Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32322d3232203d3e203233323436.roa
File:                     36362e3233312e36342e302f32322d3232203d3e203233323436.roa (raw, json)
Hash identifier:          XEorEFKCT/95DMhG89NW0wY5wEWzX2oqlSpXM3P+4OI=
Subject key identifier:   D6:7F:BE:C3:F7:52:4D:CE:7C:ED:90:82:9E:A0:05:97:84:D4:D7:5F
Certificate issuer:       /CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
Certificate serial:       403186F3F567C6B00D12569D5E9BF8F082F22240
Authority key identifier: C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32322d3232203d3e203233323436.roa
Signing time:             Tue 09 Jul 2024 06:10:00 +0000
ROA not before:           Tue 09 Jul 2024 06:05:00 +0000
ROA not after:            Tue 08 Jul 2025 06:10:00 +0000
asID:                     23246
IP address blocks:        66.231.64.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 22:17:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:31:86:f3:f5:67:c6:b0:0d:12:56:9d:5e:9b:f8:f0:82:f2:22:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
        Validity
            Not Before: Jul  9 06:05:00 2024 GMT
            Not After : Jul  8 06:10:00 2025 GMT
        Subject: CN=D67FBEC3F7524DCE7CED90829EA0059784D4D75F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:6a:db:0f:ed:73:78:c1:3c:7b:1e:cf:9f:4d:
                    75:3f:31:8b:d4:f8:2a:48:27:b4:33:a7:08:a4:91:
                    1c:97:3e:51:9f:69:d2:dc:f6:51:ab:a4:52:69:78:
                    41:64:c7:9d:9e:76:7e:68:16:a1:b5:61:5f:aa:50:
                    fc:d3:cf:3d:2e:dd:3c:60:6c:eb:a3:6a:5b:07:75:
                    55:bb:61:7e:50:65:d7:fb:5f:8a:e4:61:8b:50:ef:
                    cb:92:f0:48:18:b1:d6:a8:60:ae:1e:9d:f0:f3:82:
                    0b:3e:82:8e:0b:ec:2b:94:1e:b4:f6:99:87:d4:f2:
                    7f:5c:10:d0:9d:b9:a8:93:b2:47:6f:10:ea:f6:ac:
                    d6:25:d8:f2:97:96:f2:e7:70:76:ea:ba:6b:02:1e:
                    db:d2:a5:24:3e:5b:c7:ff:46:1f:e6:ad:18:82:a2:
                    ab:b4:d3:b6:66:c4:19:89:64:83:b6:67:87:94:90:
                    3d:81:78:13:97:4a:5e:a6:02:3a:f4:f7:32:db:ed:
                    61:1f:af:e2:74:7e:31:d8:6a:89:32:45:d7:ac:6a:
                    53:d5:6d:bb:e4:ab:2c:79:85:a0:c5:cd:9a:47:06:
                    3e:49:d3:83:c0:cd:b9:d7:1e:4b:d8:41:85:12:a5:
                    bb:41:f5:8f:a0:f1:14:cd:75:d2:b2:a0:cd:89:8d:
                    95:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:7F:BE:C3:F7:52:4D:CE:7C:ED:90:82:9E:A0:05:97:84:D4:D7:5F
            X509v3 Authority Key Identifier:
                keyid:C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32322d3232203d3e203233323436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.231.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6f:9a:39:71:4f:0f:58:48:8b:16:d8:5e:62:e5:d4:9f:6f:0f:
         42:f3:4b:c6:d5:25:79:a9:1f:13:05:3d:a7:0b:eb:d2:da:e5:
         0b:cc:a6:56:3b:6d:a1:b2:f3:75:64:a3:2c:60:da:9c:20:84:
         dc:28:01:09:7c:ce:bc:44:5f:b5:c3:2f:aa:47:94:56:ee:58:
         a3:08:6d:67:1e:ce:2a:c7:7c:c0:4a:6c:99:fb:33:b2:3e:fe:
         5d:63:24:47:b6:65:9d:e8:10:b3:cd:2b:12:ed:af:09:23:48:
         24:b5:98:6b:af:b7:1f:28:59:f3:c4:a6:d6:39:ef:60:d3:e3:
         f7:63:5e:e3:af:3d:81:ee:eb:b4:88:50:ff:ca:8b:fa:a1:d2:
         12:25:3e:2f:58:e8:eb:5c:7a:78:ca:e5:89:e3:eb:9f:90:21:
         61:73:d3:d8:60:9e:78:70:29:54:21:ad:70:4b:75:02:87:a4:
         bd:65:4b:4f:2a:76:4e:35:f5:41:6b:f5:4f:c9:6f:2c:25:40:
         7a:b8:a5:3e:86:86:1d:d9:c6:15:0f:d8:68:86:f1:4f:e2:f8:
         d7:41:db:8f:41:9a:bb:a1:b5:5d:d7:d3:07:53:ca:41:68:72:
         e1:a5:b6:9d:d4:15:9d:bf:1c:7e:ee:6d:e2:05:c6:d5:98:b7:
         00:d4:0f:6e
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUQDGG8/VnxrANEladXpv48ILyIkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzI5NjdGRjMxMDlFMEFBN0VFNUVDMUM2NDAzMDBENUEw
MEZGNDFCMDAeFw0yNDA3MDkwNjA1MDBaFw0yNTA3MDgwNjEwMDBaMDMxMTAvBgNV
BAMTKEQ2N0ZCRUMzRjc1MjREQ0U3Q0VEOTA4MjlFQTAwNTk3ODRENEQ3NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkatsP7XN4wTx7Hs+fTXU/MYvU
+CpIJ7QzpwikkRyXPlGfadLc9lGrpFJpeEFkx52edn5oFqG1YV+qUPzTzz0u3Txg
bOujalsHdVW7YX5QZdf7X4rkYYtQ78uS8EgYsdaoYK4enfDzggs+go4L7CuUHrT2
mYfU8n9cENCduaiTskdvEOr2rNYl2PKXlvLncHbqumsCHtvSpSQ+W8f/Rh/mrRiC
oqu007ZmxBmJZIO2Z4eUkD2BeBOXSl6mAjr09zLb7WEfr+J0fjHYaokyRdesalPV
bbvkqyx5haDFzZpHBj5J04PAzbnXHkvYQYUSpbtB9Y+g8RTNddKyoM2JjZUhAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU1n++w/dSTc587ZCCnqAFl4TU118wHwYDVR0j
BBgwFoAUwpZ/8xCeCqfuXsHGQDANWgD/QbAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQTEwNEQ3Nzc3QjAyOUVEQTc4MkRBQTZBNkY3NDM0RkRC
Nzc3Q0U2OEEwOTQ5Nzk3ODE0NjRFQzU5RkY4QTlBLzAvQzI5NjdGRjMxMDlFMEFB
N0VFNUVDMUM2NDAzMDBENUEwMEZGNDFCMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMjk2N0ZGMzEwOUUwQUE3RUU1
RUMxQzY0MDMwMEQ1QTAwRkY0MUIwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREExMDRENzc3N0IwMjlFREE3ODJEQUE2QTZGNzQzNEZEQjc3N0NFNjhB
MDk0OTc5NzgxNDY0RUM1OUZGOEE5QS8wLzM2MzYyZTMyMzMzMTJlMzYzNDJlMzAy
ZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzMzMjM0MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJC50AwDQYJ
KoZIhvcNAQELBQADggEBAG+aOXFPD1hIixbYXmLl1J9vD0LzS8bVJXmpHxMFPacL
69La5QvMplY7baGy83Vkoyxg2pwghNwoAQl8zrxEX7XDL6pHlFbuWKMIbWcezirH
fMBKbJn7M7I+/l1jJEe2ZZ3oELPNKxLtrwkjSCS1mGuvtx8oWfPEptY572DT4/dj
XuOvPYHu67SIUP/Ki/qh0hIlPi9Y6OtcenjK5Ynj65+QIWFz09hgnnhwKVQhrXBL
dQKHpL1lS08qdk419UFr9U/JbywlQHq4pT6Ghh3ZxhUP2GiG8U/i+NdB249Bmruh
tV3X0wdTykFocuGltp3UFZ2/HH7ubeIFxtWYtwDUD24=
-----END CERTIFICATE-----
Generated at Mon Oct 28 19:26:46 2024 by rpki-client on console-fra.rpki-client.org