Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/CD0E054623AC9043C0E299C2C90B143803BD89125B0E863855C49C3B73F7BAA1/0/3230302e312e3132302e302f32322d3234203d3e203237363738.roa
File:                     3230302e312e3132302e302f32322d3234203d3e203237363738.roa (raw, json)
Hash identifier:          Ayry5uFkFEvqwVr6JNv+ad8TiRViI2CFYdGP/Ot5DgU=
Subject key identifier:   7A:FF:5F:D5:06:FE:2F:43:09:66:C5:C3:CE:A1:18:6B:6B:A3:CF:80
Certificate issuer:       /CN=E35FC2646A9FC8929B694AAAE04D52023AA4680C
Certificate serial:       2456ECDD38BFDF3791684B4F475EDA9C282E2713
Authority key identifier: E3:5F:C2:64:6A:9F:C8:92:9B:69:4A:AA:E0:4D:52:02:3A:A4:68:0C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E35FC2646A9FC8929B694AAAE04D52023AA4680C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/CD0E054623AC9043C0E299C2C90B143803BD89125B0E863855C49C3B73F7BAA1/0/3230302e312e3132302e302f32322d3234203d3e203237363738.roa
Signing time:             Tue 05 Mar 2024 18:13:05 +0000
ROA not before:           Tue 05 Mar 2024 18:08:05 +0000
ROA not after:            Tue 04 Mar 2025 18:13:05 +0000
asID:                     27678
IP address blocks:        200.1.120.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/CD0E054623AC9043C0E299C2C90B143803BD89125B0E863855C49C3B73F7BAA1/0/E35FC2646A9FC8929B694AAAE04D52023AA4680C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/CD0E054623AC9043C0E299C2C90B143803BD89125B0E863855C49C3B73F7BAA1/0/E35FC2646A9FC8929B694AAAE04D52023AA4680C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E35FC2646A9FC8929B694AAAE04D52023AA4680C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 13 Oct 2024 15:25:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:56:ec:dd:38:bf:df:37:91:68:4b:4f:47:5e:da:9c:28:2e:27:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E35FC2646A9FC8929B694AAAE04D52023AA4680C
        Validity
            Not Before: Mar  5 18:08:05 2024 GMT
            Not After : Mar  4 18:13:05 2025 GMT
        Subject: CN=7AFF5FD506FE2F430966C5C3CEA1186B6BA3CF80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:81:f4:64:18:c3:6c:ba:f5:3d:c4:68:b6:b0:
                    82:6c:4f:d9:6d:46:48:1c:2f:6c:c9:10:6f:a5:83:
                    1f:88:0b:d8:1c:7a:1e:38:bc:71:48:21:3b:5c:33:
                    2a:97:4b:fe:0f:47:c3:d5:1d:0d:96:18:47:68:8a:
                    df:aa:f6:20:50:54:23:cc:7a:e4:16:bc:4e:d1:46:
                    3d:1b:b5:de:5e:b8:08:eb:ac:c2:75:be:4d:41:92:
                    f4:d0:dd:cb:90:96:08:4a:66:58:79:45:79:61:0f:
                    42:59:22:41:73:b8:8a:45:9a:e5:d4:dd:c8:47:90:
                    af:bc:be:d7:26:ff:37:2c:c3:5c:5c:96:8c:db:37:
                    21:d7:8a:c4:b2:b3:ed:55:c1:5d:f8:13:6f:9f:90:
                    92:62:07:f5:b8:ef:c6:44:bb:5b:96:fe:8c:ef:65:
                    43:74:22:59:19:5a:fe:bd:d1:4d:22:5b:66:31:73:
                    91:68:dd:2f:42:b9:c5:9d:aa:29:e8:91:51:9d:33:
                    3f:08:f9:b8:af:2e:4c:0b:2f:b0:02:d1:d8:33:47:
                    c2:8b:5d:0e:15:8d:83:83:a6:5e:af:40:4e:d8:9e:
                    67:64:21:fd:e3:91:db:43:f0:b5:8a:2c:82:5d:3f:
                    51:ab:60:df:35:78:1e:54:17:25:32:26:00:58:92:
                    a7:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:FF:5F:D5:06:FE:2F:43:09:66:C5:C3:CE:A1:18:6B:6B:A3:CF:80
            X509v3 Authority Key Identifier:
