Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9F9F582B5E6E3D9ADB07291B00AB30EF4C84E211575C500C933DD3766C6B0D85/0/3230302e3130372e3132302e302f32312d3234203d3e203134373534.roa
File:                     3230302e3130372e3132302e302f32312d3234203d3e203134373534.roa (raw, json)
Hash identifier:          QDghIu2Q9n5IfJ0MQKHuUKjcDXKWmf8mpQzSR61hDYw=
Subject key identifier:   E2:A9:7C:46:78:D8:18:1B:A6:3B:C0:D9:EA:2F:AF:55:24:8D:A9:38
Certificate issuer:       /CN=78533EB3FC1F0B8C193CBD87000A8F6754AAFE91
Certificate serial:       59D4FDE8F7EBC87BD6B786158E4853E4EA12E72E
Authority key identifier: 78:53:3E:B3:FC:1F:0B:8C:19:3C:BD:87:00:0A:8F:67:54:AA:FE:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/78533EB3FC1F0B8C193CBD87000A8F6754AAFE91.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9F9F582B5E6E3D9ADB07291B00AB30EF4C84E211575C500C933DD3766C6B0D85/0/3230302e3130372e3132302e302f32312d3234203d3e203134373534.roa
Signing time:             Tue 05 Mar 2024 18:05:56 +0000
ROA not before:           Tue 05 Mar 2024 18:00:56 +0000
ROA not after:            Tue 04 Mar 2025 18:05:56 +0000
asID:                     14754
IP address blocks:        200.107.120.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9F9F582B5E6E3D9ADB07291B00AB30EF4C84E211575C500C933DD3766C6B0D85/0/78533EB3FC1F0B8C193CBD87000A8F6754AAFE91.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9F9F582B5E6E3D9ADB07291B00AB30EF4C84E211575C500C933DD3766C6B0D85/0/78533EB3FC1F0B8C193CBD87000A8F6754AAFE91.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/78533EB3FC1F0B8C193CBD87000A8F6754AAFE91.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Jul 2024 11:47:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:d4:fd:e8:f7:eb:c8:7b:d6:b7:86:15:8e:48:53:e4:ea:12:e7:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=78533EB3FC1F0B8C193CBD87000A8F6754AAFE91
        Validity
            Not Before: Mar  5 18:00:56 2024 GMT
            Not After : Mar  4 18:05:56 2025 GMT
        Subject: CN=E2A97C4678D8181BA63BC0D9EA2FAF55248DA938
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:c3:ef:7a:27:fc:b3:54:8f:ff:6b:73:f9:82:
                    3b:e6:23:4b:6b:a3:15:58:ea:2c:fb:9e:7f:0c:c2:
                    2e:8d:4e:bb:ea:dd:da:e8:26:89:54:62:eb:e4:71:
                    0f:6d:d6:44:ec:0e:20:d2:65:8e:a4:a4:ef:31:ac:
                    84:8b:57:11:c4:d0:70:d1:ef:6c:01:11:f6:9c:0f:
                    ab:70:cf:cd:bc:81:93:07:be:3c:ee:52:10:3d:d4:
                    1b:42:1c:9e:2d:b8:c5:75:a5:41:32:73:1c:cb:f6:
                    eb:a9:ba:1b:76:dc:63:c8:c1:d3:d2:88:8f:c2:27:
                    e6:61:3f:86:63:5b:8e:ca:a8:67:67:a4:e0:50:fc:
                    e0:cb:85:06:d2:8f:bc:d2:c7:af:34:a5:e9:aa:31:
                    8a:0a:3e:b7:b9:1c:fd:ed:c8:a4:03:43:7c:5c:b9:
                    fd:cd:21:0f:db:68:84:3f:a7:0b:aa:83:02:37:4f:
                    5a:59:76:2b:81:b9:9b:da:a5:1b:de:b0:03:e7:df:
                    b7:a2:c4:1c:b6:07:23:70:df:85:78:6a:cc:8a:a5:
                    b9:84:a5:2d:15:15:5a:ee:29:c8:fa:bf:71:6e:48:
                    36:76:04:5c:c4:c9:8a:4e:a7:0c:4a:48:23:c1:a3:
                    4c:5b:bc:53:24:a6:be:ac:3e:0d:28:78:fa:ff:c2:
                    25:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:A9:7C:46:78:D8:18:1B:A6:3B:C0:D9:EA:2F:AF:55:24:8D:A9:38
            X509v3 Authority Key Identifier:
                keyid:78:53:3E:B3:FC:1F:0B:8C:19:3C:BD:87:00:0A:8F:67:54:AA:FE:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9F9F582B5E6E3D9ADB07291B00AB30EF4C84E211575C500C933DD3766C6B0D85/0/78533EB3FC1F0B8C193CBD87000A8F6754AAFE91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/78533EB3FC1F0B8C193CBD87000A8F6754AAFE91.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9F9F582B5E6E3D9ADB07291B00AB30EF4C84E211575C500C933DD3766C6B0D85/0/3230302e3130372e3132302e302f32312d3234203d3e203134373534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.107.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         91:c6:45:df:3e:64:ee:7c:78:7b:41:4c:a8:29:90:4f:6f:39:
         58:de:b2:f7:62:37:27:8b:34:c2:12:62:84:e3:a4:d0:fb:65:
         63:f7:3e:02:83:26:9f:5e:ee:5c:15:cf:97:75:d3:f8:d2:63:
         87:5a:cc:b5:8e:70:a3:a9:b0:29:03:3b:3c:ca:66:01:11:cc:
         ff:c2:0c:68:11:ba:4d:b2:84:65:b6:cc:c7:f2:01:11:ae:b4:
         68:93:c4:71:b7:80:59:a2:e3:19:99:d2:21:b3:ae:56:85:7a:
         76:0f:48:76:29:51:78:39:33:6b:e2:56:b8:fd:45:7d:b3:fe:
         dc:05:6f:77:9f:b7:ae:24:d1:ca:c1:d1:6a:83:77:bc:4d:88:
         be:38:62:db:74:20:5c:93:5b:9e:30:9f:ac:37:fd:50:f0:da:
         8c:69:a6:8b:b6:e8:12:f1:2b:11:9b:6e:42:a5:8b:15:3c:6a:
         82:5f:e5:52:2e:6b:3e:65:68:5b:8a:c5:8e:d0:38:55:a8:fa:
         8f:c3:29:17:0f:37:d3:75:f1:4e:93:d3:af:70:92:73:e2:49:
         06:3c:06:50:f2:db:50:5a:b2:b7:3a:50:ef:54:c4:b0:4a:4e:
         b2:8e:09:87:68:1a:7d:58:5e:d7:70:16:d4:84:7f:2a:e2:2d:
         3b:d9:fc:aa
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUWdT96PfryHvWt4YVjkhT5OoS5y4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzg1MzNFQjNGQzFGMEI4QzE5M0NCRDg3MDAwQThGNjc1
NEFBRkU5MTAeFw0yNDAzMDUxODAwNTZaFw0yNTAzMDQxODA1NTZaMDMxMTAvBgNV
BAMTKEUyQTk3QzQ2NzhEODE4MUJBNjNCQzBEOUVBMkZBRjU1MjQ4REE5MzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEw+96J/yzVI//a3P5gjvmI0tr
oxVY6iz7nn8Mwi6NTrvq3droJolUYuvkcQ9t1kTsDiDSZY6kpO8xrISLVxHE0HDR
72wBEfacD6twz828gZMHvjzuUhA91BtCHJ4tuMV1pUEycxzL9uupuht23GPIwdPS
iI/CJ+ZhP4ZjW47KqGdnpOBQ/ODLhQbSj7zSx680pemqMYoKPre5HP3tyKQDQ3xc
uf3NIQ/baIQ/pwuqgwI3T1pZdiuBuZvapRvesAPn37eixBy2ByNw34V4asyKpbmE
pS0VFVruKcj6v3FuSDZ2BFzEyYpOpwxKSCPBo0xbvFMkpr6sPg0oePr/wiW/AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU4ql8RnjYGBumO8DZ6i+vVSSNqTgwHwYDVR0j
BBgwFoAUeFM+s/wfC4wZPL2HAAqPZ1Sq/pEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85RjlGNTgyQjVFNkUzRDlBREIwNzI5MUIwMEFCMzBFRjRD
ODRFMjExNTc1QzUwMEM5MzNERDM3NjZDNkIwRDg1LzAvNzg1MzNFQjNGQzFGMEI4
QzE5M0NCRDg3MDAwQThGNjc1NEFBRkU5MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83ODUzM0VCM0ZDMUYwQjhDMTkz
Q0JEODcwMDBBOEY2NzU0QUFGRTkxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOUY5RjU4MkI1RTZFM0Q5QURCMDcyOTFCMDBBQjMwRUY0Qzg0RTIxMTU3
NUM1MDBDOTMzREQzNzY2QzZCMEQ4NS8wLzMyMzAzMDJlMzEzMDM3MmUzMTMyMzAy
ZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzMTM0MzczNTM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDyGt4
MA0GCSqGSIb3DQEBCwUAA4IBAQCRxkXfPmTufHh7QUyoKZBPbzlY3rL3YjcnizTC
EmKE46TQ+2Vj9z4CgyafXu5cFc+XddP40mOHWsy1jnCjqbApAzs8ymYBEcz/wgxo
EbpNsoRltszH8gERrrRok8Rxt4BZouMZmdIhs65WhXp2D0h2KVF4OTNr4la4/UV9
s/7cBW93n7euJNHKwdFqg3e8TYi+OGLbdCBck1ueMJ+sN/1Q8NqMaaaLtugS8SsR
m25CpYsVPGqCX+VSLms+ZWhbisWO0DhVqPqPwykXDzfTdfFOk9OvcJJz4kkGPAZQ
8ttQWrK3OlDvVMSwSk6yjgmHaBp9WF7XcBbUhH8q4i072fyq
-----END CERTIFICATE-----
Generated at Mon Jul 15 05:29:10 2024 by rpki-client on console-ams.rpki-client.org