Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e37372e3135362e302f32342d3234203d3e203133393939.roa
File:                     3230302e37372e3135362e302f32342d3234203d3e203133393939.roa (raw, json)
Hash identifier:          s+7z4X4e7WT+PSk4fi7GaYG2AdxUFF+AYmVfWVkLhjY=
Subject key identifier:   AA:34:A0:F4:15:9B:FD:B4:1C:5F:79:66:75:63:71:91:77:CF:F8:E5
Certificate issuer:       /CN=E9771B2D309B05BB8C2F0EA36FF17501E242A19E
Certificate serial:       236A1FFF75F83B07114574B78843495E2A2F98BC
Authority key identifier: E9:77:1B:2D:30:9B:05:BB:8C:2F:0E:A3:6F:F1:75:01:E2:42:A1:9E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e37372e3135362e302f32342d3234203d3e203133393939.roa
Signing time:             Tue 13 Aug 2024 16:40:04 +0000
ROA not before:           Tue 13 Aug 2024 16:35:04 +0000
ROA not after:            Tue 12 Aug 2025 16:40:04 +0000
asID:                     13999
IP address blocks:        200.77.156.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:6a:1f:ff:75:f8:3b:07:11:45:74:b7:88:43:49:5e:2a:2f:98:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E9771B2D309B05BB8C2F0EA36FF17501E242A19E
        Validity
            Not Before: Aug 13 16:35:04 2024 GMT
            Not After : Aug 12 16:40:04 2025 GMT
        Subject: CN=AA34A0F4159BFDB41C5F79667563719177CFF8E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:3a:20:55:d9:1d:75:86:0b:aa:5e:16:f6:18:
                    56:8f:8e:4f:e4:d6:b9:d8:fa:80:25:0d:29:52:7d:
                    d4:66:8c:fd:ae:8e:5e:d9:30:fe:a7:88:be:30:36:
                    44:0e:c8:1c:2a:57:83:97:41:ec:22:c2:7b:3d:d4:
                    c2:0a:97:43:7b:14:59:98:24:fa:5c:31:34:71:1f:
                    e1:f8:e9:3a:a3:da:c8:df:f5:18:63:81:6f:3e:18:
                    26:b7:71:da:70:54:a7:15:f1:e7:ec:9f:0e:7e:dd:
                    61:fd:04:15:44:ae:66:c3:70:d4:98:fb:33:f9:10:
                    e3:82:8f:63:e8:25:3b:35:dc:10:8a:63:e8:4d:6b:
                    0b:79:cc:f8:0a:c0:1b:12:2f:5b:71:92:34:e9:23:
                    ba:18:81:e2:6c:e7:02:f2:7f:b8:49:44:e1:eb:27:
                    97:d1:c3:35:68:45:94:a3:38:04:a3:ec:ba:62:b7:
                    ea:86:6e:fd:75:03:40:0e:78:98:47:16:21:e9:a4:
                    b9:02:f6:d9:7b:a9:2b:53:ec:05:93:c3:e7:2d:2e:
                    bf:67:1c:53:b8:4f:ae:6f:0e:98:5d:1a:b9:2b:c5:
                    cb:15:35:a0:3c:62:6b:7c:29:cb:a0:f9:04:0b:fe:
                    7e:5b:9d:52:3d:b0:14:3b:e5:50:89:ee:34:81:d0:
                    fd:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:34:A0:F4:15:9B:FD:B4:1C:5F:79:66:75:63:71:91:77:CF:F8:E5
            X509v3 Authority Key Identifier:
                keyid:E9:77:1B:2D:30:9B:05:BB:8C:2F:0E:A3:6F:F1:75:01:E2:42:A1:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e37372e3135362e302f32342d3234203d3e203133393939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.77.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:12:5b:58:ea:5d:55:9f:ad:11:17:ee:86:02:c2:80:33:b1:
         fd:60:7d:7b:07:7d:16:01:10:f4:ca:56:14:89:eb:7a:d0:22:
         a6:78:ea:fc:28:b9:a4:34:b9:a6:eb:2b:9b:db:73:82:67:99:
         22:ae:e1:52:33:7d:40:c3:03:45:e6:a6:ff:be:03:53:08:a9:
         6a:e6:88:9c:29:27:8b:ae:7b:65:ad:65:03:f6:0b:07:0c:2d:
         c2:7f:dc:05:af:3d:0f:f9:f9:1f:d6:8a:68:05:35:e8:5e:26:
         8f:75:5e:26:ee:b2:db:3f:64:38:c0:24:3b:20:5a:fa:8f:c2:
         bd:f9:2a:7d:4d:b9:60:d2:97:de:02:cd:7a:bc:be:b1:6f:bd:
         23:e2:b3:1e:c6:f8:06:10:54:f0:2c:0b:d7:7a:52:6f:96:f1:
         93:57:9c:13:c2:26:22:46:bf:68:98:cf:97:ca:d2:55:25:c2:
         a5:ea:f9:0a:bc:96:db:d2:9d:c5:48:64:d4:ae:f2:b6:b7:fc:
         83:3f:09:d1:b6:d2:99:db:02:b9:19:02:0b:bc:2c:c3:c5:77:
         50:95:4c:3b:27:34:eb:e5:19:f0:37:80:e0:f1:1e:13:ac:fa:
         b1:d1:7b:aa:c7:6e:e5:1e:e9:93:28:02:12:34:90:3a:1c:12:
         ea:a5:36:7d
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUI2of/3X4OwcRRXS3iENJXiovmLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTk3NzFCMkQzMDlCMDVCQjhDMkYwRUEzNkZGMTc1MDFF
MjQyQTE5RTAeFw0yNDA4MTMxNjM1MDRaFw0yNTA4MTIxNjQwMDRaMDMxMTAvBgNV
BAMTKEFBMzRBMEY0MTU5QkZEQjQxQzVGNzk2Njc1NjM3MTkxNzdDRkY4RTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBOiBV2R11hguqXhb2GFaPjk/k
1rnY+oAlDSlSfdRmjP2ujl7ZMP6niL4wNkQOyBwqV4OXQewiwns91MIKl0N7FFmY
JPpcMTRxH+H46Tqj2sjf9RhjgW8+GCa3cdpwVKcV8efsnw5+3WH9BBVErmbDcNSY
+zP5EOOCj2PoJTs13BCKY+hNawt5zPgKwBsSL1txkjTpI7oYgeJs5wLyf7hJROHr
J5fRwzVoRZSjOASj7Lpit+qGbv11A0AOeJhHFiHppLkC9tl7qStT7AWTw+ctLr9n
HFO4T65vDphdGrkrxcsVNaA8Ymt8Kcug+QQL/n5bnVI9sBQ75VCJ7jSB0P1nAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUqjSg9BWb/bQcX3lmdWNxkXfP+OUwHwYDVR0j
BBgwFoAU6XcbLTCbBbuMLw6jb/F1AeJCoZ4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMEVCNkQ5NTYxNUUzNkRDQUQzNTE2NEE2OTkxMDk3OTJD
M0ZDRDNGODYxQjhDN0QxQTYwMTA2QUQzM0ZGRkUyLzAvRTk3NzFCMkQzMDlCMDVC
QjhDMkYwRUEzNkZGMTc1MDFFMjQyQTE5RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FOTc3MUIyRDMwOUIwNUJCOEMy
RjBFQTM2RkYxNzUwMUUyNDJBMTlFLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDBFQjZEOTU2MTVFMzZEQ0FEMzUxNjRBNjk5MTA5NzkyQzNGQ0QzRjg2
MUI4QzdEMUE2MDEwNkFEMzNGRkZFMi8wLzMyMzAzMDJlMzczNzJlMzEzNTM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM5MzkzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhNnDAN
BgkqhkiG9w0BAQsFAAOCAQEAJhJbWOpdVZ+tERfuhgLCgDOx/WB9ewd9FgEQ9MpW
FInretAipnjq/Ci5pDS5pusrm9tzgmeZIq7hUjN9QMMDReam/74DUwipauaInCkn
i657Za1lA/YLBwwtwn/cBa89D/n5H9aKaAU16F4mj3VeJu6y2z9kOMAkOyBa+o/C
vfkqfU25YNKX3gLNery+sW+9I+KzHsb4BhBU8CwL13pSb5bxk1ecE8ImIka/aJjP
l8rSVSXCper5CryW29KdxUhk1K7ytrf8gz8J0bbSmdsCuRkCC7wsw8V3UJVMOyc0
6+UZ8DeA4PEeE6z6sdF7qsdu5R7pkygCEjSQOhwS6qU2fQ==
-----END CERTIFICATE-----
Generated at Tue Nov 19 20:20:38 2024 by rpki-client on console-ams.rpki-client.org