                keyid:E3:5F:C2:64:6A:9F:C8:92:9B:69:4A:AA:E0:4D:52:02:3A:A4:68:0C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/CD0E054623AC9043C0E299C2C90B143803BD89125B0E863855C49C3B73F7BAA1/0/E35FC2646A9FC8929B694AAAE04D52023AA4680C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E35FC2646A9FC8929B694AAAE04D52023AA4680C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/CD0E054623AC9043C0E299C2C90B143803BD89125B0E863855C49C3B73F7BAA1/0/3230302e312e3132302e302f32322d3234203d3e203237363738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.1.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         48:7c:4a:2a:bd:5a:a1:0e:46:28:16:78:01:1e:97:83:4b:1b:
         77:1a:bb:9a:45:ad:02:11:f0:ff:fb:6d:ef:71:56:c2:02:15:
         23:57:d5:4a:3f:69:0b:70:7a:9a:d8:ad:e8:74:5b:98:33:5b:
         40:47:f3:09:41:d5:dd:14:b0:be:33:48:cf:79:ff:9d:39:be:
         e6:53:10:3f:66:16:46:5c:e3:16:04:62:d7:fa:cc:45:f5:62:
         cc:b6:52:4f:28:cc:32:17:8c:78:a4:b9:0b:b0:1f:76:00:ac:
         ac:e3:4f:73:f8:0f:75:2c:39:79:29:dc:a7:40:ef:cd:a1:af:
         43:6d:e9:73:51:83:ab:c9:fc:d6:6a:2b:18:5f:50:c7:46:e8:
         d3:77:2d:8d:14:f1:4f:05:aa:33:e6:ef:cb:83:67:85:36:9f:
         62:ef:c1:ae:96:8c:b2:7f:25:16:87:b4:fe:5c:3d:ff:1f:f6:
         c4:74:20:2c:92:c1:ff:00:a8:d9:ed:c0:5f:92:d8:21:ea:ec:
         f0:d7:83:7d:1d:17:bb:9d:c0:5e:be:e5:86:be:3b:9e:ab:e3:
         1a:bf:11:2d:15:4a:d0:ff:e6:0e:02:c0:d3:55:49:6d:23:1c:
         6f:88:a6:65:9f:e9:77:f3:08:1d:d9:24:e2:54:bb:22:04:ec:
         4f:ec:b6:11
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUJFbs3Ti/3zeRaEtPR17anCguJxMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTM1RkMyNjQ2QTlGQzg5MjlCNjk0QUFBRTA0RDUyMDIz
QUE0NjgwQzAeFw0yNDAzMDUxODA4MDVaFw0yNTAzMDQxODEzMDVaMDMxMTAvBgNV
BAMTKDdBRkY1RkQ1MDZGRTJGNDMwOTY2QzVDM0NFQTExODZCNkJBM0NGODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCugfRkGMNsuvU9xGi2sIJsT9lt
RkgcL2zJEG+lgx+IC9gceh44vHFIITtcMyqXS/4PR8PVHQ2WGEdoit+q9iBQVCPM
euQWvE7RRj0btd5euAjrrMJ1vk1BkvTQ3cuQlghKZlh5RXlhD0JZIkFzuIpFmuXU
3chHkK+8vtcm/zcsw1xclozbNyHXisSys+1VwV34E2+fkJJiB/W478ZEu1uW/ozv
ZUN0IlkZWv690U0iW2Yxc5Fo3S9CucWdqinokVGdMz8I+bivLkwLL7AC0dgzR8KL
XQ4VjYODpl6vQE7YnmdkIf3jkdtD8LWKLIJdP1GrYN81eB5UFyUyJgBYkqdLAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUev9f1Qb+L0MJZsXDzqEYa2ujz4AwHwYDVR0j
BBgwFoAU41/CZGqfyJKbaUqq4E1SAjqkaAwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DRDBFMDU0NjIzQUM5MDQzQzBFMjk5QzJDOTBCMTQzODAz
QkQ4OTEyNUIwRTg2Mzg1NUM0OUMzQjczRjdCQUExLzAvRTM1RkMyNjQ2QTlGQzg5
MjlCNjk0QUFBRTA0RDUyMDIzQUE0NjgwQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FMzVGQzI2NDZBOUZDODkyOUI2
OTRBQUFFMDRENTIwMjNBQTQ2ODBDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQ0QwRTA1NDYyM0FDOTA0M0MwRTI5OUMyQzkwQjE0MzgwM0JEODkxMjVC
MEU4NjM4NTVDNDlDM0I3M0Y3QkFBMS8wLzMyMzAzMDJlMzEyZTMxMzIzMDJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzczNjM3Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALIAXgwDQYJ
KoZIhvcNAQELBQADggEBAEh8Siq9WqEORigWeAEel4NLG3cau5pFrQIR8P/7be9x
VsICFSNX1Uo/aQtweprYreh0W5gzW0BH8wlB1d0UsL4zSM95/505vuZTED9mFkZc
4xYEYtf6zEX1Ysy2Uk8ozDIXjHikuQuwH3YArKzjT3P4D3UsOXkp3KdA782hr0Nt
6XNRg6vJ/NZqKxhfUMdG6NN3LY0U8U8FqjPm78uDZ4U2n2Lvwa6WjLJ/JRaHtP5c
Pf8f9sR0ICySwf8AqNntwF+S2CHq7PDXg30dF7udwF6+5Ya+O56r4xq/ES0VStD/
5g4CwNNVSW0jHG+IpmWf6XfzCB3ZJOJUuyIE7E/sthE=
-----END CERTIFICATE-----
Generated at Tue Oct 8 23:51:47 2024 by rpki-client on console-ams.rpki-client.org