Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3230302e302f32342d3234203d3e203230303135.roa
File:                     3230302e37312e3230302e302f32342d3234203d3e203230303135.roa (raw, json)
Hash identifier:          V73x2OTLxqYIHSUKHTlF4larq9IxbVdBrXfjKeJ7sgU=
Subject key identifier:   65:46:CC:1A:7A:F1:D8:22:B9:2D:F2:0F:EA:82:9A:19:D1:0D:5A:CB
Certificate issuer:       /CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
Certificate serial:       6FB9D69FB5638ADE61EB049BFF09C78C73C19E2E
Authority key identifier: D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3230302e302f32342d3234203d3e203230303135.roa
Signing time:             Tue 05 Mar 2024 18:13:14 +0000
ROA not before:           Tue 05 Mar 2024 18:08:14 +0000
ROA not after:            Tue 04 Mar 2025 18:13:14 +0000
asID:                     20015
IP address blocks:        200.71.200.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:b9:d6:9f:b5:63:8a:de:61:eb:04:9b:ff:09:c7:8c:73:c1:9e:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
        Validity
            Not Before: Mar  5 18:08:14 2024 GMT
            Not After : Mar  4 18:13:14 2025 GMT
        Subject: CN=6546CC1A7AF1D822B92DF20FEA829A19D10D5ACB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:32:13:01:9c:18:e8:d8:20:3e:92:86:73:a5:
                    88:a4:cb:c0:d3:bc:f6:8d:a0:60:cd:09:c9:8f:c6:
                    a8:41:5e:4f:59:13:b8:66:e9:4b:bd:6c:9a:40:74:
                    e6:c7:73:2f:85:5b:7d:2f:a8:51:40:e6:f2:85:b4:
                    13:df:4f:cb:2d:02:8f:4c:8c:c3:ad:9e:aa:e8:af:
                    ba:b8:ac:b8:26:9b:36:e4:55:37:b9:23:05:f1:14:
                    be:1e:d1:a7:7c:b7:ac:a2:65:ca:e5:30:b3:9d:85:
                    26:29:0b:67:41:d7:01:4e:e3:6a:b1:7e:47:b2:bb:
                    76:93:07:e0:6c:9c:db:b4:0f:71:1c:25:87:4e:f7:
                    08:e2:34:c8:cb:20:04:dd:2c:1d:d6:63:66:44:63:
                    30:d8:dd:9c:d1:43:09:6d:8e:2e:74:db:86:31:55:
                    c9:3b:77:96:e2:1f:50:61:bd:7b:b3:f0:b8:42:3b:
                    b8:07:98:ed:d6:7f:0a:21:e4:6c:ee:84:c3:74:3d:
                    a9:65:d3:9c:02:95:85:a3:9d:c5:98:dc:98:68:ed:
                    b7:16:2d:0a:8d:ba:72:a6:bf:95:ff:e2:f2:3a:b6:
                    37:6e:4f:09:8a:3a:60:cd:7f:30:d1:23:d0:58:42:
                    df:ae:46:86:2a:a5:23:75:2a:15:f6:e3:06:73:0f:
                    1c:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:46:CC:1A:7A:F1:D8:22:B9:2D:F2:0F:EA:82:9A:19:D1:0D:5A:CB
            X509v3 Authority Key Identifier:
                keyid:D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3230302e302f32342d3234203d3e203230303135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.71.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:96:fd:b3:90:64:9a:80:1f:e1:0d:e9:08:2c:98:97:ca:d1:
         83:bb:39:00:c2:c8:07:d2:4f:5d:e7:9a:1f:d4:bd:c8:12:34:
         3d:d7:ce:42:0a:67:a6:76:fc:28:69:88:90:6b:cb:03:1c:11:
         98:27:7a:b2:f0:81:55:27:6d:f0:d8:1d:3d:67:2a:c4:c4:9b:
         b3:58:7f:98:88:60:d0:c0:27:45:24:fd:80:3b:ca:3d:99:27:
         73:46:20:e2:1f:8e:d6:02:87:2d:c7:10:ec:97:c5:d0:56:1e:
         d7:91:37:16:10:14:d4:a2:28:31:49:35:57:39:12:43:28:c9:
         5d:96:7e:e5:a9:92:30:e0:64:ee:84:1a:9f:05:7b:57:8b:bd:
         28:b6:1b:c4:73:fa:8c:dd:38:59:a0:3e:5e:4e:77:7d:06:ff:
         bc:a5:42:81:cd:5d:e7:4e:0b:8d:24:2c:d5:4c:39:92:cf:c9:
         1d:ac:3b:6b:d3:76:81:1d:9d:59:82:37:f3:95:e4:24:5d:6f:
         1d:87:42:e2:f4:db:89:1d:21:0e:23:70:04:ce:6c:89:87:07:
         35:15:b0:af:3b:01:ee:8a:89:ce:00:ac:89:1f:61:38:41:f2:
         49:1f:f4:0d:66:9e:2c:19:44:f8:ef:dc:74:ce:be:90:77:af:
         e1:22:f1:94
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUb7nWn7Vjit5h6wSb/wnHjHPBni4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDYzNjhBMUNDQTQzOThBQzI0NUU4MDk2RkZGMkQ5QkQ1
MTVENDJGMzAeFw0yNDAzMDUxODA4MTRaFw0yNTAzMDQxODEzMTRaMDMxMTAvBgNV
BAMTKDY1NDZDQzFBN0FGMUQ4MjJCOTJERjIwRkVBODI5QTE5RDEwRDVBQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+MhMBnBjo2CA+koZzpYiky8DT
vPaNoGDNCcmPxqhBXk9ZE7hm6Uu9bJpAdObHcy+FW30vqFFA5vKFtBPfT8stAo9M
jMOtnqror7q4rLgmmzbkVTe5IwXxFL4e0ad8t6yiZcrlMLOdhSYpC2dB1wFO42qx
fkeyu3aTB+BsnNu0D3EcJYdO9wjiNMjLIATdLB3WY2ZEYzDY3ZzRQwltji5024Yx
Vck7d5biH1BhvXuz8LhCO7gHmO3Wfwoh5GzuhMN0Pall05wClYWjncWY3Jho7bcW
LQqNunKmv5X/4vI6tjduTwmKOmDNfzDRI9BYQt+uRoYqpSN1KhX24wZzDxypAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUZUbMGnrx2CK5LfIP6oKaGdENWsswHwYDVR0j
BBgwFoAU1jaKHMpDmKwkXoCW//LZvVFdQvMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMzAwQkNGMzdDQzdFQjNBMzE5RTdDOTJBM0Y4OUIyM0My
QjY1Q0VFNkUxRjE2QUUwN0VFRDcxMENDQzQwQ0ZFLzAvRDYzNjhBMUNDQTQzOThB
QzI0NUU4MDk2RkZGMkQ5QkQ1MTVENDJGMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjM2OEExQ0NBNDM5OEFDMjQ1
RTgwOTZGRkYyRDlCRDUxNUQ0MkYzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTMwMEJDRjM3Q0M3RUIzQTMxOUU3QzkyQTNGODlCMjNDMkI2NUNFRTZF
MUYxNkFFMDdFRUQ3MTBDQ0M0MENGRS8wLzMyMzAzMDJlMzczMTJlMzIzMDMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzEzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhHyDAN
BgkqhkiG9w0BAQsFAAOCAQEAo5b9s5BkmoAf4Q3pCCyYl8rRg7s5AMLIB9JPXeea
H9S9yBI0PdfOQgpnpnb8KGmIkGvLAxwRmCd6svCBVSdt8NgdPWcqxMSbs1h/mIhg
0MAnRST9gDvKPZknc0Yg4h+O1gKHLccQ7JfF0FYe15E3FhAU1KIoMUk1VzkSQyjJ
XZZ+5amSMOBk7oQanwV7V4u9KLYbxHP6jN04WaA+Xk53fQb/vKVCgc1d504LjSQs
1Uw5ks/JHaw7a9N2gR2dWYI385XkJF1vHYdC4vTbiR0hDiNwBM5siYcHNRWwrzsB
7oqJzgCsiR9hOEHySR/0DWaeLBlE+O/cdM6+kHev4SLxlA==
-----END CERTIFICATE-----
Generated at Wed Nov 20 05:43:19 2024 by rpki-client on console-fra.rpki-client.org