Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230312e3232332e302e302f31372d3234203d3e2037343138.roa
File:                     3230312e3232332e302e302f31372d3234203d3e2037343138.roa (raw, json)
Hash identifier:          IUG1Nu+Br39s01AnzDgaBjdAFhIiIOuM9B05wfjuSTs=
Subject key identifier:   08:F5:D2:03:3E:FF:4F:29:8A:07:4C:CE:55:10:94:18:72:34:E7:49
Certificate issuer:       /CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
Certificate serial:       3A5F363937B7A94CD30F20577F86D5A994D384D4
Authority key identifier: 25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230312e3232332e302e302f31372d3234203d3e2037343138.roa
Signing time:             Tue 05 Mar 2024 17:52:21 +0000
ROA not before:           Tue 05 Mar 2024 17:47:21 +0000
ROA not after:            Tue 04 Mar 2025 17:52:21 +0000
asID:                     7418
IP address blocks:        201.223.0.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:5f:36:39:37:b7:a9:4c:d3:0f:20:57:7f:86:d5:a9:94:d3:84:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
        Validity
            Not Before: Mar  5 17:47:21 2024 GMT
            Not After : Mar  4 17:52:21 2025 GMT
        Subject: CN=08F5D2033EFF4F298A074CCE551094187234E749
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:5b:43:49:87:be:33:fc:45:d6:72:44:80:f9:
                    21:9f:7b:ee:58:1c:c6:0b:13:f8:e1:b5:4c:03:5b:
                    0e:3c:68:26:c0:96:5f:ac:ac:b8:69:e3:b1:9e:01:
                    6f:7d:11:91:82:b3:9f:81:82:18:c8:bb:55:88:e5:
                    07:8a:0b:08:ea:6c:ba:19:ad:7f:b5:5c:c9:43:50:
                    4a:87:d5:82:98:d9:c5:7c:79:d2:da:15:cc:40:d3:
                    de:8a:70:eb:e7:84:c2:60:7d:de:b1:04:5f:07:7d:
                    c9:a7:7c:45:37:8a:74:4f:cb:59:c2:3a:2b:be:00:
                    69:3b:7f:fe:22:c5:8a:f3:d8:58:a4:14:e9:7e:20:
                    b9:2d:61:09:7f:a3:ab:5d:13:4e:e7:2c:41:39:39:
                    dd:34:74:4e:dc:e6:6e:99:08:70:6b:36:b1:25:78:
                    a9:23:d2:44:eb:69:57:9c:c2:85:3f:f3:38:07:d6:
                    0c:81:3c:da:a4:50:96:6e:13:84:9d:5d:3d:81:46:
                    ad:54:8e:ae:4a:8b:37:d0:49:ee:c9:37:a0:d8:7a:
                    97:32:f2:2f:b8:d8:12:d0:fa:19:7e:2d:40:01:68:
                    3a:2d:ab:75:66:ba:fb:91:55:4c:b6:e4:ae:20:2b:
                    89:28:21:6d:de:14:46:79:63:c3:a5:52:39:c3:b5:
                    04:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:F5:D2:03:3E:FF:4F:29:8A:07:4C:CE:55:10:94:18:72:34:E7:49
            X509v3 Authority Key Identifier:
                keyid:25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230312e3232332e302e302f31372d3234203d3e2037343138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.223.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         02:c7:61:5d:1f:b1:fb:87:a0:cf:c9:c9:58:82:6a:42:ed:15:
