Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3230352e302f32342d3234203d3e203532323333.roa
File:                     3230302e32362e3230352e302f32342d3234203d3e203532323333.roa (raw, json)
Hash identifier:          k2TSCyTtSOrH656P/wU57QrJlJZl+sX+a73m+x4u+Z8=
Subject key identifier:   7E:48:46:8F:0B:D8:EE:35:56:32:A9:C2:3E:29:5B:45:4E:A8:5B:77
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       165EB09EB0B6BC9B6A6C562E3FBEE793AFC6AAC4
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3230352e302f32342d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:51 +0000
ROA not before:           Tue 04 Feb 2025 18:45:51 +0000
ROA not after:            Tue 03 Feb 2026 18:50:51 +0000
asID:                     52233
IP address blocks:        200.26.205.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:5e:b0:9e:b0:b6:bc:9b:6a:6c:56:2e:3f:be:e7:93:af:c6:aa:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:51 2025 GMT
            Not After : Feb  3 18:50:51 2026 GMT
        Subject: CN=7E48468F0BD8EE355632A9C23E295B454EA85B77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:18:b3:3c:eb:f0:c6:8b:60:bc:be:23:ac:2c:
                    4c:d5:95:29:6c:dd:59:d7:b9:34:8c:b4:5a:40:1f:
                    c6:f0:26:5f:00:72:6d:32:27:fd:8b:ef:19:0f:f1:
                    0a:37:7f:7c:56:83:46:b4:5b:40:54:93:dd:18:85:
                    a9:91:7f:64:5d:6e:7f:97:b1:85:a2:1d:ed:6a:7f:
                    b1:b6:9c:8d:da:1a:9c:20:9c:6b:d8:05:54:57:73:
                    ba:ee:fd:d5:86:8a:0f:42:54:5d:8e:c8:c2:b4:9c:
                    3c:b3:7e:8f:a2:ed:7b:19:b2:26:3d:66:0c:e4:46:
                    e9:93:7b:33:54:d7:2d:b3:e1:8b:a4:f6:d0:d4:bc:
                    b0:98:ca:a6:18:d1:8a:4c:c6:17:8d:13:1c:21:d6:
                    78:e9:60:17:60:09:15:9c:15:36:d2:2c:9a:05:1f:
                    2b:91:70:79:36:1d:3b:3e:5f:f8:65:0e:de:41:0d:
                    04:b5:10:7b:0a:b3:a2:07:bf:6c:89:ac:f8:52:ad:
                    b9:be:c3:99:ff:4d:7b:f3:3d:05:bf:77:99:4f:d3:
                    aa:37:6a:18:da:3f:c3:d6:78:1b:ac:cc:c5:8f:7f:
                    3d:4a:31:ed:90:6c:3d:05:b8:ba:01:7e:02:3d:05:
                    5e:72:0d:1d:a5:45:0f:1d:36:76:6b:8b:5d:4b:0c:
                    cf:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:48:46:8F:0B:D8:EE:35:56:32:A9:C2:3E:29:5B:45:4E:A8:5B:77
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3230352e302f32342d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:7f:f5:13:be:df:64:68:e4:59:73:31:82:e3:1d:e2:fd:e9:
         12:bb:d0:5a:07:50:2d:9b:db:20:c4:fa:40:bc:75:11:e8:7e:
         22:62:bc:27:93:91:80:ee:52:93:24:74:13:be:de:ae:b8:99:
         ce:97:ce:f9:b6:64:8a:45:52:f3:f8:d7:59:61:26:13:72:9d:
         59:35:71:b1:6a:af:f2:41:24:37:ac:9b:55:64:5f:58:c2:3a:
         78:02:e2:43:a8:da:f7:64:19:77:d3:f0:1b:81:b4:bd:bb:bd:
         a8:08:aa:00:eb:83:52:fd:bf:96:b0:7e:1a:d6:8b:d4:3b:ec:
         46:9c:06:0c:c7:93:21:de:df:cf:00:ec:45:85:ee:39:de:32:
         17:ca:37:b1:1d:ac:66:ae:fd:35:0c:93:d4:ce:2b:d8:37:87:
         05:55:79:99:32:63:c6:dc:6d:ee:32:75:7b:24:d8:07:0b:ce:
         fa:c3:a9:75:ef:bc:57:4f:a1:af:08:9f:4e:42:ce:c5:f5:a9:
         96:c1:a2:77:e1:9b:3a:4b:da:4d:92:78:f7:57:d0:32:a5:58:
         50:d9:3b:f7:9f:d7:df:5b:66:e4:fd:ec:38:60:2d:73:04:1f:
         68:ec:84:12:36:88:88:24:07:85:3b:c5:86:1f:47:6a:82:84:
         5e:af:3b:68
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUFl6wnrC2vJtqbFYuP77nk6/GqsQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NTFaFw0yNjAyMDMxODUwNTFaMDMxMTAvBgNV
BAMTKDdFNDg0NjhGMEJEOEVFMzU1NjMyQTlDMjNFMjk1QjQ1NEVBODVCNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUGLM86/DGi2C8viOsLEzVlSls
3VnXuTSMtFpAH8bwJl8Acm0yJ/2L7xkP8Qo3f3xWg0a0W0BUk90YhamRf2Rdbn+X
sYWiHe1qf7G2nI3aGpwgnGvYBVRXc7ru/dWGig9CVF2OyMK0nDyzfo+i7XsZsiY9
ZgzkRumTezNU1y2z4Yuk9tDUvLCYyqYY0YpMxheNExwh1njpYBdgCRWcFTbSLJoF
HyuRcHk2HTs+X/hlDt5BDQS1EHsKs6IHv2yJrPhSrbm+w5n/TXvzPQW/d5lP06o3
ahjaP8PWeBuszMWPfz1KMe2QbD0FuLoBfgI9BV5yDR2lRQ8dNnZri11LDM9HAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUfkhGjwvY7jVWMqnCPilbRU6oW3cwHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMyMzAzMDJlMzIzNjJlMzIzMDM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMyMzMzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMgazTAN
BgkqhkiG9w0BAQsFAAOCAQEAC3/1E77fZGjkWXMxguMd4v3pErvQWgdQLZvbIMT6
QLx1Eeh+ImK8J5ORgO5SkyR0E77erriZzpfO+bZkikVS8/jXWWEmE3KdWTVxsWqv
8kEkN6ybVWRfWMI6eALiQ6ja92QZd9PwG4G0vbu9qAiqAOuDUv2/lrB+GtaL1Dvs
RpwGDMeTId7fzwDsRYXuOd4yF8o3sR2sZq79NQyT1M4r2DeHBVV5mTJjxtxt7jJ1
eyTYBwvO+sOpde+8V0+hrwifTkLOxfWplsGid+GbOkvaTZJ491fQMqVYUNk795/X
31tm5P3sOGAtcwQfaOyEEjaIiCQHhTvFhh9HaoKEXq87aA==
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:33:17 2025 by rpki-client