Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7E8D50E2C16BA4739823910CF2F049FE81927C348B9E86D9756BC63B8D42EEAA/0/3230312e3231392e39362e302f32302d3234203d3e203134323332.roa
File:                     3230312e3231392e39362e302f32302d3234203d3e203134323332.roa (raw, json)
Hash identifier:          oHptlpuERswKxAmGp8/63034ib8lFqOni6yAggIorEU=
Subject key identifier:   58:BC:1F:93:D8:E7:37:0D:06:05:CB:47:CD:E0:74:0B:20:D6:31:BB
Certificate issuer:       /CN=9A9F1648A3D8E49E1B5284F86CE1C348F3A728A5
Certificate serial:       79F5F9073B911FAD02B8A0BE3BDCCC2292B24416
Authority key identifier: 9A:9F:16:48:A3:D8:E4:9E:1B:52:84:F8:6C:E1:C3:48:F3:A7:28:A5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9A9F1648A3D8E49E1B5284F86CE1C348F3A728A5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7E8D50E2C16BA4739823910CF2F049FE81927C348B9E86D9756BC63B8D42EEAA/0/3230312e3231392e39362e302f32302d3234203d3e203134323332.roa
Signing time:             Tue 05 Mar 2024 17:50:26 +0000
ROA not before:           Tue 05 Mar 2024 17:45:26 +0000
ROA not after:            Tue 04 Mar 2025 17:50:26 +0000
asID:                     14232
IP address blocks:        201.219.96.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7E8D50E2C16BA4739823910CF2F049FE81927C348B9E86D9756BC63B8D42EEAA/0/9A9F1648A3D8E49E1B5284F86CE1C348F3A728A5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7E8D50E2C16BA4739823910CF2F049FE81927C348B9E86D9756BC63B8D42EEAA/0/9A9F1648A3D8E49E1B5284F86CE1C348F3A728A5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9A9F1648A3D8E49E1B5284F86CE1C348F3A728A5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:f5:f9:07:3b:91:1f:ad:02:b8:a0:be:3b:dc:cc:22:92:b2:44:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9A9F1648A3D8E49E1B5284F86CE1C348F3A728A5
        Validity
            Not Before: Mar  5 17:45:26 2024 GMT
            Not After : Mar  4 17:50:26 2025 GMT
        Subject: CN=58BC1F93D8E7370D0605CB47CDE0740B20D631BB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:27:21:ef:a6:0f:ae:0c:57:dd:01:ea:9d:ff:
                    33:d8:1b:03:62:01:2d:c9:4b:3a:96:3c:f5:d8:df:
                    1f:72:ca:23:99:3b:51:0c:d2:55:4b:3e:99:46:c4:
                    7f:fb:64:fb:41:19:a3:cf:c9:09:e2:fc:86:11:c2:
                    f7:a9:af:13:38:b7:78:4c:d8:03:a4:eb:14:ba:7e:
                    22:55:17:5e:7d:d0:3c:66:0a:26:fc:91:06:2c:11:
                    65:74:e4:57:15:f0:43:38:f6:98:7a:29:d3:90:db:
                    4d:45:c0:c3:e7:12:ab:15:a9:b6:df:0f:de:b8:63:
                    fd:cd:33:54:e7:5f:0e:b5:db:99:99:0b:37:f0:b9:
                    da:8e:bb:2b:fd:6d:7e:17:37:df:12:a6:3a:b5:6e:
                    10:ab:aa:8a:00:c8:ac:70:58:25:91:0c:4d:04:cd:
                    72:4b:2d:71:7e:18:8a:3c:e2:41:20:0e:9b:9e:82:
                    96:83:e8:a3:43:15:8d:9d:95:39:a4:d2:42:bf:b5:
                    7a:99:e8:1b:be:08:69:4d:d8:6a:72:38:ba:71:50:
                    99:49:cd:d6:60:1f:9d:30:7b:87:58:df:7e:9f:dc:
                    4c:f1:a7:a0:09:42:fb:c2:1c:47:9c:8c:ae:5b:b4:
                    5c:b1:f1:03:19:9b:44:25:07:58:60:f0:5f:d1:a0:
                    39:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:BC:1F:93:D8:E7:37:0D:06:05:CB:47:CD:E0:74:0B:20:D6:31:BB
            X509v3 Authority Key Identifier:
                keyid:9A:9F:16:48:A3:D8:E4:9E:1B:52:84:F8:6C:E1:C3:48:F3:A7:28:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7E8D50E2C16BA4739823910CF2F049FE81927C348B9E86D9756BC63B8D42EEAA/0/9A9F1648A3D8E49E1B5284F86CE1C348F3A728A5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9A9F1648A3D8E49E1B5284F86CE1C348F3A728A5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7E8D50E2C16BA4739823910CF2F049FE81927C348B9E86D9756BC63B8D42EEAA/0/3230312e3231392e39362e302f32302d3234203d3e203134323332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.219.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         09:01:8d:03:83:c4:12:0f:f0:e1:15:7d:de:f6:92:f5:60:ef:
         34:3d:7d:ef:14:56:b3:3f:1f:f1:4b:16:b2:93:d4:8f:01:55:
         4b:38:bf:9e:22:e3:5a:9e:d0:ec:d1:b0:41:9a:e6:3b:8c:25:
         bb:e0:ce:2e:d6:f3:e7:e7:e2:8d:dd:b1:fe:0a:2b:de:e2:2f:
         47:47:41:98:d1:b1:24:23:42:1d:80:3d:14:34:41:50:34:df:
         06:76:23:f9:ab:fb:fa:e7:07:95:ca:0f:6a:4f:8b:dc:f2:06:
         cd:c5:23:0e:75:6f:dc:43:2a:d5:26:6c:ae:12:4f:15:99:0f:
         14:8e:4c:fc:cc:fa:87:60:64:8b:ec:de:61:ff:ed:d7:41:9e:
         2f:15:d5:de:8d:b1:17:8d:77:14:29:f8:fa:be:1f:29:37:0c:
         f6:a1:ad:a7:d6:15:df:bc:6c:3d:65:13:73:a8:6f:c2:29:db:
         d5:43:62:37:d8:33:d0:ca:3c:5d:15:b9:5d:d8:ab:d3:97:14:
         7f:42:f1:33:20:10:34:ed:73:f3:c4:d5:62:b5:88:be:e2:30:
         56:b4:56:54:cd:3a:42:b9:43:e9:91:b1:8d:f3:68:75:65:19:
         d3:6d:3e:01:de:90:3b:58:a1:bf:4c:b5:41:8f:45:ae:23:b3:
         d2:d0:de:2e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUefX5BzuRH60CuKC+O9zMIpKyRBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUE5RjE2NDhBM0Q4RTQ5RTFCNTI4NEY4NkNFMUMzNDhG
M0E3MjhBNTAeFw0yNDAzMDUxNzQ1MjZaFw0yNTAzMDQxNzUwMjZaMDMxMTAvBgNV
BAMTKDU4QkMxRjkzRDhFNzM3MEQwNjA1Q0I0N0NERTA3NDBCMjBENjMxQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdJyHvpg+uDFfdAeqd/zPYGwNi
AS3JSzqWPPXY3x9yyiOZO1EM0lVLPplGxH/7ZPtBGaPPyQni/IYRwveprxM4t3hM
2AOk6xS6fiJVF1590DxmCib8kQYsEWV05FcV8EM49ph6KdOQ201FwMPnEqsVqbbf
D964Y/3NM1TnXw6125mZCzfwudqOuyv9bX4XN98Spjq1bhCrqooAyKxwWCWRDE0E
zXJLLXF+GIo84kEgDpuegpaD6KNDFY2dlTmk0kK/tXqZ6Bu+CGlN2GpyOLpxUJlJ
zdZgH50we4dY336f3Ezxp6AJQvvCHEecjK5btFyx8QMZm0QlB1hg8F/RoDm9AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUWLwfk9jnNw0GBctHzeB0CyDWMbswHwYDVR0j
BBgwFoAUmp8WSKPY5J4bUoT4bOHDSPOnKKUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83RThENTBFMkMxNkJBNDczOTgyMzkxMENGMkYwNDlGRTgx
OTI3QzM0OEI5RTg2RDk3NTZCQzYzQjhENDJFRUFBLzAvOUE5RjE2NDhBM0Q4RTQ5
RTFCNTI4NEY4NkNFMUMzNDhGM0E3MjhBNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85QTlGMTY0OEEzRDhFNDlFMUI1
Mjg0Rjg2Q0UxQzM0OEYzQTcyOEE1LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvN0U4RDUwRTJDMTZCQTQ3Mzk4MjM5MTBDRjJGMDQ5RkU4MTkyN0MzNDhC
OUU4NkQ5NzU2QkM2M0I4RDQyRUVBQS8wLzMyMzAzMTJlMzIzMTM5MmUzOTM2MmUz
MDJmMzIzMDJkMzIzNDIwM2QzZTIwMzEzNDMyMzMzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMnbYDAN
BgkqhkiG9w0BAQsFAAOCAQEACQGNA4PEEg/w4RV93vaS9WDvND197xRWsz8f8UsW
spPUjwFVSzi/niLjWp7Q7NGwQZrmO4wlu+DOLtbz5+fijd2x/gor3uIvR0dBmNGx
JCNCHYA9FDRBUDTfBnYj+av7+ucHlcoPak+L3PIGzcUjDnVv3EMq1SZsrhJPFZkP
FI5M/Mz6h2Bki+zeYf/t10GeLxXV3o2xF413FCn4+r4fKTcM9qGtp9YV37xsPWUT
c6hvwinb1UNiN9gz0Mo8XRW5Xdir05cUf0LxMyAQNO1z88TVYrWIvuIwVrRWVM06
QrlD6ZGxjfNodWUZ020+Ad6QO1ihv0y1QY9FriOz0tDeLg==
-----END CERTIFICATE-----
Generated at Wed Nov 20 11:09:00 2024 by rpki-client on console-ams.rpki-client.org