Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8DA876A95E4C3C1B90C882840AA7165106F5F8EE4B1219C7E14789DC0ABF614D/0/3230302e33362e3231302e302f32342d3234203d3e20323731383637.roa
File:                     3230302e33362e3231302e302f32342d3234203d3e20323731383637.roa (raw, json)
Hash identifier:          qQ5ApUpZYlQXfveQKEMYnK0Vszfhze6b1UKFLxhcl0g=
Subject key identifier:   19:90:DE:E5:47:42:D5:E0:7E:66:7B:25:43:2F:A0:2E:66:F5:EE:26
Certificate issuer:       /CN=44F097D1B0DF1D2B00D714F0E6C761BF12CC23F6
Certificate serial:       2511E10C8732880EFC0AE522015883849A006B44
Authority key identifier: 44:F0:97:D1:B0:DF:1D:2B:00:D7:14:F0:E6:C7:61:BF:12:CC:23:F6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/44F097D1B0DF1D2B00D714F0E6C761BF12CC23F6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8DA876A95E4C3C1B90C882840AA7165106F5F8EE4B1219C7E14789DC0ABF614D/0/3230302e33362e3231302e302f32342d3234203d3e20323731383637.roa
Signing time:             Tue 05 Mar 2024 18:12:07 +0000
ROA not before:           Tue 05 Mar 2024 18:07:07 +0000
ROA not after:            Tue 04 Mar 2025 18:12:07 +0000
asID:                     271867
IP address blocks:        200.36.210.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8DA876A95E4C3C1B90C882840AA7165106F5F8EE4B1219C7E14789DC0ABF614D/0/44F097D1B0DF1D2B00D714F0E6C761BF12CC23F6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8DA876A95E4C3C1B90C882840AA7165106F5F8EE4B1219C7E14789DC0ABF614D/0/44F097D1B0DF1D2B00D714F0E6C761BF12CC23F6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/44F097D1B0DF1D2B00D714F0E6C761BF12CC23F6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:11:e1:0c:87:32:88:0e:fc:0a:e5:22:01:58:83:84:9a:00:6b:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44F097D1B0DF1D2B00D714F0E6C761BF12CC23F6
        Validity
            Not Before: Mar  5 18:07:07 2024 GMT
            Not After : Mar  4 18:12:07 2025 GMT
        Subject: CN=1990DEE54742D5E07E667B25432FA02E66F5EE26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:57:dc:5c:ea:eb:86:aa:c2:18:bb:00:0a:9f:
                    72:a9:38:83:fd:3c:fc:0c:2f:f1:1a:da:b5:9f:fd:
                    ec:cc:82:34:f8:29:d9:29:66:a8:77:63:7c:6c:10:
                    4c:de:6c:52:74:c8:72:6d:7e:6a:50:55:44:df:46:
                    fb:bf:ae:c7:41:99:05:f4:f8:91:ca:19:55:aa:47:
                    ce:65:50:c7:04:5a:20:76:1c:34:00:1f:9b:3e:a5:
                    5f:cb:e4:7a:b8:14:31:e5:2d:e1:05:a4:06:c8:97:
                    e1:7d:d3:05:c1:22:99:0f:06:d9:b2:ff:29:3c:b2:
                    91:e8:9b:21:b4:81:fa:b9:cb:78:15:7b:15:79:ab:
                    b0:79:ef:6f:53:dc:c7:ec:2e:03:c3:33:96:e6:c3:
                    16:c2:35:1a:06:06:6e:1a:2c:eb:83:e2:c4:a1:0a:
                    bc:7a:9e:21:14:d5:1d:f8:b2:9a:e7:89:f0:e3:a3:
                    f9:33:d5:81:0b:cd:ee:d7:b8:0a:4b:3f:39:31:30:
                    72:d5:ef:0c:a7:7f:fe:fe:56:d7:40:d8:23:b6:79:
                    c8:de:ab:e7:9c:24:2f:ee:05:d6:87:80:6b:de:60:
                    6b:b7:ed:44:73:72:66:0e:8f:df:7e:a7:ed:65:1c:
                    62:a2:e4:27:9b:41:7f:2b:ff:09:d3:fc:58:5d:f9:
                    3e:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:90:DE:E5:47:42:D5:E0:7E:66:7B:25:43:2F:A0:2E:66:F5:EE:26
            X509v3 Authority Key Identifier:
