Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32342d3234203d3e203233303331.roa
File:                     36362e3233312e36342e302f32342d3234203d3e203233303331.roa (raw, json)
Hash identifier:          kpdacpz/h6W7hcIHoJQshnHZytgKP14P45eXN1soMWY=
Subject key identifier:   58:7F:D9:F6:B6:03:AC:68:C4:57:C8:C7:6A:7A:B9:DB:89:15:8F:2C
Certificate issuer:       /CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
Certificate serial:       5016E8A19086F0398AFCF2B91902119376573DF8
Authority key identifier: C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32342d3234203d3e203233303331.roa
Signing time:             Mon 08 Jul 2024 23:55:01 +0000
ROA not before:           Mon 08 Jul 2024 23:50:01 +0000
ROA not after:            Mon 07 Jul 2025 23:55:01 +0000
asID:                     23031
IP address blocks:        66.231.64.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 22:17:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:16:e8:a1:90:86:f0:39:8a:fc:f2:b9:19:02:11:93:76:57:3d:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
        Validity
            Not Before: Jul  8 23:50:01 2024 GMT
            Not After : Jul  7 23:55:01 2025 GMT
        Subject: CN=587FD9F6B603AC68C457C8C76A7AB9DB89158F2C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:63:12:25:e7:23:c0:1d:a4:73:12:d2:0e:59:
                    33:e5:6e:89:10:ce:19:db:4a:08:fd:d0:aa:07:46:
                    aa:71:14:cc:c1:b2:a2:2e:ec:2a:18:79:e6:a7:88:
                    0d:d4:24:7e:0a:00:1b:8f:02:8a:d2:8c:22:80:04:
                    75:4e:88:b5:f9:db:ac:f6:6f:a5:dd:14:44:f3:71:
                    4c:ae:22:25:ae:22:41:be:e2:99:29:c0:71:5d:ac:
                    80:c3:5b:ae:9d:c0:c1:e7:dd:2a:ba:f6:f3:73:56:
                    3a:1c:8b:62:eb:e1:06:6a:1f:f5:05:3c:c5:5e:5d:
                    ee:b0:5e:a6:08:62:82:59:e8:bb:53:f2:cf:13:ac:
                    5e:27:cd:61:5b:9f:b7:66:17:4c:57:e7:d0:ed:20:
                    dc:cf:f9:0e:5d:91:dd:7a:fe:29:30:0e:b4:10:8d:
                    fe:62:f1:e8:1c:8b:d5:53:2a:1d:b8:1f:ac:7d:51:
                    7e:25:1e:e6:0c:44:4a:a4:50:0b:de:e7:de:b3:12:
                    23:5b:a0:d0:b2:a5:c2:ea:0b:7c:f5:92:85:fd:87:
                    cc:e4:10:ed:41:7f:43:8e:31:55:47:c6:dd:fc:bf:
                    2c:e9:c0:fb:21:c4:63:2a:ea:0f:bd:17:5e:87:9a:
                    72:63:d9:bc:ed:1e:08:1d:3d:8c:33:4f:db:13:64:
                    a3:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:7F:D9:F6:B6:03:AC:68:C4:57:C8:C7:6A:7A:B9:DB:89:15:8F:2C
            X509v3 Authority Key Identifier:
                keyid:C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32342d3234203d3e203233303331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.231.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:ff:38:01:08:f1:45:d9:d2:fd:8d:05:b0:a4:8b:a2:82:b2:
         b8:db:6f:b2:ba:8c:8e:3d:df:dc:2d:8d:c6:40:a8:94:66:25:
         6d:7c:f8:0d:28:33:30:32:ef:0d:0b:f5:46:33:c9:00:87:bd:
         1e:28:33:58:ab:dc:a4:6e:0d:fc:55:b1:55:36:29:5d:6c:3f:
         46:1b:55:d3:38:84:98:a1:b9:b4:94:a9:ac:28:a1:ef:73:53:
         de:d6:4f:6c:2d:5b:cf:d2:dd:10:74:8b:5c:09:d0:6d:4d:e5:
         73:a2:2e:7f:5b:76:88:2b:56:d3:31:fe:3f:f9:41:5a:e4:08:
         77:55:48:07:ef:be:81:7d:0a:0f:d6:98:d4:4d:bf:6c:79:4a:
         ec:70:fb:1c:2c:98:1c:14:ff:b4:1a:b5:e3:dd:42:36:9c:0c:
         6a:53:51:1a:e6:02:11:08:4a:29:ef:26:9f:a8:25:c8:a0:b2:
         35:69:d4:70:57:e5:f9:fd:07:d1:ae:b8:a0:25:af:99:5b:85:
         33:42:5a:0a:df:1d:bb:5a:e9:c2:59:4d:47:db:aa:e2:8c:93:
         46:30:ce:f9:2a:ad:b7:40:c9:05:ed:b8:f7:cd:8d:98:03:db:
         6f:69:0c:47:82:52:07:0e:9b:c4:e2:8c:04:b7:e0:6e:07:32:
         4b:45:5d:bc
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUUBbooZCG8DmK/PK5GQIRk3ZXPfgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzI5NjdGRjMxMDlFMEFBN0VFNUVDMUM2NDAzMDBENUEw
MEZGNDFCMDAeFw0yNDA3MDgyMzUwMDFaFw0yNTA3MDcyMzU1MDFaMDMxMTAvBgNV
BAMTKDU4N0ZEOUY2QjYwM0FDNjhDNDU3QzhDNzZBN0FCOURCODkxNThGMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBYxIl5yPAHaRzEtIOWTPlbokQ
zhnbSgj90KoHRqpxFMzBsqIu7CoYeeaniA3UJH4KABuPAorSjCKABHVOiLX526z2
b6XdFETzcUyuIiWuIkG+4pkpwHFdrIDDW66dwMHn3Sq69vNzVjoci2Lr4QZqH/UF
PMVeXe6wXqYIYoJZ6LtT8s8TrF4nzWFbn7dmF0xX59DtINzP+Q5dkd16/ikwDrQQ
jf5i8egci9VTKh24H6x9UX4lHuYMREqkUAve596zEiNboNCypcLqC3z1koX9h8zk
EO1Bf0OOMVVHxt38vyzpwPshxGMq6g+9F16HmnJj2bztHggdPYwzT9sTZKPvAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUWH/Z9rYDrGjEV8jHanq524kVjywwHwYDVR0j
BBgwFoAUwpZ/8xCeCqfuXsHGQDANWgD/QbAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQTEwNEQ3Nzc3QjAyOUVEQTc4MkRBQTZBNkY3NDM0RkRC
Nzc3Q0U2OEEwOTQ5Nzk3ODE0NjRFQzU5RkY4QTlBLzAvQzI5NjdGRjMxMDlFMEFB
N0VFNUVDMUM2NDAzMDBENUEwMEZGNDFCMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMjk2N0ZGMzEwOUUwQUE3RUU1
RUMxQzY0MDMwMEQ1QTAwRkY0MUIwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREExMDRENzc3N0IwMjlFREE3ODJEQUE2QTZGNzQzNEZEQjc3N0NFNjhB
MDk0OTc5NzgxNDY0RUM1OUZGOEE5QS8wLzM2MzYyZTMyMzMzMTJlMzYzNDJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzMzMDMzMzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABC50AwDQYJ
KoZIhvcNAQELBQADggEBAEr/OAEI8UXZ0v2NBbCki6KCsrjbb7K6jI4939wtjcZA
qJRmJW18+A0oMzAy7w0L9UYzyQCHvR4oM1ir3KRuDfxVsVU2KV1sP0YbVdM4hJih
ubSUqawooe9zU97WT2wtW8/S3RB0i1wJ0G1N5XOiLn9bdogrVtMx/j/5QVrkCHdV
SAfvvoF9Cg/WmNRNv2x5Suxw+xwsmBwU/7QatePdQjacDGpTURrmAhEISinvJp+o
JcigsjVp1HBX5fn9B9GuuKAlr5lbhTNCWgrfHbta6cJZTUfbquKMk0YwzvkqrbdA
yQXtuPfNjZgD229pDEeCUgcOm8TijAS34G4HMktFXbw=
-----END CERTIFICATE-----
Generated at Mon Oct 28 19:26:46 2024 by rpki-client on console-fra.rpki-client.org