Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C77502A6749838CABE48553066A904DB3DACC6B74834090834593058AE5EE43B/0/3230312e3133312e3131382e302f32342d3234203d3e20323633383130.roa
File:                     3230312e3133312e3131382e302f32342d3234203d3e20323633383130.roa (raw, json)
Hash identifier:          7lVN0pqumT2ThgZkRjCygaBiVMblzSrbxS8Gpkn3NXQ=
Subject key identifier:   81:32:1B:53:89:F8:66:F8:F3:EA:60:38:C6:6C:62:91:04:A1:7A:6C
Certificate issuer:       /CN=A7B8DED03E12C864EE6F1C50B966C80D93223151
Certificate serial:       04644D27C2B4CE75B9401FF13C79F42E5C5981D5
Authority key identifier: A7:B8:DE:D0:3E:12:C8:64:EE:6F:1C:50:B9:66:C8:0D:93:22:31:51
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A7B8DED03E12C864EE6F1C50B966C80D93223151.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C77502A6749838CABE48553066A904DB3DACC6B74834090834593058AE5EE43B/0/3230312e3133312e3131382e302f32342d3234203d3e20323633383130.roa
Signing time:             Tue 05 Mar 2024 17:43:38 +0000
ROA not before:           Tue 05 Mar 2024 17:38:38 +0000
ROA not after:            Tue 04 Mar 2025 17:43:38 +0000
asID:                     263810
IP address blocks:        201.131.118.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C77502A6749838CABE48553066A904DB3DACC6B74834090834593058AE5EE43B/0/A7B8DED03E12C864EE6F1C50B966C80D93223151.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C77502A6749838CABE48553066A904DB3DACC6B74834090834593058AE5EE43B/0/A7B8DED03E12C864EE6F1C50B966C80D93223151.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A7B8DED03E12C864EE6F1C50B966C80D93223151.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:64:4d:27:c2:b4:ce:75:b9:40:1f:f1:3c:79:f4:2e:5c:59:81:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A7B8DED03E12C864EE6F1C50B966C80D93223151
        Validity
            Not Before: Mar  5 17:38:38 2024 GMT
            Not After : Mar  4 17:43:38 2025 GMT
        Subject: CN=81321B5389F866F8F3EA6038C66C629104A17A6C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:79:21:55:62:27:81:7b:d5:df:10:0b:41:d8:
                    87:c8:57:b6:65:46:66:d9:2e:b7:77:55:b2:75:8f:
                    5f:7f:a3:b7:c8:86:8f:09:e4:49:5a:85:a1:d1:02:
                    85:87:a7:a0:5f:a1:91:e6:af:86:f8:7c:fd:b5:94:
                    75:1c:c3:be:f0:ba:06:79:df:cf:54:25:14:26:04:
                    b7:b9:4c:9d:4c:d1:2d:80:19:41:f8:70:d6:13:9a:
                    93:84:2f:19:c8:20:7c:a7:01:a6:06:4d:3e:9b:6d:
                    3f:91:53:ba:a4:26:f8:9d:41:0b:24:1e:04:d4:5e:
                    24:5d:c5:b1:e4:e3:84:03:a2:28:ae:a3:22:f0:fe:
                    48:d2:b3:ad:21:aa:36:7d:a0:af:4e:21:2c:81:6e:
                    da:38:a3:21:30:ea:66:82:42:46:b8:4c:25:14:9d:
                    c8:fc:a9:e0:3f:f5:3a:a8:02:ea:f2:20:39:48:ca:
                    83:16:26:3b:a0:00:71:6f:da:a8:f6:47:99:5e:95:
                    39:b0:27:f5:34:2a:87:7a:f5:4e:3d:a2:fa:08:c6:
                    f0:6c:25:cd:a4:da:b2:05:4a:53:92:fc:bd:e6:79:
                    d9:54:9a:86:7b:d1:fc:65:52:19:d4:cb:b0:c3:f6:
                    2f:90:e5:0d:1c:92:34:8b:e9:8c:dc:23:70:0f:6b:
                    6e:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:32:1B:53:89:F8:66:F8:F3:EA:60:38:C6:6C:62:91:04:A1:7A:6C
            X509v3 Authority Key Identifier:
                keyid:A7:B8:DE:D0:3E:12:C8:64:EE:6F:1C:50:B9:66:C8:0D:93:22:31:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C77502A6749838CABE48553066A904DB3DACC6B74834090834593058AE5EE43B/0/A7B8DED03E12C864EE6F1C50B966C80D93223151.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A7B8DED03E12C864EE6F1C50B966C80D93223151.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C77502A6749838CABE48553066A904DB3DACC6B74834090834593058AE5EE43B/0/3230312e3133312e3131382e302f32342d3234203d3e20323633383130.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.131.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:70:25:71:fd:b2:37:22:ba:f6:4a:94:71:be:95:8f:fa:c2:
         f7:0c:26:06:7d:7f:a1:ec:52:9c:48:0e:dc:74:df:59:e1:33:
         e6:c3:14:23:cc:21:7d:c4:9a:13:eb:df:71:e0:6f:87:e0:7d:
         7f:32:a5:9f:e0:7a:2a:e9:24:51:1d:c3:b2:3a:97:25:31:32:
         9c:d6:5f:b4:a5:89:73:5d:93:bc:bf:19:d7:eb:1c:01:0d:c0:
         68:87:08:08:bd:ab:5f:a0:53:d0:e3:e4:83:d2:4c:c4:1f:d7:
         34:7e:97:57:4e:dc:17:84:de:b5:65:88:cb:f1:7c:f0:63:16:
         31:e5:b5:3a:c8:e7:dc:ec:a3:bf:34:92:e9:84:4d:eb:65:76:
         77:50:17:b6:9e:2e:d3:99:fd:e9:ee:a9:27:de:a7:3e:da:cf:
         2c:ce:49:08:4e:7d:ce:5e:2a:99:e8:ac:65:62:25:a3:27:8e:
         18:c9:17:e3:4a:b9:b1:5d:1d:a4:7e:5c:aa:88:b3:50:05:65:
         ce:dc:9f:f3:f1:8c:2e:df:56:7f:50:57:89:2b:ff:ec:e5:8d:
         bc:98:f8:41:d5:a8:68:fa:45:e6:0e:ae:90:a7:ae:25:cd:fe:
         ca:e6:03:5e:5e:3a:a3:a6:59:43:8b:cc:19:1c:d0:f2:c6:d9:
         39:3e:5e:1b
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUBGRNJ8K0znW5QB/xPHn0LlxZgdUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTdCOERFRDAzRTEyQzg2NEVFNkYxQzUwQjk2NkM4MEQ5
MzIyMzE1MTAeFw0yNDAzMDUxNzM4MzhaFw0yNTAzMDQxNzQzMzhaMDMxMTAvBgNV
BAMTKDgxMzIxQjUzODlGODY2RjhGM0VBNjAzOEM2NkM2MjkxMDRBMTdBNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCEeSFVYieBe9XfEAtB2IfIV7Zl
RmbZLrd3VbJ1j19/o7fIho8J5ElahaHRAoWHp6BfoZHmr4b4fP21lHUcw77wugZ5
389UJRQmBLe5TJ1M0S2AGUH4cNYTmpOELxnIIHynAaYGTT6bbT+RU7qkJvidQQsk
HgTUXiRdxbHk44QDoiiuoyLw/kjSs60hqjZ9oK9OISyBbto4oyEw6maCQka4TCUU
ncj8qeA/9TqoAuryIDlIyoMWJjugAHFv2qj2R5lelTmwJ/U0Kod69U49ovoIxvBs
Jc2k2rIFSlOS/L3medlUmoZ70fxlUhnUy7DD9i+Q5Q0ckjSL6YzcI3APa25hAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUgTIbU4n4Zvjz6mA4xmxikQShemwwHwYDVR0j
BBgwFoAUp7je0D4SyGTubxxQuWbIDZMiMVEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DNzc1MDJBNjc0OTgzOENBQkU0ODU1MzA2NkE5MDREQjNE
QUNDNkI3NDgzNDA5MDgzNDU5MzA1OEFFNUVFNDNCLzAvQTdCOERFRDAzRTEyQzg2
NEVFNkYxQzUwQjk2NkM4MEQ5MzIyMzE1MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BN0I4REVEMDNFMTJDODY0RUU2
RjFDNTBCOTY2QzgwRDkzMjIzMTUxLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzc3NTAyQTY3NDk4MzhDQUJFNDg1NTMwNjZBOTA0REIzREFDQzZCNzQ4
MzQwOTA4MzQ1OTMwNThBRTVFRTQzQi8wLzMyMzAzMTJlMzEzMzMxMmUzMTMxMzgy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzMzODMxMzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADJ
g3YwDQYJKoZIhvcNAQELBQADggEBADRwJXH9sjciuvZKlHG+lY/6wvcMJgZ9f6Hs
UpxIDtx031nhM+bDFCPMIX3EmhPr33Hgb4fgfX8ypZ/geirpJFEdw7I6lyUxMpzW
X7SliXNdk7y/GdfrHAENwGiHCAi9q1+gU9Dj5IPSTMQf1zR+l1dO3BeE3rVliMvx
fPBjFjHltTrI59zso780kumETetldndQF7aeLtOZ/enuqSfepz7azyzOSQhOfc5e
KpnorGViJaMnjhjJF+NKubFdHaR+XKqIs1AFZc7cn/PxjC7fVn9QV4kr/+zljbyY
+EHVqGj6ReYOrpCnriXN/srmA15eOqOmWUOLzBkc0PLG2Tk+Xhs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:38:06 2024 by rpki-client on console-ams.rpki-client.org