Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e32382e31342e302f32342d3234203d3e2037303034.roa
File:                     3230302e32382e31342e302f32342d3234203d3e2037303034.roa (raw, json)
Hash identifier:          Q/aGlYVUVegigIP2jSF1x5bKFfJzKEEiKOFnoFA2zII=
Subject key identifier:   65:49:BB:6E:79:51:70:D1:7A:AE:A5:06:C0:21:C8:D3:1F:D4:79:74
Certificate issuer:       /CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
Certificate serial:       1207B5DFEC1C3AFB3504FAB1F4A6E042F50E38B5
Authority key identifier: 25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e32382e31342e302f32342d3234203d3e2037303034.roa
Signing time:             Tue 05 Mar 2024 17:52:29 +0000
ROA not before:           Tue 05 Mar 2024 17:47:29 +0000
ROA not after:            Tue 04 Mar 2025 17:52:29 +0000
asID:                     7004
IP address blocks:        200.28.14.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:07:b5:df:ec:1c:3a:fb:35:04:fa:b1:f4:a6:e0:42:f5:0e:38:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
        Validity
            Not Before: Mar  5 17:47:29 2024 GMT
            Not After : Mar  4 17:52:29 2025 GMT
        Subject: CN=6549BB6E795170D17AAEA506C021C8D31FD47974
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:69:2b:d9:d6:43:00:a8:4a:45:ff:15:22:db:
                    88:8f:8b:a7:2e:41:d0:71:1b:76:c3:f7:70:fb:63:
                    53:e5:68:07:7f:39:7f:dd:62:e8:cb:e3:11:e0:8c:
                    3b:23:38:f7:5b:1b:12:47:29:cd:33:b9:6f:21:ac:
                    a2:33:e7:15:0f:7f:6c:c0:08:f6:96:8e:f1:2e:cf:
                    53:2a:6b:dd:d9:5f:22:e5:90:7c:ba:17:aa:3a:c1:
                    dd:aa:f6:cb:6c:6d:09:31:af:07:5e:e9:0a:0d:3a:
                    35:51:a0:66:bb:ac:c8:94:4d:3b:b6:bf:fe:f4:d3:
                    96:73:79:2c:78:9c:bf:1b:c6:d3:50:14:8c:89:c4:
                    40:0a:f1:8a:aa:50:43:14:98:0d:93:8c:3d:59:26:
                    b0:a3:c8:4f:5b:df:7f:61:98:95:1e:4d:46:85:03:
                    01:e4:f1:07:81:8e:20:cb:1b:a6:77:d4:05:18:09:
                    28:32:a4:77:14:74:52:02:f1:19:17:cf:a0:5b:52:
                    8f:99:66:9d:8a:3f:12:89:40:30:e3:93:1b:f2:83:
                    69:a8:2c:62:0a:52:40:18:59:9a:e0:1c:01:18:9f:
                    16:f0:f8:4b:26:96:84:c6:ff:a2:08:73:65:ca:31:
                    78:8c:44:9b:62:92:29:46:d1:18:b6:7f:b8:46:21:
                    ad:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:49:BB:6E:79:51:70:D1:7A:AE:A5:06:C0:21:C8:D3:1F:D4:79:74
            X509v3 Authority Key Identifier:
                keyid:25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e32382e31342e302f32342d3234203d3e2037303034.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.28.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:9f:5a:de:f5:27:b2:74:9b:9a:5a:7c:52:a9:9d:19:be:63:
         87:a1:f2:d0:26:5b:82:59:a1:5d:f0:a6:0e:74:8d:1f:31:bb:
         30:de:05:9e:81:c6:29:50:df:ba:db:0c:55:18:9b:9c:c9:ae:
         a8:be:5e:4e:f0:c5:51:38:ac:5c:0f:72:d8:ff:66:f5:90:c8:
         56:21:25:a7:a4:9a:e1:3a:cc:4e:84:4f:0e:65:40:a0:14:36:
         e9:e5:b8:bc:d3:29:97:49:83:7d:f1:39:af:8a:0d:9e:0b:77:
         ac:c6:17:05:4b:b2:97:5a:f7:1b:76:31:79:bd:2f:25:0f:61:
         a6:53:99:a8:b5:ca:86:ba:b0:c7:3b:e5:50:ff:44:d8:9e:bf:
         17:b8:40:cd:c9:f8:7f:10:86:b6:bd:fc:36:c4:8f:ea:9f:63:
         ee:22:2e:77:1a:5a:df:3e:f7:6c:26:66:23:7a:af:72:d0:32:
         3f:36:50:f8:d8:ae:23:e7:d4:49:40:cb:e0:e0:4c:bf:c0:37:
         c3:11:c8:c7:be:87:fd:42:46:a5:e5:3d:53:e2:1c:f5:8c:ba:
         af:7c:99:21:84:3e:2b:f2:c8:98:df:90:0c:e9:f5:a0:cf:8a:
         68:a3:61:cc:6f:e6:d4:ef:f8:36:00:28:0c:51:6d:04:cb:61:
         c8:f7:88:78
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUEge13+wcOvs1BPqx9KbgQvUOOLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjVDRDZBNEZCQzhCRUUzNEEyREMzNzE3OTNBMDlFMjc0
RTBFMzY2MTAeFw0yNDAzMDUxNzQ3MjlaFw0yNTAzMDQxNzUyMjlaMDMxMTAvBgNV
BAMTKDY1NDlCQjZFNzk1MTcwRDE3QUFFQTUwNkMwMjFDOEQzMUZENDc5NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUaSvZ1kMAqEpF/xUi24iPi6cu
QdBxG3bD93D7Y1PlaAd/OX/dYujL4xHgjDsjOPdbGxJHKc0zuW8hrKIz5xUPf2zA
CPaWjvEuz1Mqa93ZXyLlkHy6F6o6wd2q9stsbQkxrwde6QoNOjVRoGa7rMiUTTu2
v/7005ZzeSx4nL8bxtNQFIyJxEAK8YqqUEMUmA2TjD1ZJrCjyE9b339hmJUeTUaF
AwHk8QeBjiDLG6Z31AUYCSgypHcUdFIC8RkXz6BbUo+ZZp2KPxKJQDDjkxvyg2mo
LGIKUkAYWZrgHAEYnxbw+EsmloTG/6IIc2XKMXiMRJtikilG0Ri2f7hGIa1dAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUZUm7bnlRcNF6rqUGwCHI0x/UeXQwHwYDVR0j
BBgwFoAUJc1qT7yL7jSi3DcXk6CeJ04ONmEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EOTUyQkFDQjZEMjdFNDgyNjcwMzZGN0NCRDZDQzRBREVF
NjBCQTFEMUNGRjVFRjU5NDgxQTkwQkEyMDcxREQ3LzAvMjVDRDZBNEZCQzhCRUUz
NEEyREMzNzE3OTNBMDlFMjc0RTBFMzY2MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNUNENkE0RkJDOEJFRTM0QTJE
QzM3MTc5M0EwOUUyNzRFMEUzNjYxLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDk1MkJBQ0I2RDI3RTQ4MjY3MDM2RjdDQkQ2Q0M0QURFRTYwQkExRDFD
RkY1RUY1OTQ4MUE5MEJBMjA3MURENy8wLzMyMzAzMDJlMzIzODJlMzEzNDJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM3MzAzMDM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyBwOMA0GCSqG
SIb3DQEBCwUAA4IBAQAmn1re9SeydJuaWnxSqZ0ZvmOHofLQJluCWaFd8KYOdI0f
Mbsw3gWegcYpUN+62wxVGJucya6ovl5O8MVROKxcD3LY/2b1kMhWISWnpJrhOsxO
hE8OZUCgFDbp5bi80ymXSYN98Tmvig2eC3esxhcFS7KXWvcbdjF5vS8lD2GmU5mo
tcqGurDHO+VQ/0TYnr8XuEDNyfh/EIa2vfw2xI/qn2PuIi53GlrfPvdsJmYjeq9y
0DI/NlD42K4j59RJQMvg4Ey/wDfDEcjHvof9Qkal5T1T4hz1jLqvfJkhhD4r8siY
35AM6fWgz4poo2HMb+bU7/g2ACgMUW0Ey2HI94h4
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:17:41 2024 by rpki-client on console-fra.rpki-client.org