Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B9F88FEFA10AD3C74FA5F98AFBCD23FC6FAA4C78F1D4EB18464ED3704CACA7DC/0/3230312e3135302e39362e302f32322d3234203d3e203134303830.roa
File:                     3230312e3135302e39362e302f32322d3234203d3e203134303830.roa (raw, json)
Hash identifier:          ICmmp7+Oel+1W9osSpvGxr+yrETX0yie3aEWc5m2WLA=
Subject key identifier:   DC:FF:19:8B:54:2F:21:7D:33:04:48:5B:39:2F:18:63:EF:95:2B:8F
Certificate issuer:       /CN=6FE8D9F326C94974AC24CD1CC75E4E49EFAF1CFF
Certificate serial:       0CA0400CE4753235755DBF060A8401D7A8DFB959
Authority key identifier: 6F:E8:D9:F3:26:C9:49:74:AC:24:CD:1C:C7:5E:4E:49:EF:AF:1C:FF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6FE8D9F326C94974AC24CD1CC75E4E49EFAF1CFF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B9F88FEFA10AD3C74FA5F98AFBCD23FC6FAA4C78F1D4EB18464ED3704CACA7DC/0/3230312e3135302e39362e302f32322d3234203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 18:17:17 +0000
ROA not before:           Tue 05 Mar 2024 18:12:17 +0000
ROA not after:            Tue 04 Mar 2025 18:17:17 +0000
asID:                     14080
IP address blocks:        201.150.96.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/B9F88FEFA10AD3C74FA5F98AFBCD23FC6FAA4C78F1D4EB18464ED3704CACA7DC/0/6FE8D9F326C94974AC24CD1CC75E4E49EFAF1CFF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/B9F88FEFA10AD3C74FA5F98AFBCD23FC6FAA4C78F1D4EB18464ED3704CACA7DC/0/6FE8D9F326C94974AC24CD1CC75E4E49EFAF1CFF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6FE8D9F326C94974AC24CD1CC75E4E49EFAF1CFF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 24 Jun 2024 23:54:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:a0:40:0c:e4:75:32:35:75:5d:bf:06:0a:84:01:d7:a8:df:b9:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6FE8D9F326C94974AC24CD1CC75E4E49EFAF1CFF
        Validity
            Not Before: Mar  5 18:12:17 2024 GMT
            Not After : Mar  4 18:17:17 2025 GMT
        Subject: CN=DCFF198B542F217D3304485B392F1863EF952B8F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:cb:be:d0:48:41:31:63:98:c4:70:6d:93:f5:
                    7b:3f:fa:4a:f9:db:7f:81:18:24:4d:2f:12:25:fc:
                    3f:03:76:32:84:d1:a7:36:95:d3:90:11:94:b0:7a:
                    3f:1c:55:1c:3c:d2:c5:f3:f7:9c:e6:17:d1:03:5d:
                    e7:d7:ba:e0:58:a4:8e:73:86:09:db:8d:b0:24:ae:
                    65:7e:2c:6e:f3:64:dd:7f:38:4f:fe:22:c9:97:a6:
                    96:e7:1f:dd:17:2e:9a:8d:c1:7e:e8:ae:e1:2b:07:
                    64:98:5c:8e:2c:7d:48:93:14:c2:aa:4c:39:a5:54:
                    10:ed:fa:19:fd:6b:9f:d5:0f:06:ec:03:ed:a2:f9:
                    dc:1a:c9:30:5b:6d:cc:96:d5:cb:aa:66:c0:3c:8b:
                    31:93:27:16:e2:99:68:b5:2e:98:94:9e:5a:e7:b3:
                    81:2f:af:96:a4:b4:28:19:29:14:4d:ad:32:7d:19:
                    44:f6:10:b5:c0:f4:8d:fe:1b:a1:88:e4:6c:d2:44:
                    44:c7:9c:27:d9:b1:fd:20:c8:cb:bf:5f:4c:08:0f:
                    46:12:31:3b:49:85:aa:da:aa:81:84:1c:b3:8d:8e:
                    4b:7e:64:2a:cf:56:f7:30:57:f1:d5:a3:f1:84:26:
                    b6:a8:a0:aa:2b:51:b9:fb:11:ab:f9:5d:68:7b:11:
                    d0:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:FF:19:8B:54:2F:21:7D:33:04:48:5B:39:2F:18:63:EF:95:2B:8F
            X509v3 Authority Key Identifier:
