Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3139322e302f32342d3234203d3e203532323333.roa
File:                     3230302e32362e3139322e302f32342d3234203d3e203532323333.roa (raw, json)
Hash identifier:          rgojYpl1hOTkOv0wdGpa41rEB9p+wYwvpW/S0Qmm7r4=
Subject key identifier:   0F:C2:E5:45:36:9C:F1:22:97:53:F2:43:6D:EE:A5:6B:AB:93:F5:2D
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       32C46538C61351504219D7A20971E475688F5FA7
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3139322e302f32342d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:52 +0000
ROA not before:           Tue 04 Feb 2025 18:45:52 +0000
ROA not after:            Tue 03 Feb 2026 18:50:52 +0000
asID:                     52233
IP address blocks:        200.26.192.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:c4:65:38:c6:13:51:50:42:19:d7:a2:09:71:e4:75:68:8f:5f:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:52 2025 GMT
            Not After : Feb  3 18:50:52 2026 GMT
        Subject: CN=0FC2E545369CF1229753F2436DEEA56BAB93F52D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:48:d2:3f:9f:ae:84:cf:d2:14:3d:f6:39:d6:
                    80:3e:da:21:fd:a6:a8:b1:84:0b:cc:c7:fb:de:fd:
                    50:f4:18:15:3b:27:2e:4f:11:fd:7b:bb:41:09:13:
                    bc:14:26:46:85:03:f1:4c:d2:fc:19:8b:5f:3a:af:
                    2a:3a:1a:2c:c7:14:6a:45:bc:b9:16:bb:01:e9:3a:
                    70:1f:88:20:f3:3c:8d:85:06:97:98:5b:af:31:bd:
                    51:bb:a2:9f:7f:f9:79:e5:42:4c:98:27:0d:c4:d8:
                    57:39:6b:68:9e:62:3b:d4:38:ad:64:e4:9a:5e:28:
                    1b:d6:62:b1:a6:4c:f7:df:a0:7f:2d:3d:9b:2d:96:
                    a2:f8:b3:c4:6b:2b:b3:eb:43:58:98:2b:db:b9:4c:
                    29:13:80:5a:80:f9:f0:4e:f8:51:43:67:8f:65:35:
                    7c:88:9a:c5:55:43:ca:a4:aa:20:e2:8d:51:6d:4c:
                    69:f5:e1:4c:f0:11:25:9a:38:8b:88:4a:ab:32:86:
                    e8:cb:22:c1:27:0d:6b:ea:1b:b4:4e:60:89:51:30:
                    a0:b1:0a:58:b0:f0:81:7c:9f:9e:f4:25:1c:6c:41:
                    f6:8c:80:14:1d:c0:7a:52:f7:ee:0a:56:28:c3:ca:
                    44:2d:b1:36:4c:67:40:4d:29:3f:43:9c:31:6c:f5:
                    19:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:C2:E5:45:36:9C:F1:22:97:53:F2:43:6D:EE:A5:6B:AB:93:F5:2D
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3139322e302f32342d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:4d:a3:e3:39:ac:2a:7f:99:1d:e2:2a:3b:67:56:99:5b:7a:
         df:5e:6e:53:b4:0a:2f:f3:75:43:a3:95:32:70:40:6e:ec:06:
         cb:d8:d0:d2:2f:9b:23:3f:40:61:28:3a:02:b4:3f:3c:f2:35:
         80:7b:42:f1:9f:b4:09:d0:00:a1:7b:75:80:47:5e:2d:20:8a:
         71:e4:d8:b8:04:6f:91:3c:9a:73:7b:51:97:df:30:51:3c:72:
         e6:fd:30:07:65:4f:c7:11:9b:4e:05:10:c8:04:7c:f8:21:5b:
         6e:81:0e:27:4c:84:94:bb:54:40:77:96:d9:cb:20:4d:99:d8:
         aa:3e:67:3e:83:58:17:fe:98:e3:d5:0e:13:ea:39:2d:da:fa:
         03:29:98:48:3f:5d:04:ce:37:eb:d3:6c:43:d1:53:26:78:60:
         8d:91:f9:8a:47:29:4c:aa:b2:76:87:61:81:a5:d1:65:c5:68:
         99:4c:35:07:1a:81:83:4d:a5:08:7d:94:66:69:dd:70:f1:c8:
         a7:cd:f0:1e:fb:71:8e:00:86:bd:16:35:83:de:b5:f1:7a:04:
         e4:b0:56:0c:a3:c2:01:6c:5e:24:d8:1b:7d:99:08:bf:f7:76:
         b4:bf:18:e0:57:d3:57:94:a2:f0:0a:c2:26:0e:da:cf:14:0a:
         6d:5a:05:70
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUMsRlOMYTUVBCGdeiCXHkdWiPX6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NTJaFw0yNjAyMDMxODUwNTJaMDMxMTAvBgNV
BAMTKDBGQzJFNTQ1MzY5Q0YxMjI5NzUzRjI0MzZERUVBNTZCQUI5M0Y1MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDISNI/n66Ez9IUPfY51oA+2iH9
pqixhAvMx/ve/VD0GBU7Jy5PEf17u0EJE7wUJkaFA/FM0vwZi186ryo6GizHFGpF
vLkWuwHpOnAfiCDzPI2FBpeYW68xvVG7op9/+XnlQkyYJw3E2Fc5a2ieYjvUOK1k
5JpeKBvWYrGmTPffoH8tPZstlqL4s8RrK7PrQ1iYK9u5TCkTgFqA+fBO+FFDZ49l
NXyImsVVQ8qkqiDijVFtTGn14UzwESWaOIuISqsyhujLIsEnDWvqG7ROYIlRMKCx
Cliw8IF8n570JRxsQfaMgBQdwHpS9+4KVijDykQtsTZMZ0BNKT9DnDFs9RnrAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUD8LlRTac8SKXU/JDbe6la6uT9S0wHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMyMzAzMDJlMzIzNjJlMzEzOTMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMyMzMzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMgawDAN
BgkqhkiG9w0BAQsFAAOCAQEAPk2j4zmsKn+ZHeIqO2dWmVt6315uU7QKL/N1Q6OV
MnBAbuwGy9jQ0i+bIz9AYSg6ArQ/PPI1gHtC8Z+0CdAAoXt1gEdeLSCKceTYuARv
kTyac3tRl98wUTxy5v0wB2VPxxGbTgUQyAR8+CFbboEOJ0yElLtUQHeW2csgTZnY
qj5nPoNYF/6Y49UOE+o5Ldr6AymYSD9dBM4369NsQ9FTJnhgjZH5ikcpTKqydodh
gaXRZcVomUw1BxqBg02lCH2UZmndcPHIp83wHvtxjgCGvRY1g9618XoE5LBWDKPC
AWxeJNgbfZkIv/d2tL8Y4FfTV5Si8ArCJg7azxQKbVoFcA==
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:19:21 2025 by rpki-client