Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/64C03345D384CD3890F2667144854AF6BFC686020A16DF6C13454515C780771D/0/3230302e3131342e38352e302f32342d3234203d3e203238303635.roa
File:                     3230302e3131342e38352e302f32342d3234203d3e203238303635.roa (raw, json)
Hash identifier:          TxDmYSgoCVFh2N17VmlII7fD7kZSVRHLPi42K63vXYw=
Subject key identifier:   CC:75:98:68:60:D3:B7:A0:72:A6:13:FA:CC:C9:F4:01:CA:3F:52:28
Certificate issuer:       /CN=90243C73A18AED634D7EEB8D34E4408DFEB53170
Certificate serial:       28872391D6544E38B86EA89C3154298AA3A2F8CF
Authority key identifier: 90:24:3C:73:A1:8A:ED:63:4D:7E:EB:8D:34:E4:40:8D:FE:B5:31:70
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/90243C73A18AED634D7EEB8D34E4408DFEB53170.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/64C03345D384CD3890F2667144854AF6BFC686020A16DF6C13454515C780771D/0/3230302e3131342e38352e302f32342d3234203d3e203238303635.roa
Signing time:             Tue 17 Sep 2024 00:40:01 +0000
ROA not before:           Tue 17 Sep 2024 00:35:01 +0000
ROA not after:            Tue 16 Sep 2025 00:40:01 +0000
asID:                     28065
IP address blocks:        200.114.85.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/64C03345D384CD3890F2667144854AF6BFC686020A16DF6C13454515C780771D/0/90243C73A18AED634D7EEB8D34E4408DFEB53170.crl
                          rsync://repository.lacnic.net/rpki/lacnic/64C03345D384CD3890F2667144854AF6BFC686020A16DF6C13454515C780771D/0/90243C73A18AED634D7EEB8D34E4408DFEB53170.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/90243C73A18AED634D7EEB8D34E4408DFEB53170.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:87:23:91:d6:54:4e:38:b8:6e:a8:9c:31:54:29:8a:a3:a2:f8:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90243C73A18AED634D7EEB8D34E4408DFEB53170
        Validity
            Not Before: Sep 17 00:35:01 2024 GMT
            Not After : Sep 16 00:40:01 2025 GMT
        Subject: CN=CC75986860D3B7A072A613FACCC9F401CA3F5228
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:db:de:bc:fd:a5:6f:5d:6a:85:e3:43:59:41:
                    63:f2:84:4a:e7:78:44:9e:6e:17:ec:d8:5c:a9:6b:
                    2d:da:9e:25:5c:f5:1a:2c:1e:f9:1d:32:e3:70:05:
                    e5:85:e8:25:2d:c8:5d:9e:1f:8d:ba:46:10:f0:d7:
                    f8:81:15:84:77:3a:73:be:3f:06:a4:9f:91:73:68:
                    a5:56:49:66:5c:8d:b2:d1:c0:ce:b5:ee:6c:1c:72:
                    f4:78:94:fc:f7:62:6d:3d:77:d1:3a:42:60:32:49:
                    e5:a3:af:88:58:e0:7b:c5:0b:a2:95:3e:e6:12:15:
                    bc:ce:bd:4e:05:d8:a2:26:ec:dd:ed:cb:b5:c1:da:
                    a1:05:bb:1b:0a:73:03:15:00:f7:e1:67:e7:83:8f:
                    1b:95:6e:12:a0:cd:8d:f6:d2:11:bd:54:fc:cf:3c:
                    ae:84:ed:cb:42:28:38:7d:26:a0:3b:ba:9a:98:cb:
                    7e:4b:41:2b:cf:f2:26:f3:04:a3:6c:70:d5:de:91:
                    db:95:86:f0:87:a8:a6:e1:e6:66:0f:6f:d3:cc:08:
                    b2:4a:9e:0b:1f:0f:cd:f4:67:7d:e9:48:4f:f6:8a:
                    19:42:67:d0:48:20:c6:c0:3f:8a:52:eb:7a:cf:54:
                    a7:c6:dc:ff:eb:ad:41:34:f6:de:b9:4e:1b:6f:46:
                    a1:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:75:98:68:60:D3:B7:A0:72:A6:13:FA:CC:C9:F4:01:CA:3F:52:28
            X509v3 Authority Key Identifier:
                keyid:90:24:3C:73:A1:8A:ED:63:4D:7E:EB:8D:34:E4:40:8D:FE:B5:31:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/64C03345D384CD3890F2667144854AF6BFC686020A16DF6C13454515C780771D/0/90243C73A18AED634D7EEB8D34E4408DFEB53170.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/90243C73A18AED634D7EEB8D34E4408DFEB53170.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/64C03345D384CD3890F2667144854AF6BFC686020A16DF6C13454515C780771D/0/3230302e3131342e38352e302f32342d3234203d3e203238303635.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.114.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:c4:a7:e2:e3:c5:42:39:46:eb:39:08:85:26:dd:1f:56:a7:
         34:9b:6b:75:7e:4a:35:36:eb:9e:6b:2a:60:48:a0:98:a9:83:
         e3:9c:b0:5a:74:73:ad:6f:71:09:cd:b5:7f:99:da:4b:e5:ad:
         12:78:aa:57:21:3d:87:af:6b:c8:13:3d:d9:12:cd:ff:d0:3d:
         b3:fd:79:91:8e:0e:40:ab:4c:d2:f0:2b:d2:1a:75:a6:d0:eb:
         68:3d:34:78:ce:9f:8b:6f:4a:e1:52:33:c7:4e:68:87:f5:db:
         0f:e0:90:2d:49:11:5e:f0:17:c1:40:88:3a:57:e9:99:0c:a2:
         c1:dc:9d:eb:44:41:0a:af:d0:5c:bf:d7:e8:4d:8e:66:de:df:
         57:b2:c5:32:23:9e:03:c6:60:cf:0b:a3:70:4e:33:11:cf:36:
         87:48:4f:c3:c0:6c:7b:ea:bb:7d:1e:bb:4a:f1:5b:c2:db:a2:
         e9:bc:68:8a:6a:11:c7:3b:7f:f3:b8:00:2c:31:4f:50:da:77:
         17:14:9e:2f:9f:7d:68:8c:d3:9d:a7:f5:54:72:cb:39:b9:ba:
         6e:d9:a9:8f:f9:f9:ae:bf:1e:bc:ae:dc:fd:40:6b:93:8c:d3:
         9f:f7:ad:e7:c7:83:e5:36:03:fe:79:c3:73:f0:0b:2b:4b:a5:
         30:c8:dd:2b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUKIcjkdZUTji4bqicMVQpiqOi+M8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTAyNDNDNzNBMThBRUQ2MzREN0VFQjhEMzRFNDQwOERG
RUI1MzE3MDAeFw0yNDA5MTcwMDM1MDFaFw0yNTA5MTYwMDQwMDFaMDMxMTAvBgNV
BAMTKENDNzU5ODY4NjBEM0I3QTA3MkE2MTNGQUNDQzlGNDAxQ0EzRjUyMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT2968/aVvXWqF40NZQWPyhErn
eESebhfs2Fypay3aniVc9RosHvkdMuNwBeWF6CUtyF2eH426RhDw1/iBFYR3OnO+
Pwakn5FzaKVWSWZcjbLRwM617mwccvR4lPz3Ym09d9E6QmAySeWjr4hY4HvFC6KV
PuYSFbzOvU4F2KIm7N3ty7XB2qEFuxsKcwMVAPfhZ+eDjxuVbhKgzY320hG9VPzP
PK6E7ctCKDh9JqA7upqYy35LQSvP8ibzBKNscNXekduVhvCHqKbh5mYPb9PMCLJK
ngsfD830Z33pSE/2ihlCZ9BIIMbAP4pS63rPVKfG3P/rrUE09t65ThtvRqGBAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUzHWYaGDTt6ByphP6zMn0Aco/UigwHwYDVR0j
BBgwFoAUkCQ8c6GK7WNNfuuNNORAjf61MXAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82NEMwMzM0NUQzODRDRDM4OTBGMjY2NzE0NDg1NEFGNkJG
QzY4NjAyMEExNkRGNkMxMzQ1NDUxNUM3ODA3NzFELzAvOTAyNDNDNzNBMThBRUQ2
MzREN0VFQjhEMzRFNDQwOERGRUI1MzE3MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85MDI0M0M3M0ExOEFFRDYzNEQ3
RUVCOEQzNEU0NDA4REZFQjUzMTcwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjRDMDMzNDVEMzg0Q0QzODkwRjI2NjcxNDQ4NTRBRjZCRkM2ODYwMjBB
MTZERjZDMTM0NTQ1MTVDNzgwNzcxRC8wLzMyMzAzMDJlMzEzMTM0MmUzODM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODMwMzYzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhyVTAN
BgkqhkiG9w0BAQsFAAOCAQEAusSn4uPFQjlG6zkIhSbdH1anNJtrdX5KNTbrnmsq
YEigmKmD45ywWnRzrW9xCc21f5naS+WtEniqVyE9h69ryBM92RLN/9A9s/15kY4O
QKtM0vAr0hp1ptDraD00eM6fi29K4VIzx05oh/XbD+CQLUkRXvAXwUCIOlfpmQyi
wdyd60RBCq/QXL/X6E2OZt7fV7LFMiOeA8ZgzwujcE4zEc82h0hPw8Bse+q7fR67
SvFbwtui6bxoimoRxzt/87gALDFPUNp3FxSeL599aIzTnaf1VHLLObm6btmpj/n5
rr8evK7c/UBrk4zTn/et58eD5TYD/nnDc/ALK0ulMMjdKw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:01:42 2024 by rpki-client on console-fra.rpki-client.org