Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e37362e302f32322d3232203d3e203233323436.roa
File:                     36362e3233312e37362e302f32322d3232203d3e203233323436.roa (raw, json)
Hash identifier:          UKxqsGxqzmQnK3Sqw9o8K3pt7oyP2RfneFyM+/CgvDU=
Subject key identifier:   A9:BA:EC:B3:9A:5C:87:87:29:FE:A6:BD:53:E0:93:38:AE:1E:6B:B5
Certificate issuer:       /CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
Certificate serial:       021E5417B16D0F0496451DE9EE81894BF0EB4E08
Authority key identifier: C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e37362e302f32322d3232203d3e203233323436.roa
Signing time:             Mon 08 Jul 2024 23:55:01 +0000
ROA not before:           Mon 08 Jul 2024 23:50:01 +0000
ROA not after:            Mon 07 Jul 2025 23:55:01 +0000
asID:                     23246
IP address blocks:        66.231.76.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Nov 2024 22:17:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:1e:54:17:b1:6d:0f:04:96:45:1d:e9:ee:81:89:4b:f0:eb:4e:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
        Validity
            Not Before: Jul  8 23:50:01 2024 GMT
            Not After : Jul  7 23:55:01 2025 GMT
        Subject: CN=A9BAECB39A5C878729FEA6BD53E09338AE1E6BB5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c6:d8:e6:36:11:a2:a4:01:78:5b:5c:a9:18:
                    4a:f4:10:74:49:e8:a1:c0:68:2a:32:f5:60:bd:31:
                    91:b7:f0:83:11:74:dc:17:70:cb:24:68:3b:ff:ae:
                    97:4a:b5:4a:d1:d6:c6:25:d1:be:d2:b1:7e:57:69:
                    9f:ec:62:4a:5b:ca:6c:e0:2e:8e:7d:1b:9a:e0:40:
                    1a:33:a9:00:5a:a8:d3:04:d3:6e:d4:64:11:5a:58:
                    57:3b:84:e1:74:a6:12:8e:06:84:f0:0a:3f:22:e1:
                    d8:6f:05:9c:ac:72:42:b2:b8:b0:70:6c:23:7b:6f:
                    de:1b:13:5c:e2:e6:f0:5f:9d:52:78:79:95:1c:b4:
                    46:bf:81:a0:da:df:14:36:53:32:f1:53:17:4b:e4:
                    28:41:38:4c:66:b2:2f:0a:9b:5a:4e:bb:70:f0:6f:
                    3c:dd:ec:11:ba:6d:12:a7:c8:de:25:2c:18:da:eb:
                    e6:78:11:e7:90:d4:57:94:12:e1:47:8c:9b:4a:0c:
                    c8:19:f6:b9:cb:dd:74:ad:db:5f:71:3d:53:87:7d:
                    99:c1:2a:ed:90:6d:a8:f7:b5:62:61:b6:60:43:a6:
                    3e:00:fa:14:73:07:bb:f6:c0:33:cb:3f:0a:17:d3:
                    d1:cb:d4:33:1f:e0:76:c0:b0:8a:b1:0a:4e:7e:96:
                    23:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:BA:EC:B3:9A:5C:87:87:29:FE:A6:BD:53:E0:93:38:AE:1E:6B:B5
            X509v3 Authority Key Identifier:
                keyid:C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e37362e302f32322d3232203d3e203233323436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.231.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:ec:4f:20:5d:8d:9a:8f:73:44:4c:91:bf:db:21:04:5f:da:
         e3:58:40:42:94:ac:cc:58:d2:ae:e9:c8:3b:40:26:b4:2c:af:
         c1:c1:62:1d:1f:a5:4d:9f:81:68:08:f7:61:6c:68:6f:ba:1e:
         22:eb:ee:e5:8b:9c:54:43:03:5f:a9:bf:73:b4:17:77:88:b1:
         4d:fb:24:90:ca:6d:85:54:2a:4c:de:c4:6b:23:6d:5b:e0:53:
         ff:82:61:00:9e:32:2d:48:fc:03:8d:24:e2:d2:14:aa:e3:33:
         cd:32:54:e5:b7:87:1a:28:45:53:6c:8f:52:12:6f:a1:8e:a9:
         ed:48:7d:ee:f5:78:8c:45:d1:57:b1:60:ae:18:d0:66:c8:4f:
         f2:6c:6f:76:d3:16:b5:29:b6:40:7d:31:84:b4:f1:d3:36:c6:
         b7:2f:5c:47:26:4b:c2:62:77:0b:81:9d:2c:76:ce:20:d2:6a:
         b9:96:0e:19:c8:5b:e3:38:2d:e6:ab:a4:29:49:8f:21:3e:67:
         14:e9:fa:e2:10:4d:83:08:ca:7f:81:62:c8:9e:25:59:00:aa:
         af:3c:70:b8:33:61:e8:bb:a5:7d:be:39:8f:98:81:40:1f:7f:
         c5:a7:94:70:97:7a:0b:a4:76:7f:48:3a:ef:da:70:45:bb:09:
         c1:89:54:3b
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUAh5UF7FtDwSWRR3p7oGJS/DrTggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzI5NjdGRjMxMDlFMEFBN0VFNUVDMUM2NDAzMDBENUEw
MEZGNDFCMDAeFw0yNDA3MDgyMzUwMDFaFw0yNTA3MDcyMzU1MDFaMDMxMTAvBgNV
BAMTKEE5QkFFQ0IzOUE1Qzg3ODcyOUZFQTZCRDUzRTA5MzM4QUUxRTZCQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgxtjmNhGipAF4W1ypGEr0EHRJ
6KHAaCoy9WC9MZG38IMRdNwXcMskaDv/rpdKtUrR1sYl0b7SsX5XaZ/sYkpbymzg
Lo59G5rgQBozqQBaqNME027UZBFaWFc7hOF0phKOBoTwCj8i4dhvBZysckKyuLBw
bCN7b94bE1zi5vBfnVJ4eZUctEa/gaDa3xQ2UzLxUxdL5ChBOExmsi8Km1pOu3Dw
bzzd7BG6bRKnyN4lLBja6+Z4EeeQ1FeUEuFHjJtKDMgZ9rnL3XSt219xPVOHfZnB
Ku2Qbaj3tWJhtmBDpj4A+hRzB7v2wDPLPwoX09HL1DMf4HbAsIqxCk5+liNPAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUqbrss5pch4cp/qa9U+CTOK4ea7UwHwYDVR0j
BBgwFoAUwpZ/8xCeCqfuXsHGQDANWgD/QbAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQTEwNEQ3Nzc3QjAyOUVEQTc4MkRBQTZBNkY3NDM0RkRC
Nzc3Q0U2OEEwOTQ5Nzk3ODE0NjRFQzU5RkY4QTlBLzAvQzI5NjdGRjMxMDlFMEFB
N0VFNUVDMUM2NDAzMDBENUEwMEZGNDFCMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMjk2N0ZGMzEwOUUwQUE3RUU1
RUMxQzY0MDMwMEQ1QTAwRkY0MUIwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREExMDRENzc3N0IwMjlFREE3ODJEQUE2QTZGNzQzNEZEQjc3N0NFNjhB
MDk0OTc5NzgxNDY0RUM1OUZGOEE5QS8wLzM2MzYyZTMyMzMzMTJlMzczNjJlMzAy
ZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzMzMjM0MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJC50wwDQYJ
KoZIhvcNAQELBQADggEBAKPsTyBdjZqPc0RMkb/bIQRf2uNYQEKUrMxY0q7pyDtA
JrQsr8HBYh0fpU2fgWgI92FsaG+6HiLr7uWLnFRDA1+pv3O0F3eIsU37JJDKbYVU
KkzexGsjbVvgU/+CYQCeMi1I/AONJOLSFKrjM80yVOW3hxooRVNsj1ISb6GOqe1I
fe71eIxF0VexYK4Y0GbIT/Jsb3bTFrUptkB9MYS08dM2xrcvXEcmS8JidwuBnSx2
ziDSarmWDhnIW+M4LearpClJjyE+ZxTp+uIQTYMIyn+BYsieJVkAqq88cLgzYei7
pX2+OY+YgUAff8WnlHCXegukdn9IOu/acEW7CcGJVDs=
-----END CERTIFICATE-----
Generated at Mon Oct 28 19:26:46 2024 by rpki-client on console-fra.rpki-client.org