Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/64C03345D384CD3890F2667144854AF6BFC686020A16DF6C13454515C780771D/0/3230302e3131342e38342e302f32342d3234203d3e203238303635.roa
File:                     3230302e3131342e38342e302f32342d3234203d3e203238303635.roa (raw, json)
Hash identifier:          mh9+043qfdUPYZhbTyC3jQseCpmGY50f1lYmbzhixpg=
Subject key identifier:   B8:74:43:7B:4A:F9:9E:FE:4A:F4:48:B7:1D:01:DB:2E:E9:C5:49:02
Certificate issuer:       /CN=90243C73A18AED634D7EEB8D34E4408DFEB53170
Certificate serial:       4942ECB6C7B8F7EE73A49CCCBB9810508BBBF427
Authority key identifier: 90:24:3C:73:A1:8A:ED:63:4D:7E:EB:8D:34:E4:40:8D:FE:B5:31:70
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/90243C73A18AED634D7EEB8D34E4408DFEB53170.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/64C03345D384CD3890F2667144854AF6BFC686020A16DF6C13454515C780771D/0/3230302e3131342e38342e302f32342d3234203d3e203238303635.roa
Signing time:             Tue 17 Sep 2024 00:40:00 +0000
ROA not before:           Tue 17 Sep 2024 00:35:00 +0000
ROA not after:            Tue 16 Sep 2025 00:40:00 +0000
asID:                     28065
IP address blocks:        200.114.84.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/64C03345D384CD3890F2667144854AF6BFC686020A16DF6C13454515C780771D/0/90243C73A18AED634D7EEB8D34E4408DFEB53170.crl
                          rsync://repository.lacnic.net/rpki/lacnic/64C03345D384CD3890F2667144854AF6BFC686020A16DF6C13454515C780771D/0/90243C73A18AED634D7EEB8D34E4408DFEB53170.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/90243C73A18AED634D7EEB8D34E4408DFEB53170.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:42:ec:b6:c7:b8:f7:ee:73:a4:9c:cc:bb:98:10:50:8b:bb:f4:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90243C73A18AED634D7EEB8D34E4408DFEB53170
        Validity
            Not Before: Sep 17 00:35:00 2024 GMT
            Not After : Sep 16 00:40:00 2025 GMT
        Subject: CN=B874437B4AF99EFE4AF448B71D01DB2EE9C54902
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:81:8e:8d:c5:85:a7:f5:55:eb:33:00:32:16:
                    aa:42:a4:25:e6:54:ee:f3:c5:b4:35:9c:f4:80:c9:
                    ec:c3:b9:16:44:01:60:1e:9b:12:af:e6:26:f5:68:
                    64:e2:da:19:d7:90:10:38:a2:b8:14:e2:cb:5c:dc:
                    20:f8:a7:ce:8e:67:50:34:31:5c:a7:6c:10:16:6b:
                    1e:5e:74:ef:a0:dd:40:39:9f:93:1c:93:c2:51:a8:
                    be:d3:85:06:8a:d1:ca:ec:b1:6c:1a:2d:7e:b7:74:
                    f2:17:cc:50:16:12:fb:b8:5b:e9:45:5f:fd:4a:95:
                    38:18:05:ec:e3:ad:ee:82:aa:67:7b:67:95:c0:24:
                    a5:80:91:a6:3a:cd:59:dc:eb:47:cb:e4:01:43:a8:
                    01:1a:a9:48:3a:40:f2:96:ee:b8:af:c6:28:07:9d:
                    14:5d:b1:5f:74:b3:66:f0:c1:4f:e6:fb:dc:ff:a7:
                    cf:a6:0b:fc:fb:1c:48:be:0e:a4:dd:0f:d0:7c:ee:
                    1a:19:3b:1b:f5:50:0d:25:88:9b:02:29:95:6f:a5:
                    3f:1d:55:00:6b:f6:6c:2f:eb:f6:7b:29:8f:11:50:
                    ea:44:ef:7d:39:92:60:97:9f:48:07:24:c7:98:45:
                    8b:46:af:b2:90:45:8e:76:3f:c0:44:92:18:39:2c:
                    d6:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:74:43:7B:4A:F9:9E:FE:4A:F4:48:B7:1D:01:DB:2E:E9:C5:49:02
            X509v3 Authority Key Identifier:
