Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3230352e302f32342d3234203d3e203230303135.roa
File:                     3230302e37312e3230352e302f32342d3234203d3e203230303135.roa (raw, json)
Hash identifier:          k8+HxMPNjbF+nZa3/Ab0UDkA4wHDyk3yzpg2wwWKBOw=
Subject key identifier:   85:FB:77:52:61:C7:16:59:4B:17:17:84:83:A0:22:F1:74:7C:5B:11
Certificate issuer:       /CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
Certificate serial:       140C0BE1E61EDB7732DD7A74A26E651D74842870
Authority key identifier: D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3230352e302f32342d3234203d3e203230303135.roa
Signing time:             Tue 05 Mar 2024 18:13:13 +0000
ROA not before:           Tue 05 Mar 2024 18:08:13 +0000
ROA not after:            Tue 04 Mar 2025 18:13:13 +0000
asID:                     20015
IP address blocks:        200.71.205.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:0c:0b:e1:e6:1e:db:77:32:dd:7a:74:a2:6e:65:1d:74:84:28:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
        Validity
            Not Before: Mar  5 18:08:13 2024 GMT
            Not After : Mar  4 18:13:13 2025 GMT
        Subject: CN=85FB775261C716594B17178483A022F1747C5B11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:e9:a1:0f:6c:dd:62:f1:6e:c5:68:54:7c:08:
                    51:6a:50:01:16:5c:dc:0a:ec:c4:db:be:01:f1:b0:
                    44:84:87:b1:f5:3a:3e:45:11:10:bf:ac:22:77:a5:
                    d1:f1:7e:57:87:e5:a1:29:39:e3:9c:d2:2d:3a:cf:
                    0f:e0:20:2f:68:90:40:b3:5f:e8:99:97:21:cd:7c:
                    85:39:0e:8d:fb:f1:8a:17:dd:98:cc:19:3f:70:47:
                    b2:84:50:19:89:e5:5f:66:6e:54:26:d4:64:e9:92:
                    dc:4a:7f:12:3a:af:40:5b:7b:b3:a5:12:23:7d:70:
                    be:96:94:a6:dc:ca:17:06:c1:65:b5:83:8f:24:e9:
                    a3:ec:08:a1:c9:7f:aa:80:d7:14:5a:35:7e:03:78:
                    73:d9:24:c4:ce:52:db:cb:93:1d:5a:e8:c2:0e:38:
                    2d:5a:0a:a8:2c:b7:da:14:ec:9b:aa:6b:95:34:81:
                    30:af:cd:96:a0:b2:31:01:7b:07:d2:12:71:c2:f8:
                    ff:31:fd:ed:a0:e5:52:b0:4f:c2:da:ac:e4:3b:5d:
                    47:b4:dc:46:08:5b:6d:26:88:14:15:9d:cd:03:38:
                    31:8a:eb:5b:50:0e:94:c2:77:3d:62:83:37:87:f3:
                    e3:54:1f:21:8a:64:1a:ff:ef:2c:38:a1:cd:d9:54:
                    94:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:FB:77:52:61:C7:16:59:4B:17:17:84:83:A0:22:F1:74:7C:5B:11
            X509v3 Authority Key Identifier:
                keyid:D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3230352e302f32342d3234203d3e203230303135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.71.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:0b:f7:ff:fc:07:f1:6a:ca:95:aa:2e:f4:55:a1:ea:af:df:
         1c:cc:d4:fd:13:5b:1a:a4:0d:6a:6a:42:38:c3:82:eb:ff:6c:
         74:81:b6:ab:d7:52:4e:bf:a2:0e:00:f1:fb:87:03:2e:9b:98:
         46:13:9c:ca:10:21:54:52:4a:80:25:44:39:b6:71:bc:c5:2e:
         d4:c0:18:39:f0:ce:81:e3:ea:b0:eb:0a:81:92:c6:b1:b1:1d:
         bf:b6:2f:fb:db:51:ed:a0:f6:c0:28:d1:c5:03:e2:fb:a5:e9:
         59:ae:2c:22:f1:4f:0c:84:53:c1:f1:e1:a6:35:66:03:6d:d0:
         09:bb:95:c2:26:62:bd:5d:64:53:a5:c0:bd:df:da:df:3f:40:
         32:dd:9b:c2:18:6b:9a:6c:68:5c:7d:07:f9:05:cc:e5:dd:4f:
         80:b1:42:96:23:ac:4a:12:20:d7:69:67:6d:57:c6:51:eb:2b:
         f5:8a:b7:d6:8a:0c:99:e9:03:72:9f:2a:e7:ac:2d:52:a9:08:
         f6:c8:b9:f7:5a:ff:96:24:b6:18:da:df:e2:1f:a5:09:be:71:
         df:f4:c5:54:a0:00:64:3f:70:05:d2:ee:06:4c:4d:1d:7b:83:
         99:ec:37:07:a1:f2:cd:a2:55:34:7f:3c:ee:dc:a5:9d:94:0c:
         86:79:07:21
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUFAwL4eYe23cy3Xp0om5lHXSEKHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDYzNjhBMUNDQTQzOThBQzI0NUU4MDk2RkZGMkQ5QkQ1
MTVENDJGMzAeFw0yNDAzMDUxODA4MTNaFw0yNTAzMDQxODEzMTNaMDMxMTAvBgNV
BAMTKDg1RkI3NzUyNjFDNzE2NTk0QjE3MTc4NDgzQTAyMkYxNzQ3QzVCMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCP6aEPbN1i8W7FaFR8CFFqUAEW
XNwK7MTbvgHxsESEh7H1Oj5FERC/rCJ3pdHxfleH5aEpOeOc0i06zw/gIC9okECz
X+iZlyHNfIU5Do378YoX3ZjMGT9wR7KEUBmJ5V9mblQm1GTpktxKfxI6r0Bbe7Ol
EiN9cL6WlKbcyhcGwWW1g48k6aPsCKHJf6qA1xRaNX4DeHPZJMTOUtvLkx1a6MIO
OC1aCqgst9oU7Juqa5U0gTCvzZagsjEBewfSEnHC+P8x/e2g5VKwT8LarOQ7XUe0
3EYIW20miBQVnc0DODGK61tQDpTCdz1igzeH8+NUHyGKZBr/7yw4oc3ZVJRHAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUhft3UmHHFllLFxeEg6Ai8XR8WxEwHwYDVR0j
BBgwFoAU1jaKHMpDmKwkXoCW//LZvVFdQvMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMzAwQkNGMzdDQzdFQjNBMzE5RTdDOTJBM0Y4OUIyM0My
QjY1Q0VFNkUxRjE2QUUwN0VFRDcxMENDQzQwQ0ZFLzAvRDYzNjhBMUNDQTQzOThB
QzI0NUU4MDk2RkZGMkQ5QkQ1MTVENDJGMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjM2OEExQ0NBNDM5OEFDMjQ1
RTgwOTZGRkYyRDlCRDUxNUQ0MkYzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTMwMEJDRjM3Q0M3RUIzQTMxOUU3QzkyQTNGODlCMjNDMkI2NUNFRTZF
MUYxNkFFMDdFRUQ3MTBDQ0M0MENGRS8wLzMyMzAzMDJlMzczMTJlMzIzMDM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzEzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhHzTAN
BgkqhkiG9w0BAQsFAAOCAQEAcQv3//wH8WrKlaou9FWh6q/fHMzU/RNbGqQNampC
OMOC6/9sdIG2q9dSTr+iDgDx+4cDLpuYRhOcyhAhVFJKgCVEObZxvMUu1MAYOfDO
gePqsOsKgZLGsbEdv7Yv+9tR7aD2wCjRxQPi+6XpWa4sIvFPDIRTwfHhpjVmA23Q
CbuVwiZivV1kU6XAvd/a3z9AMt2bwhhrmmxoXH0H+QXM5d1PgLFCliOsShIg12ln
bVfGUesr9Yq31ooMmekDcp8q56wtUqkI9si591r/liS2GNrf4h+lCb5x3/TFVKAA
ZD9wBdLuBkxNHXuDmew3B6HyzaJVNH887tylnZQMhnkHIQ==
-----END CERTIFICATE-----
Generated at Wed Nov 20 06:22:16 2024 by rpki-client on console-ams.rpki-client.org