Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/62EAEE3EA5EC13380AE91930F5944CF07BD3623F983EE310196C568990AEF86E/0/3230312e3231382e3134322e302f32332d3234203d3e20323732383438.roa
File:                     3230312e3231382e3134322e302f32332d3234203d3e20323732383438.roa (raw, json)
Hash identifier:          aKkKxWj9uEJyh3qJcNIh8Tev+QSGiLDFhLJuWqt9B2Q=
Subject key identifier:   BD:97:B8:2A:BE:BD:8C:42:7A:0B:B3:CD:03:FC:2E:B1:68:BA:3A:A3
Certificate issuer:       /CN=82FFF8E2D39AB005BE2AB81DA07EC2B4F6175EDC
Certificate serial:       2113405B5077A98441003703BD8C43CB7137CDA7
Authority key identifier: 82:FF:F8:E2:D3:9A:B0:05:BE:2A:B8:1D:A0:7E:C2:B4:F6:17:5E:DC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/82FFF8E2D39AB005BE2AB81DA07EC2B4F6175EDC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/62EAEE3EA5EC13380AE91930F5944CF07BD3623F983EE310196C568990AEF86E/0/3230312e3231382e3134322e302f32332d3234203d3e20323732383438.roa
Signing time:             Tue 05 Mar 2024 17:52:57 +0000
ROA not before:           Tue 05 Mar 2024 17:47:57 +0000
ROA not after:            Tue 04 Mar 2025 17:52:57 +0000
asID:                     272848
IP address blocks:        201.218.142.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/62EAEE3EA5EC13380AE91930F5944CF07BD3623F983EE310196C568990AEF86E/0/82FFF8E2D39AB005BE2AB81DA07EC2B4F6175EDC.crl
                          rsync://repository.lacnic.net/rpki/lacnic/62EAEE3EA5EC13380AE91930F5944CF07BD3623F983EE310196C568990AEF86E/0/82FFF8E2D39AB005BE2AB81DA07EC2B4F6175EDC.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/82FFF8E2D39AB005BE2AB81DA07EC2B4F6175EDC.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:13:40:5b:50:77:a9:84:41:00:37:03:bd:8c:43:cb:71:37:cd:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82FFF8E2D39AB005BE2AB81DA07EC2B4F6175EDC
        Validity
            Not Before: Mar  5 17:47:57 2024 GMT
            Not After : Mar  4 17:52:57 2025 GMT
        Subject: CN=BD97B82ABEBD8C427A0BB3CD03FC2EB168BA3AA3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:f2:f3:20:81:62:d1:bd:40:b3:c5:61:00:cb:
                    a8:4a:6d:2c:5e:8c:f5:df:a5:52:a5:95:da:f2:9f:
                    f5:3e:bd:83:ea:02:6a:ac:ec:11:03:dd:68:75:f7:
                    cf:ba:18:b3:d6:f1:33:8e:58:b2:a2:1f:7e:58:a0:
                    1b:b7:bf:fb:65:66:55:fe:44:a0:a7:85:9c:ea:59:
                    ca:fd:43:43:de:27:82:a1:88:16:b5:34:68:73:0c:
                    81:5b:55:40:0d:53:8b:c7:9f:8c:0e:ff:2d:e5:fc:
                    bd:3c:bd:67:18:64:f1:bb:ae:c4:19:ce:e5:b4:a3:
                    5c:99:5f:f1:0e:da:8e:de:07:d4:2f:20:85:34:2e:
                    76:42:7e:fd:f1:e4:7a:26:b2:25:29:60:1c:b5:cb:
                    a1:5b:0f:da:72:c8:98:f8:d7:2f:66:28:56:15:36:
                    64:e9:70:e1:77:b0:a6:2a:19:81:c5:c1:59:73:48:
                    f1:3b:f3:42:20:ff:54:05:ea:6d:35:da:97:a7:a5:
                    05:97:f3:6b:3c:03:92:be:a0:e8:f2:1a:0e:3d:0c:
                    be:d6:a7:54:1a:06:92:4d:fd:52:bc:21:f1:a6:14:
                    4a:09:ec:76:fc:30:8e:0a:2a:03:a0:d1:04:56:71:
                    13:f0:22:da:61:65:e9:85:85:45:8d:fd:5c:fa:1c:
                    35:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:97:B8:2A:BE:BD:8C:42:7A:0B:B3:CD:03:FC:2E:B1:68:BA:3A:A3
            X509v3 Authority Key Identifier:
                keyid:82:FF:F8:E2:D3:9A:B0:05:BE:2A:B8:1D:A0:7E:C2:B4:F6:17:5E:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/62EAEE3EA5EC13380AE91930F5944CF07BD3623F983EE310196C568990AEF86E/0/82FFF8E2D39AB005BE2AB81DA07EC2B4F6175EDC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/82FFF8E2D39AB005BE2AB81DA07EC2B4F6175EDC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/62EAEE3EA5EC13380AE91930F5944CF07BD3623F983EE310196C568990AEF86E/0/3230312e3231382e3134322e302f32332d3234203d3e20323732383438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.218.142.0/23

    Signature Algorithm: sha256WithRSAEncryption
         93:a1:7f:e6:79:a9:15:f3:21:3c:16:1f:31:fc:d6:04:3b:8f:
         a6:e5:e9:cb:d0:48:db:ff:c8:94:60:51:14:ce:15:e5:36:d5:
         a9:d5:5e:eb:93:24:cc:a0:94:f9:60:3c:6f:06:58:83:f4:7a:
         ec:1d:49:d8:8a:ff:ad:b2:81:0b:23:7a:b8:48:e7:82:7f:4a:
         f2:97:b6:86:cc:6a:96:00:a2:9a:f5:aa:d4:46:3a:f8:fd:0b:
         99:21:95:5d:e7:38:84:0e:e9:f8:ca:8b:d6:95:5d:6f:29:a9:
         1d:e6:6f:a4:bb:d0:78:fa:96:f2:e3:f0:a7:8d:4f:11:20:13:
         8e:e7:13:85:9a:ac:43:13:e4:3f:53:e9:ae:a3:a0:ec:70:db:
         bd:e4:0f:de:bd:64:9d:92:3d:f6:e9:75:19:e4:ff:70:70:4f:
         84:0e:d1:82:79:54:1a:94:74:42:a0:5f:60:fd:9b:06:6f:1c:
         d7:ed:e4:f6:8f:0b:9b:ca:12:04:bb:de:9a:43:a2:cc:fa:4f:
         d4:f9:86:d0:f1:3a:5f:fd:d7:60:85:e9:c2:13:4d:4d:57:4c:
         9d:83:37:01:b4:c3:45:a1:0e:6e:44:cb:d0:59:1f:82:9d:59:
         70:8a:e7:9e:25:c2:33:78:44:4b:7a:15:bc:a1:3b:75:d5:3e:
         bf:7f:6f:72
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUIRNAW1B3qYRBADcDvYxDy3E3zacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODJGRkY4RTJEMzlBQjAwNUJFMkFCODFEQTA3RUMyQjRG
NjE3NUVEQzAeFw0yNDAzMDUxNzQ3NTdaFw0yNTAzMDQxNzUyNTdaMDMxMTAvBgNV
BAMTKEJEOTdCODJBQkVCRDhDNDI3QTBCQjNDRDAzRkMyRUIxNjhCQTNBQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu8vMggWLRvUCzxWEAy6hKbSxe
jPXfpVKlldryn/U+vYPqAmqs7BED3Wh198+6GLPW8TOOWLKiH35YoBu3v/tlZlX+
RKCnhZzqWcr9Q0PeJ4KhiBa1NGhzDIFbVUANU4vHn4wO/y3l/L08vWcYZPG7rsQZ
zuW0o1yZX/EO2o7eB9QvIIU0LnZCfv3x5HomsiUpYBy1y6FbD9pyyJj41y9mKFYV
NmTpcOF3sKYqGYHFwVlzSPE780Ig/1QF6m012penpQWX82s8A5K+oOjyGg49DL7W
p1QaBpJN/VK8IfGmFEoJ7Hb8MI4KKgOg0QRWcRPwItphZemFhUWN/Vz6HDUpAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUvZe4Kr69jEJ6C7PNA/wusWi6OqMwHwYDVR0j
BBgwFoAUgv/44tOasAW+KrgdoH7CtPYXXtwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82MkVBRUUzRUE1RUMxMzM4MEFFOTE5MzBGNTk0NENGMDdC
RDM2MjNGOTgzRUUzMTAxOTZDNTY4OTkwQUVGODZFLzAvODJGRkY4RTJEMzlBQjAw
NUJFMkFCODFEQTA3RUMyQjRGNjE3NUVEQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84MkZGRjhFMkQzOUFCMDA1QkUy
QUI4MURBMDdFQzJCNEY2MTc1RURDLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjJFQUVFM0VBNUVDMTMzODBBRTkxOTMwRjU5NDRDRjA3QkQzNjIzRjk4
M0VFMzEwMTk2QzU2ODk5MEFFRjg2RS8wLzMyMzAzMTJlMzIzMTM4MmUzMTM0MzIy
ZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjM3MzIzODM0Mzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHJ
2o4wDQYJKoZIhvcNAQELBQADggEBAJOhf+Z5qRXzITwWHzH81gQ7j6bl6cvQSNv/
yJRgURTOFeU21anVXuuTJMyglPlgPG8GWIP0euwdSdiK/62ygQsjerhI54J/SvKX
tobMapYAopr1qtRGOvj9C5khlV3nOIQO6fjKi9aVXW8pqR3mb6S70Hj6lvLj8KeN
TxEgE47nE4WarEMT5D9T6a6joOxw273kD969ZJ2SPfbpdRnk/3BwT4QO0YJ5VBqU
dEKgX2D9mwZvHNft5PaPC5vKEgS73ppDosz6T9T5htDxOl/912CF6cITTU1XTJ2D
NwG0w0WhDm5Ey9BZH4KdWXCK554lwjN4REt6FbyhO3XVPr9/b3I=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:46:59 2024 by rpki-client on console-ams.rpki-client.org