Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32322d3232203d3e203233303331.roa
File:                     36362e3233312e36342e302f32322d3232203d3e203233303331.roa (raw, json)
Hash identifier:          FqDVawQwYaVD32wskgZmQHvPMnLA3adpXhyOcqtYhdE=
Subject key identifier:   2B:7D:5F:23:5E:CB:9E:77:23:84:38:50:BD:2A:E6:C7:B2:E8:51:BB
Certificate issuer:       /CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
Certificate serial:       1A87DE82CCB9DC4D084E838A89012253BC6AFF90
Authority key identifier: C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32322d3232203d3e203233303331.roa
Signing time:             Wed 10 Jul 2024 17:15:00 +0000
ROA not before:           Wed 10 Jul 2024 17:10:00 +0000
ROA not after:            Wed 09 Jul 2025 17:15:00 +0000
asID:                     23031
IP address blocks:        66.231.64.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 22:17:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:87:de:82:cc:b9:dc:4d:08:4e:83:8a:89:01:22:53:bc:6a:ff:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
        Validity
            Not Before: Jul 10 17:10:00 2024 GMT
            Not After : Jul  9 17:15:00 2025 GMT
        Subject: CN=2B7D5F235ECB9E7723843850BD2AE6C7B2E851BB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e6:71:7b:a4:09:2b:11:c6:5e:b4:dd:c2:79:
                    41:73:1b:ad:71:3f:58:5f:3b:b2:95:82:8a:66:09:
                    a1:e7:26:4c:a0:fd:fb:89:2e:5c:c6:9c:b3:13:16:
                    fd:6d:55:88:aa:af:96:87:26:31:d1:2f:f1:6b:2e:
                    32:0a:ac:cc:2f:4f:c2:72:ef:60:ac:cf:ad:bb:61:
                    de:0f:79:3f:98:3f:3c:31:e3:13:a5:68:61:16:c5:
                    e6:ef:61:d7:6d:62:28:97:42:21:7a:73:03:54:3a:
                    fe:19:f6:85:21:78:07:e2:5b:07:13:e7:4e:8f:04:
                    3b:14:51:32:1b:2f:05:95:4f:4e:05:65:c4:7f:66:
                    e7:32:c7:58:db:88:eb:7f:5e:37:99:e4:0e:41:d6:
                    67:90:68:ec:ee:b3:05:3e:ef:41:6a:95:11:29:25:
                    47:9b:7f:d1:40:51:09:21:94:2d:55:cc:55:8c:2c:
                    53:a8:82:1e:ae:e6:23:a1:cf:72:97:db:09:05:e0:
                    06:e8:3b:23:1c:38:d7:06:15:db:1b:5b:fb:cb:5f:
                    69:d0:41:0a:8b:f7:78:63:09:b7:8d:4f:73:49:a6:
                    b3:da:21:e9:71:73:b1:37:fd:53:a8:3c:a9:e0:b1:
                    3f:ca:51:95:29:7b:71:b5:89:97:63:c1:b9:f7:a9:
                    75:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:7D:5F:23:5E:CB:9E:77:23:84:38:50:BD:2A:E6:C7:B2:E8:51:BB
            X509v3 Authority Key Identifier:
                keyid:C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32322d3232203d3e203233303331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.231.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:63:db:9d:6b:6c:80:8a:f3:a4:2b:77:94:b7:a9:e9:8a:02:
