Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/77F90D3C20A4E7AA7D48966678C510A5F1723BA8F9F53D5213E5D69070AF8A7A/0/3230312e37312e302e302f32332d3234203d3e20323639393235.roa
File:                     3230312e37312e302e302f32332d3234203d3e20323639393235.roa (raw, json)
Hash identifier:          h1ggcYKAQUNIEkv0I2kt+g8NeTnRCLgDuqiCo+c8Lyw=
Subject key identifier:   FC:10:D4:6A:4F:20:88:03:28:8E:C5:CA:5A:8F:E2:91:4C:1F:F9:6A
Certificate issuer:       /CN=CBCD2077E8046FEC629D9C00D697527D9809DE78
Certificate serial:       53F1E361C64D163B6BF68B554FE886EE0658DDE4
Authority key identifier: CB:CD:20:77:E8:04:6F:EC:62:9D:9C:00:D6:97:52:7D:98:09:DE:78
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBCD2077E8046FEC629D9C00D697527D9809DE78.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/77F90D3C20A4E7AA7D48966678C510A5F1723BA8F9F53D5213E5D69070AF8A7A/0/3230312e37312e302e302f32332d3234203d3e20323639393235.roa
Signing time:             Tue 05 Mar 2024 18:13:52 +0000
ROA not before:           Tue 05 Mar 2024 18:08:52 +0000
ROA not after:            Tue 04 Mar 2025 18:13:52 +0000
asID:                     269925
IP address blocks:        201.71.0.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/77F90D3C20A4E7AA7D48966678C510A5F1723BA8F9F53D5213E5D69070AF8A7A/0/CBCD2077E8046FEC629D9C00D697527D9809DE78.crl
                          rsync://repository.lacnic.net/rpki/lacnic/77F90D3C20A4E7AA7D48966678C510A5F1723BA8F9F53D5213E5D69070AF8A7A/0/CBCD2077E8046FEC629D9C00D697527D9809DE78.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBCD2077E8046FEC629D9C00D697527D9809DE78.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Jul 2024 03:40:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:f1:e3:61:c6:4d:16:3b:6b:f6:8b:55:4f:e8:86:ee:06:58:dd:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CBCD2077E8046FEC629D9C00D697527D9809DE78
        Validity
            Not Before: Mar  5 18:08:52 2024 GMT
            Not After : Mar  4 18:13:52 2025 GMT
        Subject: CN=FC10D46A4F208803288EC5CA5A8FE2914C1FF96A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:4b:d5:b2:8d:09:ac:29:d5:69:91:37:d7:15:
                    41:bc:e1:d9:28:53:b6:f0:d7:68:a0:f3:ac:97:83:
                    38:eb:8b:30:0a:e7:df:3e:e3:7f:29:fe:02:92:3f:
                    9e:7e:e0:59:f0:1c:83:06:61:f8:19:17:b9:ca:83:
                    15:e7:8f:9e:08:a1:34:ac:4d:7e:5f:4b:10:19:3c:
                    ae:ed:32:8b:cf:3e:af:9e:94:ea:59:76:36:a6:92:
                    d5:05:cf:13:aa:48:52:19:e4:3c:43:13:07:97:b2:
                    0c:bb:ac:30:47:d0:1c:c1:d1:46:e3:db:33:27:a7:
                    28:65:65:f8:fb:a3:28:1a:71:a5:f0:3a:01:a5:58:
                    3e:72:7b:df:ea:18:1e:c4:0d:99:17:ad:55:b6:fd:
                    d0:69:73:90:36:d7:11:81:2e:2e:40:51:b2:ae:a9:
                    a8:58:ac:09:dc:06:05:e1:a8:f7:7e:1a:6e:1d:2d:
                    d3:08:e7:8f:76:e5:10:fd:3f:33:7e:33:14:75:a6:
                    3d:5c:5d:a5:55:b5:69:6b:06:9d:9c:b4:fa:2f:a4:
                    5f:6f:c3:00:31:da:83:1b:df:6c:2f:cd:8b:c7:74:
                    16:dc:74:61:37:a5:e2:64:ec:80:20:9c:60:71:fe:
                    a0:ba:dd:98:66:5d:47:49:a9:d0:33:47:32:d4:28:
                    fd:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:10:D4:6A:4F:20:88:03:28:8E:C5:CA:5A:8F:E2:91:4C:1F:F9:6A
            X509v3 Authority Key Identifier:
                keyid:CB:CD:20:77:E8:04:6F:EC:62:9D:9C:00:D6:97:52:7D:98:09:DE:78

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/77F90D3C20A4E7AA7D48966678C510A5F1723BA8F9F53D5213E5D69070AF8A7A/0/CBCD2077E8046FEC629D9C00D697527D9809DE78.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBCD2077E8046FEC629D9C00D697527D9809DE78.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/77F90D3C20A4E7AA7D48966678C510A5F1723BA8F9F53D5213E5D69070AF8A7A/0/3230312e37312e302e302f32332d3234203d3e20323639393235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.71.0.0/23

    Signature Algorithm: sha256WithRSAEncryption
         76:3a:7e:67:c8:4b:44:b7:2f:4a:43:9c:50:ac:b6:71:26:ab:
         23:0b:07:38:38:a9:0b:84:08:ed:5b:7c:95:ee:5f:f8:e9:e4:
         9b:48:73:e6:f7:31:86:2c:6f:16:0d:c6:21:82:47:f4:bd:4d:
         5f:37:1c:49:e4:a6:8d:4e:a3:dc:9b:87:2d:8b:a5:f5:82:b1:
         dc:65:38:d1:3b:cb:8e:8c:3c:8c:b2:d2:0c:4b:5f:0c:e2:94:
         93:7d:cb:6c:79:7e:9a:d1:38:84:60:a6:95:cf:cb:22:ce:67:
         42:36:60:da:a7:39:60:2f:0d:42:01:2e:96:ea:c0:29:b9:fe:
         c9:08:ae:83:97:27:fa:af:22:67:b5:35:30:20:00:38:d5:59:
         b7:2a:40:14:43:69:22:84:00:21:73:70:08:4e:47:9c:14:cd:
         44:cd:d4:5b:e5:b8:5d:04:fb:30:26:79:e6:bd:76:3c:6d:e3:
         61:84:d0:01:66:d0:a0:c0:54:3a:e4:c6:9d:8e:c5:19:91:5d:
         1d:e9:50:5f:a7:95:a5:74:92:89:6a:8a:fb:5f:16:fa:ed:fa:
         00:e9:35:85:f2:5b:c2:19:ef:42:ff:47:fe:57:b8:67:bf:ad:
         be:6b:81:bd:b1:63:bc:fc:bf:d8:29:cd:6b:a3:75:27:28:70:
         ef:a3:c4:f2
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUU/HjYcZNFjtr9otVT+iG7gZY3eQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0JDRDIwNzdFODA0NkZFQzYyOUQ5QzAwRDY5NzUyN0Q5
ODA5REU3ODAeFw0yNDAzMDUxODA4NTJaFw0yNTAzMDQxODEzNTJaMDMxMTAvBgNV
BAMTKEZDMTBENDZBNEYyMDg4MDMyODhFQzVDQTVBOEZFMjkxNEMxRkY5NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlS9WyjQmsKdVpkTfXFUG84dko
U7bw12ig86yXgzjrizAK598+438p/gKSP55+4FnwHIMGYfgZF7nKgxXnj54IoTSs
TX5fSxAZPK7tMovPPq+elOpZdjamktUFzxOqSFIZ5DxDEweXsgy7rDBH0BzB0Ubj
2zMnpyhlZfj7oygacaXwOgGlWD5ye9/qGB7EDZkXrVW2/dBpc5A21xGBLi5AUbKu
qahYrAncBgXhqPd+Gm4dLdMI54925RD9PzN+MxR1pj1cXaVVtWlrBp2ctPovpF9v
wwAx2oMb32wvzYvHdBbcdGE3peJk7IAgnGBx/qC63ZhmXUdJqdAzRzLUKP0FAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU/BDUak8giAMojsXKWo/ikUwf+WowHwYDVR0j
BBgwFoAUy80gd+gEb+xinZwA1pdSfZgJ3ngwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83N0Y5MEQzQzIwQTRFN0FBN0Q0ODk2NjY3OEM1MTBBNUYx
NzIzQkE4RjlGNTNENTIxM0U1RDY5MDcwQUY4QTdBLzAvQ0JDRDIwNzdFODA0NkZF
QzYyOUQ5QzAwRDY5NzUyN0Q5ODA5REU3OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQkNEMjA3N0U4MDQ2RkVDNjI5
RDlDMDBENjk3NTI3RDk4MDlERTc4LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzdGOTBEM0MyMEE0RTdBQTdENDg5NjY2NzhDNTEwQTVGMTcyM0JBOEY5
RjUzRDUyMTNFNUQ2OTA3MEFGOEE3QS8wLzMyMzAzMTJlMzczMTJlMzAyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMjM2MzkzOTMyMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHJRwAwDQYJ
KoZIhvcNAQELBQADggEBAHY6fmfIS0S3L0pDnFCstnEmqyMLBzg4qQuECO1bfJXu
X/jp5JtIc+b3MYYsbxYNxiGCR/S9TV83HEnkpo1Oo9ybhy2LpfWCsdxlONE7y46M
PIyy0gxLXwzilJN9y2x5fprROIRgppXPyyLOZ0I2YNqnOWAvDUIBLpbqwCm5/skI
roOXJ/qvIme1NTAgADjVWbcqQBRDaSKEACFzcAhOR5wUzUTN1FvluF0E+zAmeea9
djxt42GE0AFm0KDAVDrkxp2OxRmRXR3pUF+nlaV0kolqivtfFvrt+gDpNYXyW8IZ
70L/R/5XuGe/rb5rgb2xY7z8v9gpzWujdScocO+jxPI=
-----END CERTIFICATE-----
Generated at Wed Jul 10 20:19:32 2024 by rpki-client on console-fra.rpki-client.org