Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FA039B9EAF13ADE817882DD4BBFFA2BE1D491764BF9383ECEE908BD23F4CF0/0/3230302e37352e3136342e302f32342d3234203d3e203232353431.roa
File:                     3230302e37352e3136342e302f32342d3234203d3e203232353431.roa (raw, json)
Hash identifier:          h341hZiEqJxI067E2Sg7rYfnFdRpW0ItZiS9XrDQSE8=
Subject key identifier:   29:D5:DC:51:B8:62:EA:23:5B:C7:5F:E6:31:B5:7B:43:F9:58:F3:F0
Certificate issuer:       /CN=620D1FDBBD457CA0F9CCFC63A8B85C99A819AF3D
Certificate serial:       13A81AAAD17F3AD1B48B02AC964591528FCB56FA
Authority key identifier: 62:0D:1F:DB:BD:45:7C:A0:F9:CC:FC:63:A8:B8:5C:99:A8:19:AF:3D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/620D1FDBBD457CA0F9CCFC63A8B85C99A819AF3D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FA039B9EAF13ADE817882DD4BBFFA2BE1D491764BF9383ECEE908BD23F4CF0/0/3230302e37352e3136342e302f32342d3234203d3e203232353431.roa
Signing time:             Tue 05 Mar 2024 18:07:16 +0000
ROA not before:           Tue 05 Mar 2024 18:02:16 +0000
ROA not after:            Tue 04 Mar 2025 18:07:16 +0000
asID:                     22541
IP address blocks:        200.75.164.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FA039B9EAF13ADE817882DD4BBFFA2BE1D491764BF9383ECEE908BD23F4CF0/0/620D1FDBBD457CA0F9CCFC63A8B85C99A819AF3D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FA039B9EAF13ADE817882DD4BBFFA2BE1D491764BF9383ECEE908BD23F4CF0/0/620D1FDBBD457CA0F9CCFC63A8B85C99A819AF3D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/620D1FDBBD457CA0F9CCFC63A8B85C99A819AF3D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:a8:1a:aa:d1:7f:3a:d1:b4:8b:02:ac:96:45:91:52:8f:cb:56:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=620D1FDBBD457CA0F9CCFC63A8B85C99A819AF3D
        Validity
            Not Before: Mar  5 18:02:16 2024 GMT
            Not After : Mar  4 18:07:16 2025 GMT
        Subject: CN=29D5DC51B862EA235BC75FE631B57B43F958F3F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:ce:5c:10:f3:39:da:53:b1:64:5e:75:63:98:
                    95:23:ff:78:ef:59:6c:77:a2:34:a6:3b:b8:00:41:
                    17:40:00:8c:b9:3c:54:b3:7a:5e:bc:fd:36:87:a2:
                    d2:b8:00:77:19:d3:c4:58:3b:38:e8:39:5d:9e:1d:
                    ac:93:33:71:33:d5:bf:34:bf:2d:e4:46:90:4d:91:
                    34:ed:db:e3:80:21:3a:d6:e3:2b:3c:8c:62:af:bb:
                    66:a9:8b:56:3d:52:d1:ed:29:cc:b4:b4:bc:9d:05:
                    c0:fa:03:d9:de:1c:23:69:b4:f3:2b:4f:cc:01:48:
                    07:94:ce:97:2b:d7:ed:ce:5c:0f:86:00:21:58:d5:
                    a7:a2:ab:3b:cc:15:43:d6:3f:b9:d8:90:d3:9f:d0:
                    c1:7c:99:ed:b7:51:a4:e9:1a:e7:8c:21:d8:26:c2:
                    f5:f7:d5:ef:93:e9:69:8e:53:8c:27:48:cf:48:70:
                    08:83:78:99:e6:1d:ef:26:ad:6f:42:11:80:af:4c:
                    f5:09:2a:d8:ef:12:8d:bb:50:51:35:c8:f5:9c:dd:
                    28:8b:d6:0a:e3:74:a1:c1:c3:30:58:58:8f:2c:1e:
                    d2:86:e7:b5:3a:38:ac:7f:c7:e2:15:50:42:12:ab:
                    16:2e:cb:a4:e8:41:f0:6b:2a:ae:1d:be:05:9a:ff:
                    58:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:D5:DC:51:B8:62:EA:23:5B:C7:5F:E6:31:B5:7B:43:F9:58:F3:F0
            X509v3 Authority Key Identifier:
                keyid:62:0D:1F:DB:BD:45:7C:A0:F9:CC:FC:63:A8:B8:5C:99:A8:19:AF:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FA039B9EAF13ADE817882DD4BBFFA2BE1D491764BF9383ECEE908BD23F4CF0/0/620D1FDBBD457CA0F9CCFC63A8B85C99A819AF3D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/620D1FDBBD457CA0F9CCFC63A8B85C99A819AF3D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FA039B9EAF13ADE817882DD4BBFFA2BE1D491764BF9383ECEE908BD23F4CF0/0/3230302e37352e3136342e302f32342d3234203d3e203232353431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.75.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:52:72:04:17:7c:c6:16:04:c8:a1:e6:f6:98:3d:04:ae:d5:
         ee:f5:c9:fe:0d:4f:de:98:3b:72:72:29:aa:9f:d2:56:26:6e:
         19:20:66:38:06:a8:93:6a:ec:0a:44:ed:65:5e:71:d9:fc:67:
         08:a9:45:a1:b0:ab:c0:2b:87:0b:35:56:7f:b1:9d:33:18:a4:
         19:24:ff:be:7a:05:7b:1f:0f:39:d0:a0:c0:f8:f3:07:24:5f:
         82:ec:7f:1d:cc:fa:a5:71:73:19:3d:01:a3:e6:bd:ca:81:c5:
         4b:47:7c:5b:fb:b7:9c:30:6f:ec:e7:6b:5c:27:ec:88:75:d7:
         d2:a0:7e:bd:82:3e:77:9e:89:9c:7d:5a:5d:9f:5e:6e:9f:99:
         7a:0b:fb:30:3f:29:7c:ba:68:fe:65:d6:90:3c:5b:5e:de:53:
         2a:ef:ce:8b:a5:2d:52:cc:ee:6c:3d:a7:f3:6c:de:5a:d7:db:
         95:0f:f4:b2:bd:f4:c5:9a:86:98:44:6a:36:7a:11:38:f3:a3:
         b5:54:ec:32:28:9a:8c:ac:ef:82:6b:5e:16:a8:17:6e:c8:ff:
         ff:07:20:ad:55:fc:01:a2:97:9a:f7:d1:43:f8:4a:bf:66:d1:
         39:89:38:6c:38:bd:a7:a5:ab:17:a9:a2:61:17:fd:71:f1:c4:
         dc:70:b1:1f
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUE6gaqtF/OtG0iwKslkWRUo/LVvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjIwRDFGREJCRDQ1N0NBMEY5Q0NGQzYzQThCODVDOTlB
ODE5QUYzRDAeFw0yNDAzMDUxODAyMTZaFw0yNTAzMDQxODA3MTZaMDMxMTAvBgNV
BAMTKDI5RDVEQzUxQjg2MkVBMjM1QkM3NUZFNjMxQjU3QjQzRjk1OEYzRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD8zlwQ8znaU7FkXnVjmJUj/3jv
WWx3ojSmO7gAQRdAAIy5PFSzel68/TaHotK4AHcZ08RYOzjoOV2eHayTM3Ez1b80
vy3kRpBNkTTt2+OAITrW4ys8jGKvu2api1Y9UtHtKcy0tLydBcD6A9neHCNptPMr
T8wBSAeUzpcr1+3OXA+GACFY1aeiqzvMFUPWP7nYkNOf0MF8me23UaTpGueMIdgm
wvX31e+T6WmOU4wnSM9IcAiDeJnmHe8mrW9CEYCvTPUJKtjvEo27UFE1yPWc3SiL
1grjdKHBwzBYWI8sHtKG57U6OKx/x+IVUEISqxYuy6ToQfBrKq4dvgWa/1gNAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUKdXcUbhi6iNbx1/mMbV7Q/lY8/AwHwYDVR0j
BBgwFoAUYg0f271FfKD5zPxjqLhcmagZrz0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZBMDM5QjlFQUYxM0FERTgxNzg4MkRENEJCRkZBMkJF
MUQ0OTE3NjRCRjkzODNFQ0VFOTA4QkQyM0Y0Q0YwLzAvNjIwRDFGREJCRDQ1N0NB
MEY5Q0NGQzYzQThCODVDOTlBODE5QUYzRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82MjBEMUZEQkJENDU3Q0EwRjlD
Q0ZDNjNBOEI4NUM5OUE4MTlBRjNELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQTAzOUI5RUFGMTNBREU4MTc4ODJERDRCQkZGQTJCRTFENDkxNzY0
QkY5MzgzRUNFRTkwOEJEMjNGNENGMC8wLzMyMzAzMDJlMzczNTJlMzEzNjM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMjM1MzQzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhLpDAN
BgkqhkiG9w0BAQsFAAOCAQEAQlJyBBd8xhYEyKHm9pg9BK7V7vXJ/g1P3pg7cnIp
qp/SViZuGSBmOAaok2rsCkTtZV5x2fxnCKlFobCrwCuHCzVWf7GdMxikGST/vnoF
ex8POdCgwPjzByRfgux/Hcz6pXFzGT0Bo+a9yoHFS0d8W/u3nDBv7OdrXCfsiHXX
0qB+vYI+d56JnH1aXZ9ebp+Zegv7MD8pfLpo/mXWkDxbXt5TKu/Oi6UtUszubD2n
82zeWtfblQ/0sr30xZqGmERqNnoROPOjtVTsMiiajKzvgmteFqgXbsj//wcgrVX8
AaKXmvfRQ/hKv2bROYk4bDi9p6WrF6miYRf9cfHE3HCxHw==
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:42:12 2024 by rpki-client on console-fra.rpki-client.org