Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3231362e302f32342d3234203d3e203230303135.roa
File:                     3230302e37312e3231362e302f32342d3234203d3e203230303135.roa (raw, json)
Hash identifier:          nXflYYtHgQXxy+2x4quaIaSaDWOo/SiSUr8gIDOM01s=
Subject key identifier:   09:17:3D:61:FB:85:2C:26:F0:D0:D8:67:F4:07:DE:17:61:47:58:F0
Certificate issuer:       /CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
Certificate serial:       58CDD98326D3474902F1F8B75DCD291813783C7A
Authority key identifier: D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3231362e302f32342d3234203d3e203230303135.roa
Signing time:             Tue 05 Mar 2024 18:13:18 +0000
ROA not before:           Tue 05 Mar 2024 18:08:18 +0000
ROA not after:            Tue 04 Mar 2025 18:13:18 +0000
asID:                     20015
IP address blocks:        200.71.216.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:cd:d9:83:26:d3:47:49:02:f1:f8:b7:5d:cd:29:18:13:78:3c:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
        Validity
            Not Before: Mar  5 18:08:18 2024 GMT
            Not After : Mar  4 18:13:18 2025 GMT
        Subject: CN=09173D61FB852C26F0D0D867F407DE17614758F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:04:68:8b:7c:ff:49:17:dc:e4:fa:3d:ab:14:
                    73:5f:1d:27:cf:2d:5d:62:0e:82:17:8c:db:b8:9e:
                    b1:0f:2c:ff:d1:2a:d1:d8:2e:2c:18:99:a3:b3:f9:
                    9e:44:71:1d:73:a9:21:0c:24:a3:62:a2:44:08:8e:
                    33:37:2d:be:ac:b4:75:4b:54:91:8c:8a:7f:4c:65:
                    cc:b7:36:25:00:24:d9:c2:59:db:20:24:01:bc:d6:
                    9f:70:47:70:e2:c4:47:a4:eb:8d:19:81:f7:97:1a:
                    94:b6:2d:b6:4f:b8:b6:4a:61:ce:91:23:de:c5:b7:
                    81:a1:50:97:e5:60:9c:30:1e:cc:30:86:6c:f3:10:
                    df:82:0b:bb:d3:f7:ab:d6:af:30:cd:96:70:83:3e:
                    81:fb:66:25:25:ec:3f:fd:34:bb:ba:d0:a4:fd:3f:
                    01:71:06:1e:79:e0:13:c1:b0:7e:7e:4e:84:73:1e:
                    f9:a4:39:bc:6f:d2:78:83:60:1f:e7:87:b3:30:65:
                    d4:e3:ec:ae:15:98:c3:44:50:e2:d1:d7:c8:43:bd:
                    a8:71:31:e0:c0:3b:24:cc:de:30:22:cf:32:99:df:
                    75:01:0a:83:a6:ba:7e:f2:63:f3:0b:de:c7:34:93:
                    d3:e3:6b:88:9f:ab:c1:24:1a:01:b0:90:01:fc:e7:
                    91:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:17:3D:61:FB:85:2C:26:F0:D0:D8:67:F4:07:DE:17:61:47:58:F0
            X509v3 Authority Key Identifier:
                keyid:D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3231362e302f32342d3234203d3e203230303135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.71.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:6f:fe:d6:ec:84:2b:d4:b7:12:01:f4:35:70:76:8b:d8:0d:
         36:d0:12:e6:ea:de:71:67:65:9d:ab:d4:1e:29:02:23:9a:63:
         72:fa:67:40:c8:68:4b:bc:7d:1b:ae:09:15:9e:3b:f2:36:2a:
         87:13:6f:5d:6a:45:b6:e7:ee:c3:33:c1:0e:ce:d0:5f:92:7e:
         18:54:b8:62:b3:a4:5a:58:81:7a:af:83:d1:47:82:28:41:68:
         4a:9f:b1:12:33:96:1b:5a:c2:b1:6d:f8:c4:9f:aa:05:18:54:
         b3:c1:35:ca:ae:62:df:12:34:32:2b:89:00:06:f8:e2:aa:4e:
         a2:02:d5:2e:aa:45:bf:91:74:a9:26:e5:6e:b3:cc:61:6c:c0:
         ce:d9:31:df:0d:80:54:e2:71:75:c2:2e:1d:e4:78:11:9b:e7:
         82:19:ee:31:11:b4:80:64:e5:44:9b:95:c6:28:27:00:91:e1:
         77:2d:96:bf:3e:1e:d4:05:9b:57:81:d1:3e:f8:4a:26:16:35:
         36:62:5a:dd:9a:1c:6c:85:bd:e0:a7:24:0b:4b:1c:b0:24:85:
         7c:14:03:8c:03:7d:2c:0b:da:7e:0c:3e:79:6b:3e:b7:a3:c5:
         47:bb:67:78:5e:1b:2b:ae:48:0c:e5:1b:24:e2:58:7e:05:0f:
         9a:80:18:f2
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUWM3ZgybTR0kC8fi3Xc0pGBN4PHowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDYzNjhBMUNDQTQzOThBQzI0NUU4MDk2RkZGMkQ5QkQ1
MTVENDJGMzAeFw0yNDAzMDUxODA4MThaFw0yNTAzMDQxODEzMThaMDMxMTAvBgNV
BAMTKDA5MTczRDYxRkI4NTJDMjZGMEQwRDg2N0Y0MDdERTE3NjE0NzU4RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQBGiLfP9JF9zk+j2rFHNfHSfP
LV1iDoIXjNu4nrEPLP/RKtHYLiwYmaOz+Z5EcR1zqSEMJKNiokQIjjM3Lb6stHVL
VJGMin9MZcy3NiUAJNnCWdsgJAG81p9wR3DixEek640ZgfeXGpS2LbZPuLZKYc6R
I97Ft4GhUJflYJwwHswwhmzzEN+CC7vT96vWrzDNlnCDPoH7ZiUl7D/9NLu60KT9
PwFxBh554BPBsH5+ToRzHvmkObxv0niDYB/nh7MwZdTj7K4VmMNEUOLR18hDvahx
MeDAOyTM3jAizzKZ33UBCoOmun7yY/ML3sc0k9Pja4ifq8EkGgGwkAH855FRAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUCRc9YfuFLCbw0Nhn9AfeF2FHWPAwHwYDVR0j
BBgwFoAU1jaKHMpDmKwkXoCW//LZvVFdQvMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMzAwQkNGMzdDQzdFQjNBMzE5RTdDOTJBM0Y4OUIyM0My
QjY1Q0VFNkUxRjE2QUUwN0VFRDcxMENDQzQwQ0ZFLzAvRDYzNjhBMUNDQTQzOThB
QzI0NUU4MDk2RkZGMkQ5QkQ1MTVENDJGMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjM2OEExQ0NBNDM5OEFDMjQ1
RTgwOTZGRkYyRDlCRDUxNUQ0MkYzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTMwMEJDRjM3Q0M3RUIzQTMxOUU3QzkyQTNGODlCMjNDMkI2NUNFRTZF
MUYxNkFFMDdFRUQ3MTBDQ0M0MENGRS8wLzMyMzAzMDJlMzczMTJlMzIzMTM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzEzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhH2DAN
BgkqhkiG9w0BAQsFAAOCAQEAn2/+1uyEK9S3EgH0NXB2i9gNNtAS5urecWdlnavU
HikCI5pjcvpnQMhoS7x9G64JFZ478jYqhxNvXWpFtufuwzPBDs7QX5J+GFS4YrOk
WliBeq+D0UeCKEFoSp+xEjOWG1rCsW34xJ+qBRhUs8E1yq5i3xI0MiuJAAb44qpO
ogLVLqpFv5F0qSblbrPMYWzAztkx3w2AVOJxdcIuHeR4EZvnghnuMRG0gGTlRJuV
xignAJHhdy2Wvz4e1AWbV4HRPvhKJhY1NmJa3ZocbIW94KckC0scsCSFfBQDjAN9
LAvafgw+eWs+t6PFR7tneF4bK65IDOUbJOJYfgUPmoAY8g==
-----END CERTIFICATE-----
Generated at Wed Nov 20 06:22:16 2024 by rpki-client on console-ams.rpki-client.org