Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e32392e35322e302f32342d3234203d3e2037343138.roa
File:                     3230302e32392e35322e302f32342d3234203d3e2037343138.roa (raw, json)
Hash identifier:          AhvvjT6cHSePaXshAR5ceMApcrB1Jcr6QbJ+9RpJ1yI=
Subject key identifier:   79:A6:6D:62:55:52:A3:B3:7F:9C:3E:6E:B3:2F:59:C9:9D:58:6B:E6
Certificate issuer:       /CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
Certificate serial:       3100F0FB9BCEAC1EC30E8181D7D01B1AB6B88A12
Authority key identifier: 25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e32392e35322e302f32342d3234203d3e2037343138.roa
Signing time:             Tue 05 Mar 2024 17:52:07 +0000
ROA not before:           Tue 05 Mar 2024 17:47:07 +0000
ROA not after:            Tue 04 Mar 2025 17:52:07 +0000
asID:                     7418
IP address blocks:        200.29.52.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:00:f0:fb:9b:ce:ac:1e:c3:0e:81:81:d7:d0:1b:1a:b6:b8:8a:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
        Validity
            Not Before: Mar  5 17:47:07 2024 GMT
            Not After : Mar  4 17:52:07 2025 GMT
        Subject: CN=79A66D625552A3B37F9C3E6EB32F59C99D586BE6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:f7:ba:e9:91:1c:4b:4d:0b:0f:1e:83:6a:7a:
                    eb:17:8e:4e:34:d8:a0:e3:05:7d:d8:a9:c1:41:be:
                    60:e7:60:fd:32:68:2b:e6:38:2b:83:7c:e7:63:e9:
                    d2:24:2c:74:ff:a8:bd:3b:8f:65:d2:75:af:a9:9b:
                    93:22:72:d2:96:33:ec:d0:db:f1:0a:01:9f:11:c2:
                    99:00:96:1c:77:e2:f4:1c:32:7b:13:a0:a9:d9:46:
                    f2:f9:56:7e:0d:47:3b:de:b9:5c:26:b3:e6:66:12:
                    bd:07:db:1a:d1:cb:21:dd:65:bd:dd:82:c4:50:74:
                    0d:13:66:70:53:f3:28:cf:4b:af:5a:f3:4f:9f:90:
                    22:fc:13:c2:7c:81:ce:98:e9:bc:56:8e:ad:b8:62:
                    c8:a3:a7:6f:cf:d6:57:bc:63:3d:6a:73:f8:40:3d:
                    13:27:67:fc:a8:da:91:6a:3c:ed:4b:73:f1:53:4f:
                    7d:22:63:5a:4d:46:5c:e0:74:1a:b1:4d:99:b8:04:
                    85:eb:55:fd:16:7b:86:a7:98:b7:d6:2b:6e:de:15:
                    95:13:ec:67:28:09:ac:b0:64:0f:f6:86:fd:68:10:
                    66:8a:7f:14:84:dc:f2:b8:89:73:8b:f5:78:ab:1c:
                    ca:64:a4:43:de:28:56:d0:91:fd:00:3b:d4:2e:e4:
                    54:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:A6:6D:62:55:52:A3:B3:7F:9C:3E:6E:B3:2F:59:C9:9D:58:6B:E6
            X509v3 Authority Key Identifier:
                keyid:25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e32392e35322e302f32342d3234203d3e2037343138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.29.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:71:87:e3:44:ee:1f:be:43:da:44:45:11:77:6d:49:9f:d1:
