Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DDDA5FFC7CC01E56FBC5E47819B35AEDB7CBC1F3332E5452803F1A87B501816A/0/3230302e31332e3134342e302f32312d3231203d3e20323634373133.roa
File:                     3230302e31332e3134342e302f32312d3231203d3e20323634373133.roa (raw, json)
Hash identifier:          DyAA7OS72V36eCQmTdAdwu1KntNziZl88/agpWvRkSY=
Subject key identifier:   39:98:A2:10:CA:B9:15:A0:ED:65:07:AD:ED:E9:96:84:63:3B:5E:90
Certificate issuer:       /CN=F61921851FAF179EC5A5784ECA91704DCD1B66C7
Certificate serial:       676C5716A6EFC39DE833DBC9AA4BE155D8E053FF
Authority key identifier: F6:19:21:85:1F:AF:17:9E:C5:A5:78:4E:CA:91:70:4D:CD:1B:66:C7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F61921851FAF179EC5A5784ECA91704DCD1B66C7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DDDA5FFC7CC01E56FBC5E47819B35AEDB7CBC1F3332E5452803F1A87B501816A/0/3230302e31332e3134342e302f32312d3231203d3e20323634373133.roa
Signing time:             Tue 05 Mar 2024 18:04:59 +0000
ROA not before:           Tue 05 Mar 2024 17:59:59 +0000
ROA not after:            Tue 04 Mar 2025 18:04:59 +0000
asID:                     264713
IP address blocks:        200.13.144.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DDDA5FFC7CC01E56FBC5E47819B35AEDB7CBC1F3332E5452803F1A87B501816A/0/F61921851FAF179EC5A5784ECA91704DCD1B66C7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DDDA5FFC7CC01E56FBC5E47819B35AEDB7CBC1F3332E5452803F1A87B501816A/0/F61921851FAF179EC5A5784ECA91704DCD1B66C7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F61921851FAF179EC5A5784ECA91704DCD1B66C7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:6c:57:16:a6:ef:c3:9d:e8:33:db:c9:aa:4b:e1:55:d8:e0:53:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F61921851FAF179EC5A5784ECA91704DCD1B66C7
        Validity
            Not Before: Mar  5 17:59:59 2024 GMT
            Not After : Mar  4 18:04:59 2025 GMT
        Subject: CN=3998A210CAB915A0ED6507ADEDE99684633B5E90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:89:ad:11:93:33:ba:a6:10:84:c8:6d:0e:9b:
                    e8:22:bb:78:2d:28:b8:ec:52:9f:7a:53:60:47:a2:
                    ac:95:f1:cf:e5:be:34:87:2d:c0:d6:24:95:cd:25:
                    7b:ed:dd:8e:ad:d9:fb:9f:8d:1f:6d:1f:be:f2:8e:
                    1c:79:15:3a:a7:92:da:ce:24:18:e3:cc:0a:ce:ed:
                    42:3e:23:bb:87:30:fd:98:34:1e:12:7d:a3:27:a5:
                    29:ce:c7:23:45:63:72:72:1a:24:c1:a5:c7:00:47:
                    07:13:a7:e0:63:0d:9c:16:a8:d7:6c:7d:f6:9a:98:
                    5c:bd:40:b2:2c:ce:6e:16:2e:50:d8:ed:0b:7a:13:
                    00:9f:84:61:72:a1:b5:c0:9c:72:cd:2d:97:41:c9:
                    d1:a4:fc:6b:d9:ff:36:20:d7:08:da:d6:f7:93:c1:
                    03:9f:14:ba:d7:ad:9b:5a:5f:00:61:7a:82:be:68:
                    75:84:5f:d8:3b:ef:e9:8f:2a:f2:26:74:e0:17:1f:
                    c9:41:0e:12:50:ac:2a:b4:af:35:80:b7:ce:71:56:
                    38:5a:f5:b5:07:12:22:8d:92:ae:a8:10:53:55:4e:
                    29:5f:d8:0a:cf:b2:ad:8b:22:f3:8d:39:45:43:5e:
                    69:20:ea:ed:30:06:18:f9:03:4d:b7:f4:16:23:e8:
                    a7:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:98:A2:10:CA:B9:15:A0:ED:65:07:AD:ED:E9:96:84:63:3B:5E:90
            X509v3 Authority Key Identifier:
                keyid:F6:19:21:85:1F:AF:17:9E:C5:A5:78:4E:CA:91:70:4D:CD:1B:66:C7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DDDA5FFC7CC01E56FBC5E47819B35AEDB7CBC1F3332E5452803F1A87B501816A/0/F61921851FAF179EC5A5784ECA91704DCD1B66C7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F61921851FAF179EC5A5784ECA91704DCD1B66C7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DDDA5FFC7CC01E56FBC5E47819B35AEDB7CBC1F3332E5452803F1A87B501816A/0/3230302e31332e3134342e302f32312d3231203d3e20323634373133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.13.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         19:4b:a0:88:63:ec:4d:bd:9c:be:39:47:fd:ab:47:e2:f6:a2:
         b7:ca:4f:e7:0d:7b:6e:5f:cf:93:80:a8:87:94:9e:b5:4c:27:
         d4:d9:49:1e:7d:ba:3b:ae:a5:df:c5:77:11:c2:b0:8e:9d:5a:
         0a:8e:f8:dd:db:93:a4:96:4c:27:3a:a4:4c:d5:71:c9:0e:92:
         74:05:90:d6:99:28:31:70:a6:0c:88:4c:7c:94:1f:49:8e:7a:
         35:f8:8c:00:df:0b:ca:a7:55:b6:3c:33:5e:76:6a:dc:92:d9:
         aa:d1:00:54:f9:0e:eb:39:59:3e:43:2b:b1:4e:f6:4a:80:2b:
         b3:48:78:1e:57:b5:b1:a6:61:a8:19:13:f7:69:b9:bd:58:1f:
         70:7f:26:b5:d1:93:a2:fe:24:f8:8d:94:d0:16:32:24:df:42:
         90:06:f6:c7:40:b5:a1:40:ae:cb:d7:78:de:19:a6:3e:f0:30:
         fd:93:d9:a6:f8:6b:82:93:9a:80:7a:2e:23:94:c0:f2:00:02:
         04:fe:cb:38:78:db:68:5c:28:ba:62:00:31:62:11:62:88:db:
         d6:e5:0d:d2:7a:04:f7:a1:90:00:24:20:e8:9b:8c:09:77:20:
         d2:d6:70:92:71:73:f4:67:1f:97:ae:ec:a7:38:67:b3:82:1a:
         1a:d3:81:6f
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUZ2xXFqbvw53oM9vJqkvhVdjgU/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjYxOTIxODUxRkFGMTc5RUM1QTU3ODRFQ0E5MTcwNERD
RDFCNjZDNzAeFw0yNDAzMDUxNzU5NTlaFw0yNTAzMDQxODA0NTlaMDMxMTAvBgNV
BAMTKDM5OThBMjEwQ0FCOTE1QTBFRDY1MDdBREVERTk5Njg0NjMzQjVFOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4ia0RkzO6phCEyG0Om+giu3gt
KLjsUp96U2BHoqyV8c/lvjSHLcDWJJXNJXvt3Y6t2fufjR9tH77yjhx5FTqnktrO
JBjjzArO7UI+I7uHMP2YNB4SfaMnpSnOxyNFY3JyGiTBpccARwcTp+BjDZwWqNds
ffaamFy9QLIszm4WLlDY7Qt6EwCfhGFyobXAnHLNLZdBydGk/GvZ/zYg1wja1veT
wQOfFLrXrZtaXwBheoK+aHWEX9g77+mPKvImdOAXH8lBDhJQrCq0rzWAt85xVjha
9bUHEiKNkq6oEFNVTilf2ArPsq2LIvONOUVDXmkg6u0wBhj5A0239BYj6KfbAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUOZiiEMq5FaDtZQet7emWhGM7XpAwHwYDVR0j
BBgwFoAU9hkhhR+vF57FpXhOypFwTc0bZscwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ERERBNUZGQzdDQzAxRTU2RkJDNUU0NzgxOUIzNUFFREI3
Q0JDMUYzMzMyRTU0NTI4MDNGMUE4N0I1MDE4MTZBLzAvRjYxOTIxODUxRkFGMTc5
RUM1QTU3ODRFQ0E5MTcwNERDRDFCNjZDNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GNjE5MjE4NTFGQUYxNzlFQzVB
NTc4NEVDQTkxNzA0RENEMUI2NkM3LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREREQTVGRkM3Q0MwMUU1NkZCQzVFNDc4MTlCMzVBRURCN0NCQzFGMzMz
MkU1NDUyODAzRjFBODdCNTAxODE2QS8wLzMyMzAzMDJlMzEzMzJlMzEzNDM0MmUz
MDJmMzIzMTJkMzIzMTIwM2QzZTIwMzIzNjM0MzczMTMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDyA2Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAZS6CIY+xNvZy+OUf9q0fi9qK3yk/nDXtuX8+T
gKiHlJ61TCfU2Ukefbo7rqXfxXcRwrCOnVoKjvjd25OklkwnOqRM1XHJDpJ0BZDW
mSgxcKYMiEx8lB9Jjno1+IwA3wvKp1W2PDNedmrcktmq0QBU+Q7rOVk+QyuxTvZK
gCuzSHgeV7WxpmGoGRP3abm9WB9wfya10ZOi/iT4jZTQFjIk30KQBvbHQLWhQK7L
13jeGaY+8DD9k9mm+GuCk5qAei4jlMDyAAIE/ss4eNtoXCi6YgAxYhFiiNvW5Q3S
egT3oZAAJCDom4wJdyDS1nCScXP0Zx+XruynOGezghoa04Fv
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:52:23 2024 by rpki-client on console-ams.rpki-client.org