Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/71F989F8C5FF9E9E126C5F90FEF9F95A13F2F7E810F68D0E441664BE3FA9C024/0/3230302e392e3134372e302f32342d3234203d3e203237383735.roa
File:                     3230302e392e3134372e302f32342d3234203d3e203237383735.roa (raw, json)
Hash identifier:          hWLoDDz2cSKYZur+7IU9fMZxYuShYucIYmAR0X2hIsI=
Subject key identifier:   14:9A:64:D2:58:5D:E8:2F:D3:25:82:9F:F2:7C:AA:68:5D:9D:ED:8A
Certificate issuer:       /CN=D053F7D42FC9FD03556A9F3D2AF9E3D2221BADFC
Certificate serial:       7E17CD95EB218DEDC50D8F7BD1B5197DB400A369
Authority key identifier: D0:53:F7:D4:2F:C9:FD:03:55:6A:9F:3D:2A:F9:E3:D2:22:1B:AD:FC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D053F7D42FC9FD03556A9F3D2AF9E3D2221BADFC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/71F989F8C5FF9E9E126C5F90FEF9F95A13F2F7E810F68D0E441664BE3FA9C024/0/3230302e392e3134372e302f32342d3234203d3e203237383735.roa
Signing time:             Tue 05 Mar 2024 17:53:25 +0000
ROA not before:           Tue 05 Mar 2024 17:48:25 +0000
ROA not after:            Tue 04 Mar 2025 17:53:25 +0000
asID:                     27875
IP address blocks:        200.9.147.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/71F989F8C5FF9E9E126C5F90FEF9F95A13F2F7E810F68D0E441664BE3FA9C024/0/D053F7D42FC9FD03556A9F3D2AF9E3D2221BADFC.crl
                          rsync://repository.lacnic.net/rpki/lacnic/71F989F8C5FF9E9E126C5F90FEF9F95A13F2F7E810F68D0E441664BE3FA9C024/0/D053F7D42FC9FD03556A9F3D2AF9E3D2221BADFC.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D053F7D42FC9FD03556A9F3D2AF9E3D2221BADFC.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:17:cd:95:eb:21:8d:ed:c5:0d:8f:7b:d1:b5:19:7d:b4:00:a3:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D053F7D42FC9FD03556A9F3D2AF9E3D2221BADFC
        Validity
            Not Before: Mar  5 17:48:25 2024 GMT
            Not After : Mar  4 17:53:25 2025 GMT
        Subject: CN=149A64D2585DE82FD325829FF27CAA685D9DED8A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:49:ce:3c:f6:f6:a0:45:14:26:52:51:dc:66:
                    ea:f9:80:29:69:e5:c8:3d:cb:42:85:a4:21:0a:54:
                    33:81:74:d6:7b:40:8f:59:b1:2e:2a:e0:4a:fd:1b:
                    d7:2b:e1:35:24:38:f8:a6:c2:3e:fd:04:9e:8b:38:
                    2f:ac:78:04:af:79:c3:9a:1a:5b:fc:d5:92:26:b5:
                    25:99:0a:c5:73:cc:ee:f3:23:97:a1:01:18:05:a7:
                    4f:ac:08:1e:f4:72:72:a9:2d:e5:93:89:b1:52:ef:
                    f7:ab:8c:87:44:99:38:6a:ac:d7:1a:ec:ad:bd:d4:
                    84:cd:30:b7:fa:bf:61:52:f7:fe:22:70:49:00:23:
                    35:c5:8d:4f:a1:f2:26:cb:cf:d9:2d:19:94:1d:07:
                    f7:35:8d:6f:1d:4f:4d:21:db:ce:04:06:a4:b4:39:
                    b8:5c:88:ef:95:5e:31:24:99:c2:25:f0:9c:2f:f5:
                    d4:b6:0d:81:0a:41:39:8b:79:ba:48:af:fe:0b:72:
                    dd:ff:53:44:00:21:66:f9:03:af:b0:52:c8:a3:33:
                    80:fa:4f:78:68:49:86:7c:47:8d:8b:68:78:d8:40:
                    e3:e2:02:56:42:67:9a:71:ed:42:2c:c9:f9:01:f6:
                    a1:c0:2f:fb:36:24:a5:1b:51:42:e2:93:11:8e:67:
                    14:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:9A:64:D2:58:5D:E8:2F:D3:25:82:9F:F2:7C:AA:68:5D:9D:ED:8A
            X509v3 Authority Key Identifier:
