Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A45308AC7B8B6721D8B047F6881057483750FDCD98CFE1E6A59B3804FD2A3518/0/3230302e312e38362e302f32342d3234203d3e203134303830.roa
File:                     3230302e312e38362e302f32342d3234203d3e203134303830.roa (raw, json)
Hash identifier:          blaBs5Xa264oCd92JAQZGvqSd9DueONMt+hddnRCotY=
Subject key identifier:   22:E1:E1:3F:CB:03:D2:14:EF:D3:A9:84:DB:50:FF:AD:B6:62:7C:A2
Certificate issuer:       /CN=152845E4E3A45AE6EA039DF97CCF007834368F13
Certificate serial:       57D0554E33D5DFC96D989EB238A59B301ED582CB
Authority key identifier: 15:28:45:E4:E3:A4:5A:E6:EA:03:9D:F9:7C:CF:00:78:34:36:8F:13
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/152845E4E3A45AE6EA039DF97CCF007834368F13.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A45308AC7B8B6721D8B047F6881057483750FDCD98CFE1E6A59B3804FD2A3518/0/3230302e312e38362e302f32342d3234203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 18:22:08 +0000
ROA not before:           Tue 05 Mar 2024 18:17:08 +0000
ROA not after:            Tue 04 Mar 2025 18:22:08 +0000
asID:                     14080
IP address blocks:        200.1.86.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A45308AC7B8B6721D8B047F6881057483750FDCD98CFE1E6A59B3804FD2A3518/0/152845E4E3A45AE6EA039DF97CCF007834368F13.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A45308AC7B8B6721D8B047F6881057483750FDCD98CFE1E6A59B3804FD2A3518/0/152845E4E3A45AE6EA039DF97CCF007834368F13.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/152845E4E3A45AE6EA039DF97CCF007834368F13.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 10:27:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:d0:55:4e:33:d5:df:c9:6d:98:9e:b2:38:a5:9b:30:1e:d5:82:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=152845E4E3A45AE6EA039DF97CCF007834368F13
        Validity
            Not Before: Mar  5 18:17:08 2024 GMT
            Not After : Mar  4 18:22:08 2025 GMT
        Subject: CN=22E1E13FCB03D214EFD3A984DB50FFADB6627CA2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:8c:8f:6d:db:b9:28:3d:55:fc:6f:ba:b9:e1:
                    71:1f:d2:84:60:52:70:8a:7f:97:85:b3:0f:d1:82:
                    ff:2e:f8:01:cf:58:38:54:81:03:32:80:d7:7a:71:
                    33:37:8f:8a:d5:38:98:6d:fe:62:0b:9d:17:4a:47:
                    b8:90:f3:7a:32:0c:34:73:b1:01:01:f1:ee:6b:d0:
                    d8:b3:1c:84:56:30:cf:fe:85:f3:57:7f:52:0b:44:
                    64:1d:4b:a1:99:09:de:82:91:88:6e:db:1d:7d:b6:
                    5b:8b:22:ca:bf:bb:52:fc:78:87:d1:fc:7b:2d:ae:
                    a3:c9:a2:c9:92:d2:be:fa:7a:9e:e2:28:52:13:e5:
                    f0:26:aa:06:2c:d1:30:cd:89:5c:24:d4:c3:cc:28:
                    76:2e:34:55:bd:e4:65:9a:6a:42:92:8b:3b:f0:70:
                    88:4c:5d:1a:32:14:75:67:e5:cc:ad:1d:34:20:23:
                    10:06:41:f7:1c:d9:59:12:ca:43:98:e9:3c:94:70:
                    9c:de:73:89:d1:be:dd:49:7e:b8:e8:e7:66:d6:a1:
                    36:b1:37:28:13:22:ec:06:05:80:a3:18:e4:d6:9a:
                    1a:71:c8:b4:5c:c8:17:c7:aa:4d:b3:4f:b2:f7:73:
                    b9:f3:94:16:b6:28:4a:e0:a8:62:cf:3f:ae:c7:73:
                    95:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:E1:E1:3F:CB:03:D2:14:EF:D3:A9:84:DB:50:FF:AD:B6:62:7C:A2
            X509v3 Authority Key Identifier:
                keyid:15:28:45:E4:E3:A4:5A:E6:EA:03:9D:F9:7C:CF:00:78:34:36:8F:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A45308AC7B8B6721D8B047F6881057483750FDCD98CFE1E6A59B3804FD2A3518/0/152845E4E3A45AE6EA039DF97CCF007834368F13.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/152845E4E3A45AE6EA039DF97CCF007834368F13.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A45308AC7B8B6721D8B047F6881057483750FDCD98CFE1E6A59B3804FD2A3518/0/3230302e312e38362e302f32342d3234203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.1.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:41:6f:df:f3:56:2b:88:f8:c0:97:92:db:39:ca:be:63:42:
         dc:94:b9:ee:3f:dc:2a:19:ae:6c:21:4b:5b:4a:3f:e4:c4:02:
         ea:de:85:b2:b3:5b:c8:33:e6:f9:85:16:55:97:34:34:4c:e0:
         24:fe:a3:51:38:15:32:28:f7:ae:2e:3e:b6:2b:b4:4f:10:12:
         6d:8f:89:51:ce:ec:37:45:f4:f0:8f:e2:6f:08:55:35:40:69:
         8a:37:5a:5d:0f:41:3a:0b:db:3a:c7:dd:54:b8:25:47:f2:2d:
         8d:56:6d:bd:3d:97:33:15:30:20:fe:fd:e6:d8:c5:09:62:54:
         b8:cf:09:3d:bf:a1:20:0b:3f:56:ce:7c:3b:97:a3:04:7f:99:
         4c:4f:79:c0:00:a3:37:b2:6b:10:09:66:f6:ee:74:05:41:27:
         70:09:33:88:b4:26:8f:23:d0:93:3b:47:c9:7a:5d:41:42:ee:
         c8:4e:f8:6f:63:47:a9:fa:9c:3a:1c:1f:73:a6:19:6f:a3:a9:
         c5:c5:c7:cc:00:74:ab:85:1d:49:b8:11:0b:2a:4f:df:ff:4e:
         27:36:27:4c:bd:e3:52:0a:93:5c:e9:b9:fd:a1:a0:38:11:a7:
         7d:74:ff:f6:54:f6:5c:e9:b7:01:0f:9e:6a:d8:45:ad:57:3f:
         e6:b2:66:e0
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUV9BVTjPV38ltmJ6yOKWbMB7VgsswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTUyODQ1RTRFM0E0NUFFNkVBMDM5REY5N0NDRjAwNzgz
NDM2OEYxMzAeFw0yNDAzMDUxODE3MDhaFw0yNTAzMDQxODIyMDhaMDMxMTAvBgNV
BAMTKDIyRTFFMTNGQ0IwM0QyMTRFRkQzQTk4NERCNTBGRkFEQjY2MjdDQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBjI9t27koPVX8b7q54XEf0oRg
UnCKf5eFsw/Rgv8u+AHPWDhUgQMygNd6cTM3j4rVOJht/mILnRdKR7iQ83oyDDRz
sQEB8e5r0NizHIRWMM/+hfNXf1ILRGQdS6GZCd6CkYhu2x19tluLIsq/u1L8eIfR
/HstrqPJosmS0r76ep7iKFIT5fAmqgYs0TDNiVwk1MPMKHYuNFW95GWaakKSizvw
cIhMXRoyFHVn5cytHTQgIxAGQfcc2VkSykOY6TyUcJzec4nRvt1Jfrjo52bWoTax
NygTIuwGBYCjGOTWmhpxyLRcyBfHqk2zT7L3c7nzlBa2KErgqGLPP67Hc5UNAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUIuHhP8sD0hTv06mE21D/rbZifKIwHwYDVR0j
BBgwFoAUFShF5OOkWubqA535fM8AeDQ2jxMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BNDUzMDhBQzdCOEI2NzIxRDhCMDQ3RjY4ODEwNTc0ODM3
NTBGRENEOThDRkUxRTZBNTlCMzgwNEZEMkEzNTE4LzAvMTUyODQ1RTRFM0E0NUFF
NkVBMDM5REY5N0NDRjAwNzgzNDM2OEYxMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNTI4NDVFNEUzQTQ1QUU2RUEw
MzlERjk3Q0NGMDA3ODM0MzY4RjEzLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTQ1MzA4QUM3QjhCNjcyMUQ4QjA0N0Y2ODgxMDU3NDgzNzUwRkRDRDk4
Q0ZFMUU2QTU5QjM4MDRGRDJBMzUxOC8wLzMyMzAzMDJlMzEyZTM4MzYyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzAzODMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyAFWMA0GCSqG
SIb3DQEBCwUAA4IBAQA5QW/f81YriPjAl5LbOcq+Y0LclLnuP9wqGa5sIUtbSj/k
xALq3oWys1vIM+b5hRZVlzQ0TOAk/qNROBUyKPeuLj62K7RPEBJtj4lRzuw3RfTw
j+JvCFU1QGmKN1pdD0E6C9s6x91UuCVH8i2NVm29PZczFTAg/v3m2MUJYlS4zwk9
v6EgCz9Wznw7l6MEf5lMT3nAAKM3smsQCWb27nQFQSdwCTOItCaPI9CTO0fJel1B
Qu7ITvhvY0ep+pw6HB9zphlvo6nFxcfMAHSrhR1JuBELKk/f/04nNidMveNSCpNc
6bn9oaA4Ead9dP/2VPZc6bcBD55q2EWtVz/msmbg
-----END CERTIFICATE-----
Generated at Sat Jun 22 11:50:25 2024 by rpki-client on console-fra.rpki-client.org