Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A32B1BA6E2293C3B7984DF1C37B14FC1AE752A67FC2759A805B071BDE1667ECF/0/3230302e36312e3233302e302f32342d3234203d3e203237373237.roa
File:                     3230302e36312e3233302e302f32342d3234203d3e203237373237.roa (raw, json)
Hash identifier:          kTUbuS5X9f912Lu35Mm0N13EgbspJz6g8evbFu30uek=
Subject key identifier:   2B:9A:F3:ED:BE:D9:5E:48:D9:DA:49:40:9B:2F:C1:66:79:2E:0D:E9
Certificate issuer:       /CN=B67146B78C50CEEB1BB25B62E08F49634E3414FD
Certificate serial:       65C33BB2BFFA7A5ED8A74CFF794BD2BBBF4793FC
Authority key identifier: B6:71:46:B7:8C:50:CE:EB:1B:B2:5B:62:E0:8F:49:63:4E:34:14:FD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B67146B78C50CEEB1BB25B62E08F49634E3414FD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A32B1BA6E2293C3B7984DF1C37B14FC1AE752A67FC2759A805B071BDE1667ECF/0/3230302e36312e3233302e302f32342d3234203d3e203237373237.roa
Signing time:             Tue 05 Mar 2024 17:56:39 +0000
ROA not before:           Tue 05 Mar 2024 17:51:39 +0000
ROA not after:            Tue 04 Mar 2025 17:56:39 +0000
asID:                     27727
IP address blocks:        200.61.230.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A32B1BA6E2293C3B7984DF1C37B14FC1AE752A67FC2759A805B071BDE1667ECF/0/B67146B78C50CEEB1BB25B62E08F49634E3414FD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A32B1BA6E2293C3B7984DF1C37B14FC1AE752A67FC2759A805B071BDE1667ECF/0/B67146B78C50CEEB1BB25B62E08F49634E3414FD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B67146B78C50CEEB1BB25B62E08F49634E3414FD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:c3:3b:b2:bf:fa:7a:5e:d8:a7:4c:ff:79:4b:d2:bb:bf:47:93:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B67146B78C50CEEB1BB25B62E08F49634E3414FD
        Validity
            Not Before: Mar  5 17:51:39 2024 GMT
            Not After : Mar  4 17:56:39 2025 GMT
        Subject: CN=2B9AF3EDBED95E48D9DA49409B2FC166792E0DE9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:98:17:78:0b:a8:2b:e7:af:62:78:e5:9d:b9:
                    31:23:d1:a5:49:7d:7f:23:a9:a5:ef:a9:71:a0:a0:
                    30:e7:df:26:e6:9e:99:5b:7f:9c:53:77:37:6f:ca:
                    51:51:d1:11:15:75:a4:6c:90:3d:ef:d1:e8:84:34:
                    ef:41:eb:37:bb:0e:a6:46:89:da:d7:e5:69:ce:d3:
                    3e:02:f0:d9:c6:d6:1a:98:7c:d9:98:22:a8:8f:e2:
                    7b:c3:c6:2e:00:b6:5d:c4:bf:5d:2c:ca:a7:20:62:
                    08:77:48:d8:53:63:5e:f3:6a:45:18:82:b7:a7:7a:
                    11:fc:f6:2c:69:da:b6:0b:22:cd:11:ae:b4:ce:d4:
                    f9:08:e5:46:ff:b9:3c:4c:fa:56:40:13:ed:b9:d3:
                    e2:84:fa:87:a4:32:f6:ef:87:8e:80:26:dc:0b:c3:
                    cd:e4:15:a5:a7:ab:3b:f7:c2:e2:25:0b:be:1f:f5:
                    15:af:b0:5e:5c:a8:fa:1b:38:3c:47:f5:56:23:79:
                    71:ea:42:6c:a7:0a:91:52:61:11:25:25:9d:e5:e4:
                    a3:ae:e6:97:27:2b:00:0d:41:ad:d2:d7:f2:01:7a:
                    b5:e5:73:5b:e9:c7:4d:36:0b:3c:2c:d2:72:d2:c1:
                    bc:44:3e:61:92:66:ea:ab:ea:3e:61:49:fe:b3:bc:
                    e1:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:9A:F3:ED:BE:D9:5E:48:D9:DA:49:40:9B:2F:C1:66:79:2E:0D:E9
            X509v3 Authority Key Identifier:
