Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/CD6F8E7048E74F40800EAA41840FCA54BE39FF0A905BB6B6AD1AF2EE428BDE7E/0/3230312e3138322e37382e302f32332d3234203d3e20323733393636.roa
File:                     3230312e3138322e37382e302f32332d3234203d3e20323733393636.roa (raw, json)
Hash identifier:          vJ0LjSKYM5PvbPWecBgzpLa7KzbmaKHa7sJHwD4QFvM=
Subject key identifier:   16:2D:FB:16:35:B9:41:05:18:3C:CA:D7:D1:57:95:D0:0B:DC:A8:18
Certificate issuer:       /CN=2A85DB20A6F649E19299347ED803233E0DC81C1F
Certificate serial:       1AE85EDD5E50484FEC0057502FF6C57C1DEA0DFD
Authority key identifier: 2A:85:DB:20:A6:F6:49:E1:92:99:34:7E:D8:03:23:3E:0D:C8:1C:1F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2A85DB20A6F649E19299347ED803233E0DC81C1F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/CD6F8E7048E74F40800EAA41840FCA54BE39FF0A905BB6B6AD1AF2EE428BDE7E/0/3230312e3138322e37382e302f32332d3234203d3e20323733393636.roa
Signing time:             Mon 28 Oct 2024 16:40:01 +0000
ROA not before:           Mon 28 Oct 2024 16:35:01 +0000
ROA not after:            Mon 27 Oct 2025 16:40:01 +0000
asID:                     273966
IP address blocks:        201.182.78.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/CD6F8E7048E74F40800EAA41840FCA54BE39FF0A905BB6B6AD1AF2EE428BDE7E/0/2A85DB20A6F649E19299347ED803233E0DC81C1F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/CD6F8E7048E74F40800EAA41840FCA54BE39FF0A905BB6B6AD1AF2EE428BDE7E/0/2A85DB20A6F649E19299347ED803233E0DC81C1F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2A85DB20A6F649E19299347ED803233E0DC81C1F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 22 Nov 2024 14:52:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:e8:5e:dd:5e:50:48:4f:ec:00:57:50:2f:f6:c5:7c:1d:ea:0d:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A85DB20A6F649E19299347ED803233E0DC81C1F
        Validity
            Not Before: Oct 28 16:35:01 2024 GMT
            Not After : Oct 27 16:40:01 2025 GMT
        Subject: CN=162DFB1635B94105183CCAD7D15795D00BDCA818
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:8b:69:02:9a:db:bb:6a:96:73:c2:1c:4d:ac:
                    a0:da:aa:37:2d:75:08:08:78:28:02:f5:15:e4:d3:
                    07:6f:1a:a0:89:6c:16:bf:13:9f:ad:10:ae:73:7a:
                    ce:89:95:71:80:8a:83:96:ef:d2:d1:14:68:f4:8a:
                    c6:b8:27:b0:f5:66:f7:4b:f3:81:a5:2e:4a:6a:7a:
                    1a:bb:19:8d:be:6c:98:ff:6f:47:ef:ed:8e:d0:08:
                    0e:d7:e6:4c:e7:07:11:e3:06:56:ec:d5:ed:10:a1:
                    62:73:aa:15:e5:66:83:0a:ba:38:11:1f:d3:26:c8:
                    7c:d2:7e:29:9f:b8:83:f5:c7:55:cb:e5:80:a1:e8:
                    3a:bc:e7:a4:68:f8:54:1b:29:e7:4a:3b:5a:ce:64:
                    ff:90:05:0a:d6:a0:78:fd:9d:03:9b:92:7b:ab:8e:
                    5a:69:d2:29:27:68:69:fa:a0:d1:a1:b2:94:fd:d6:
                    de:df:96:36:8a:08:82:22:ec:0c:31:69:2f:5b:59:
                    65:c1:91:f6:55:59:71:41:82:09:a2:f6:fd:d5:e5:
                    50:7b:db:09:ed:0c:c5:71:e8:d0:34:f4:51:99:98:
                    7e:36:b1:1e:a4:8f:82:d1:dc:31:0f:4d:5c:83:3f:
                    06:2a:f5:ad:c0:21:b4:82:17:ca:5f:5e:c4:b3:4a:
                    be:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:2D:FB:16:35:B9:41:05:18:3C:CA:D7:D1:57:95:D0:0B:DC:A8:18
            X509v3 Authority Key Identifier:
