Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32302d3230203d3e203233323436.roa
File:                     36362e3233312e36342e302f32302d3230203d3e203233323436.roa (raw, json)
Hash identifier:          MnbPegToh6HQNibjsNYRACtqUJDF2WqJc50OejB0ThA=
Subject key identifier:   7C:1D:79:11:21:44:C9:0B:90:B4:F9:27:A3:50:33:21:3B:20:AC:1F
Certificate issuer:       /CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
Certificate serial:       2013406B6B709CBE59C3DF252B75226AD67D4113
Authority key identifier: C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32302d3230203d3e203233323436.roa
Signing time:             Mon 08 Jul 2024 23:55:01 +0000
ROA not before:           Mon 08 Jul 2024 23:50:01 +0000
ROA not after:            Mon 07 Jul 2025 23:55:01 +0000
asID:                     23246
IP address blocks:        66.231.64.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 22:17:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:13:40:6b:6b:70:9c:be:59:c3:df:25:2b:75:22:6a:d6:7d:41:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
        Validity
            Not Before: Jul  8 23:50:01 2024 GMT
            Not After : Jul  7 23:55:01 2025 GMT
        Subject: CN=7C1D79112144C90B90B4F927A35033213B20AC1F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:41:dc:47:4c:6d:e3:ef:6a:b5:0b:06:98:8f:
                    26:cd:d3:01:6c:6d:3c:a1:1a:aa:9c:9b:8b:6f:c0:
                    8d:ee:73:9d:49:56:b8:b4:76:10:ff:94:af:72:43:
                    d4:06:f7:30:0a:55:00:3a:a0:d8:c9:7c:a9:6f:f5:
                    3d:5d:ed:a9:d7:0f:2d:a4:2b:c9:26:6b:a9:8b:fd:
                    9f:5a:17:3b:d3:0e:11:1a:20:ff:bb:8e:50:13:63:
                    aa:66:7c:e7:2d:70:99:36:30:05:f5:e8:48:55:47:
                    78:ed:2f:55:1f:90:39:71:bf:ce:f0:0b:9f:25:fa:
                    ee:4d:b2:51:fc:92:a7:fe:8b:6c:cf:96:52:98:89:
                    33:71:e6:11:67:62:27:cd:36:bf:01:98:c2:80:67:
                    c1:1a:31:29:14:4d:0b:ae:4a:ed:e2:67:91:e1:e5:
                    f9:5c:24:3f:e0:a3:46:b6:0c:47:67:9a:48:24:ce:
                    3a:7c:6e:7c:df:e4:74:f3:9b:b6:8d:b1:d5:c2:7b:
                    fa:c1:1c:96:0b:c5:31:40:af:31:37:ab:85:20:3d:
                    67:10:80:27:0f:75:f4:50:b4:d4:3f:17:0d:4d:b1:
                    ea:25:d7:bc:62:c9:8e:c8:ed:0a:47:64:0e:50:5d:
                    40:73:6b:4d:84:64:ff:82:fd:f2:05:04:d9:13:22:
                    31:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:1D:79:11:21:44:C9:0B:90:B4:F9:27:A3:50:33:21:3B:20:AC:1F
            X509v3 Authority Key Identifier:
                keyid:C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32302d3230203d3e203233323436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.231.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         57:66:80:65:b9:8b:06:3d:6b:4a:27:e0:ff:0a:16:00:fc:29:
         ee:2e:96:22:71:79:a9:84:6c:5a:21:85:d1:0b:bd:63:e6:cf:
         97:5f:05:93:d5:29:57:c8:c7:71:1d:94:e6:75:41:34:d1:82:
         06:16:ca:a0:d3:8f:f2:ef:30:c7:4b:96:4f:e2:e4:21:b8:61:
         5e:2a:78:be:bf:3f:95:ba:5c:d1:9e:ce:ae:30:42:10:7e:30:
         36:88:1d:b2:6d:ff:57:4b:4b:25:72:94:ee:80:66:70:7b:e9:
         ae:c9:b3:55:9a:c0:8e:92:55:b2:e5:5f:6b:d3:5b:ac:e2:87:
         4d:3c:0d:b9:8d:c0:cf:20:cf:90:1c:e8:39:b7:66:d5:12:fb:
         21:55:37:75:3b:19:16:32:b9:5b:b5:aa:7a:1f:d0:2b:24:e5:
         49:18:a7:8d:27:b6:36:f4:1c:c7:d7:a8:3a:08:85:fd:93:8a:
         b9:22:a9:70:c9:0e:93:49:0b:63:51:26:f2:41:2b:d5:88:de:
         b9:89:a7:f0:12:69:b5:3e:65:00:af:45:1f:36:6f:42:e5:14:
         98:77:8d:e2:cf:4d:83:b1:04:21:cd:5c:47:81:2c:c2:ff:27:
         5a:db:19:f4:70:0a:2f:d1:34:10:8d:03:2b:74:a9:d1:60:a8:
         2a:65:fb:b2
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUIBNAa2twnL5Zw98lK3UiatZ9QRMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzI5NjdGRjMxMDlFMEFBN0VFNUVDMUM2NDAzMDBENUEw
MEZGNDFCMDAeFw0yNDA3MDgyMzUwMDFaFw0yNTA3MDcyMzU1MDFaMDMxMTAvBgNV
BAMTKDdDMUQ3OTExMjE0NEM5MEI5MEI0RjkyN0EzNTAzMzIxM0IyMEFDMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkQdxHTG3j72q1CwaYjybN0wFs
bTyhGqqcm4tvwI3uc51JVri0dhD/lK9yQ9QG9zAKVQA6oNjJfKlv9T1d7anXDy2k
K8kma6mL/Z9aFzvTDhEaIP+7jlATY6pmfOctcJk2MAX16EhVR3jtL1UfkDlxv87w
C58l+u5NslH8kqf+i2zPllKYiTNx5hFnYifNNr8BmMKAZ8EaMSkUTQuuSu3iZ5Hh
5flcJD/go0a2DEdnmkgkzjp8bnzf5HTzm7aNsdXCe/rBHJYLxTFArzE3q4UgPWcQ
gCcPdfRQtNQ/Fw1Nseol17xiyY7I7QpHZA5QXUBza02EZP+C/fIFBNkTIjF7AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUfB15ESFEyQuQtPkno1AzITsgrB8wHwYDVR0j
BBgwFoAUwpZ/8xCeCqfuXsHGQDANWgD/QbAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQTEwNEQ3Nzc3QjAyOUVEQTc4MkRBQTZBNkY3NDM0RkRC
Nzc3Q0U2OEEwOTQ5Nzk3ODE0NjRFQzU5RkY4QTlBLzAvQzI5NjdGRjMxMDlFMEFB
N0VFNUVDMUM2NDAzMDBENUEwMEZGNDFCMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMjk2N0ZGMzEwOUUwQUE3RUU1
RUMxQzY0MDMwMEQ1QTAwRkY0MUIwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREExMDRENzc3N0IwMjlFREE3ODJEQUE2QTZGNzQzNEZEQjc3N0NFNjhB
MDk0OTc5NzgxNDY0RUM1OUZGOEE5QS8wLzM2MzYyZTMyMzMzMTJlMzYzNDJlMzAy
ZjMyMzAyZDMyMzAyMDNkM2UyMDMyMzMzMjM0MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBARC50AwDQYJ
KoZIhvcNAQELBQADggEBAFdmgGW5iwY9a0on4P8KFgD8Ke4uliJxeamEbFohhdEL
vWPmz5dfBZPVKVfIx3EdlOZ1QTTRggYWyqDTj/LvMMdLlk/i5CG4YV4qeL6/P5W6
XNGezq4wQhB+MDaIHbJt/1dLSyVylO6AZnB76a7Js1WawI6SVbLlX2vTW6zih008
DbmNwM8gz5Ac6Dm3ZtUS+yFVN3U7GRYyuVu1qnof0Csk5UkYp40ntjb0HMfXqDoI
hf2TirkiqXDJDpNJC2NRJvJBK9WI3rmJp/ASabU+ZQCvRR82b0LlFJh3jeLPTYOx
BCHNXEeBLML/J1rbGfRwCi/RNBCNAyt0qdFgqCpl+7I=
-----END CERTIFICATE-----
Generated at Mon Oct 28 19:22:47 2024 by rpki-client on console-ams.rpki-client.org