                keyid:44:F0:97:D1:B0:DF:1D:2B:00:D7:14:F0:E6:C7:61:BF:12:CC:23:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8DA876A95E4C3C1B90C882840AA7165106F5F8EE4B1219C7E14789DC0ABF614D/0/44F097D1B0DF1D2B00D714F0E6C761BF12CC23F6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/44F097D1B0DF1D2B00D714F0E6C761BF12CC23F6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8DA876A95E4C3C1B90C882840AA7165106F5F8EE4B1219C7E14789DC0ABF614D/0/3230302e33362e3231302e302f32342d3234203d3e20323731383637.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.36.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:6e:46:a2:1e:c9:a2:fa:34:f6:89:90:72:40:19:69:57:c7:
         1d:ea:f7:44:a8:2b:e4:82:5f:ee:16:36:b0:27:e0:0c:78:76:
         0e:92:7e:83:21:45:fc:a5:ef:2c:a2:9e:50:90:1d:98:dd:2a:
         d2:15:d6:37:7b:47:04:e1:ff:d6:c4:9d:66:63:26:44:df:b0:
         a1:f5:df:ea:20:9e:64:a6:21:2c:a1:ec:c7:97:12:7e:fc:95:
         8b:01:a5:95:c2:b4:09:f5:bb:5b:17:7b:43:4d:7d:b1:ff:3e:
         da:5c:34:dc:1d:fe:13:4b:0b:10:29:d2:64:d2:0c:3c:72:dd:
         bb:ab:84:00:5f:58:73:04:4b:83:37:d2:39:83:a0:78:ec:4d:
         fc:2c:b5:29:6e:a5:70:eb:ac:09:37:ec:74:4b:33:e9:4b:4f:
         ab:2a:fc:1a:19:a9:3f:66:0e:a9:8a:66:21:be:89:bf:4d:ed:
         40:b0:d0:64:c5:36:de:30:2a:56:68:9a:26:44:44:d4:79:16:
         a6:73:f9:b3:91:46:85:49:96:84:b2:fb:f9:bd:ea:f6:c5:2d:
         a8:d5:c8:00:c5:a9:58:1f:d9:bc:ac:f8:3d:c0:38:e1:14:8c:
         69:74:db:50:c7:88:b4:e6:06:11:97:80:25:0a:16:8c:7e:db:
         9e:c1:8e:fe
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUJRHhDIcyiA78CuUiAViDhJoAa0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDRGMDk3RDFCMERGMUQyQjAwRDcxNEYwRTZDNzYxQkYx
MkNDMjNGNjAeFw0yNDAzMDUxODA3MDdaFw0yNTAzMDQxODEyMDdaMDMxMTAvBgNV
BAMTKDE5OTBERUU1NDc0MkQ1RTA3RTY2N0IyNTQzMkZBMDJFNjZGNUVFMjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4V9xc6uuGqsIYuwAKn3KpOIP9
PPwML/Ea2rWf/ezMgjT4KdkpZqh3Y3xsEEzebFJ0yHJtfmpQVUTfRvu/rsdBmQX0
+JHKGVWqR85lUMcEWiB2HDQAH5s+pV/L5Hq4FDHlLeEFpAbIl+F90wXBIpkPBtmy
/yk8spHomyG0gfq5y3gVexV5q7B5729T3MfsLgPDM5bmwxbCNRoGBm4aLOuD4sSh
Crx6niEU1R34sprnifDjo/kz1YELze7XuApLPzkxMHLV7wynf/7+VtdA2CO2ecje
q+ecJC/uBdaHgGveYGu37URzcmYOj99+p+1lHGKi5CebQX8r/wnT/Fhd+T4XAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUGZDe5UdC1eB+ZnslQy+gLmb17iYwHwYDVR0j
BBgwFoAURPCX0bDfHSsA1xTw5sdhvxLMI/YwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84REE4NzZBOTVFNEMzQzFCOTBDODgyODQwQUE3MTY1MTA2
RjVGOEVFNEIxMjE5QzdFMTQ3ODlEQzBBQkY2MTRELzAvNDRGMDk3RDFCMERGMUQy
QjAwRDcxNEYwRTZDNzYxQkYxMkNDMjNGNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80NEYwOTdEMUIwREYxRDJCMDBE
NzE0RjBFNkM3NjFCRjEyQ0MyM0Y2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOERBODc2QTk1RTRDM0MxQjkwQzg4Mjg0MEFBNzE2NTEwNkY1RjhFRTRC
MTIxOUM3RTE0Nzg5REMwQUJGNjE0RC8wLzMyMzAzMDJlMzMzNjJlMzIzMTMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzMxMzgzNjM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyCTS
MA0GCSqGSIb3DQEBCwUAA4IBAQAgbkaiHsmi+jT2iZByQBlpV8cd6vdEqCvkgl/u
FjawJ+AMeHYOkn6DIUX8pe8sop5QkB2Y3SrSFdY3e0cE4f/WxJ1mYyZE37Ch9d/q
IJ5kpiEsoezHlxJ+/JWLAaWVwrQJ9btbF3tDTX2x/z7aXDTcHf4TSwsQKdJk0gw8
ct27q4QAX1hzBEuDN9I5g6B47E38LLUpbqVw66wJN+x0SzPpS0+rKvwaGak/Zg6p
imYhvom/Te1AsNBkxTbeMCpWaJomRETUeRamc/mzkUaFSZaEsvv5ver2xS2o1cgA
xalYH9m8rPg9wDjhFIxpdNtQx4i05gYRl4AlChaMftuewY7+
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:52:23 2024 by rpki-client on console-ams.rpki-client.org