                keyid:2A:85:DB:20:A6:F6:49:E1:92:99:34:7E:D8:03:23:3E:0D:C8:1C:1F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/CD6F8E7048E74F40800EAA41840FCA54BE39FF0A905BB6B6AD1AF2EE428BDE7E/0/2A85DB20A6F649E19299347ED803233E0DC81C1F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2A85DB20A6F649E19299347ED803233E0DC81C1F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/CD6F8E7048E74F40800EAA41840FCA54BE39FF0A905BB6B6AD1AF2EE428BDE7E/0/3230312e3138322e37382e302f32332d3234203d3e20323733393636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.182.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         93:64:ea:0a:28:24:dd:2d:63:50:c2:fa:46:50:d5:ff:9f:2c:
         b7:03:b1:ea:83:01:d7:3f:42:b2:c6:f9:7f:86:38:45:7f:9d:
         95:2b:23:42:c7:70:67:68:b7:b0:55:2a:4b:ea:ac:f4:4d:bd:
         18:e9:a3:63:2b:41:e4:48:21:45:94:4a:d0:c6:81:3a:b9:88:
         c4:58:47:39:4f:47:59:b2:2b:7b:5b:5c:b4:9b:b0:dc:6f:56:
         47:55:6d:0c:d5:ff:8f:57:db:94:39:b5:cc:77:2f:58:1d:f6:
         07:46:38:f4:50:e8:f2:47:cb:9f:51:52:d6:13:a9:d6:15:eb:
         b1:fa:2e:89:cb:2b:da:cf:d5:a6:3b:ad:ba:18:bf:6f:ea:ba:
         8e:0c:bf:f0:2a:3f:3a:f5:ef:78:13:cb:95:d8:48:24:96:f7:
         4c:46:8e:26:a1:c9:c0:a4:99:cd:9a:56:49:61:a0:10:a7:5f:
         6c:13:5e:ec:98:19:c4:fd:16:23:b9:a0:7a:3e:a2:10:c1:12:
         e9:ae:24:65:ef:b6:42:81:43:55:a0:57:08:4a:f2:17:6d:ac:
         27:18:f9:c8:97:54:fc:46:10:0d:09:89:e7:af:ee:83:f5:e9:
         62:eb:44:4b:86:f1:20:d8:4f:a2:4d:9b:c6:ec:8d:44:01:f3:
         54:34:a6:44
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUGuhe3V5QSE/sAFdQL/bFfB3qDf0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkE4NURCMjBBNkY2NDlFMTkyOTkzNDdFRDgwMzIzM0Uw
REM4MUMxRjAeFw0yNDEwMjgxNjM1MDFaFw0yNTEwMjcxNjQwMDFaMDMxMTAvBgNV
BAMTKDE2MkRGQjE2MzVCOTQxMDUxODNDQ0FEN0QxNTc5NUQwMEJEQ0E4MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxi2kCmtu7apZzwhxNrKDaqjct
dQgIeCgC9RXk0wdvGqCJbBa/E5+tEK5zes6JlXGAioOW79LRFGj0isa4J7D1ZvdL
84GlLkpqehq7GY2+bJj/b0fv7Y7QCA7X5kznBxHjBlbs1e0QoWJzqhXlZoMKujgR
H9MmyHzSfimfuIP1x1XL5YCh6Dq856Ro+FQbKedKO1rOZP+QBQrWoHj9nQObknur
jlpp0iknaGn6oNGhspT91t7fljaKCIIi7AwxaS9bWWXBkfZVWXFBggmi9v3V5VB7
2wntDMVx6NA09FGZmH42sR6kj4LR3DEPTVyDPwYq9a3AIbSCF8pfXsSzSr53AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUFi37FjW5QQUYPMrX0VeV0AvcqBgwHwYDVR0j
BBgwFoAUKoXbIKb2SeGSmTR+2AMjPg3IHB8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DRDZGOEU3MDQ4RTc0RjQwODAwRUFBNDE4NDBGQ0E1NEJF
MzlGRjBBOTA1QkI2QjZBRDFBRjJFRTQyOEJERTdFLzAvMkE4NURCMjBBNkY2NDlF
MTkyOTkzNDdFRDgwMzIzM0UwREM4MUMxRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yQTg1REIyMEE2RjY0OUUxOTI5
OTM0N0VEODAzMjMzRTBEQzgxQzFGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQ0Q2RjhFNzA0OEU3NEY0MDgwMEVBQTQxODQwRkNBNTRCRTM5RkYwQTkw
NUJCNkI2QUQxQUYyRUU0MjhCREU3RS8wLzMyMzAzMTJlMzEzODMyMmUzNzM4MmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNzMzMzkzNjM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBybZO
MA0GCSqGSIb3DQEBCwUAA4IBAQCTZOoKKCTdLWNQwvpGUNX/nyy3A7HqgwHXP0Ky
xvl/hjhFf52VKyNCx3BnaLewVSpL6qz0Tb0Y6aNjK0HkSCFFlErQxoE6uYjEWEc5
T0dZsit7W1y0m7Dcb1ZHVW0M1f+PV9uUObXMdy9YHfYHRjj0UOjyR8ufUVLWE6nW
Feux+i6Jyyvaz9WmO626GL9v6rqODL/wKj869e94E8uV2EgklvdMRo4mocnApJnN
mlZJYaAQp19sE17smBnE/RYjuaB6PqIQwRLpriRl77ZCgUNVoFcISvIXbawnGPnI
l1T8RhANCYnnr+6D9eli60RLhvEg2E+iTZvG7I1EAfNUNKZE
-----END CERTIFICATE-----
Generated at Tue Nov 19 09:16:37 2024 by rpki-client on console-fra.rpki-client.org