Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C32A8D50921BD87E43FA761FF973EE18169DD40683D0E47F21FE7576E4C359E0/0/3230302e32332e37352e302f32342d3234203d3e203134303830.roa
File:                     3230302e32332e37352e302f32342d3234203d3e203134303830.roa (raw, json)
Hash identifier:          0T7MuPpwU4ImXfzaW+9Gbs9JsV/r91q2/+IusOC5oII=
Subject key identifier:   E4:4A:32:CB:F0:CB:54:EB:A8:FD:29:B2:EA:04:7B:1E:F2:34:CC:27
Certificate issuer:       /CN=72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C
Certificate serial:       3ABBD0EF39E85F3C33CF42D791FA25C0081C652C
Authority key identifier: 72:B6:7F:DA:04:24:6C:53:AE:1C:1A:7E:BE:6E:F5:7B:4E:9C:84:2C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C32A8D50921BD87E43FA761FF973EE18169DD40683D0E47F21FE7576E4C359E0/0/3230302e32332e37352e302f32342d3234203d3e203134303830.roa
Signing time:             Tue 05 Mar 2024 17:41:54 +0000
ROA not before:           Tue 05 Mar 2024 17:36:54 +0000
ROA not after:            Tue 04 Mar 2025 17:41:54 +0000
asID:                     14080
IP address blocks:        200.23.75.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C32A8D50921BD87E43FA761FF973EE18169DD40683D0E47F21FE7576E4C359E0/0/72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C32A8D50921BD87E43FA761FF973EE18169DD40683D0E47F21FE7576E4C359E0/0/72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 10:27:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:bb:d0:ef:39:e8:5f:3c:33:cf:42:d7:91:fa:25:c0:08:1c:65:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C
        Validity
            Not Before: Mar  5 17:36:54 2024 GMT
            Not After : Mar  4 17:41:54 2025 GMT
        Subject: CN=E44A32CBF0CB54EBA8FD29B2EA047B1EF234CC27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:76:6a:2e:db:35:df:b6:04:6c:49:d0:c3:f8:
                    b6:16:91:f4:9c:c2:10:b8:c8:8b:88:78:9d:4b:f1:
                    d7:46:2a:40:15:51:32:5a:0f:34:42:84:59:17:4d:
                    6f:9f:0a:86:80:8f:b4:c8:70:9b:ba:98:8a:a6:ef:
                    3e:8e:8b:91:2e:6f:05:ba:44:bc:73:3c:f7:c0:01:
                    82:db:38:4b:0e:bb:ca:41:1d:a2:0e:de:09:f8:1a:
                    b6:b8:3a:e5:04:f4:0e:2f:c3:82:0e:92:0d:bc:c1:
                    68:1d:11:7b:7b:4d:ab:7a:49:b8:c4:b6:bb:7b:c1:
                    cc:30:db:07:ad:f1:db:fc:71:f6:f2:b6:0d:7b:5f:
                    40:f3:9f:d7:bd:fa:60:60:76:1e:4b:4e:d0:ce:e2:
                    71:71:3c:5c:5d:6d:9d:59:46:c5:10:aa:a0:f0:b0:
                    97:ee:0a:8b:08:2a:c9:93:ff:47:b0:95:d4:18:2e:
                    59:ea:bd:9c:14:be:99:1e:b1:1b:61:0f:ad:e9:42:
                    60:a0:49:6b:a5:dd:51:54:a8:a4:3b:7f:28:bc:84:
                    d7:45:aa:7c:eb:33:32:62:9f:63:77:67:fa:9a:09:
                    70:34:ac:78:89:3d:8a:e6:ce:16:c5:c4:a9:13:6c:
                    59:ec:cc:04:70:e6:fe:68:9a:aa:57:85:7d:9e:29:
                    42:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:4A:32:CB:F0:CB:54:EB:A8:FD:29:B2:EA:04:7B:1E:F2:34:CC:27
            X509v3 Authority Key Identifier:
                keyid:72:B6:7F:DA:04:24:6C:53:AE:1C:1A:7E:BE:6E:F5:7B:4E:9C:84:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C32A8D50921BD87E43FA761FF973EE18169DD40683D0E47F21FE7576E4C359E0/0/72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/72B67FDA04246C53AE1C1A7EBE6EF57B4E9C842C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C32A8D50921BD87E43FA761FF973EE18169DD40683D0E47F21FE7576E4C359E0/0/3230302e32332e37352e302f32342d3234203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.23.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:9c:3b:e9:03:1b:5b:fe:b3:fa:f5:dc:2a:6e:80:d8:07:56:
         8c:c2:2f:79:69:48:59:00:d1:f2:68:07:f2:b6:ff:1c:61:a3:
         f3:32:be:f6:34:40:21:79:78:1b:e7:ad:16:b4:8b:28:49:b9:
         88:a6:7a:24:b5:63:ef:3e:c0:ac:c3:38:26:e8:c5:39:86:bc:
         9e:26:91:70:14:ab:b5:b1:9b:71:2d:a7:c5:b2:a3:f3:53:fe:
         b6:f1:7c:da:a6:d2:ca:12:fe:72:05:2e:5e:9b:f4:ae:41:81:
         39:01:b5:cb:9b:ab:e3:3d:0a:28:d4:18:c3:eb:0b:67:bd:98:
         37:fa:78:58:1c:ee:92:99:56:d8:8c:02:07:38:ba:ec:25:7e:
         47:46:b1:58:83:20:c8:7f:60:cd:d0:31:da:00:56:58:52:bc:
         60:20:b9:46:74:8a:60:7e:eb:48:92:90:78:10:ad:fc:81:ac:
         3d:bc:03:49:16:73:b8:85:06:b8:06:33:9b:33:7d:44:af:fb:
         4e:66:c7:a8:6e:31:5a:2a:7d:f5:fb:af:bf:2d:2b:41:58:07:
         ca:60:0c:6d:ce:8f:79:78:1c:e7:81:ff:83:03:01:02:8c:b8:
         93:82:de:c7:e3:0d:22:29:c9:e0:65:71:f9:7b:c1:00:5f:8c:
         7c:5b:af:47
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUOrvQ7znoXzwzz0LXkfolwAgcZSwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzJCNjdGREEwNDI0NkM1M0FFMUMxQTdFQkU2RUY1N0I0
RTlDODQyQzAeFw0yNDAzMDUxNzM2NTRaFw0yNTAzMDQxNzQxNTRaMDMxMTAvBgNV
BAMTKEU0NEEzMkNCRjBDQjU0RUJBOEZEMjlCMkVBMDQ3QjFFRjIzNENDMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjdmou2zXftgRsSdDD+LYWkfSc
whC4yIuIeJ1L8ddGKkAVUTJaDzRChFkXTW+fCoaAj7TIcJu6mIqm7z6Oi5EubwW6
RLxzPPfAAYLbOEsOu8pBHaIO3gn4Gra4OuUE9A4vw4IOkg28wWgdEXt7Tat6SbjE
trt7wcww2wet8dv8cfbytg17X0Dzn9e9+mBgdh5LTtDO4nFxPFxdbZ1ZRsUQqqDw
sJfuCosIKsmT/0ewldQYLlnqvZwUvpkesRthD63pQmCgSWul3VFUqKQ7fyi8hNdF
qnzrMzJin2N3Z/qaCXA0rHiJPYrmzhbFxKkTbFnszARw5v5omqpXhX2eKUKRAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU5Eoyy/DLVOuo/Smy6gR7HvI0zCcwHwYDVR0j
BBgwFoAUcrZ/2gQkbFOuHBp+vm71e06chCwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DMzJBOEQ1MDkyMUJEODdFNDNGQTc2MUZGOTczRUUxODE2
OURENDA2ODNEMEU0N0YyMUZFNzU3NkU0QzM1OUUwLzAvNzJCNjdGREEwNDI0NkM1
M0FFMUMxQTdFQkU2RUY1N0I0RTlDODQyQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83MkI2N0ZEQTA0MjQ2QzUzQUUx
QzFBN0VCRTZFRjU3QjRFOUM4NDJDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzMyQThENTA5MjFCRDg3RTQzRkE3NjFGRjk3M0VFMTgxNjlERDQwNjgz
RDBFNDdGMjFGRTc1NzZFNEMzNTlFMC8wLzMyMzAzMDJlMzIzMzJlMzczNTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMDM4MzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIF0swDQYJ
KoZIhvcNAQELBQADggEBABicO+kDG1v+s/r13CpugNgHVozCL3lpSFkA0fJoB/K2
/xxho/MyvvY0QCF5eBvnrRa0iyhJuYimeiS1Y+8+wKzDOCboxTmGvJ4mkXAUq7Wx
m3Etp8Wyo/NT/rbxfNqm0soS/nIFLl6b9K5BgTkBtcubq+M9CijUGMPrC2e9mDf6
eFgc7pKZVtiMAgc4uuwlfkdGsViDIMh/YM3QMdoAVlhSvGAguUZ0imB+60iSkHgQ
rfyBrD28A0kWc7iFBrgGM5szfUSv+05mx6huMVoqffX7r78tK0FYB8pgDG3Oj3l4
HOeB/4MDAQKMuJOC3sfjDSIpyeBlcfl7wQBfjHxbr0c=
-----END CERTIFICATE-----
Generated at Sat Jun 22 04:28:07 2024 by rpki-client on console-fra.rpki-client.org