e5:81:0a:4c:f8:d3:62:6a:06:f6:0e:67:38:42:09:80:bc:
         69:55:db:e5:cb:9e:3b:ae:6d:58:88:0b:4a:f9:bd:5c:42:da:
         3d:4d:5c:6e:44:66:2e:8e:22:aa:15:e3:90:28:ab:b7:20:03:
         1c:d6:3f:21:00:88:cb:94:95:cc:3d:67:ca:d9:4c:d0:10:58:
         b2:4f:55:5b:24:de:15:af:93:00:e9:31:93:9e:8a:c7:3a:df:
         c9:fc:44:2b:8f:b4:0c:e3:9e:50:a0:23:84:fa:d5:36:af:98:
         64:32:12:4f:2d:70:6b:b4:60:6a:ca:48:2f:66:ec:06:7e:6e:
         30:6f:41:b7:27:13:15:9d:34:2f:20:a1:31:8f:46:71:84:e9:
         e1:9d:a7:58
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUbYC/KM1gozvuLFsztltLgH3Bl7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjAxNTc4OUUwQTlCMTJFRTFBODJDQjg1QTU5NDVERDlC
MzE4NTcyNTAeFw0yNDAzMDUxNzM5MTVaFw0yNTAzMDQxNzQ0MTVaMDMxMTAvBgNV
BAMTKDhGMzQ5NjhFNjhFNTkyMUMzOUM0NzgwRjg3NDMwNDlCQzQyNzk2MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2x/Z/8ETxALX0p1b6G63VXze9
jB4tqP0yH9y61ir7J0KDuPyuU4bt+xykH+eXMnhEnArJwI2nV5/W2ifa7yL+uEqp
VhyZAOAghYyv1Z2of5Gm93cJuI9jjYEObOfDl9E9aPMcaQVwzHIzGKBlYqFva4iW
ljJ+vqeustO95UYuEBVsCbnuXSCTZwvEz/4x8I44FryJOp3QPDBxR5UwRiuNnrf9
LTQe5NI7DdHrg69BOvIx9SFqFI5PbbitHBuAwbM0aTGWap1Ive77K7OZ37h7iUzz
7fcan3PiDfcc4R7y/iD0gi8vbFRtzAHTXeP+r6Exq3OYyPlc67jwuVceNY53AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUjzSWjmjlkhw5xHgPh0MEm8QnlgQwHwYDVR0j
BBgwFoAUIBV4ngqbEu4agsuFpZRd2bMYVyUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82MjEwNThEMTc5Q0E1QzFDMDU2QzFCRjdCODJDOTI3QTVB
RkNCMUIxOTA5MUFENUNDN0RFMDFBNEQyQkEzM0I1LzAvMjAxNTc4OUUwQTlCMTJF
RTFBODJDQjg1QTU5NDVERDlCMzE4NTcyNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMDE1Nzg5RTBBOUIxMkVFMUE4
MkNCODVBNTk0NUREOUIzMTg1NzI1LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjIxMDU4RDE3OUNBNUMxQzA1NkMxQkY3QjgyQzkyN0E1QUZDQjFCMTkw
OTFBRDVDQzdERTAxQTREMkJBMzNCNS8wLzMyMzAzMTJlMzIzNDM3MmUzMTMyMzgy
ZTMwMmYzMTM4MmQzMjM0MjAzZDNlMjAzMTM0MzczNTM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGyfeA
MA0GCSqGSIb3DQEBCwUAA4IBAQC7FZYcIY96PvyFqpfKX0hTvwKwlXeVJuocxLrc
RMUXs6I5tRTx04bFt+t+4vbr2s9LhdKopI4WuMhI9Ym0I9m35y0RQBAnnqUSuLjG
hTQ5+fWgvv7BGgowMN5LikqvqyHMhyrRhuZ/rZjgUzul5YEKTPjTYmoG9g5nOEIJ
gLxpVdvly547rm1YiAtK+b1cQto9TVxuRGYujiKqFeOQKKu3IAMc1j8hAIjLlJXM
PWfK2UzQEFiyT1VbJN4Vr5MA6TGTnorHOt/J/EQrj7QM455QoCOE+tU2r5hkMhJP
LXBrtGBqykgvZuwGfm4wb0G3JxMVnTQvIKExj0ZxhOnhnadY
-----END CERTIFICATE-----
Generated at Tue Jul 16 11:52:06 2024 by rpki-client on console-fra.rpki-client.org