                keyid:90:24:3C:73:A1:8A:ED:63:4D:7E:EB:8D:34:E4:40:8D:FE:B5:31:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/64C03345D384CD3890F2667144854AF6BFC686020A16DF6C13454515C780771D/0/90243C73A18AED634D7EEB8D34E4408DFEB53170.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/90243C73A18AED634D7EEB8D34E4408DFEB53170.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/64C03345D384CD3890F2667144854AF6BFC686020A16DF6C13454515C780771D/0/3230302e3131342e38342e302f32342d3234203d3e203238303635.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.114.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:a5:c5:80:a3:fb:61:d4:76:f6:5d:a4:d5:25:12:7c:e6:bd:
         6b:a3:8e:81:e7:3c:f8:5e:6c:71:c3:bd:9c:38:e5:3b:14:1a:
         10:27:64:66:31:59:74:41:2f:ff:21:c2:aa:56:a4:89:63:f3:
         09:3c:c8:9c:8f:c5:56:b8:c4:f7:ee:be:06:9d:12:bf:20:7b:
         27:42:82:4c:0d:ed:1b:31:d0:fd:d6:21:64:67:1c:9c:bb:22:
         49:d9:04:5b:25:10:37:8b:06:86:61:32:db:e1:d2:96:2a:2a:
         2e:9f:99:96:5b:9e:43:86:ab:d6:8c:73:f6:88:60:0c:f0:74:
         1a:37:63:32:96:45:30:8f:24:d0:a3:83:c1:eb:8d:1e:58:25:
         51:14:09:61:9c:8d:a7:00:74:a8:7d:af:58:01:c7:2e:7a:14:
         c6:ad:ff:78:c1:47:14:2a:5b:9e:0c:cd:96:85:3d:b6:6f:2a:
         f7:77:84:a2:0a:d8:ed:fd:80:6b:da:68:06:08:e7:46:9d:89:
         80:f7:71:64:f6:49:00:55:c8:09:c2:78:82:f8:88:07:94:b3:
         67:b7:c9:70:d9:ff:d5:60:f1:27:16:2d:5b:3d:60:7c:c9:07:
         ac:bc:c4:e0:31:7f:9b:e2:31:c3:27:c7:cd:f0:43:d8:67:d8:
         b2:0f:13:4a
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUSULstse49+5zpJzMu5gQUIu79CcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTAyNDNDNzNBMThBRUQ2MzREN0VFQjhEMzRFNDQwOERG
RUI1MzE3MDAeFw0yNDA5MTcwMDM1MDBaFw0yNTA5MTYwMDQwMDBaMDMxMTAvBgNV
BAMTKEI4NzQ0MzdCNEFGOTlFRkU0QUY0NDhCNzFEMDFEQjJFRTlDNTQ5MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDugY6NxYWn9VXrMwAyFqpCpCXm
VO7zxbQ1nPSAyezDuRZEAWAemxKv5ib1aGTi2hnXkBA4orgU4stc3CD4p86OZ1A0
MVynbBAWax5edO+g3UA5n5Mck8JRqL7ThQaK0crssWwaLX63dPIXzFAWEvu4W+lF
X/1KlTgYBezjre6Cqmd7Z5XAJKWAkaY6zVnc60fL5AFDqAEaqUg6QPKW7rivxigH
nRRdsV90s2bwwU/m+9z/p8+mC/z7HEi+DqTdD9B87hoZOxv1UA0liJsCKZVvpT8d
VQBr9mwv6/Z7KY8RUOpE7305kmCXn0gHJMeYRYtGr7KQRY52P8BEkhg5LNajAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUuHRDe0r5nv5K9Ei3HQHbLunFSQIwHwYDVR0j
BBgwFoAUkCQ8c6GK7WNNfuuNNORAjf61MXAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82NEMwMzM0NUQzODRDRDM4OTBGMjY2NzE0NDg1NEFGNkJG
QzY4NjAyMEExNkRGNkMxMzQ1NDUxNUM3ODA3NzFELzAvOTAyNDNDNzNBMThBRUQ2
MzREN0VFQjhEMzRFNDQwOERGRUI1MzE3MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85MDI0M0M3M0ExOEFFRDYzNEQ3
RUVCOEQzNEU0NDA4REZFQjUzMTcwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjRDMDMzNDVEMzg0Q0QzODkwRjI2NjcxNDQ4NTRBRjZCRkM2ODYwMjBB
MTZERjZDMTM0NTQ1MTVDNzgwNzcxRC8wLzMyMzAzMDJlMzEzMTM0MmUzODM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODMwMzYzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhyVDAN
BgkqhkiG9w0BAQsFAAOCAQEAK6XFgKP7YdR29l2k1SUSfOa9a6OOgec8+F5sccO9
nDjlOxQaECdkZjFZdEEv/yHCqlakiWPzCTzInI/FVrjE9+6+Bp0SvyB7J0KCTA3t
GzHQ/dYhZGccnLsiSdkEWyUQN4sGhmEy2+HSlioqLp+ZllueQ4ar1oxz9ohgDPB0
GjdjMpZFMI8k0KODweuNHlglURQJYZyNpwB0qH2vWAHHLnoUxq3/eMFHFCpbngzN
loU9tm8q93eEogrY7f2Aa9poBgjnRp2JgPdxZPZJAFXICcJ4gviIB5SzZ7fJcNn/
1WDxJxYtWz1gfMkHrLzE4DF/m+IxwyfHzfBD2GfYsg8TSg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:01:42 2024 by rpki-client on console-fra.rpki-client.org