Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3232302e302f32342d3234203d3e203230303135.roa
File:                     3230302e37312e3232302e302f32342d3234203d3e203230303135.roa (raw, json)
Hash identifier:          EOsTOMp3ibY5TAHdAhrSZCyHb9aNRgEUpg81UFyld3A=
Subject key identifier:   B5:B5:81:EC:D1:31:4F:66:EE:CD:7D:4F:89:49:6A:3F:86:E2:71:DA
Certificate issuer:       /CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
Certificate serial:       4F672ABF83FF19CBB76FEB6381744C49EDF837AE
Authority key identifier: D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3232302e302f32342d3234203d3e203230303135.roa
Signing time:             Tue 05 Mar 2024 18:13:18 +0000
ROA not before:           Tue 05 Mar 2024 18:08:18 +0000
ROA not after:            Tue 04 Mar 2025 18:13:18 +0000
asID:                     20015
IP address blocks:        200.71.220.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:67:2a:bf:83:ff:19:cb:b7:6f:eb:63:81:74:4c:49:ed:f8:37:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
        Validity
            Not Before: Mar  5 18:08:18 2024 GMT
            Not After : Mar  4 18:13:18 2025 GMT
        Subject: CN=B5B581ECD1314F66EECD7D4F89496A3F86E271DA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:09:59:be:2e:bc:b6:8d:e5:bc:2f:e7:0b:15:
                    ea:c0:7c:41:bd:60:61:51:e0:c7:61:c9:df:2a:12:
                    e3:04:55:d1:e9:02:31:b0:64:94:5b:1d:c7:3e:d6:
                    3d:fe:e5:91:15:0a:0c:19:2e:cc:a6:be:fe:75:d1:
                    2b:e3:fb:af:30:1e:be:43:e0:16:7d:34:26:06:18:
                    fc:8d:83:ac:89:38:5d:d4:a0:5d:59:67:ca:53:7b:
                    0d:fc:e0:55:f5:08:28:b9:df:30:36:6d:af:33:ee:
                    c6:cc:5d:1b:98:8b:17:36:af:b5:bd:3c:90:1f:3b:
                    e7:59:67:52:a7:46:81:18:40:c9:5b:0c:a6:ee:e1:
                    3a:4c:8c:72:d0:42:0e:29:d2:66:cb:42:8f:ff:b7:
                    e5:cb:3f:74:c1:a7:27:35:d0:61:c1:1b:7a:7a:ad:
                    f9:17:5b:17:e0:77:78:32:fd:ee:50:e7:99:e4:4f:
                    1d:06:c6:ff:ec:29:46:14:73:a4:ba:d8:81:2a:af:
                    ce:8a:6c:42:1f:81:49:15:ab:e1:01:79:c5:13:68:
                    8e:a4:a3:97:e5:f5:39:89:71:6a:4f:43:2a:87:76:
                    ad:a2:11:16:66:f3:ab:a7:fe:49:b5:78:0f:36:67:
                    00:2e:be:dd:47:e1:09:fe:f6:97:9e:7e:b0:98:a9:
                    9e:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:B5:81:EC:D1:31:4F:66:EE:CD:7D:4F:89:49:6A:3F:86:E2:71:DA
            X509v3 Authority Key Identifier:
                keyid:D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3232302e302f32342d3234203d3e203230303135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.71.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:dc:af:0d:e3:ac:64:77:5f:fa:10:69:e9:e4:f9:d8:a6:90:
         66:26:15:c7:d3:fe:11:47:d5:a4:7c:d5:1a:99:0e:b9:7f:a0:
         22:52:37:92:44:0e:06:e8:df:8b:42:7c:c9:ee:15:a3:7e:30:
         71:64:d4:2d:08:47:3b:c6:15:82:32:9c:59:b3:e6:85:0c:14:
         48:7b:03:5f:bd:a1:03:09:9f:e1:c5:7d:e8:ab:ef:a0:32:4f:
         6e:6c:de:fa:50:d1:79:42:59:4b:fc:ef:11:32:70:70:47:fb:
         24:44:74:04:96:8d:62:c0:47:0d:a1:40:c1:55:a4:b2:13:d3:
         fc:29:4e:f9:27:e7:c9:62:be:60:11:80:5a:87:9e:a1:c2:d9:
         7f:a4:c2:4b:f5:af:3c:cd:58:21:63:84:92:5a:8d:6b:51:73:
         a7:bc:ed:d6:5d:d4:98:63:bd:46:09:8f:c7:01:54:28:07:63:
         9d:0c:1b:12:29:4b:d6:e3:50:6c:fb:c7:40:7c:ca:b9:3d:52:
         6e:83:e0:44:89:89:ad:54:db:2b:20:97:30:bb:7c:f6:3d:27:
         84:40:92:8c:03:94:f1:1b:db:4b:92:be:75:96:6e:6e:b4:b7:
         0f:4d:a4:43:a1:6f:7e:7d:80:90:ac:de:81:b6:88:c8:5d:ed:
         68:5a:c0:87
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUT2cqv4P/Gcu3b+tjgXRMSe34N64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDYzNjhBMUNDQTQzOThBQzI0NUU4MDk2RkZGMkQ5QkQ1
MTVENDJGMzAeFw0yNDAzMDUxODA4MThaFw0yNTAzMDQxODEzMThaMDMxMTAvBgNV
BAMTKEI1QjU4MUVDRDEzMTRGNjZFRUNEN0Q0Rjg5NDk2QTNGODZFMjcxREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0CVm+Lry2jeW8L+cLFerAfEG9
YGFR4Mdhyd8qEuMEVdHpAjGwZJRbHcc+1j3+5ZEVCgwZLsymvv510Svj+68wHr5D
4BZ9NCYGGPyNg6yJOF3UoF1ZZ8pTew384FX1CCi53zA2ba8z7sbMXRuYixc2r7W9
PJAfO+dZZ1KnRoEYQMlbDKbu4TpMjHLQQg4p0mbLQo//t+XLP3TBpyc10GHBG3p6
rfkXWxfgd3gy/e5Q55nkTx0Gxv/sKUYUc6S62IEqr86KbEIfgUkVq+EBecUTaI6k
o5fl9TmJcWpPQyqHdq2iERZm86un/km1eA82ZwAuvt1H4Qn+9peefrCYqZ7BAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUtbWB7NExT2buzX1PiUlqP4bicdowHwYDVR0j
BBgwFoAU1jaKHMpDmKwkXoCW//LZvVFdQvMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMzAwQkNGMzdDQzdFQjNBMzE5RTdDOTJBM0Y4OUIyM0My
QjY1Q0VFNkUxRjE2QUUwN0VFRDcxMENDQzQwQ0ZFLzAvRDYzNjhBMUNDQTQzOThB
QzI0NUU4MDk2RkZGMkQ5QkQ1MTVENDJGMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjM2OEExQ0NBNDM5OEFDMjQ1
RTgwOTZGRkYyRDlCRDUxNUQ0MkYzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTMwMEJDRjM3Q0M3RUIzQTMxOUU3QzkyQTNGODlCMjNDMkI2NUNFRTZF
MUYxNkFFMDdFRUQ3MTBDQ0M0MENGRS8wLzMyMzAzMDJlMzczMTJlMzIzMjMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzEzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhH3DAN
BgkqhkiG9w0BAQsFAAOCAQEAO9yvDeOsZHdf+hBp6eT52KaQZiYVx9P+EUfVpHzV
GpkOuX+gIlI3kkQOBujfi0J8ye4Vo34wcWTULQhHO8YVgjKcWbPmhQwUSHsDX72h
Awmf4cV96KvvoDJPbmze+lDReUJZS/zvETJwcEf7JER0BJaNYsBHDaFAwVWkshPT
/ClO+SfnyWK+YBGAWoeeocLZf6TCS/WvPM1YIWOEklqNa1Fzp7zt1l3UmGO9RgmP
xwFUKAdjnQwbEilL1uNQbPvHQHzKuT1SboPgRImJrVTbKyCXMLt89j0nhECSjAOU
8RvbS5K+dZZubrS3D02kQ6Fvfn2AkKzegbaIyF3taFrAhw==
-----END CERTIFICATE-----
Generated at Wed Nov 20 05:43:19 2024 by rpki-client on console-fra.rpki-client.org