Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DF6495DFE557A9656AFD934637E96634D3D2739D5072D17F108058F0A9CA9938/0/3230302e39342e3132382e302f31392d3234203d3e203131313732.roa
File:                     3230302e39342e3132382e302f31392d3234203d3e203131313732.roa (raw, json)
Hash identifier:          xeOikqBKosS7/QPH87cRPAa9Wlt/AHaVsSmRvFFETsc=
Subject key identifier:   38:AF:BC:F6:B5:7D:2A:56:93:DA:46:AA:DE:2D:D6:F6:08:23:7F:B3
Certificate issuer:       /CN=E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15
Certificate serial:       458D33B3E44DEC2133FDB5457EFA731D6F0862DF
Authority key identifier: E3:5D:D2:93:E1:C3:BC:5F:4D:E1:53:18:FA:C5:96:7E:7D:55:BF:15
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DF6495DFE557A9656AFD934637E96634D3D2739D5072D17F108058F0A9CA9938/0/3230302e39342e3132382e302f31392d3234203d3e203131313732.roa
Signing time:             Tue 05 Mar 2024 17:54:38 +0000
ROA not before:           Tue 05 Mar 2024 17:49:38 +0000
ROA not after:            Tue 04 Mar 2025 17:54:38 +0000
asID:                     11172
IP address blocks:        200.94.128.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DF6495DFE557A9656AFD934637E96634D3D2739D5072D17F108058F0A9CA9938/0/E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DF6495DFE557A9656AFD934637E96634D3D2739D5072D17F108058F0A9CA9938/0/E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:8d:33:b3:e4:4d:ec:21:33:fd:b5:45:7e:fa:73:1d:6f:08:62:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15
        Validity
            Not Before: Mar  5 17:49:38 2024 GMT
            Not After : Mar  4 17:54:38 2025 GMT
        Subject: CN=38AFBCF6B57D2A5693DA46AADE2DD6F608237FB3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:77:44:ad:96:47:94:4b:d3:ae:f4:67:98:3a:
                    20:da:91:f9:0a:3b:00:27:dd:fb:82:29:e7:28:ba:
                    03:91:ed:d5:fe:f7:1d:76:ad:1f:77:2e:27:b1:40:
                    46:8b:5d:35:b8:8b:1d:2b:22:3a:67:02:b6:ab:f0:
                    1e:2f:0e:53:63:7a:3d:2d:ae:fd:0b:93:72:39:80:
                    70:a8:29:b9:e9:b5:17:24:15:b4:f3:d2:e1:33:f7:
                    a2:62:28:39:84:90:ac:55:0b:a6:f1:30:7c:50:ca:
                    38:ca:32:ec:41:d3:1d:0d:f9:3a:ef:d8:40:6d:f0:
                    e6:da:3b:4b:b1:c0:c0:12:c7:c7:43:ea:b2:bb:c6:
                    3b:ad:bd:cc:95:2c:cd:36:90:29:3e:25:2c:d7:f8:
                    31:ca:7e:55:d3:89:09:11:c2:e6:b2:aa:df:74:5a:
                    50:aa:35:96:92:73:07:cc:12:37:f0:98:be:f3:69:
                    69:e7:6a:f1:b7:39:f2:44:9f:76:0e:23:66:1e:0a:
                    d2:d8:99:64:6f:fb:c8:20:34:fc:c7:f8:bf:e6:3c:
                    14:df:28:5f:db:4d:70:dc:18:44:b6:46:f0:1b:8d:
                    6d:1c:39:57:a1:0f:7c:15:93:f9:da:af:1c:82:f6:
                    96:b8:97:64:d5:10:60:fa:37:69:bc:94:1c:41:79:
                    3e:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:AF:BC:F6:B5:7D:2A:56:93:DA:46:AA:DE:2D:D6:F6:08:23:7F:B3
            X509v3 Authority Key Identifier:
                keyid:E3:5D:D2:93:E1:C3:BC:5F:4D:E1:53:18:FA:C5:96:7E:7D:55:BF:15

