Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e32392e34382e302f32342d3234203d3e2037343138.roa
File:                     3230302e32392e34382e302f32342d3234203d3e2037343138.roa (raw, json)
Hash identifier:          otn1btLnGquZn6tFhQSw9dq0hJ4WAoGUqQ3PcBMYtNA=
Subject key identifier:   EE:D6:FE:8A:54:53:EB:A3:4C:1C:33:F3:C1:34:95:09:8C:06:85:5B
Certificate issuer:       /CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
Certificate serial:       1B5B51726F763858889A418B13C3A35697BE80B0
Authority key identifier: 25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e32392e34382e302f32342d3234203d3e2037343138.roa
Signing time:             Tue 05 Mar 2024 17:52:19 +0000
ROA not before:           Tue 05 Mar 2024 17:47:19 +0000
ROA not after:            Tue 04 Mar 2025 17:52:19 +0000
asID:                     7418
IP address blocks:        200.29.48.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:5b:51:72:6f:76:38:58:88:9a:41:8b:13:c3:a3:56:97:be:80:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
        Validity
            Not Before: Mar  5 17:47:19 2024 GMT
            Not After : Mar  4 17:52:19 2025 GMT
        Subject: CN=EED6FE8A5453EBA34C1C33F3C13495098C06855B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:bc:50:ae:a1:d8:3b:69:ae:cd:66:a3:5f:ab:
                    0e:b9:01:0a:f1:b6:4c:1c:73:d5:86:3f:8a:5b:9c:
                    60:6e:06:3c:ab:cd:20:5c:c0:34:16:07:08:dd:b2:
                    94:25:65:42:cb:11:91:26:1e:d6:44:ad:cb:96:32:
                    06:90:3e:da:62:2c:8b:6b:65:1e:3a:49:52:9f:a2:
                    8f:aa:d4:51:58:c7:39:90:ef:ea:78:c1:f2:ac:18:
                    64:db:8f:53:ff:53:be:d9:fb:22:ad:b9:f9:7d:f3:
                    1a:5a:e1:f9:a5:34:bc:be:62:0e:5d:2d:21:57:ad:
                    99:60:60:79:67:5d:25:90:89:ad:fe:80:d1:63:73:
                    82:51:65:86:49:b9:83:43:c3:2d:c7:2f:92:f1:17:
                    a2:76:5e:a9:6b:60:41:4b:f1:73:76:49:e4:05:28:
                    5c:88:82:1a:bd:a3:35:f3:7c:f4:b2:eb:8e:32:ab:
                    bd:31:85:6d:89:4f:60:ea:23:56:be:23:e8:1b:96:
                    1b:02:72:ca:bc:03:04:e9:a2:82:2c:86:06:3b:72:
                    58:19:29:88:7c:84:2a:22:9e:aa:7f:99:34:35:99:
                    36:f4:fd:7f:2f:4a:32:06:f4:9b:8a:96:01:5e:33:
                    fc:d9:6a:e8:71:b5:16:b4:44:d1:48:af:39:03:e1:
                    b9:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:D6:FE:8A:54:53:EB:A3:4C:1C:33:F3:C1:34:95:09:8C:06:85:5B
            X509v3 Authority Key Identifier:
                keyid:25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e32392e34382e302f32342d3234203d3e2037343138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.29.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:71:b2:21:9e:a4:2b:af:e7:b4:4e:3b:5f:f3:f9:de:3f:ee:
         20:e7:73:c0:89:30:62:1c:26:a7:c1:83:83:c6:0d:e3:24:8f:
         0c:66:30:b7:c3:14:0f:bc:4e:31:35:a9:30:43:ad:d4:b9:1a:
         f5:7e:ce:83:bf:1e:e8:3f:5a:90:f3:ad:68:6e:ae:05:39:55:
         c3:ab:61:d3:9a:2f:9c:89:f3:f2:db:af:62:7b:43:2a:09:0d:
         34:19:a3:24:bd:32:9e:e8:af:16:84:75:90:2d:65:22:ec:21:
         99:e1:23:ab:9b:a3:d6:2c:72:fb:bb:13:c6:43:a6:2f:1a:d1:
         85:43:0a:4a:17:e7:c9:63:91:d5:2c:f2:61:c7:e2:a9:89:84:
         34:fe:00:06:ef:8f:20:65:5e:f0:03:50:56:f6:ee:a6:9a:81:
         33:7e:27:74:d3:4e:40:35:9f:92:e1:87:8b:2f:9c:3d:d7:00:
         10:2d:01:a4:1a:c6:c7:c8:4f:0f:74:b3:02:cf:dc:c1:1b:da:
         96:5f:3a:e4:ae:de:95:8e:61:1d:88:a9:23:55:14:6f:65:e8:
         66:42:a9:88:f2:53:48:39:80:20:43:4c:12:0e:c9:cd:31:ee:
         31:d1:30:5e:fa:25:af:b3:98:74:ec:a7:6e:1b:62:9b:97:85:
         ef:f7:da:e3
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUG1tRcm92OFiImkGLE8OjVpe+gLAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjVDRDZBNEZCQzhCRUUzNEEyREMzNzE3OTNBMDlFMjc0
RTBFMzY2MTAeFw0yNDAzMDUxNzQ3MTlaFw0yNTAzMDQxNzUyMTlaMDMxMTAvBgNV
BAMTKEVFRDZGRThBNTQ1M0VCQTM0QzFDMzNGM0MxMzQ5NTA5OEMwNjg1NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnvFCuodg7aa7NZqNfqw65AQrx
tkwcc9WGP4pbnGBuBjyrzSBcwDQWBwjdspQlZULLEZEmHtZErcuWMgaQPtpiLItr
ZR46SVKfoo+q1FFYxzmQ7+p4wfKsGGTbj1P/U77Z+yKtufl98xpa4fmlNLy+Yg5d
LSFXrZlgYHlnXSWQia3+gNFjc4JRZYZJuYNDwy3HL5LxF6J2XqlrYEFL8XN2SeQF
KFyIghq9ozXzfPSy644yq70xhW2JT2DqI1a+I+gblhsCcsq8AwTpooIshgY7clgZ
KYh8hCoinqp/mTQ1mTb0/X8vSjIG9JuKlgFeM/zZauhxtRa0RNFIrzkD4bntAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQU7tb+ilRT66NMHDPzwTSVCYwGhVswHwYDVR0j
BBgwFoAUJc1qT7yL7jSi3DcXk6CeJ04ONmEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EOTUyQkFDQjZEMjdFNDgyNjcwMzZGN0NCRDZDQzRBREVF
NjBCQTFEMUNGRjVFRjU5NDgxQTkwQkEyMDcxREQ3LzAvMjVDRDZBNEZCQzhCRUUz
NEEyREMzNzE3OTNBMDlFMjc0RTBFMzY2MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNUNENkE0RkJDOEJFRTM0QTJE
QzM3MTc5M0EwOUUyNzRFMEUzNjYxLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDk1MkJBQ0I2RDI3RTQ4MjY3MDM2RjdDQkQ2Q0M0QURFRTYwQkExRDFD
RkY1RUY1OTQ4MUE5MEJBMjA3MURENy8wLzMyMzAzMDJlMzIzOTJlMzQzODJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM3MzQzMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyB0wMA0GCSqG
SIb3DQEBCwUAA4IBAQAvcbIhnqQrr+e0Tjtf8/neP+4g53PAiTBiHCanwYODxg3j
JI8MZjC3wxQPvE4xNakwQ63UuRr1fs6Dvx7oP1qQ861obq4FOVXDq2HTmi+cifPy
269ie0MqCQ00GaMkvTKe6K8WhHWQLWUi7CGZ4SOrm6PWLHL7uxPGQ6YvGtGFQwpK
F+fJY5HVLPJhx+KpiYQ0/gAG748gZV7wA1BW9u6mmoEzfid0005ANZ+S4YeLL5w9
1wAQLQGkGsbHyE8PdLMCz9zBG9qWXzrkrt6VjmEdiKkjVRRvZehmQqmI8lNIOYAg
Q0wSDsnNMe4x0TBe+iWvs5h07KduG2Kbl4Xv99rj
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:17:41 2024 by rpki-client on console-fra.rpki-client.org