                keyid:D0:53:F7:D4:2F:C9:FD:03:55:6A:9F:3D:2A:F9:E3:D2:22:1B:AD:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/71F989F8C5FF9E9E126C5F90FEF9F95A13F2F7E810F68D0E441664BE3FA9C024/0/D053F7D42FC9FD03556A9F3D2AF9E3D2221BADFC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D053F7D42FC9FD03556A9F3D2AF9E3D2221BADFC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/71F989F8C5FF9E9E126C5F90FEF9F95A13F2F7E810F68D0E441664BE3FA9C024/0/3230302e392e3134372e302f32342d3234203d3e203237383735.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.9.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:69:d1:a6:5f:cc:6d:7e:0d:eb:c5:df:7d:75:59:ab:e5:5e:
         a6:47:f6:27:32:33:c9:4c:f9:34:ea:1c:5a:46:2c:00:46:6f:
         2e:bb:4a:59:ed:5a:58:01:d0:e9:02:8e:42:4e:de:76:d5:00:
         8d:46:95:3b:54:6f:c1:bc:17:5e:ed:2d:42:c0:2b:29:cc:db:
         0c:91:d1:fa:f3:e3:f3:2a:df:97:a1:2c:ac:3a:25:25:e8:28:
         ad:5e:29:c7:7f:f7:c6:2d:f5:0b:eb:de:21:4a:07:4c:dc:81:
         6e:8e:71:f9:3a:0d:2b:78:76:ed:6a:9b:ed:2f:23:b7:43:7a:
         1c:7e:29:47:e7:63:80:d5:9f:41:cd:53:b5:b8:8a:3e:e0:39:
         44:23:a4:05:23:d9:2b:f8:40:c2:b8:67:d3:d1:a5:ef:4a:0e:
         ac:47:81:d2:c1:3a:97:b9:75:55:26:d1:f3:b3:cc:9f:6f:92:
         d1:48:1d:80:dc:08:35:f9:f0:59:5c:6d:88:45:c3:e4:00:74:
         48:26:f4:c2:b5:91:0e:46:d3:07:8b:af:b0:7e:aa:92:19:bb:
         4b:ec:78:63:1f:5e:df:3b:97:61:2e:b2:e8:d9:a9:64:14:e8:
         57:7a:68:13:b1:40:86:69:c6:b4:18:a8:3c:fe:ce:34:56:b6:
         e8:02:d9:d0
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUfhfNleshje3FDY970bUZfbQAo2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDA1M0Y3RDQyRkM5RkQwMzU1NkE5RjNEMkFGOUUzRDIy
MjFCQURGQzAeFw0yNDAzMDUxNzQ4MjVaFw0yNTAzMDQxNzUzMjVaMDMxMTAvBgNV
BAMTKDE0OUE2NEQyNTg1REU4MkZEMzI1ODI5RkYyN0NBQTY4NUQ5REVEOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3Sc489vagRRQmUlHcZur5gClp
5cg9y0KFpCEKVDOBdNZ7QI9ZsS4q4Er9G9cr4TUkOPimwj79BJ6LOC+seASvecOa
Glv81ZImtSWZCsVzzO7zI5ehARgFp0+sCB70cnKpLeWTibFS7/erjIdEmThqrNca
7K291ITNMLf6v2FS9/4icEkAIzXFjU+h8ibLz9ktGZQdB/c1jW8dT00h284EBqS0
ObhciO+VXjEkmcIl8Jwv9dS2DYEKQTmLebpIr/4Lct3/U0QAIWb5A6+wUsijM4D6
T3hoSYZ8R42LaHjYQOPiAlZCZ5px7UIsyfkB9qHAL/s2JKUbUULikxGOZxSLAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUFJpk0lhd6C/TJYKf8nyqaF2d7YowHwYDVR0j
BBgwFoAU0FP31C/J/QNVap89Kvnj0iIbrfwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83MUY5ODlGOEM1RkY5RTlFMTI2QzVGOTBGRUY5Rjk1QTEz
RjJGN0U4MTBGNjhEMEU0NDE2NjRCRTNGQTlDMDI0LzAvRDA1M0Y3RDQyRkM5RkQw
MzU1NkE5RjNEMkFGOUUzRDIyMjFCQURGQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMDUzRjdENDJGQzlGRDAzNTU2
QTlGM0QyQUY5RTNEMjIyMUJBREZDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzFGOTg5RjhDNUZGOUU5RTEyNkM1RjkwRkVGOUY5NUExM0YyRjdFODEw
RjY4RDBFNDQxNjY0QkUzRkE5QzAyNC8wLzMyMzAzMDJlMzkyZTMxMzQzNzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczODM3MzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADICZMwDQYJ
KoZIhvcNAQELBQADggEBAKdp0aZfzG1+DevF3311WavlXqZH9icyM8lM+TTqHFpG
LABGby67SlntWlgB0OkCjkJO3nbVAI1GlTtUb8G8F17tLULAKynM2wyR0frz4/Mq
35ehLKw6JSXoKK1eKcd/98Yt9Qvr3iFKB0zcgW6Ocfk6DSt4du1qm+0vI7dDehx+
KUfnY4DVn0HNU7W4ij7gOUQjpAUj2Sv4QMK4Z9PRpe9KDqxHgdLBOpe5dVUm0fOz
zJ9vktFIHYDcCDX58FlcbYhFw+QAdEgm9MK1kQ5G0weLr7B+qpIZu0vseGMfXt87
l2EusujZqWQU6Fd6aBOxQIZpxrQYqDz+zjRWtugC2dA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:30:31 2024 by rpki-client on console-ams.rpki-client.org