Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3139332e302f32342d3234203d3e203532323333.roa
File:                     3230302e32362e3139332e302f32342d3234203d3e203532323333.roa (raw, json)
Hash identifier:          ibXfMGEr4vrLHG0o4CYdZ/DW9Zbq89ClxVxc8/R3LMM=
Subject key identifier:   BD:68:E0:DD:E1:1F:B4:01:CB:20:05:D2:9F:1B:62:B8:10:C9:6C:92
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       040090E61689CE6039B603B591B7513D3FEAB3E5
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3139332e302f32342d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:50 +0000
ROA not before:           Tue 04 Feb 2025 18:45:50 +0000
ROA not after:            Tue 03 Feb 2026 18:50:50 +0000
asID:                     52233
IP address blocks:        200.26.193.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:00:90:e6:16:89:ce:60:39:b6:03:b5:91:b7:51:3d:3f:ea:b3:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:50 2025 GMT
            Not After : Feb  3 18:50:50 2026 GMT
        Subject: CN=BD68E0DDE11FB401CB2005D29F1B62B810C96C92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c4:09:2b:da:29:f5:26:85:7e:7f:a1:c7:58:
                    5e:99:64:0f:6a:e9:3a:90:94:7b:48:76:cb:23:40:
                    fc:a5:5c:3b:82:43:9a:c8:d2:b7:83:d9:04:6f:4c:
                    3e:2a:76:f7:3c:c7:f6:6c:2a:0c:93:2f:0b:26:7b:
                    db:8c:5e:af:6c:dd:cd:56:b6:9d:e2:d7:22:44:6e:
                    f2:bc:8f:75:f1:73:51:1a:50:75:d1:b5:4a:a5:e1:
                    02:06:22:1c:60:16:f3:c3:81:9b:69:df:22:11:de:
                    17:19:2e:37:1d:49:5d:66:a0:ea:e9:05:7f:0e:07:
                    de:fb:d9:0b:01:97:4a:5c:af:8d:10:55:5f:71:aa:
                    6e:7d:7f:04:3d:46:2b:4e:96:78:7e:30:28:aa:96:
                    d4:8d:60:8c:ff:a3:b0:e0:17:31:ff:72:c3:79:fe:
                    5f:3f:c4:dc:b6:78:be:5e:aa:02:ce:4c:10:ad:85:
                    ef:ab:50:fd:3b:b0:ca:b8:5f:92:ad:9d:79:b5:6c:
                    a5:e1:b5:41:59:13:4f:72:7d:1b:a5:fb:a3:b7:ef:
                    c9:5b:56:ab:d4:0c:dd:55:14:c3:b5:5d:24:cc:c5:
                    11:04:1a:96:1b:bf:9a:81:f9:09:f9:b8:36:43:c1:
                    ab:c4:a1:2d:e1:e6:ca:4d:7d:15:2b:17:78:4f:a5:
                    39:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:68:E0:DD:E1:1F:B4:01:CB:20:05:D2:9F:1B:62:B8:10:C9:6C:92
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3139332e302f32342d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:c9:47:aa:59:94:03:1c:26:48:7c:b8:e9:18:27:43:f7:e6:
         4c:c6:b7:9e:d8:5e:ab:fc:95:ce:5f:54:b0:a4:9b:65:5f:f4:
         f2:6a:58:d9:2f:35:19:f4:73:1c:00:ca:21:e9:16:f1:31:5a:
         e0:2f:4f:96:26:b9:d6:9a:6d:7c:c4:01:c0:85:f3:59:60:76:
         84:a7:6d:60:6d:74:7f:67:d3:76:81:81:bc:78:2c:cd:d4:6d:
         32:0a:b3:bb:7e:5a:23:66:a5:07:7b:35:e3:ec:65:c5:f7:fd:
         9d:1a:87:e3:f4:f5:a5:aa:85:2e:1a:cd:79:0d:59:4c:6f:26:
         e9:12:85:5f:66:71:28:f7:98:88:fc:20:5e:99:d3:a4:57:e9:
         b0:ee:9b:61:d4:62:55:dd:98:84:17:22:ba:dc:20:15:80:18:
         29:07:9b:98:97:fd:23:15:c7:05:5a:b9:41:8c:74:bd:9e:b5:
         7e:04:e7:54:f1:39:e0:df:7b:9f:7f:6e:a4:08:b1:61:f4:c8:
         0b:06:53:87:c5:77:b7:14:4a:b8:fa:33:25:d1:d6:e4:aa:d2:
         a2:d0:36:88:6e:e4:6b:ad:c9:22:22:ef:a1:50:32:be:90:37:
         17:24:5d:79:4c:fe:4e:7d:34:1f:f5:d5:e0:41:bc:00:c4:c3:
         42:00:83:08
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUBACQ5haJzmA5tgO1kbdRPT/qs+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NTBaFw0yNjAyMDMxODUwNTBaMDMxMTAvBgNV
BAMTKEJENjhFMERERTExRkI0MDFDQjIwMDVEMjlGMUI2MkI4MTBDOTZDOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClxAkr2in1JoV+f6HHWF6ZZA9q
6TqQlHtIdssjQPylXDuCQ5rI0reD2QRvTD4qdvc8x/ZsKgyTLwsme9uMXq9s3c1W
tp3i1yJEbvK8j3Xxc1EaUHXRtUql4QIGIhxgFvPDgZtp3yIR3hcZLjcdSV1moOrp
BX8OB9772QsBl0pcr40QVV9xqm59fwQ9RitOlnh+MCiqltSNYIz/o7DgFzH/csN5
/l8/xNy2eL5eqgLOTBCthe+rUP07sMq4X5KtnXm1bKXhtUFZE09yfRul+6O378lb
VqvUDN1VFMO1XSTMxREEGpYbv5qB+Qn5uDZDwavEoS3h5spNfRUrF3hPpTntAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUvWjg3eEftAHLIAXSnxtiuBDJbJIwHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMyMzAzMDJlMzIzNjJlMzEzOTMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMyMzMzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMgawTAN
BgkqhkiG9w0BAQsFAAOCAQEAuMlHqlmUAxwmSHy46RgnQ/fmTMa3ntheq/yVzl9U
sKSbZV/08mpY2S81GfRzHADKIekW8TFa4C9Plia51pptfMQBwIXzWWB2hKdtYG10
f2fTdoGBvHgszdRtMgqzu35aI2alB3s14+xlxff9nRqH4/T1paqFLhrNeQ1ZTG8m
6RKFX2ZxKPeYiPwgXpnTpFfpsO6bYdRiVd2YhBciutwgFYAYKQebmJf9IxXHBVq5
QYx0vZ61fgTnVPE54N97n39upAixYfTICwZTh8V3txRKuPozJdHW5KrSotA2iG7k
a63JIiLvoVAyvpA3FyRdeUz+Tn00H/XV4EG8AMTDQgCDCA==
-----END CERTIFICATE-----
Generated at Fri Feb 14 13:53:03 2025 by rpki-client