         96:c4:25:77:f8:9f:fe:80:ed:fc:a5:91:ce:3c:2b:3d:5a:09:
         3b:a4:8a:06:d9:99:30:ee:2d:f5:9a:db:5f:64:52:81:f9:9c:
         26:4b:f1:79:65:40:dd:6b:f6:4b:35:3f:b6:2e:08:32:cb:58:
         16:20:58:39:b2:eb:fd:6d:12:d1:25:73:ba:b8:0a:65:10:4d:
         af:92:51:02:ac:5d:f3:d9:af:2f:e9:b8:07:fe:8a:99:ba:42:
         c6:cb:04:14:c3:ef:26:20:f9:fd:d9:48:99:47:99:c6:1e:c3:
         15:a4:d2:31:d5:fd:8f:08:a3:c0:c8:13:07:28:3d:4b:3b:80:
         f6:97:88:a0:81:33:c3:19:cb:b2:4d:77:9a:6d:5a:de:4e:9c:
         97:11:68:e2:bb:c8:d8:74:63:34:dc:6a:48:60:31:0e:62:0a:
         69:a9:15:60:fc:98:19:81:ce:a4:24:ff:4f:90:8b:cc:4f:39:
         03:a2:4e:e5:2c:a9:7d:40:eb:ff:b1:3d:95:26:e6:cf:39:e9:
         7c:02:a0:f5:cc:ef:74:18:ca:77:ae:d8:72:f4:09:ae:54:e4:
         04:16:21:9f:2f:c6:7f:a4:3e:9a:08:b9:87:22:d1:b6:36:45:
         6f:ab:dd:35
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUGofegsy53E0IToOKiQEiU7xq/5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzI5NjdGRjMxMDlFMEFBN0VFNUVDMUM2NDAzMDBENUEw
MEZGNDFCMDAeFw0yNDA3MTAxNzEwMDBaFw0yNTA3MDkxNzE1MDBaMDMxMTAvBgNV
BAMTKDJCN0Q1RjIzNUVDQjlFNzcyMzg0Mzg1MEJEMkFFNkM3QjJFODUxQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy5nF7pAkrEcZetN3CeUFzG61x
P1hfO7KVgopmCaHnJkyg/fuJLlzGnLMTFv1tVYiqr5aHJjHRL/FrLjIKrMwvT8Jy
72Csz627Yd4PeT+YPzwx4xOlaGEWxebvYddtYiiXQiF6cwNUOv4Z9oUheAfiWwcT
506PBDsUUTIbLwWVT04FZcR/Zucyx1jbiOt/XjeZ5A5B1meQaOzuswU+70FqlREp
JUebf9FAUQkhlC1VzFWMLFOogh6u5iOhz3KX2wkF4AboOyMcONcGFdsbW/vLX2nQ
QQqL93hjCbeNT3NJprPaIelxc7E3/VOoPKngsT/KUZUpe3G1iZdjwbn3qXWJAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUK31fI17LnncjhDhQvSrmx7LoUbswHwYDVR0j
BBgwFoAUwpZ/8xCeCqfuXsHGQDANWgD/QbAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQTEwNEQ3Nzc3QjAyOUVEQTc4MkRBQTZBNkY3NDM0RkRC
Nzc3Q0U2OEEwOTQ5Nzk3ODE0NjRFQzU5RkY4QTlBLzAvQzI5NjdGRjMxMDlFMEFB
N0VFNUVDMUM2NDAzMDBENUEwMEZGNDFCMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMjk2N0ZGMzEwOUUwQUE3RUU1
RUMxQzY0MDMwMEQ1QTAwRkY0MUIwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREExMDRENzc3N0IwMjlFREE3ODJEQUE2QTZGNzQzNEZEQjc3N0NFNjhB
MDk0OTc5NzgxNDY0RUM1OUZGOEE5QS8wLzM2MzYyZTMyMzMzMTJlMzYzNDJlMzAy
ZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzMzMDMzMzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJC50AwDQYJ
KoZIhvcNAQELBQADggEBAFBj251rbICK86Qrd5S3qemKApbEJXf4n/6A7fylkc48
Kz1aCTukigbZmTDuLfWa219kUoH5nCZL8XllQN1r9ks1P7YuCDLLWBYgWDmy6/1t
EtElc7q4CmUQTa+SUQKsXfPZry/puAf+ipm6QsbLBBTD7yYg+f3ZSJlHmcYewxWk
0jHV/Y8Io8DIEwcoPUs7gPaXiKCBM8MZy7JNd5ptWt5OnJcRaOK7yNh0YzTcakhg
MQ5iCmmpFWD8mBmBzqQk/0+Qi8xPOQOiTuUsqX1A6/+xPZUm5s856XwCoPXM73QY
yneu2HL0Ca5U5AQWIZ8vxn+kPpoIuYci0bY2RW+r3TU=
-----END CERTIFICATE-----
Generated at Mon Oct 28 19:26:46 2024 by rpki-client on console-fra.rpki-client.org