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DF6495DFE557A9656AFD934637E96634D3D2739D5072D17F108058F0A9CA9938/0/E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E35DD293E1C3BC5F4DE15318FAC5967E7D55BF15.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DF6495DFE557A9656AFD934637E96634D3D2739D5072D17F108058F0A9CA9938/0/3230302e39342e3132382e302f31392d3234203d3e203131313732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.94.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         73:4d:a9:87:03:ad:e1:d1:ca:bf:e8:3d:77:45:3e:32:9c:69:
         e6:0f:ed:85:58:23:15:4c:8c:02:a2:bf:a7:61:e6:40:b5:ef:
         c4:0c:50:f6:65:d7:0a:3a:a7:f8:65:9b:91:1b:c5:80:98:df:
         5e:ed:e4:1b:71:a5:ec:46:26:27:6b:f3:b6:82:06:2f:67:31:
         a6:17:88:90:4e:22:0d:0b:54:75:41:97:b2:de:1b:b0:61:fd:
         a1:07:fa:d9:94:3a:74:47:08:8d:d6:0f:b8:4b:16:4e:01:c7:
         4d:2e:c8:9b:d8:cd:f2:6f:c1:9b:b5:5e:a8:cb:b5:c8:d5:a6:
         09:8a:9c:ee:63:41:1c:8e:c7:6e:82:e2:73:9d:4c:04:31:54:
         01:d6:05:17:fd:7d:0b:f2:d8:ea:d7:82:4f:4d:50:e8:77:61:
         0c:92:c6:3a:a7:8a:59:dc:84:63:90:82:e0:59:44:bc:89:c7:
         f8:93:6e:e4:6d:8c:97:95:08:14:b3:69:4c:86:ac:1f:10:52:
         22:eb:3c:ee:53:66:63:72:16:9a:1b:1a:e6:08:8f:d0:f8:f4:
         98:5e:c6:6a:c3:0b:38:c1:a2:79:1d:5d:d1:65:42:4e:c1:11:
         bd:7b:d6:8e:93:ae:bb:ff:99:d3:a8:34:24:06:bb:ea:91:a7:
         02:9b:a7:f5
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIURY0zs+RN7CEz/bVFfvpzHW8IYt8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTM1REQyOTNFMUMzQkM1RjRERTE1MzE4RkFDNTk2N0U3
RDU1QkYxNTAeFw0yNDAzMDUxNzQ5MzhaFw0yNTAzMDQxNzU0MzhaMDMxMTAvBgNV
BAMTKDM4QUZCQ0Y2QjU3RDJBNTY5M0RBNDZBQURFMkRENkY2MDgyMzdGQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCld0StlkeUS9Ou9GeYOiDakfkK
OwAn3fuCKecougOR7dX+9x12rR93LiexQEaLXTW4ix0rIjpnArar8B4vDlNjej0t
rv0Lk3I5gHCoKbnptRckFbTz0uEz96JiKDmEkKxVC6bxMHxQyjjKMuxB0x0N+Trv
2EBt8ObaO0uxwMASx8dD6rK7xjutvcyVLM02kCk+JSzX+DHKflXTiQkRwuayqt90
WlCqNZaScwfMEjfwmL7zaWnnavG3OfJEn3YOI2YeCtLYmWRv+8ggNPzH+L/mPBTf
KF/bTXDcGES2RvAbjW0cOVehD3wVk/narxyC9pa4l2TVEGD6N2m8lBxBeT7ZAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUOK+89rV9KlaT2kaq3i3W9ggjf7MwHwYDVR0j
BBgwFoAU413Sk+HDvF9N4VMY+sWWfn1VvxUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ERjY0OTVERkU1NTdBOTY1NkFGRDkzNDYzN0U5NjYzNEQz
RDI3MzlENTA3MkQxN0YxMDgwNThGMEE5Q0E5OTM4LzAvRTM1REQyOTNFMUMzQkM1
RjRERTE1MzE4RkFDNTk2N0U3RDU1QkYxNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FMzVERDI5M0UxQzNCQzVGNERF
MTUzMThGQUM1OTY3RTdENTVCRjE1LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREY2NDk1REZFNTU3QTk2NTZBRkQ5MzQ2MzdFOTY2MzREM0QyNzM5RDUw
NzJEMTdGMTA4MDU4RjBBOUNBOTkzOC8wLzMyMzAzMDJlMzkzNDJlMzEzMjM4MmUz
MDJmMzEzOTJkMzIzNDIwM2QzZTIwMzEzMTMxMzczMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBchegDAN
BgkqhkiG9w0BAQsFAAOCAQEAc02phwOt4dHKv+g9d0U+Mpxp5g/thVgjFUyMAqK/
p2HmQLXvxAxQ9mXXCjqn+GWbkRvFgJjfXu3kG3Gl7EYmJ2vztoIGL2cxpheIkE4i
DQtUdUGXst4bsGH9oQf62ZQ6dEcIjdYPuEsWTgHHTS7Im9jN8m/Bm7VeqMu1yNWm
CYqc7mNBHI7HboLic51MBDFUAdYFF/19C/LY6teCT01Q6HdhDJLGOqeKWdyEY5CC
4FlEvInH+JNu5G2Ml5UIFLNpTIasHxBSIus87lNmY3IWmhsa5giP0Pj0mF7GasML
OMGieR1d0WVCTsERvXvWjpOuu/+Z06g0JAa76pGnApun9Q==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:49:59 2024 by rpki-client on console-fra.rpki-client.org