Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3230382e302f32302d3234203d3e203532323333.roa
File:                     3230302e32362e3230382e302f32302d3234203d3e203532323333.roa (raw, json)
Hash identifier:          yD+p5GsXanHoXSRqvsexajcKnCJjiFUJz6wQro5pN34=
Subject key identifier:   B9:FE:FE:A5:2D:76:36:2F:F7:2F:8A:62:A4:4A:5C:DF:05:36:EE:D0
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       6B759D77134AE807A8AD6B621DCF1252D378EBAC
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3230382e302f32302d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:58 +0000
ROA not before:           Tue 04 Feb 2025 18:45:58 +0000
ROA not after:            Tue 03 Feb 2026 18:50:58 +0000
asID:                     52233
IP address blocks:        200.26.208.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:75:9d:77:13:4a:e8:07:a8:ad:6b:62:1d:cf:12:52:d3:78:eb:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:58 2025 GMT
            Not After : Feb  3 18:50:58 2026 GMT
        Subject: CN=B9FEFEA52D76362FF72F8A62A44A5CDF0536EED0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:a6:43:da:d5:b2:b2:42:c6:1c:c8:8a:0d:10:
                    56:dd:10:c1:d2:29:a0:34:ba:bf:cb:e0:28:8d:eb:
                    a5:0d:ab:8e:99:3e:aa:77:f2:75:68:05:12:c3:93:
                    9d:05:35:e8:f1:70:52:c2:75:ce:52:7a:bb:ae:c1:
                    1d:8a:3a:c6:00:08:85:16:bf:02:cf:e8:d2:50:87:
                    11:20:60:53:21:66:e6:e0:41:0c:32:d9:67:98:83:
                    b9:90:8d:cd:61:c8:a1:90:32:0c:ef:23:ce:af:58:
                    81:25:03:bc:b8:81:07:87:97:96:7e:2c:3b:4e:f2:
                    40:46:cd:6c:53:8a:d4:57:c8:63:32:1e:59:79:e3:
                    88:44:a4:96:36:b1:96:16:c1:94:05:b6:4e:13:0d:
                    06:b8:e3:e1:91:23:8f:00:9b:bb:0e:4e:fc:3c:87:
                    82:5f:67:d8:7f:aa:4f:c1:b1:08:ab:04:76:dd:00:
                    fc:4e:a0:a7:e9:47:90:b3:1d:bb:b8:92:c9:ce:96:
                    79:93:ee:9a:3b:2e:d9:49:0b:eb:29:71:cf:80:39:
                    47:e1:ca:fc:64:db:b6:60:29:e9:7b:f7:a8:30:71:
                    1b:60:77:10:84:6e:38:ac:7a:4c:d4:8a:0e:e6:65:
                    9d:09:61:49:c1:f1:16:15:b5:15:9f:0e:31:88:95:
                    08:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:FE:FE:A5:2D:76:36:2F:F7:2F:8A:62:A4:4A:5C:DF:05:36:EE:D0
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3230382e302f32302d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         6c:39:b4:d4:64:27:fb:ad:24:83:ca:06:f1:62:71:1b:a9:67:
         9c:f3:c6:bc:40:50:57:e3:78:2c:61:8c:74:68:5f:68:48:d5:
         a2:12:93:3a:f3:88:3f:ce:45:a4:e0:8f:e9:66:c8:aa:cb:a2:
         a1:8c:87:9b:4f:41:fa:24:6f:c1:bb:bd:38:34:97:7d:a7:3f:
         33:4d:a2:6a:11:12:1a:ad:7b:3e:31:05:c1:3d:cf:e6:51:dc:
         1f:52:7d:df:1f:5d:4c:3d:10:26:b1:29:ac:1d:92:83:fd:0b:
         63:d4:07:d6:5b:ae:59:5b:a0:df:b4:88:64:4f:5b:08:02:f2:
         31:a2:92:95:d5:49:a2:2b:64:be:64:ab:7e:63:01:d9:3b:ff:
         f1:00:28:8b:8c:51:ef:1b:ea:bb:ab:91:fe:a5:ca:6c:36:1c:
         cf:3a:01:88:02:a3:69:65:84:39:7d:9c:2e:bf:7f:55:05:aa:
         5a:7b:01:ea:f9:c9:3f:32:9f:e5:8f:a9:fe:de:f4:85:63:36:
         28:06:d8:75:54:b5:38:a9:a1:88:6d:e1:3f:16:5f:7a:0f:82:
         35:9a:e7:fc:f7:42:80:89:01:b3:05:fe:7b:e2:4d:bb:38:26:
         5c:39:9a:5a:15:24:5e:3c:e5:a9:b9:7c:6e:fe:1b:7f:ac:f7:
         73:0e:39:66
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUa3WddxNK6AeorWtiHc8SUtN466wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NThaFw0yNjAyMDMxODUwNThaMDMxMTAvBgNV
BAMTKEI5RkVGRUE1MkQ3NjM2MkZGNzJGOEE2MkE0NEE1Q0RGMDUzNkVFRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMpkPa1bKyQsYcyIoNEFbdEMHS
KaA0ur/L4CiN66UNq46ZPqp38nVoBRLDk50FNejxcFLCdc5SeruuwR2KOsYACIUW
vwLP6NJQhxEgYFMhZubgQQwy2WeYg7mQjc1hyKGQMgzvI86vWIElA7y4gQeHl5Z+
LDtO8kBGzWxTitRXyGMyHll544hEpJY2sZYWwZQFtk4TDQa44+GRI48Am7sOTvw8
h4JfZ9h/qk/BsQirBHbdAPxOoKfpR5CzHbu4ksnOlnmT7po7LtlJC+spcc+AOUfh
yvxk27ZgKel796gwcRtgdxCEbjisekzUig7mZZ0JYUnB8RYVtRWfDjGIlQg1AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUuf7+pS12Ni/3L4pipEpc3wU27tAwHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMyMzAzMDJlMzIzNjJlMzIzMDM4MmUz
MDJmMzIzMDJkMzIzNDIwM2QzZTIwMzUzMjMyMzMzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMga0DAN
BgkqhkiG9w0BAQsFAAOCAQEAbDm01GQn+60kg8oG8WJxG6lnnPPGvEBQV+N4LGGM
dGhfaEjVohKTOvOIP85FpOCP6WbIqsuioYyHm09B+iRvwbu9ODSXfac/M02iahES
Gq17PjEFwT3P5lHcH1J93x9dTD0QJrEprB2Sg/0LY9QH1luuWVug37SIZE9bCALy
MaKSldVJoitkvmSrfmMB2Tv/8QAoi4xR7xvqu6uR/qXKbDYczzoBiAKjaWWEOX2c
Lr9/VQWqWnsB6vnJPzKf5Y+p/t70hWM2KAbYdVS1OKmhiG3hPxZfeg+CNZrn/PdC
gIkBswX+e+JNuzgmXDmaWhUkXjzlqbl8bv4bf6z3cw45Zg==
-----END CERTIFICATE-----
Generated at Fri Feb 14 15:05:30 2025 by rpki-client