                keyid:6F:E8:D9:F3:26:C9:49:74:AC:24:CD:1C:C7:5E:4E:49:EF:AF:1C:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B9F88FEFA10AD3C74FA5F98AFBCD23FC6FAA4C78F1D4EB18464ED3704CACA7DC/0/6FE8D9F326C94974AC24CD1CC75E4E49EFAF1CFF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6FE8D9F326C94974AC24CD1CC75E4E49EFAF1CFF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B9F88FEFA10AD3C74FA5F98AFBCD23FC6FAA4C78F1D4EB18464ED3704CACA7DC/0/3230312e3135302e39362e302f32322d3234203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.150.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7b:ff:d5:bf:3d:ed:80:5a:5d:b8:2d:bd:ce:9f:7a:4b:4b:d3:
         a1:00:44:c8:0d:15:b3:4c:9d:0a:e6:b7:36:cd:5e:a7:2c:05:
         3a:45:5f:99:e6:c6:9a:ba:71:8e:c7:e7:da:1e:d5:50:59:5a:
         ff:3d:2d:fd:a4:6f:b8:50:1a:5d:5b:ff:ee:41:2f:52:15:f8:
         0a:37:d4:6f:b0:ce:e6:aa:b7:4f:ea:b7:aa:b5:73:34:c5:ea:
         16:08:d2:9f:ec:0e:06:ac:21:1e:17:00:86:65:74:fb:2a:fb:
         78:47:9b:7e:9c:bc:5f:c6:fb:90:c3:9a:9c:e3:5a:41:d2:2e:
         0f:3d:bd:ac:2b:d5:33:54:22:18:46:ad:1b:c3:bc:ff:83:42:
         43:ed:2f:a8:96:56:01:6f:d7:4d:8d:f9:71:ac:41:14:0a:7c:
         a2:f4:a5:07:06:ee:a8:19:c1:be:8c:c1:08:9c:ee:a2:c6:f2:
         82:db:36:73:dd:fb:53:6f:59:3c:93:45:d1:3e:5e:93:61:fd:
         7a:bc:ce:e8:2c:d8:4f:b8:d8:4f:40:3a:40:2a:64:d1:23:16:
         23:00:40:0c:0d:66:31:5d:06:fd:0a:3e:bb:a0:fb:d6:80:b0:
         3f:47:d3:c9:3d:7e:69:a9:5c:89:24:a9:6d:c4:54:8a:f7:46:
         d6:b6:b6:01
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUDKBADOR1MjV1Xb8GCoQB16jfuVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkZFOEQ5RjMyNkM5NDk3NEFDMjRDRDFDQzc1RTRFNDlF
RkFGMUNGRjAeFw0yNDAzMDUxODEyMTdaFw0yNTAzMDQxODE3MTdaMDMxMTAvBgNV
BAMTKERDRkYxOThCNTQyRjIxN0QzMzA0NDg1QjM5MkYxODYzRUY5NTJCOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOy77QSEExY5jEcG2T9Xs/+kr5
23+BGCRNLxIl/D8DdjKE0ac2ldOQEZSwej8cVRw80sXz95zmF9EDXefXuuBYpI5z
hgnbjbAkrmV+LG7zZN1/OE/+IsmXppbnH90XLpqNwX7oruErB2SYXI4sfUiTFMKq
TDmlVBDt+hn9a5/VDwbsA+2i+dwayTBbbcyW1cuqZsA8izGTJxbimWi1LpiUnlrn
s4Evr5aktCgZKRRNrTJ9GUT2ELXA9I3+G6GI5GzSRETHnCfZsf0gyMu/X0wID0YS
MTtJharaqoGEHLONjkt+ZCrPVvcwV/HVo/GEJraooKorUbn7Eav5XWh7EdBtAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU3P8Zi1QvIX0zBEhbOS8YY++VK48wHwYDVR0j
BBgwFoAUb+jZ8ybJSXSsJM0cx15OSe+vHP8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9COUY4OEZFRkExMEFEM0M3NEZBNUY5OEFGQkNEMjNGQzZG
QUE0Qzc4RjFENEVCMTg0NjRFRDM3MDRDQUNBN0RDLzAvNkZFOEQ5RjMyNkM5NDk3
NEFDMjRDRDFDQzc1RTRFNDlFRkFGMUNGRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82RkU4RDlGMzI2Qzk0OTc0QUMy
NENEMUNDNzVFNEU0OUVGQUYxQ0ZGLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjlGODhGRUZBMTBBRDNDNzRGQTVGOThBRkJDRDIzRkM2RkFBNEM3OEYx
RDRFQjE4NDY0RUQzNzA0Q0FDQTdEQy8wLzMyMzAzMTJlMzEzNTMwMmUzOTM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzEzNDMwMzgzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsmWYDAN
BgkqhkiG9w0BAQsFAAOCAQEAe//Vvz3tgFpduC29zp96S0vToQBEyA0Vs0ydCua3
Ns1epywFOkVfmebGmrpxjsfn2h7VUFla/z0t/aRvuFAaXVv/7kEvUhX4CjfUb7DO
5qq3T+q3qrVzNMXqFgjSn+wOBqwhHhcAhmV0+yr7eEebfpy8X8b7kMOanONaQdIu
Dz29rCvVM1QiGEatG8O8/4NCQ+0vqJZWAW/XTY35caxBFAp8ovSlBwbuqBnBvozB
CJzuosbygts2c937U29ZPJNF0T5ek2H9erzO6CzYT7jYT0A6QCpk0SMWIwBADA1m
MV0G/Qo+u6D71oCwP0fTyT1+aalciSSpbcRUivdG1ra2AQ==
-----END CERTIFICATE-----
Generated at Fri Jun 21 09:15:06 2024 by rpki-client on console-ams.rpki-client.org