Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AA65778EA2BA3F645381CFB03A90993513067039B2404F9272E8401B13C62151/0/3137392e302e3230342e302f32342d3234203d3e20313938393439.roa
File:                     3137392e302e3230342e302f32342d3234203d3e20313938393439.roa (raw, json)
Hash identifier:          t30QQTwlgHMmgelVSsYT8+Dwr2oLaqd4kMMgZMkys2k=
Subject key identifier:   9D:3D:C6:3A:30:2C:AD:D5:1E:AA:3A:7D:66:FF:2E:99:1E:EB:CC:E2
Certificate issuer:       /CN=63DAFE7C6D072AD758B2EAA7C654C528C8DD256B
Certificate serial:       61718015D53164F379431E3952B07F673D0A7278
Authority key identifier: 63:DA:FE:7C:6D:07:2A:D7:58:B2:EA:A7:C6:54:C5:28:C8:DD:25:6B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/63DAFE7C6D072AD758B2EAA7C654C528C8DD256B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AA65778EA2BA3F645381CFB03A90993513067039B2404F9272E8401B13C62151/0/3137392e302e3230342e302f32342d3234203d3e20313938393439.roa
Signing time:             Tue 05 Mar 2024 17:44:16 +0000
ROA not before:           Tue 05 Mar 2024 17:39:16 +0000
ROA not after:            Tue 04 Mar 2025 17:44:16 +0000
asID:                     198949
IP address blocks:        179.0.204.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/AA65778EA2BA3F645381CFB03A90993513067039B2404F9272E8401B13C62151/0/63DAFE7C6D072AD758B2EAA7C654C528C8DD256B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/AA65778EA2BA3F645381CFB03A90993513067039B2404F9272E8401B13C62151/0/63DAFE7C6D072AD758B2EAA7C654C528C8DD256B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/63DAFE7C6D072AD758B2EAA7C654C528C8DD256B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:71:80:15:d5:31:64:f3:79:43:1e:39:52:b0:7f:67:3d:0a:72:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63DAFE7C6D072AD758B2EAA7C654C528C8DD256B
        Validity
            Not Before: Mar  5 17:39:16 2024 GMT
            Not After : Mar  4 17:44:16 2025 GMT
        Subject: CN=9D3DC63A302CADD51EAA3A7D66FF2E991EEBCCE2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:04:cb:1c:a1:e3:7e:a7:75:8a:bd:09:41:71:
                    6c:7e:54:7a:b1:0f:e9:e7:7b:98:14:31:cb:71:4b:
                    df:25:57:78:52:54:dc:56:23:ef:0a:5f:37:f0:75:
                    f1:36:a5:2b:f5:4d:eb:94:1f:38:ce:5d:95:b5:27:
                    b3:be:24:82:9c:99:03:58:1c:49:92:38:df:49:e9:
                    5a:be:01:a2:45:ea:3b:2c:29:e2:0a:bf:66:8e:8b:
                    fd:db:0a:2c:97:91:c7:7d:ad:0f:2d:b3:50:d5:0e:
                    a5:1f:b3:ca:ce:da:ec:33:d4:b3:5d:45:7c:4b:4b:
                    f1:a1:70:68:19:02:6b:6e:42:5c:43:bc:42:af:50:
                    23:28:eb:41:f5:39:40:fe:c8:44:93:c8:86:f3:dd:
                    ae:85:b3:f8:85:b4:55:f6:fe:67:ca:93:2c:41:42:
                    40:30:69:d1:ac:29:f9:44:a0:63:a2:ca:5c:1f:41:
                    72:fe:fb:e5:0e:dd:11:8a:38:de:08:4f:c7:13:e7:
                    be:0d:1c:1c:c4:49:2d:ee:9b:34:e6:85:51:94:60:
                    c8:9a:97:94:c7:68:d6:c2:fa:9d:17:4a:d4:0e:26:
                    88:5e:70:26:b7:be:bb:70:bd:6a:c5:9f:d4:9c:a9:
                    ec:de:72:57:28:cd:a7:9e:d7:a2:e4:14:fc:99:c0:
                    eb:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:3D:C6:3A:30:2C:AD:D5:1E:AA:3A:7D:66:FF:2E:99:1E:EB:CC:E2
            X509v3 Authority Key Identifier:
