Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e372e31362e302f32302d3234203d3e2036343731.roa
File:                     3230302e372e31362e302f32302d3234203d3e2036343731.roa (raw, json)
Hash identifier:          5NkHC6URkr4EAgFuOuaV9Two7CVr78i8FywnT1dekQY=
Subject key identifier:   04:6E:6C:95:E9:5B:FA:AA:14:12:74:25:07:CE:16:F5:D7:61:BE:04
Certificate issuer:       /CN=3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7
Certificate serial:       16822F38E591E52D8DC2C65DF358419FF0E56E17
Authority key identifier: 3F:DB:44:D1:8B:C1:6A:B0:39:C2:B1:B6:BD:38:66:AB:29:E1:22:A7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e372e31362e302f32302d3234203d3e2036343731.roa
Signing time:             Tue 05 Mar 2024 18:14:53 +0000
ROA not before:           Tue 05 Mar 2024 18:09:53 +0000
ROA not after:            Tue 04 Mar 2025 18:14:53 +0000
asID:                     6471
IP address blocks:        200.7.16.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 22 Nov 2024 14:52:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:82:2f:38:e5:91:e5:2d:8d:c2:c6:5d:f3:58:41:9f:f0:e5:6e:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7
        Validity
            Not Before: Mar  5 18:09:53 2024 GMT
            Not After : Mar  4 18:14:53 2025 GMT
        Subject: CN=046E6C95E95BFAAA1412742507CE16F5D761BE04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ab:eb:70:4f:e1:b4:31:cc:68:ad:0a:a1:77:
                    dd:22:f1:c6:63:25:82:04:30:dc:ca:41:f2:78:84:
                    89:f5:cb:7c:be:04:c5:47:29:fa:31:c5:45:3f:13:
                    b0:ab:60:e4:51:4b:e2:88:86:d9:70:4d:d1:99:0b:
                    5b:24:f7:69:04:3d:aa:15:37:2d:5d:2f:05:6e:dd:
                    6c:fd:c8:2a:00:3a:6a:12:36:0a:f8:2c:2c:49:d2:
                    f1:e1:88:dd:bb:c4:19:53:d7:1d:c8:50:7d:c4:22:
                    3c:0c:d3:24:b3:6c:7a:3a:5a:39:a2:f4:95:fc:b7:
                    3f:26:4a:0b:1c:a6:de:91:79:83:e2:6e:e4:f6:2c:
                    c8:57:c1:28:4a:b2:df:6f:54:96:3b:e8:cc:fb:7b:
                    1a:72:57:27:c3:58:93:bd:cf:21:b4:a5:3a:9a:d0:
                    a2:93:6e:2d:22:07:12:f2:69:4c:ab:20:56:89:8f:
                    4f:71:af:ca:8c:1c:42:77:f9:24:83:4f:cc:2f:4d:
                    de:bd:5a:6d:0a:8f:ee:88:65:be:ad:df:bc:6c:c3:
                    07:99:b3:6b:b3:38:2f:73:71:9c:63:f5:f5:b7:11:
                    bb:da:0c:e4:b2:8f:4e:88:bf:52:b9:cb:09:aa:a5:
                    f2:b7:57:6c:a3:0d:46:de:51:0b:d0:d1:e0:36:71:
                    c8:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:6E:6C:95:E9:5B:FA:AA:14:12:74:25:07:CE:16:F5:D7:61:BE:04
            X509v3 Authority Key Identifier:
                keyid:3F:DB:44:D1:8B:C1:6A:B0:39:C2:B1:B6:BD:38:66:AB:29:E1:22:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e372e31362e302f32302d3234203d3e2036343731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         22:80:8d:3e:aa:aa:07:55:b2:23:5b:e1:e6:a5:92:fe:40:fc:
         f1:e8:94:3c:46:f7:2d:b3:6e:8f:b4:fb:e3:45:3d:75:ca:40:
         79:8e:dd:00:d7:b1:51:78:9c:03:44:ba:07:0c:38:52:f2:42:
         e7:df:fe:84:c8:14:8b:b3:d0:4b:42:04:f6:57:18:03:cf:29:
         61:cc:ac:ee:91:8b:a6:0d:61:68:80:1a:b2:a8:25:e2:41:2a:
         4d:9f:1a:22:2a:1a:a1:25:68:8d:3d:52:ef:15:41:26:cd:b2:
         0c:9a:41:e8:7d:7d:07:be:18:f6:02:6f:df:37:e9:a2:a6:f2:
         e0:6b:76:41:3a:9c:29:25:3e:16:c2:d0:6a:c7:07:7f:3f:a6:
         0d:30:e2:ef:fa:1d:12:ad:ed:e3:00:55:0d:dd:ed:96:74:eb:
         8b:07:85:cb:de:e7:9f:d2:8d:94:84:37:b7:96:9a:31:e0:ef:
         31:d1:db:65:de:40:02:6b:87:69:e6:f3:ae:ee:b4:1f:aa:08:
         68:e7:a6:82:26:53:16:72:54:57:39:81:a6:f9:e2:b3:f9:85:
         07:01:50:56:73:1c:2e:90:d4:51:39:c4:cf:88:6a:42:c2:82:
         60:54:ab:57:6c:e6:a4:09:d6:77:ab:8c:47:b4:fa:64:78:b0:
         9a:8c:eb:5c
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIUFoIvOOWR5S2NwsZd81hBn/DlbhcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0ZEQjQ0RDE4QkMxNkFCMDM5QzJCMUI2QkQzODY2QUIy
OUUxMjJBNzAeFw0yNDAzMDUxODA5NTNaFw0yNTAzMDQxODE0NTNaMDMxMTAvBgNV
BAMTKDA0NkU2Qzk1RTk1QkZBQUExNDEyNzQyNTA3Q0UxNkY1RDc2MUJFMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyq+twT+G0McxorQqhd90i8cZj
JYIEMNzKQfJ4hIn1y3y+BMVHKfoxxUU/E7CrYORRS+KIhtlwTdGZC1sk92kEPaoV
Ny1dLwVu3Wz9yCoAOmoSNgr4LCxJ0vHhiN27xBlT1x3IUH3EIjwM0ySzbHo6Wjmi
9JX8tz8mSgscpt6ReYPibuT2LMhXwShKst9vVJY76Mz7expyVyfDWJO9zyG0pTqa
0KKTbi0iBxLyaUyrIFaJj09xr8qMHEJ3+SSDT8wvTd69Wm0Kj+6IZb6t37xswweZ
s2uzOC9zcZxj9fW3EbvaDOSyj06Iv1K5ywmqpfK3V2yjDUbeUQvQ0eA2cchvAgMB
AAGjggLCMIICvjAdBgNVHQ4EFgQUBG5slelb+qoUEnQlB84W9ddhvgQwHwYDVR0j
BBgwFoAUP9tE0YvBarA5wrG2vThmqynhIqcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DODYyQzkyRkU3OTU3MUNEQ0U4MzRBNjA5MDUzMDAyQTEy
MTJDOUI3MDc5NkFGQUQwMUM2MTkzRDdGMERBQUFCLzAvM0ZEQjQ0RDE4QkMxNkFC
MDM5QzJCMUI2QkQzODY2QUIyOUUxMjJBNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRkRCNDREMThCQzE2QUIwMzlD
MkIxQjZCRDM4NjZBQjI5RTEyMkE3LmNlcjCBwQYIKwYBBQUHAQsEgbQwgbEwga4G
CCsGAQUFBzALhoGhcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzg2MkM5MkZFNzk1NzFDRENFODM0QTYwOTA1MzAwMkExMjEyQzlCNzA3
OTZBRkFEMDFDNjE5M0Q3RjBEQUFBQi8wLzMyMzAzMDJlMzcyZTMxMzYyZTMwMmYz
MjMwMmQzMjM0MjAzZDNlMjAzNjM0MzczMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMgHEDANBgkqhkiG
9w0BAQsFAAOCAQEAIoCNPqqqB1WyI1vh5qWS/kD88eiUPEb3LbNuj7T740U9dcpA
eY7dANexUXicA0S6Bww4UvJC59/+hMgUi7PQS0IE9lcYA88pYcys7pGLpg1haIAa
sqgl4kEqTZ8aIioaoSVojT1S7xVBJs2yDJpB6H19B74Y9gJv3zfpoqby4Gt2QTqc
KSU+FsLQascHfz+mDTDi7/odEq3t4wBVDd3tlnTriweFy97nn9KNlIQ3t5aaMeDv
MdHbZd5AAmuHaebzru60H6oIaOemgiZTFnJUVzmBpvnis/mFBwFQVnMcLpDUUTnE
z4hqQsKCYFSrV2zmpAnWd6uMR7T6ZHiwmozrXA==
-----END CERTIFICATE-----
Generated at Tue Nov 19 13:08:49 2024 by rpki-client on console-ams.rpki-client.org