Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3230362e302f32332d3234203d3e203532323333.roa
File:                     3230302e32362e3230362e302f32332d3234203d3e203532323333.roa (raw, json)
Hash identifier:          5q6JGZzIPd6XdFdCHqZS0C7iNg6BhoAaBE41G/eEZfc=
Subject key identifier:   F1:18:70:B1:8A:57:0B:62:23:1F:4B:CF:2A:7A:A0:04:05:78:6D:9C
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       7FB4F31D25BE54E6C56CA61A80B3663C1B789A12
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3230362e302f32332d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:51 +0000
ROA not before:           Tue 04 Feb 2025 18:45:51 +0000
ROA not after:            Tue 03 Feb 2026 18:50:51 +0000
asID:                     52233
IP address blocks:        200.26.206.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:b4:f3:1d:25:be:54:e6:c5:6c:a6:1a:80:b3:66:3c:1b:78:9a:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:51 2025 GMT
            Not After : Feb  3 18:50:51 2026 GMT
        Subject: CN=F11870B18A570B62231F4BCF2A7AA00405786D9C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f3:88:3f:7a:4c:f5:dd:1c:5c:31:87:4a:d6:
                    6e:83:67:72:33:a2:8a:21:c1:f5:6f:7d:97:e2:2f:
                    ac:77:7a:02:22:02:20:db:f6:f2:00:d6:71:62:c3:
                    e5:08:7d:ee:23:90:9a:24:f4:80:35:29:83:1b:1f:
                    fc:21:cd:95:56:ed:5b:e1:83:dc:f3:0b:c6:15:dc:
                    7f:25:4e:de:cf:8e:9c:6c:e2:7c:ab:ed:76:7a:35:
                    fc:c8:5c:c4:f2:74:ea:67:40:09:02:91:c7:12:fe:
                    6f:f3:0f:45:40:1b:3d:fb:09:50:b1:48:9d:27:ca:
                    45:9b:2c:93:f2:c6:cc:b1:f6:f4:ad:92:3a:01:87:
                    bd:db:a1:28:b4:ff:71:e1:a6:78:03:33:46:08:d5:
                    af:a2:02:79:b7:17:39:6b:a8:d7:34:f1:1e:25:8d:
                    a1:c9:d0:1a:b7:10:ab:ec:ab:24:3c:b1:b2:dd:ae:
                    0c:2f:e5:c6:24:51:02:4a:b4:09:1b:9c:d6:2c:4f:
                    81:14:d0:9f:c7:4f:c2:94:5c:76:7b:4a:b7:ea:f1:
                    66:00:a5:2a:49:da:72:38:5d:94:ea:09:6e:9f:26:
                    58:91:4b:2a:47:87:d1:94:21:4f:ab:92:9b:d5:45:
                    8e:66:86:90:60:af:1b:3d:ea:ec:93:31:ce:d3:de:
                    a9:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:18:70:B1:8A:57:0B:62:23:1F:4B:CF:2A:7A:A0:04:05:78:6D:9C
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3230362e302f32332d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         60:9e:05:b8:8c:15:3f:58:c3:15:29:f8:d9:50:df:1a:49:00:
         a4:9e:18:7b:ab:cf:80:19:f7:a4:92:0f:26:a6:74:47:d4:ae:
         62:31:be:f7:08:37:b3:10:c0:03:7c:4a:5c:91:6b:44:db:06:
         fb:56:eb:5f:31:0b:16:26:6a:91:4f:e9:f9:c1:eb:75:27:50:
         57:b2:21:12:9f:d9:9b:8a:ab:08:2b:f2:af:ee:d7:51:38:20:
         30:d5:23:1b:f7:ce:22:90:d5:6a:53:22:37:6c:56:a9:27:d4:
         b5:14:49:4e:11:27:97:23:e8:87:a7:74:c5:f6:4f:0d:8d:ed:
         9d:db:17:f7:93:6d:5c:36:e0:15:79:1c:15:d8:a7:72:f4:1e:
         cf:c1:ec:03:10:ca:3f:30:c0:d4:ff:6e:45:66:c8:3f:d4:79:
         3d:2e:05:4e:a0:2f:72:73:f7:22:e4:94:3c:7b:4c:69:dc:d9:
         8e:fb:73:76:e9:ee:3d:48:b5:da:93:6f:b2:f5:58:fe:89:23:
         6e:71:af:d1:36:70:f9:91:b2:2a:3a:8a:e4:b7:be:c7:c1:83:
         f9:ca:70:57:84:4b:93:0a:48:e6:92:65:7c:cc:41:09:f9:c8:
         86:bc:fe:9e:b8:74:d6:bd:a5:db:0a:14:03:b2:40:d3:ef:94:
         a9:df:fb:e5
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUf7TzHSW+VObFbKYagLNmPBt4mhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NTFaFw0yNjAyMDMxODUwNTFaMDMxMTAvBgNV
BAMTKEYxMTg3MEIxOEE1NzBCNjIyMzFGNEJDRjJBN0FBMDA0MDU3ODZEOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC484g/ekz13RxcMYdK1m6DZ3Iz
ooohwfVvfZfiL6x3egIiAiDb9vIA1nFiw+UIfe4jkJok9IA1KYMbH/whzZVW7Vvh
g9zzC8YV3H8lTt7Pjpxs4nyr7XZ6NfzIXMTydOpnQAkCkccS/m/zD0VAGz37CVCx
SJ0nykWbLJPyxsyx9vStkjoBh73boSi0/3HhpngDM0YI1a+iAnm3FzlrqNc08R4l
jaHJ0Bq3EKvsqyQ8sbLdrgwv5cYkUQJKtAkbnNYsT4EU0J/HT8KUXHZ7Srfq8WYA
pSpJ2nI4XZTqCW6fJliRSypHh9GUIU+rkpvVRY5mhpBgrxs96uyTMc7T3qlJAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU8RhwsYpXC2IjH0vPKnqgBAV4bZwwHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMyMzAzMDJlMzIzNjJlMzIzMDM2MmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzUzMjMyMzMzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcgazjAN
BgkqhkiG9w0BAQsFAAOCAQEAYJ4FuIwVP1jDFSn42VDfGkkApJ4Ye6vPgBn3pJIP
JqZ0R9SuYjG+9wg3sxDAA3xKXJFrRNsG+1brXzELFiZqkU/p+cHrdSdQV7IhEp/Z
m4qrCCvyr+7XUTggMNUjG/fOIpDValMiN2xWqSfUtRRJThEnlyPoh6d0xfZPDY3t
ndsX95NtXDbgFXkcFdincvQez8HsAxDKPzDA1P9uRWbIP9R5PS4FTqAvcnP3IuSU
PHtMadzZjvtzdunuPUi12pNvsvVY/okjbnGv0TZw+ZGyKjqK5Le+x8GD+cpwV4RL
kwpI5pJlfMxBCfnIhrz+nrh01r2l2woUA7JA0++Uqd/75Q==
-----END CERTIFICATE-----
Generated at Fri Feb 14 13:47:52 2025 by rpki-client