Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36362e302f32332d3234203d3e203233303331.roa
File:                     36362e3233312e36362e302f32332d3234203d3e203233303331.roa (raw, json)
Hash identifier:          cAEOl7lD73Exozld2yj6/kaCcwCDaIVwv3WocpyRkj8=
Subject key identifier:   47:B6:65:39:3E:DE:62:BD:B8:B5:45:B5:29:1A:26:AA:79:61:21:5E
Certificate issuer:       /CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
Certificate serial:       4F80D36D11F5CBADBB37212D74DB6486D19DAB
Authority key identifier: C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36362e302f32332d3234203d3e203233303331.roa
Signing time:             Mon 08 Jul 2024 23:55:00 +0000
ROA not before:           Mon 08 Jul 2024 23:50:00 +0000
ROA not after:            Mon 07 Jul 2025 23:55:00 +0000
asID:                     23031
IP address blocks:        66.231.66.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 22:17:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:80:d3:6d:11:f5:cb:ad:bb:37:21:2d:74:db:64:86:d1:9d:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
        Validity
            Not Before: Jul  8 23:50:00 2024 GMT
            Not After : Jul  7 23:55:00 2025 GMT
        Subject: CN=47B665393EDE62BDB8B545B5291A26AA7961215E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:2b:0d:37:83:89:9f:4e:ef:3e:01:64:d7:b0:
                    cf:62:76:b9:27:94:c3:74:34:3b:d1:7a:b0:8b:fe:
                    9c:ac:13:06:ed:e7:71:02:03:bb:56:0b:6e:6b:c7:
                    a8:f2:4f:9a:67:6f:30:b0:76:7b:b4:b0:21:47:a0:
                    8c:02:c1:86:9c:b3:ec:2a:0e:f9:f5:20:f3:1c:e3:
                    96:3a:ed:cc:30:de:4f:64:c2:00:15:3e:4b:2f:1f:
                    3b:e8:c7:46:39:28:0b:68:e4:95:5e:3a:55:14:ba:
                    80:f2:c5:5a:63:59:4c:03:1d:a2:3e:2f:94:20:12:
                    78:55:7f:b9:4c:90:dc:3e:8d:51:0a:42:72:f2:c5:
                    43:f2:c7:bf:63:d9:d7:09:8a:af:45:2d:f6:bb:aa:
                    b9:57:47:4b:05:6a:8c:16:b9:4a:62:0c:ee:ed:7f:
                    3a:54:17:fe:18:85:90:11:6d:1c:75:c1:e5:5c:64:
                    17:3d:60:85:00:de:16:19:8f:a4:a5:d6:e1:c8:12:
                    8d:65:a5:48:71:68:78:b0:34:14:84:d8:c7:d0:c1:
                    eb:64:cd:1e:61:9d:49:b0:71:01:5b:4a:69:db:d2:
                    22:54:96:84:20:60:17:75:14:be:23:93:a1:e7:3a:
                    ea:6d:a1:58:ea:99:e9:dd:24:86:8f:04:43:99:53:
                    29:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:B6:65:39:3E:DE:62:BD:B8:B5:45:B5:29:1A:26:AA:79:61:21:5E
            X509v3 Authority Key Identifier:
                keyid:C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36362e302f32332d3234203d3e203233303331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.231.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         61:43:e7:12:b5:25:4d:ed:2e:d9:75:bb:c4:8e:62:26:b7:aa:
         de:55:ff:dd:ec:54:5f:7b:f7:fc:77:6a:de:0b:44:45:cc:15:
         d1:28:a0:30:04:c3:f7:38:6d:00:24:fc:0e:58:56:11:23:fa:
         03:cd:d3:01:ef:39:18:61:67:79:fe:72:94:a8:25:56:fb:0e:
         4b:4e:20:8d:9a:48:47:dc:09:70:b5:13:3f:0b:98:86:39:88:
         bc:f5:4f:01:1d:4b:28:1c:c3:a7:0a:27:48:4f:39:ab:de:cf:
         49:dc:b1:04:1a:b2:20:e0:7d:c8:5d:4d:a3:52:61:fe:0d:d9:
         62:d9:ef:3b:08:83:28:e8:53:31:c1:de:ea:5d:26:9f:04:45:
         f8:3c:44:e2:95:d2:97:c0:09:48:7a:ef:1f:48:31:4f:fc:3e:
         3f:5b:8b:2b:79:18:68:3b:5c:f3:eb:0c:d9:0a:7a:a3:3a:ec:
         be:11:4d:a1:6f:02:40:26:b0:85:a3:4f:5c:b2:93:93:0c:a1:
         c6:30:a9:9f:ab:0a:60:35:47:59:98:92:68:20:6f:90:fd:bb:
         43:71:a9:5c:0d:7b:d1:f3:95:25:95:c4:33:7a:a5:93:08:1a:
         ab:02:3a:e9:31:a2:c6:ae:61:c2:46:74:17:95:d6:28:0f:b0:
         bc:76:87:27
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgITT4DTbRH1y627NyEtdNtkhtGdqzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyhDMjk2N0ZGMzEwOUUwQUE3RUU1RUMxQzY0MDMwMEQ1QTAw
RkY0MUIwMB4XDTI0MDcwODIzNTAwMFoXDTI1MDcwNzIzNTUwMFowMzExMC8GA1UE
AxMoNDdCNjY1MzkzRURFNjJCREI4QjU0NUI1MjkxQTI2QUE3OTYxMjE1RTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANQrDTeDiZ9O7z4BZNewz2J2uSeU
w3Q0O9F6sIv+nKwTBu3ncQIDu1YLbmvHqPJPmmdvMLB2e7SwIUegjALBhpyz7CoO
+fUg8xzjljrtzDDeT2TCABU+Sy8fO+jHRjkoC2jklV46VRS6gPLFWmNZTAMdoj4v
lCASeFV/uUyQ3D6NUQpCcvLFQ/LHv2PZ1wmKr0Ut9ruquVdHSwVqjBa5SmIM7u1/
OlQX/hiFkBFtHHXB5VxkFz1ghQDeFhmPpKXW4cgSjWWlSHFoeLA0FITYx9DB62TN
HmGdSbBxAVtKadvSIlSWhCBgF3UUviOToec66m2hWOqZ6d0kho8EQ5lTKcUCAwEA
AaOCAsYwggLCMB0GA1UdDgQWBBRHtmU5Pt5ivbi1RbUpGiaqeWEhXjAfBgNVHSME
GDAWgBTCln/zEJ4Kp+5ewcZAMA1aAP9BsDAOBgNVHQ8BAf8EBAMCB4AwgbAGA1Ud
HwSBqDCBpTCBoqCBn6CBnIaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0
L3Jwa2kvbGFjbmljL0RBMTA0RDc3NzdCMDI5RURBNzgyREFBNkE2Rjc0MzRGREI3
NzdDRTY4QTA5NDk3OTc4MTQ2NEVDNTlGRjhBOUEvMC9DMjk2N0ZGMzEwOUUwQUE3
RUU1RUMxQzY0MDMwMEQ1QTAwRkY0MUIwLmNybDCBuQYIKwYBBQUHAQEEgawwgakw
gaYGCCsGAQUFBzAChoGZcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBr
aS9sYWNuaWMvRkRDMzU5NERENEU1NEJBREU3MDlBQzBEMjU1Q0YyNzlDNDc3MTZE
MkU4QjNGNEQ0NURDNDYzNTU4OTlCMzZENC8wL0MyOTY3RkYzMTA5RTBBQTdFRTVF
QzFDNjQwMzAwRDVBMDBGRjQxQjAuY2VyMIHFBggrBgEFBQcBCwSBuDCBtTCBsgYI
KwYBBQUHMAuGgaVyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy9EQTEwNEQ3Nzc3QjAyOUVEQTc4MkRBQTZBNkY3NDM0RkRCNzc3Q0U2OEEw
OTQ5Nzk3ODE0NjRFQzU5RkY4QTlBLzAvMzYzNjJlMzIzMzMxMmUzNjM2MmUzMDJm
MzIzMzJkMzIzNDIwM2QzZTIwMzIzMzMwMzMzMS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAULnQjANBgkq
hkiG9w0BAQsFAAOCAQEAYUPnErUlTe0u2XW7xI5iJreq3lX/3exUX3v3/Hdq3gtE
RcwV0SigMATD9zhtACT8DlhWESP6A83TAe85GGFnef5ylKglVvsOS04gjZpIR9wJ
cLUTPwuYhjmIvPVPAR1LKBzDpwonSE85q97PSdyxBBqyIOB9yF1No1Jh/g3ZYtnv
OwiDKOhTMcHe6l0mnwRF+DxE4pXSl8AJSHrvH0gxT/w+P1uLK3kYaDtc8+sM2Qp6
ozrsvhFNoW8CQCawhaNPXLKTkwyhxjCpn6sKYDVHWZiSaCBvkP27Q3GpXA170fOV
JZXEM3qlkwgaqwI66TGixq5hwkZ0F5XWKA+wvHaHJw==
-----END CERTIFICATE-----
Generated at Mon Oct 28 19:26:46 2024 by rpki-client on console-fra.rpki-client.org