Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8B3195F98E06E5B6847A4338FA88DC07CB2E5599DB8B255DC2352FD64C148E7A/0/3230302e31362e38392e302f32342d3234203d3e203532333138.roa
File:                     3230302e31362e38392e302f32342d3234203d3e203532333138.roa (raw, json)
Hash identifier:          DZaVnGdXTS3PodEgwu+obpd9dtKu6mnn9U39+LOnGEQ=
Subject key identifier:   7B:71:40:B0:C2:26:8C:36:61:B0:B1:B2:3F:54:55:55:DD:4A:29:41
Certificate issuer:       /CN=D4F1585FADC5386D18707CA8C82245CBAE06969F
Certificate serial:       1D2CC77FA1F6473E4B536A304D1C4FD42276B177
Authority key identifier: D4:F1:58:5F:AD:C5:38:6D:18:70:7C:A8:C8:22:45:CB:AE:06:96:9F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D4F1585FADC5386D18707CA8C82245CBAE06969F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8B3195F98E06E5B6847A4338FA88DC07CB2E5599DB8B255DC2352FD64C148E7A/0/3230302e31362e38392e302f32342d3234203d3e203532333138.roa
Signing time:             Tue 05 Mar 2024 18:13:27 +0000
ROA not before:           Tue 05 Mar 2024 18:08:27 +0000
ROA not after:            Tue 04 Mar 2025 18:13:27 +0000
asID:                     52318
IP address blocks:        200.16.89.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8B3195F98E06E5B6847A4338FA88DC07CB2E5599DB8B255DC2352FD64C148E7A/0/D4F1585FADC5386D18707CA8C82245CBAE06969F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8B3195F98E06E5B6847A4338FA88DC07CB2E5599DB8B255DC2352FD64C148E7A/0/D4F1585FADC5386D18707CA8C82245CBAE06969F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D4F1585FADC5386D18707CA8C82245CBAE06969F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:2c:c7:7f:a1:f6:47:3e:4b:53:6a:30:4d:1c:4f:d4:22:76:b1:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D4F1585FADC5386D18707CA8C82245CBAE06969F
        Validity
            Not Before: Mar  5 18:08:27 2024 GMT
            Not After : Mar  4 18:13:27 2025 GMT
        Subject: CN=7B7140B0C2268C3661B0B1B23F545555DD4A2941
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f3:16:50:14:4a:5a:06:ad:d7:77:6f:24:59:
                    f8:89:86:a8:f1:88:05:c4:f3:90:6c:7d:bf:52:fc:
                    c7:18:87:53:9b:a0:dd:57:e7:15:0a:8e:91:2a:73:
                    56:af:54:6f:5f:37:72:bd:f9:19:69:9a:59:80:27:
                    90:20:fe:e4:52:db:d2:e7:88:e8:db:85:55:c5:6c:
                    4a:1d:c8:ea:5e:6d:88:bb:c5:0a:ac:ee:85:7f:1c:
                    dc:0c:66:c4:f4:5a:50:89:56:ba:62:60:a4:fd:22:
                    ac:05:ec:51:0a:0c:90:88:ac:84:81:d0:96:9d:02:
                    7a:d5:df:59:d6:59:17:57:cb:3c:af:7d:14:5b:26:
                    bb:32:61:2f:46:47:5b:45:16:45:6a:ec:f8:18:5d:
                    99:64:c5:1d:27:9e:18:18:d7:f8:1d:57:6e:5d:a6:
                    7d:a8:43:9c:d7:22:db:a5:77:d3:c6:ea:95:99:a4:
                    82:5f:39:e8:56:b3:b3:0e:b0:91:1c:45:f9:49:2c:
                    6a:29:f7:a7:2d:57:db:b4:3f:32:72:c7:a0:8a:4f:
                    1b:ff:90:b8:a9:89:78:0b:3c:23:0d:d1:a6:20:15:
                    08:60:19:07:cd:5c:03:53:82:12:ac:50:83:ed:14:
                    13:40:9e:70:83:a9:56:3e:44:99:ff:33:7a:96:31:
                    ee:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:71:40:B0:C2:26:8C:36:61:B0:B1:B2:3F:54:55:55:DD:4A:29:41
            X509v3 Authority Key Identifier:
                keyid:D4:F1:58:5F:AD:C5:38:6D:18:70:7C:A8:C8:22:45:CB:AE:06:96:9F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8B3195F98E06E5B6847A4338FA88DC07CB2E5599DB8B255DC2352FD64C148E7A/0/D4F1585FADC5386D18707CA8C82245CBAE06969F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D4F1585FADC5386D18707CA8C82245CBAE06969F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8B3195F98E06E5B6847A4338FA88DC07CB2E5599DB8B255DC2352FD64C148E7A/0/3230302e31362e38392e302f32342d3234203d3e203532333138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.16.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:ba:c3:e4:44:2d:44:56:5b:b7:eb:69:70:8e:5e:eb:99:49:
         0b:78:6a:c6:44:2d:f6:b9:7e:f2:b7:b7:fe:db:bb:05:3e:1b:
         e1:42:ce:9c:ea:6f:73:e6:c1:60:13:0b:a3:74:3e:fe:90:e0:
         fa:38:a8:43:e3:6e:4c:55:e3:e0:20:83:82:0d:c0:40:25:a8:
         29:03:2c:a1:e5:e8:f1:e4:43:d1:ab:08:77:e3:a8:07:bf:a2:
         d5:26:13:b7:6d:88:90:c5:60:91:69:d5:90:4a:97:24:de:44:
         6c:4e:e6:f4:4c:6d:cb:9d:b1:9d:54:9f:d4:d7:59:a1:fb:8d:
         fb:42:d3:dc:1f:33:da:45:28:0d:7f:d7:eb:de:f0:7b:5b:3f:
         5c:8d:00:86:4a:e6:75:a2:e8:24:6b:26:40:5b:ea:96:16:d4:
         c7:5b:0c:f7:88:58:f0:5e:ea:15:01:ba:c4:4b:85:7b:4f:21:
         23:7d:55:82:1a:c9:bf:7a:19:fe:00:d8:a9:cb:94:90:6c:06:
         40:a8:ce:cb:b8:25:74:61:ec:cb:04:a4:54:6f:06:de:3b:43:
         dc:e4:88:da:ae:22:c0:5a:1d:b0:17:40:b5:cd:59:be:44:9a:
         2c:87:67:76:b1:31:a7:af:06:c8:f4:66:c7:20:b8:34:31:70:
         5c:d9:d9:a3
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUHSzHf6H2Rz5LU2owTRxP1CJ2sXcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDRGMTU4NUZBREM1Mzg2RDE4NzA3Q0E4QzgyMjQ1Q0JB
RTA2OTY5RjAeFw0yNDAzMDUxODA4MjdaFw0yNTAzMDQxODEzMjdaMDMxMTAvBgNV
BAMTKDdCNzE0MEIwQzIyNjhDMzY2MUIwQjFCMjNGNTQ1NTU1REQ0QTI5NDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+8xZQFEpaBq3Xd28kWfiJhqjx
iAXE85Bsfb9S/McYh1OboN1X5xUKjpEqc1avVG9fN3K9+RlpmlmAJ5Ag/uRS29Ln
iOjbhVXFbEodyOpebYi7xQqs7oV/HNwMZsT0WlCJVrpiYKT9IqwF7FEKDJCIrISB
0JadAnrV31nWWRdXyzyvfRRbJrsyYS9GR1tFFkVq7PgYXZlkxR0nnhgY1/gdV25d
pn2oQ5zXItuld9PG6pWZpIJfOehWs7MOsJEcRflJLGop96ctV9u0PzJyx6CKTxv/
kLipiXgLPCMN0aYgFQhgGQfNXANTghKsUIPtFBNAnnCDqVY+RJn/M3qWMe7bAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUe3FAsMImjDZhsLGyP1RVVd1KKUEwHwYDVR0j
BBgwFoAU1PFYX63FOG0YcHyoyCJFy64Glp8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84QjMxOTVGOThFMDZFNUI2ODQ3QTQzMzhGQTg4REMwN0NC
MkU1NTk5REI4QjI1NURDMjM1MkZENjRDMTQ4RTdBLzAvRDRGMTU4NUZBREM1Mzg2
RDE4NzA3Q0E4QzgyMjQ1Q0JBRTA2OTY5Ri5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENEYxNTg1RkFEQzUzODZEMTg3
MDdDQThDODIyNDVDQkFFMDY5NjlGLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEIzMTk1Rjk4RTA2RTVCNjg0N0E0MzM4RkE4OERDMDdDQjJFNTU5OURC
OEIyNTVEQzIzNTJGRDY0QzE0OEU3QS8wLzMyMzAzMDJlMzEzNjJlMzgzOTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzMzMxMzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIEFkwDQYJ
KoZIhvcNAQELBQADggEBALe6w+RELURWW7fraXCOXuuZSQt4asZELfa5fvK3t/7b
uwU+G+FCzpzqb3PmwWATC6N0Pv6Q4Po4qEPjbkxV4+Agg4INwEAlqCkDLKHl6PHk
Q9GrCHfjqAe/otUmE7dtiJDFYJFp1ZBKlyTeRGxO5vRMbcudsZ1Un9TXWaH7jftC
09wfM9pFKA1/1+ve8HtbP1yNAIZK5nWi6CRrJkBb6pYW1MdbDPeIWPBe6hUBusRL
hXtPISN9VYIayb96Gf4A2KnLlJBsBkCozsu4JXRh7MsEpFRvBt47Q9zkiNquIsBa
HbAXQLXNWb5EmiyHZ3axMaevBsj0ZscguDQxcFzZ2aM=
-----END CERTIFICATE-----
Generated at Sun Jun 16 15:20:14 2024 by rpki-client on console-fra.rpki-client.org