         0d:a8:b6:93:45:a7:06:5b:3c:5f:07:f1:8b:f9:96:76:d5:93:
         f8:b7:a9:17:4a:d8:fa:71:13:2f:f6:00:75:50:ea:07:c7:9b:
         a6:13:17:59:fc:80:a5:db:33:2f:46:ac:d3:cc:c9:ac:35:28:
         f7:9b:ff:bd:de:37:e1:f2:4a:e3:63:fc:12:68:d9:69:e8:bb:
         b3:e3:14:df:a1:ba:b7:49:48:3a:a7:c4:cc:07:a9:13:39:9d:
         97:67:9e:ed:81:e5:f1:0d:d1:15:72:0f:6b:f7:80:3b:78:16:
         b2:99:ac:29:8c:ee:29:c5:58:94:05:8f:05:ce:c8:a2:8f:71:
         59:e7:12:2e:5a:95:62:66:2a:aa:36:9e:5a:f6:ca:4a:9e:79:
         5d:94:01:8a:35:a5:58:81:bb:b9:f2:89:4f:c4:e2:61:21:33:
         d4:e5:8e:2f:5f:7c:a3:d0:33:c9:da:ce:2c:31:b5:ce:e8:f9:
         c0:c0:17:59:3a:3f:76:19:3a:09:1b:19:95:ea:1e:72:d2:2f:
         04:06:f8:5a:55:72:d4:21:51:c9:b6:cf:82:51:41:82:95:e5:
         99:eb:36:bc:4b:6b:1f:04:fe:41:90:d2:d8:49:aa:7c:07:40:
         40:80:be:9d
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUMQDw+5vOrB7DDoGB19AbGra4ihIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjVDRDZBNEZCQzhCRUUzNEEyREMzNzE3OTNBMDlFMjc0
RTBFMzY2MTAeFw0yNDAzMDUxNzQ3MDdaFw0yNTAzMDQxNzUyMDdaMDMxMTAvBgNV
BAMTKDc5QTY2RDYyNTU1MkEzQjM3RjlDM0U2RUIzMkY1OUM5OUQ1ODZCRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY97rpkRxLTQsPHoNqeusXjk40
2KDjBX3YqcFBvmDnYP0yaCvmOCuDfOdj6dIkLHT/qL07j2XSda+pm5MictKWM+zQ
2/EKAZ8RwpkAlhx34vQcMnsToKnZRvL5Vn4NRzveuVwms+ZmEr0H2xrRyyHdZb3d
gsRQdA0TZnBT8yjPS69a80+fkCL8E8J8gc6Y6bxWjq24Ysijp2/P1le8Yz1qc/hA
PRMnZ/yo2pFqPO1Lc/FTT30iY1pNRlzgdBqxTZm4BIXrVf0We4anmLfWK27eFZUT
7GcoCaywZA/2hv1oEGaKfxSE3PK4iXOL9XirHMpkpEPeKFbQkf0AO9Qu5FQjAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUeaZtYlVSo7N/nD5usy9ZyZ1Ya+YwHwYDVR0j
BBgwFoAUJc1qT7yL7jSi3DcXk6CeJ04ONmEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EOTUyQkFDQjZEMjdFNDgyNjcwMzZGN0NCRDZDQzRBREVF
NjBCQTFEMUNGRjVFRjU5NDgxQTkwQkEyMDcxREQ3LzAvMjVDRDZBNEZCQzhCRUUz
NEEyREMzNzE3OTNBMDlFMjc0RTBFMzY2MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNUNENkE0RkJDOEJFRTM0QTJE
QzM3MTc5M0EwOUUyNzRFMEUzNjYxLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDk1MkJBQ0I2RDI3RTQ4MjY3MDM2RjdDQkQ2Q0M0QURFRTYwQkExRDFD
RkY1RUY1OTQ4MUE5MEJBMjA3MURENy8wLzMyMzAzMDJlMzIzOTJlMzUzMjJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM3MzQzMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyB00MA0GCSqG
SIb3DQEBCwUAA4IBAQCJcYfjRO4fvkPaREURd21Jn9ENqLaTRacGWzxfB/GL+ZZ2
1ZP4t6kXStj6cRMv9gB1UOoHx5umExdZ/ICl2zMvRqzTzMmsNSj3m/+93jfh8krj
Y/wSaNlp6Luz4xTfobq3SUg6p8TMB6kTOZ2XZ57tgeXxDdEVcg9r94A7eBaymawp
jO4pxViUBY8Fzsiij3FZ5xIuWpViZiqqNp5a9spKnnldlAGKNaVYgbu58olPxOJh
ITPU5Y4vX3yj0DPJ2s4sMbXO6PnAwBdZOj92GToJGxmV6h5y0i8EBvhaVXLUIVHJ
ts+CUUGCleWZ6za8S2sfBP5BkNLYSap8B0BAgL6d
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:07:25 2024 by rpki-client on console-ams.rpki-client.org