                keyid:63:DA:FE:7C:6D:07:2A:D7:58:B2:EA:A7:C6:54:C5:28:C8:DD:25:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AA65778EA2BA3F645381CFB03A90993513067039B2404F9272E8401B13C62151/0/63DAFE7C6D072AD758B2EAA7C654C528C8DD256B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/63DAFE7C6D072AD758B2EAA7C654C528C8DD256B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AA65778EA2BA3F645381CFB03A90993513067039B2404F9272E8401B13C62151/0/3137392e302e3230342e302f32342d3234203d3e20313938393439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.0.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:ea:36:18:6c:3e:96:7a:21:1a:df:37:35:94:cc:3a:56:15:
         7b:47:e6:09:4d:69:b9:47:fb:58:a4:34:b6:6d:99:14:df:61:
         5b:8b:b3:d4:00:59:4c:29:70:0c:28:5e:d5:fe:fa:80:52:95:
         1e:63:66:90:a9:29:54:66:fa:d3:d0:71:79:58:5e:35:f9:50:
         b0:e9:92:b2:f5:6c:bd:30:de:28:ed:52:26:39:f7:bc:43:52:
         93:55:9d:43:c9:29:d2:0d:d4:20:8c:c0:c2:66:86:20:96:01:
         43:4e:0b:3e:39:30:54:bc:7a:db:72:85:12:d5:3c:00:eb:69:
         b4:92:a7:07:0d:69:0a:8e:f8:96:fc:67:df:3e:a2:2e:fc:f7:
         85:c6:98:0c:09:3f:c5:78:5f:3c:d5:f0:7d:f4:f1:c1:58:b5:
         f2:7b:71:fa:c3:a5:9d:a1:48:df:e2:9a:c1:97:81:60:71:8d:
         d7:d4:14:db:4a:59:97:7d:28:4e:4f:a0:b2:c5:32:f9:c4:aa:
         89:a3:5b:64:6a:ea:34:67:13:08:54:30:32:36:f1:56:a0:4f:
         e2:21:35:04:e6:75:91:d5:4a:cf:0c:41:4c:ab:3b:e2:b5:63:
         4c:51:d7:55:83:e5:70:40:e3:33:2d:ed:a9:8c:ec:55:fc:8d:
         f2:81:9a:fe
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUYXGAFdUxZPN5Qx45UrB/Zz0KcngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjNEQUZFN0M2RDA3MkFENzU4QjJFQUE3QzY1NEM1MjhD
OEREMjU2QjAeFw0yNDAzMDUxNzM5MTZaFw0yNTAzMDQxNzQ0MTZaMDMxMTAvBgNV
BAMTKDlEM0RDNjNBMzAyQ0FERDUxRUFBM0E3RDY2RkYyRTk5MUVFQkNDRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIBMscoeN+p3WKvQlBcWx+VHqx
D+nne5gUMctxS98lV3hSVNxWI+8KXzfwdfE2pSv1TeuUHzjOXZW1J7O+JIKcmQNY
HEmSON9J6Vq+AaJF6jssKeIKv2aOi/3bCiyXkcd9rQ8ts1DVDqUfs8rO2uwz1LNd
RXxLS/GhcGgZAmtuQlxDvEKvUCMo60H1OUD+yESTyIbz3a6Fs/iFtFX2/mfKkyxB
QkAwadGsKflEoGOiylwfQXL+++UO3RGKON4IT8cT574NHBzESS3umzTmhVGUYMia
l5THaNbC+p0XStQOJohecCa3vrtwvWrFn9Scqezeclcozaee16LkFPyZwOvzAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUnT3GOjAsrdUeqjp9Zv8umR7rzOIwHwYDVR0j
BBgwFoAUY9r+fG0HKtdYsuqnxlTFKMjdJWswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQTY1Nzc4RUEyQkEzRjY0NTM4MUNGQjAzQTkwOTkzNTEz
MDY3MDM5QjI0MDRGOTI3MkU4NDAxQjEzQzYyMTUxLzAvNjNEQUZFN0M2RDA3MkFE
NzU4QjJFQUE3QzY1NEM1MjhDOEREMjU2Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82M0RBRkU3QzZEMDcyQUQ3NThC
MkVBQTdDNjU0QzUyOEM4REQyNTZCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUE2NTc3OEVBMkJBM0Y2NDUzODFDRkIwM0E5MDk5MzUxMzA2NzAzOUIy
NDA0RjkyNzJFODQwMUIxM0M2MjE1MS8wLzMxMzczOTJlMzAyZTMyMzAzNDJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzODM5MzQzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALMAzDAN
BgkqhkiG9w0BAQsFAAOCAQEAreo2GGw+lnohGt83NZTMOlYVe0fmCU1puUf7WKQ0
tm2ZFN9hW4uz1ABZTClwDChe1f76gFKVHmNmkKkpVGb609BxeVheNflQsOmSsvVs
vTDeKO1SJjn3vENSk1WdQ8kp0g3UIIzAwmaGIJYBQ04LPjkwVLx623KFEtU8AOtp
tJKnBw1pCo74lvxn3z6iLvz3hcaYDAk/xXhfPNXwffTxwVi18ntx+sOlnaFI3+Ka
wZeBYHGN19QU20pZl30oTk+gssUy+cSqiaNbZGrqNGcTCFQwMjbxVqBP4iE1BOZ1
kdVKzwxBTKs74rVjTFHXVYPlcEDjMy3tqYzsVfyN8oGa/g==
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:52:23 2024 by rpki-client on console-ams.rpki-client.org