Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32302d3230203d3e203233303331.roa
File:                     36362e3233312e36342e302f32302d3230203d3e203233303331.roa (raw, json)
Hash identifier:          1WIDpe8nHXylcuAWhvcqJfEEzmMavb1AXihv35cPNlQ=
Subject key identifier:   3D:00:05:45:80:85:65:96:32:8B:01:C1:AF:3A:F3:10:11:52:CF:4C
Certificate issuer:       /CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
Certificate serial:       258C71ABC4EC6064D8B40FA4E67110DFE7098B26
Authority key identifier: C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32302d3230203d3e203233303331.roa
Signing time:             Wed 10 Jul 2024 17:15:00 +0000
ROA not before:           Wed 10 Jul 2024 17:10:00 +0000
ROA not after:            Wed 09 Jul 2025 17:15:00 +0000
asID:                     23031
IP address blocks:        66.231.64.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 22:17:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:8c:71:ab:c4:ec:60:64:d8:b4:0f:a4:e6:71:10:df:e7:09:8b:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
        Validity
            Not Before: Jul 10 17:10:00 2024 GMT
            Not After : Jul  9 17:15:00 2025 GMT
        Subject: CN=3D00054580856596328B01C1AF3AF3101152CF4C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:28:cf:2c:f3:10:05:1d:c2:8c:6e:8b:81:fb:
                    e9:f2:f0:18:b1:04:e5:b9:55:94:a0:a8:30:0c:1c:
                    93:f5:17:01:be:13:2b:28:4d:aa:40:d4:29:9a:42:
                    31:69:2e:39:8b:9f:c6:5f:9f:e0:16:1f:35:7f:a6:
                    c7:3a:b5:ba:cd:48:de:98:5f:ba:bf:b2:bd:18:98:
                    34:74:fe:22:65:c3:27:a8:13:3a:8a:ae:1c:e8:43:
                    94:06:7a:53:f7:c9:1a:12:9e:16:45:1a:05:99:9c:
                    ac:fc:56:a1:0e:fc:38:d8:00:73:48:38:f6:9c:a0:
                    6f:30:f4:c8:d4:b4:77:7c:37:71:74:59:c5:5b:74:
                    bd:72:94:59:51:ee:e0:16:70:2c:74:fd:b9:c5:6b:
                    b2:55:4c:9a:8f:b6:0e:a6:6a:82:21:eb:4f:6c:92:
                    f7:27:eb:d1:6f:07:cf:2e:a4:53:05:6f:41:74:13:
                    04:03:dc:68:4c:88:86:ac:5f:be:53:12:1b:e3:4e:
                    b8:f4:93:a5:a4:3d:39:46:2c:d8:a0:09:8d:44:5f:
                    6d:64:22:2f:ac:1c:a3:64:06:be:43:c1:2c:c7:32:
                    eb:27:68:f1:86:fa:31:c0:ce:0f:91:0e:ea:09:5d:
                    21:e3:7f:73:07:68:29:a1:09:62:d4:12:2a:00:17:
                    5c:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:00:05:45:80:85:65:96:32:8B:01:C1:AF:3A:F3:10:11:52:CF:4C
            X509v3 Authority Key Identifier:
                keyid:C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32302d3230203d3e203233303331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.231.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         05:1f:2a:16:84:88:c6:4e:46:5c:15:ef:09:6f:c5:1a:42:fb:
         19:c4:3e:34:7a:2b:4b:74:96:f8:db:a0:70:65:a9:c3:06:b7:
         94:e6:28:d1:89:8b:d7:94:74:22:f1:32:e5:aa:dd:59:0e:0b:
         1f:7c:1c:98:77:08:eb:b1:36:0f:9f:93:99:5f:21:55:a4:85:
         6f:ed:3f:74:d0:8f:6e:3c:92:ae:2c:27:b5:1e:b4:dc:0a:f7:
         cb:10:f9:45:d7:da:42:dd:fa:f7:73:9a:72:b4:81:ea:40:a4:
         3e:a9:10:cb:4f:c2:95:24:0e:e0:7a:09:73:78:f6:c1:4d:86:
         de:59:6b:d0:52:7b:e9:7c:88:ec:15:ea:e9:be:40:35:f1:c3:
         d9:c9:f0:ea:f8:0a:41:0b:3b:c3:e6:9d:d1:42:b4:b4:fd:44:
         75:ec:0e:a1:d9:b7:24:1b:c6:bc:8f:78:4d:ae:d9:47:40:c9:
         d7:fb:2d:d2:bb:ab:6e:bf:a3:02:93:b4:ae:46:96:d7:ef:1b:
         a9:23:0e:dc:13:a8:48:62:fa:e0:bc:b1:ce:17:96:55:c2:e5:
         d4:f5:fe:f5:55:45:52:09:14:dd:24:33:17:fd:9a:1f:2e:e0:
         9f:a1:bd:f2:bf:cf:74:cc:05:f2:4e:4a:ee:04:24:81:9a:34:
         57:17:6d:11
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUJYxxq8TsYGTYtA+k5nEQ3+cJiyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzI5NjdGRjMxMDlFMEFBN0VFNUVDMUM2NDAzMDBENUEw
MEZGNDFCMDAeFw0yNDA3MTAxNzEwMDBaFw0yNTA3MDkxNzE1MDBaMDMxMTAvBgNV
BAMTKDNEMDAwNTQ1ODA4NTY1OTYzMjhCMDFDMUFGM0FGMzEwMTE1MkNGNEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVKM8s8xAFHcKMbouB++ny8Bix
BOW5VZSgqDAMHJP1FwG+EysoTapA1CmaQjFpLjmLn8Zfn+AWHzV/psc6tbrNSN6Y
X7q/sr0YmDR0/iJlwyeoEzqKrhzoQ5QGelP3yRoSnhZFGgWZnKz8VqEO/DjYAHNI
OPacoG8w9MjUtHd8N3F0WcVbdL1ylFlR7uAWcCx0/bnFa7JVTJqPtg6maoIh609s
kvcn69FvB88upFMFb0F0EwQD3GhMiIasX75TEhvjTrj0k6WkPTlGLNigCY1EX21k
Ii+sHKNkBr5DwSzHMusnaPGG+jHAzg+RDuoJXSHjf3MHaCmhCWLUEioAF1wJAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUPQAFRYCFZZYyiwHBrzrzEBFSz0wwHwYDVR0j
BBgwFoAUwpZ/8xCeCqfuXsHGQDANWgD/QbAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQTEwNEQ3Nzc3QjAyOUVEQTc4MkRBQTZBNkY3NDM0RkRC
Nzc3Q0U2OEEwOTQ5Nzk3ODE0NjRFQzU5RkY4QTlBLzAvQzI5NjdGRjMxMDlFMEFB
N0VFNUVDMUM2NDAzMDBENUEwMEZGNDFCMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMjk2N0ZGMzEwOUUwQUE3RUU1
RUMxQzY0MDMwMEQ1QTAwRkY0MUIwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREExMDRENzc3N0IwMjlFREE3ODJEQUE2QTZGNzQzNEZEQjc3N0NFNjhB
MDk0OTc5NzgxNDY0RUM1OUZGOEE5QS8wLzM2MzYyZTMyMzMzMTJlMzYzNDJlMzAy
ZjMyMzAyZDMyMzAyMDNkM2UyMDMyMzMzMDMzMzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBARC50AwDQYJ
KoZIhvcNAQELBQADggEBAAUfKhaEiMZORlwV7wlvxRpC+xnEPjR6K0t0lvjboHBl
qcMGt5TmKNGJi9eUdCLxMuWq3VkOCx98HJh3COuxNg+fk5lfIVWkhW/tP3TQj248
kq4sJ7UetNwK98sQ+UXX2kLd+vdzmnK0gepApD6pEMtPwpUkDuB6CXN49sFNht5Z
a9BSe+l8iOwV6um+QDXxw9nJ8Or4CkELO8PmndFCtLT9RHXsDqHZtyQbxryPeE2u
2UdAydf7LdK7q26/owKTtK5GltfvG6kjDtwTqEhi+uC8sc4XllXC5dT1/vVVRVIJ
FN0kMxf9mh8u4J+hvfK/z3TMBfJOSu4EJIGaNFcXbRE=
-----END CERTIFICATE-----
Generated at Mon Oct 28 19:26:46 2024 by rpki-client on console-fra.rpki-client.org