         87:98:b0:1d:4e:22:6c:b4:04:f7:bd:17:2d:32:99:d4:de:d6:
         d3:d9:f1:62:0c:ff:e2:78:5d:c8:df:0e:e7:c6:ad:87:38:55:
         09:1e:c9:0d:6b:4f:a1:cf:ff:99:f2:87:aa:e9:b2:9a:a2:b6:
         9d:45:b1:0f:61:39:fa:67:c7:f8:5a:13:49:83:1f:a4:7f:bd:
         3a:39:dd:08:0e:25:a2:2e:cf:d7:6a:a4:75:86:a9:06:7c:13:
         1d:a3:17:a6:49:78:bb:d6:98:e3:16:6d:b9:47:6e:56:76:3a:
         67:55:c6:82:62:28:a7:87:ff:35:c8:41:8e:ee:fc:97:21:ad:
         f7:d8:dd:a8:10:74:09:f5:e6:fe:66:cc:a6:93:72:94:ec:2b:
         2d:42:bf:b6:07:41:03:2f:15:9f:c1:82:23:4d:82:7b:c5:9c:
         d4:c3:82:f2:9a:9d:0b:c6:41:8d:fa:9c:f7:5b:74:9b:58:2b:
         b0:2f:a5:ca:34:46:f6:60:46:e9:9a:5b:0e:e3:23:8c:29:3a:
         30:30:3e:3e:71:0e:1a:c6:27:36:bb:08:54:a7:cf:54:52:cb:
         9f:a5:2d:05:17:05:e2:6b:20:c0:7d:86:37:b2:48:fd:5d:81:
         c3:b9:3d:1c
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUOl82OTe3qUzTDyBXf4bVqZTThNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjVDRDZBNEZCQzhCRUUzNEEyREMzNzE3OTNBMDlFMjc0
RTBFMzY2MTAeFw0yNDAzMDUxNzQ3MjFaFw0yNTAzMDQxNzUyMjFaMDMxMTAvBgNV
BAMTKDA4RjVEMjAzM0VGRjRGMjk4QTA3NENDRTU1MTA5NDE4NzIzNEU3NDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0W0NJh74z/EXWckSA+SGfe+5Y
HMYLE/jhtUwDWw48aCbAll+srLhp47GeAW99EZGCs5+BghjIu1WI5QeKCwjqbLoZ
rX+1XMlDUEqH1YKY2cV8edLaFcxA096KcOvnhMJgfd6xBF8HfcmnfEU3inRPy1nC
Oiu+AGk7f/4ixYrz2FikFOl+ILktYQl/o6tdE07nLEE5Od00dE7c5m6ZCHBrNrEl
eKkj0kTraVecwoU/8zgH1gyBPNqkUJZuE4SdXT2BRq1Ujq5KizfQSe7JN6DYepcy
8i+42BLQ+hl+LUABaDotq3VmuvuRVUy25K4gK4koIW3eFEZ5Y8OlUjnDtQQVAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUCPXSAz7/TymKB0zOVRCUGHI050kwHwYDVR0j
BBgwFoAUJc1qT7yL7jSi3DcXk6CeJ04ONmEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EOTUyQkFDQjZEMjdFNDgyNjcwMzZGN0NCRDZDQzRBREVF
NjBCQTFEMUNGRjVFRjU5NDgxQTkwQkEyMDcxREQ3LzAvMjVDRDZBNEZCQzhCRUUz
NEEyREMzNzE3OTNBMDlFMjc0RTBFMzY2MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNUNENkE0RkJDOEJFRTM0QTJE
QzM3MTc5M0EwOUUyNzRFMEUzNjYxLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDk1MkJBQ0I2RDI3RTQ4MjY3MDM2RjdDQkQ2Q0M0QURFRTYwQkExRDFD
RkY1RUY1OTQ4MUE5MEJBMjA3MURENy8wLzMyMzAzMTJlMzIzMjMzMmUzMDJlMzAy
ZjMxMzcyZDMyMzQyMDNkM2UyMDM3MzQzMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHyd8AMA0GCSqG
SIb3DQEBCwUAA4IBAQACx2FdH7H7h6DPyclYgmpC7RWHmLAdTiJstAT3vRctMpnU
3tbT2fFiDP/ieF3I3w7nxq2HOFUJHskNa0+hz/+Z8oeq6bKaoradRbEPYTn6Z8f4
WhNJgx+kf706Od0IDiWiLs/XaqR1hqkGfBMdoxemSXi71pjjFm25R25WdjpnVcaC
Yiinh/81yEGO7vyXIa332N2oEHQJ9eb+Zsymk3KU7CstQr+2B0EDLxWfwYIjTYJ7
xZzUw4Lymp0LxkGN+pz3W3SbWCuwL6XKNEb2YEbpmlsO4yOMKTowMD4+cQ4axic2
uwhUp89UUsufpS0FFwXiayDAfYY3skj9XYHDuT0c
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:07:25 2024 by rpki-client on console-ams.rpki-client.org