Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6BAAEFABFFB4077B02F37A6CA4EAC539B4079481C80C83F6F9D2BFF30744CFAA/0/3230302e36332e36342e302f32302d3234203d3e203532343331.roa
File:                     3230302e36332e36342e302f32302d3234203d3e203532343331.roa (raw, json)
Hash identifier:          c3zq5pB0W3tclGhW3qpQQkubP3pNjkfuhuirOC+WXL8=
Subject key identifier:   2C:93:3C:C5:81:1D:79:83:40:89:AB:12:14:29:A0:90:F7:74:42:D2
Certificate issuer:       /CN=89FBB987F4762D9626E55719EF46050943DEE51C
Certificate serial:       29A8BD16638086282B34633E1FE9BD55F5204C7B
Authority key identifier: 89:FB:B9:87:F4:76:2D:96:26:E5:57:19:EF:46:05:09:43:DE:E5:1C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/89FBB987F4762D9626E55719EF46050943DEE51C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6BAAEFABFFB4077B02F37A6CA4EAC539B4079481C80C83F6F9D2BFF30744CFAA/0/3230302e36332e36342e302f32302d3234203d3e203532343331.roa
Signing time:             Tue 05 Mar 2024 18:07:50 +0000
ROA not before:           Tue 05 Mar 2024 18:02:50 +0000
ROA not after:            Tue 04 Mar 2025 18:07:50 +0000
asID:                     52431
IP address blocks:        200.63.64.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6BAAEFABFFB4077B02F37A6CA4EAC539B4079481C80C83F6F9D2BFF30744CFAA/0/89FBB987F4762D9626E55719EF46050943DEE51C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6BAAEFABFFB4077B02F37A6CA4EAC539B4079481C80C83F6F9D2BFF30744CFAA/0/89FBB987F4762D9626E55719EF46050943DEE51C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/89FBB987F4762D9626E55719EF46050943DEE51C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 22 Jul 2024 13:18:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:a8:bd:16:63:80:86:28:2b:34:63:3e:1f:e9:bd:55:f5:20:4c:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89FBB987F4762D9626E55719EF46050943DEE51C
        Validity
            Not Before: Mar  5 18:02:50 2024 GMT
            Not After : Mar  4 18:07:50 2025 GMT
        Subject: CN=2C933CC5811D79834089AB121429A090F77442D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:7f:4f:99:99:4a:f1:ed:ce:59:a9:0b:22:55:
                    37:d3:e0:53:c3:0f:51:8d:fc:e8:aa:40:b4:ea:4f:
                    5b:26:54:87:17:88:79:57:62:6f:7c:e3:74:95:14:
                    59:d3:be:8e:38:aa:34:9d:69:48:cd:24:9f:64:2d:
                    fb:cb:9f:bf:ae:f3:f2:ca:0f:ee:80:0a:7c:a5:76:
                    21:6b:3f:7d:9e:89:0c:57:a8:b7:d9:3d:4c:1c:28:
                    46:16:8f:cb:fb:5b:fa:85:e0:87:88:88:7b:fe:20:
                    14:a0:9c:87:c7:06:81:8f:6d:22:1e:b4:c0:81:b9:
                    f3:6f:0e:02:cd:e4:5f:f2:3f:d3:6b:f3:dc:4d:57:
                    90:f0:6a:29:3d:09:99:2d:a3:98:79:3e:de:c7:22:
                    8d:0c:43:62:e2:0b:b5:97:f4:91:3c:77:c1:42:80:
                    33:3e:17:66:98:0b:e3:98:3c:0d:8e:25:6a:ae:eb:
                    00:23:25:c6:2a:30:ce:ef:22:d5:f6:34:ef:8a:57:
                    20:ad:52:fe:a3:33:55:9e:32:2f:fe:9e:3f:d0:a3:
                    5d:e8:fc:d1:ae:b4:31:34:b5:20:c9:e0:01:c3:ad:
                    78:35:53:18:42:e2:05:4f:82:66:aa:44:e6:63:c8:
                    88:e9:98:20:18:15:a3:2d:3c:86:11:87:f0:3e:f1:
                    a3:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:93:3C:C5:81:1D:79:83:40:89:AB:12:14:29:A0:90:F7:74:42:D2
            X509v3 Authority Key Identifier:
                keyid:89:FB:B9:87:F4:76:2D:96:26:E5:57:19:EF:46:05:09:43:DE:E5:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6BAAEFABFFB4077B02F37A6CA4EAC539B4079481C80C83F6F9D2BFF30744CFAA/0/89FBB987F4762D9626E55719EF46050943DEE51C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/89FBB987F4762D9626E55719EF46050943DEE51C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6BAAEFABFFB4077B02F37A6CA4EAC539B4079481C80C83F6F9D2BFF30744CFAA/0/3230302e36332e36342e302f32302d3234203d3e203532343331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.63.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         0b:57:5b:55:65:10:90:e5:3f:f6:d0:47:b0:bf:b8:b8:94:0b:
         b9:7d:b7:b4:8e:fd:af:a4:1e:0c:08:d6:1f:7b:e6:85:3d:bc:
         57:d3:f7:48:36:4a:de:20:44:4c:e3:7c:5f:9d:55:81:c3:92:
         b7:17:e0:ac:76:c0:cb:02:93:84:7c:56:1c:e4:73:2f:40:83:
         ed:38:fd:3c:94:b4:db:f2:c3:50:02:b1:c9:5d:62:cb:e6:0c:
         2d:fa:f2:2a:22:57:35:22:f8:f2:5a:d6:c9:65:cf:5c:86:e6:
         7c:e5:0b:37:41:01:9a:87:96:63:2e:3a:5e:9e:20:e8:29:2c:
         cc:4b:b8:52:25:72:f1:3a:fb:7c:ee:69:7b:39:32:00:a4:23:
         4d:10:7b:0c:5d:ce:d4:03:69:a2:9a:25:3c:d0:5e:db:51:2f:
         ac:03:ee:05:f3:9b:d3:14:2f:4a:d1:41:be:a8:2c:27:42:30:
         e4:5a:8f:43:c4:7e:d5:6a:2b:d7:da:7c:38:ed:35:7f:e9:93:
         21:f4:3e:ec:2f:c9:d1:d1:3c:4f:2e:6f:6e:7d:75:a2:a1:4f:
         5e:8d:65:9c:66:95:58:d5:4c:c7:d5:94:f4:3a:e5:55:5c:38:
         5f:b3:5e:c1:15:28:c9:ef:11:f6:5d:db:52:55:4c:de:72:5f:
         3d:9a:5a:a8
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUKai9FmOAhigrNGM+H+m9VfUgTHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODlGQkI5ODdGNDc2MkQ5NjI2RTU1NzE5RUY0NjA1MDk0
M0RFRTUxQzAeFw0yNDAzMDUxODAyNTBaFw0yNTAzMDQxODA3NTBaMDMxMTAvBgNV
BAMTKDJDOTMzQ0M1ODExRDc5ODM0MDg5QUIxMjE0MjlBMDkwRjc3NDQyRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChf0+ZmUrx7c5ZqQsiVTfT4FPD
D1GN/OiqQLTqT1smVIcXiHlXYm9843SVFFnTvo44qjSdaUjNJJ9kLfvLn7+u8/LK
D+6ACnyldiFrP32eiQxXqLfZPUwcKEYWj8v7W/qF4IeIiHv+IBSgnIfHBoGPbSIe
tMCBufNvDgLN5F/yP9Nr89xNV5Dwaik9CZkto5h5Pt7HIo0MQ2LiC7WX9JE8d8FC
gDM+F2aYC+OYPA2OJWqu6wAjJcYqMM7vItX2NO+KVyCtUv6jM1WeMi/+nj/Qo13o
/NGutDE0tSDJ4AHDrXg1UxhC4gVPgmaqROZjyIjpmCAYFaMtPIYRh/A+8aMfAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQULJM8xYEdeYNAiasSFCmgkPd0QtIwHwYDVR0j
BBgwFoAUifu5h/R2LZYm5VcZ70YFCUPe5RwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82QkFBRUZBQkZGQjQwNzdCMDJGMzdBNkNBNEVBQzUzOUI0
MDc5NDgxQzgwQzgzRjZGOUQyQkZGMzA3NDRDRkFBLzAvODlGQkI5ODdGNDc2MkQ5
NjI2RTU1NzE5RUY0NjA1MDk0M0RFRTUxQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84OUZCQjk4N0Y0NzYyRDk2MjZF
NTU3MTlFRjQ2MDUwOTQzREVFNTFDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNkJBQUVGQUJGRkI0MDc3QjAyRjM3QTZDQTRFQUM1MzlCNDA3OTQ4MUM4
MEM4M0Y2RjlEMkJGRjMwNzQ0Q0ZBQS8wLzMyMzAzMDJlMzYzMzJlMzYzNDJlMzAy
ZjMyMzAyZDMyMzQyMDNkM2UyMDM1MzIzNDMzMzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATIP0AwDQYJ
KoZIhvcNAQELBQADggEBAAtXW1VlEJDlP/bQR7C/uLiUC7l9t7SO/a+kHgwI1h97
5oU9vFfT90g2St4gREzjfF+dVYHDkrcX4Kx2wMsCk4R8Vhzkcy9Ag+04/TyUtNvy
w1ACscldYsvmDC368ioiVzUi+PJa1sllz1yG5nzlCzdBAZqHlmMuOl6eIOgpLMxL
uFIlcvE6+3zuaXs5MgCkI00QewxdztQDaaKaJTzQXttRL6wD7gXzm9MUL0rRQb6o
LCdCMORaj0PEftVqK9fafDjtNX/pkyH0PuwvydHRPE8ub259daKhT16NZZxmlVjV
TMfVlPQ65VVcOF+zXsEVKMnvEfZd21JVTN5yXz2aWqg=
-----END CERTIFICATE-----
Generated at Thu Jul 18 20:01:52 2024 by rpki-client on console-fra.rpki-client.org