                keyid:B6:71:46:B7:8C:50:CE:EB:1B:B2:5B:62:E0:8F:49:63:4E:34:14:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A32B1BA6E2293C3B7984DF1C37B14FC1AE752A67FC2759A805B071BDE1667ECF/0/B67146B78C50CEEB1BB25B62E08F49634E3414FD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B67146B78C50CEEB1BB25B62E08F49634E3414FD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A32B1BA6E2293C3B7984DF1C37B14FC1AE752A67FC2759A805B071BDE1667ECF/0/3230302e36312e3233302e302f32342d3234203d3e203237373237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.61.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:cd:37:4e:cb:b5:72:d9:0c:2d:56:84:8a:8e:a0:7d:88:70:
         1a:27:85:de:58:f1:a5:06:97:ed:1c:6d:13:bd:d7:01:fe:42:
         0a:f1:0f:e7:5e:0b:9e:e9:b2:97:54:88:52:ee:bf:f0:aa:f1:
         a3:45:1b:1c:e9:64:d2:db:0d:39:16:95:2f:cc:d3:f0:18:d4:
         14:74:de:c9:9b:0b:1c:3a:05:e6:20:d8:ce:af:0a:7c:4c:01:
         60:f9:c2:b1:e0:18:b9:db:11:51:d4:08:c4:b0:77:aa:c1:d4:
         27:49:91:ab:49:d3:bc:0f:d3:f0:06:96:f4:73:96:5b:1c:23:
         df:97:3c:02:9c:47:80:ec:17:9b:27:ac:b9:6e:de:08:f8:cf:
         e3:67:79:b7:de:03:12:f4:66:2d:5c:86:da:e8:64:b6:16:95:
         09:38:16:d8:71:11:f0:40:11:ce:ab:84:1a:63:59:4c:01:1f:
         b1:65:e8:89:76:ad:6f:a5:39:9e:0c:f5:38:1c:77:63:36:fc:
         8c:e2:68:46:19:50:6f:0c:30:d9:f6:1e:90:e2:de:f4:63:93:
         0d:20:3e:55:e2:bf:46:c9:ef:4a:9d:36:bd:43:76:21:10:70:
         e6:08:18:e9:44:77:c0:c1:df:0e:71:eb:60:de:08:76:a9:c4:
         0c:f4:b2:8c
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUZcM7sr/6el7Yp0z/eUvSu79Hk/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjY3MTQ2Qjc4QzUwQ0VFQjFCQjI1QjYyRTA4RjQ5NjM0
RTM0MTRGRDAeFw0yNDAzMDUxNzUxMzlaFw0yNTAzMDQxNzU2MzlaMDMxMTAvBgNV
BAMTKDJCOUFGM0VEQkVEOTVFNDhEOURBNDk0MDlCMkZDMTY2NzkyRTBERTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKmBd4C6gr569ieOWduTEj0aVJ
fX8jqaXvqXGgoDDn3ybmnplbf5xTdzdvylFR0REVdaRskD3v0eiENO9B6ze7DqZG
idrX5WnO0z4C8NnG1hqYfNmYIqiP4nvDxi4Atl3Ev10syqcgYgh3SNhTY17zakUY
grenehH89ixp2rYLIs0RrrTO1PkI5Ub/uTxM+lZAE+250+KE+oekMvbvh46AJtwL
w83kFaWnqzv3wuIlC74f9RWvsF5cqPobODxH9VYjeXHqQmynCpFSYRElJZ3l5KOu
5pcnKwANQa3S1/IBerXlc1vpx002Czws0nLSwbxEPmGSZuqr6j5hSf6zvOHlAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUK5rz7b7ZXkjZ2klAmy/BZnkuDekwHwYDVR0j
BBgwFoAUtnFGt4xQzusbslti4I9JY040FP0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMzJCMUJBNkUyMjkzQzNCNzk4NERGMUMzN0IxNEZDMUFF
NzUyQTY3RkMyNzU5QTgwNUIwNzFCREUxNjY3RUNGLzAvQjY3MTQ2Qjc4QzUwQ0VF
QjFCQjI1QjYyRTA4RjQ5NjM0RTM0MTRGRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CNjcxNDZCNzhDNTBDRUVCMUJC
MjVCNjJFMDhGNDk2MzRFMzQxNEZELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTMyQjFCQTZFMjI5M0MzQjc5ODRERjFDMzdCMTRGQzFBRTc1MkE2N0ZD
Mjc1OUE4MDVCMDcxQkRFMTY2N0VDRi8wLzMyMzAzMDJlMzYzMTJlMzIzMzMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM3MzIzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg95jAN
BgkqhkiG9w0BAQsFAAOCAQEAVM03Tsu1ctkMLVaEio6gfYhwGieF3ljxpQaX7Rxt
E73XAf5CCvEP514Lnumyl1SIUu6/8Krxo0UbHOlk0tsNORaVL8zT8BjUFHTeyZsL
HDoF5iDYzq8KfEwBYPnCseAYudsRUdQIxLB3qsHUJ0mRq0nTvA/T8AaW9HOWWxwj
35c8ApxHgOwXmyesuW7eCPjP42d5t94DEvRmLVyG2uhkthaVCTgW2HER8EARzquE
GmNZTAEfsWXoiXatb6U5ngz1OBx3Yzb8jOJoRhlQbwww2fYekOLe9GOTDSA+VeK/
RsnvSp02vUN2IRBw5ggY6UR3wMHfDnHrYN4IdqnEDPSyjA==
-----END CERTIFICATE-----
Generated at Wed Nov 20 10:24:16 2024 by rpki-client on console-fra.rpki-client.org