Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E4E99759ACF013EA166F0DA90DBE63F30FAB64CCF1310D5F0FA69271B35D85AC/0/3230302e3231392e342e302f32322d3232203d3e20323730303636.roa
File:                     3230302e3231392e342e302f32322d3232203d3e20323730303636.roa (raw, json)
Hash identifier:          AaXAIcyO4qtYG+wAazCJesH/FDs/MR9JKL2ErwWFkQo=
Subject key identifier:   0D:DA:D1:E6:77:D8:0C:33:BB:BF:F5:2B:7A:6F:4D:06:C8:A4:80:6B
Certificate issuer:       /CN=52C33A1BA9015DB4E50D07D3A35E931827FFAC41
Certificate serial:       7D026B03684394499AA01C8340E6558772EA102E
Authority key identifier: 52:C3:3A:1B:A9:01:5D:B4:E5:0D:07:D3:A3:5E:93:18:27:FF:AC:41
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/52C33A1BA9015DB4E50D07D3A35E931827FFAC41.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E4E99759ACF013EA166F0DA90DBE63F30FAB64CCF1310D5F0FA69271B35D85AC/0/3230302e3231392e342e302f32322d3232203d3e20323730303636.roa
Signing time:             Tue 05 Mar 2024 18:07:00 +0000
ROA not before:           Tue 05 Mar 2024 18:02:00 +0000
ROA not after:            Tue 04 Mar 2025 18:07:00 +0000
asID:                     270066
IP address blocks:        200.219.4.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/E4E99759ACF013EA166F0DA90DBE63F30FAB64CCF1310D5F0FA69271B35D85AC/0/52C33A1BA9015DB4E50D07D3A35E931827FFAC41.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E4E99759ACF013EA166F0DA90DBE63F30FAB64CCF1310D5F0FA69271B35D85AC/0/52C33A1BA9015DB4E50D07D3A35E931827FFAC41.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/52C33A1BA9015DB4E50D07D3A35E931827FFAC41.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:02:6b:03:68:43:94:49:9a:a0:1c:83:40:e6:55:87:72:ea:10:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52C33A1BA9015DB4E50D07D3A35E931827FFAC41
        Validity
            Not Before: Mar  5 18:02:00 2024 GMT
            Not After : Mar  4 18:07:00 2025 GMT
        Subject: CN=0DDAD1E677D80C33BBBFF52B7A6F4D06C8A4806B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:27:90:4a:62:dc:3e:e3:f3:e1:b6:1c:0c:89:
                    76:c8:75:28:62:34:7d:9b:27:42:d1:12:e6:df:7c:
                    a7:54:3b:d1:e0:86:79:7a:b2:0c:00:20:38:1b:8f:
                    fe:84:62:53:6a:30:5a:51:be:ce:c5:38:5f:b1:87:
                    20:90:9d:6e:30:68:df:1f:72:a7:26:fd:36:95:a8:
                    d4:20:cc:b8:3c:79:f0:07:53:ef:97:0b:6d:6b:b3:
                    21:f6:71:ac:48:19:73:56:67:93:ef:1d:f1:f0:8f:
                    ee:31:90:14:26:fe:4a:95:42:3c:4a:ce:84:6d:69:
                    fb:61:3b:26:7a:d1:a2:e2:b9:bd:f6:e7:c7:35:ea:
                    1b:bf:fd:eb:59:ed:e5:2f:c1:37:a0:ca:17:23:fe:
                    b7:94:28:d3:f7:78:83:53:84:fc:40:c6:2c:9c:2c:
                    e6:da:26:c7:d0:f3:54:7d:72:98:5f:6f:69:61:9c:
                    68:e3:4a:44:88:81:74:ab:b9:88:0f:22:02:87:b2:
                    41:c9:38:65:c8:08:9f:12:4f:1d:cb:64:f2:7d:82:
                    f3:ac:b7:fe:77:88:cc:95:5b:e7:2d:82:67:83:e2:
                    ae:91:cc:3c:fb:63:65:6a:2d:d1:85:6f:6b:38:45:
                    a0:37:f0:e5:41:8f:f9:35:98:05:ee:aa:e3:4a:63:
                    5f:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:DA:D1:E6:77:D8:0C:33:BB:BF:F5:2B:7A:6F:4D:06:C8:A4:80:6B
            X509v3 Authority Key Identifier:
                keyid:52:C3:3A:1B:A9:01:5D:B4:E5:0D:07:D3:A3:5E:93:18:27:FF:AC:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E4E99759ACF013EA166F0DA90DBE63F30FAB64CCF1310D5F0FA69271B35D85AC/0/52C33A1BA9015DB4E50D07D3A35E931827FFAC41.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/52C33A1BA9015DB4E50D07D3A35E931827FFAC41.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E4E99759ACF013EA166F0DA90DBE63F30FAB64CCF1310D5F0FA69271B35D85AC/0/3230302e3231392e342e302f32322d3232203d3e20323730303636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.219.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         13:17:d6:0f:f8:81:99:16:cf:6e:f0:84:48:7c:2e:b3:16:7c:
         e2:80:d3:68:c4:ba:94:36:21:6e:95:f1:6c:d8:a2:9d:da:65:
         bf:b7:1d:5e:41:db:4b:1f:a3:33:b6:e8:aa:e1:96:09:86:a0:
         7a:5d:e3:f1:40:a2:08:cd:94:71:2f:5d:71:20:3f:d9:e9:6e:
         4b:b4:e7:12:85:6e:1f:e5:e4:f9:5a:75:20:57:ca:b5:6d:d8:
         08:07:1d:4c:18:f4:73:66:6b:28:53:ad:d5:27:22:e4:9c:40:
         95:fd:65:ce:98:77:f9:ae:d4:57:6b:88:06:1a:f0:9c:11:2b:
         84:bb:63:6e:94:b4:3f:db:7b:f1:ae:a2:4a:00:ee:21:85:68:
         ca:2d:4c:9e:7b:63:c2:db:20:90:fd:52:35:6f:ac:f7:eb:80:
         9d:14:34:4f:2f:97:9b:24:74:44:d8:0d:a0:0b:b1:35:e0:57:
         3a:bb:b7:25:f1:2d:4f:8e:c7:b1:57:7b:1e:91:bd:cb:48:ed:
         ea:d0:ad:42:4e:2a:24:b9:16:a3:26:c3:98:d9:ba:f7:be:2b:
         5c:11:2a:8a:b0:54:c2:fa:0e:5f:d8:74:70:32:0a:0b:b1:80:
         40:62:b4:5e:a1:9f:b1:08:96:7d:7a:58:87:52:00:48:5b:9e:
         d1:09:5b:ac
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUfQJrA2hDlEmaoByDQOZVh3LqEC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTJDMzNBMUJBOTAxNURCNEU1MEQwN0QzQTM1RTkzMTgy
N0ZGQUM0MTAeFw0yNDAzMDUxODAyMDBaFw0yNTAzMDQxODA3MDBaMDMxMTAvBgNV
BAMTKDBEREFEMUU2NzdEODBDMzNCQkJGRjUyQjdBNkY0RDA2QzhBNDgwNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMJ5BKYtw+4/PhthwMiXbIdShi
NH2bJ0LREubffKdUO9Hghnl6sgwAIDgbj/6EYlNqMFpRvs7FOF+xhyCQnW4waN8f
cqcm/TaVqNQgzLg8efAHU++XC21rsyH2caxIGXNWZ5PvHfHwj+4xkBQm/kqVQjxK
zoRtafthOyZ60aLiub3258c16hu//etZ7eUvwTegyhcj/reUKNP3eINThPxAxiyc
LObaJsfQ81R9cphfb2lhnGjjSkSIgXSruYgPIgKHskHJOGXICJ8STx3LZPJ9gvOs
t/53iMyVW+ctgmeD4q6RzDz7Y2VqLdGFb2s4RaA38OVBj/k1mAXuquNKY18xAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUDdrR5nfYDDO7v/Urem9NBsikgGswHwYDVR0j
BBgwFoAUUsM6G6kBXbTlDQfTo16TGCf/rEEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FNEU5OTc1OUFDRjAxM0VBMTY2RjBEQTkwREJFNjNGMzBG
QUI2NENDRjEzMTBENUYwRkE2OTI3MUIzNUQ4NUFDLzAvNTJDMzNBMUJBOTAxNURC
NEU1MEQwN0QzQTM1RTkzMTgyN0ZGQUM0MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81MkMzM0ExQkE5MDE1REI0RTUw
RDA3RDNBMzVFOTMxODI3RkZBQzQxLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTRFOTk3NTlBQ0YwMTNFQTE2NkYwREE5MERCRTYzRjMwRkFCNjRDQ0Yx
MzEwRDVGMEZBNjkyNzFCMzVEODVBQy8wLzMyMzAzMDJlMzIzMTM5MmUzNDJlMzAy
ZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzczMDMwMzYzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsjbBDAN
BgkqhkiG9w0BAQsFAAOCAQEAExfWD/iBmRbPbvCESHwusxZ84oDTaMS6lDYhbpXx
bNiindplv7cdXkHbSx+jM7boquGWCYagel3j8UCiCM2UcS9dcSA/2eluS7TnEoVu
H+Xk+Vp1IFfKtW3YCAcdTBj0c2ZrKFOt1Sci5JxAlf1lzph3+a7UV2uIBhrwnBEr
hLtjbpS0P9t78a6iSgDuIYVoyi1MnntjwtsgkP1SNW+s9+uAnRQ0Ty+XmyR0RNgN
oAuxNeBXOru3JfEtT47HsVd7HpG9y0jt6tCtQk4qJLkWoybDmNm6974rXBEqirBU
wvoOX9h0cDIKC7GAQGK0XqGfsQiWfXpYh1IASFue0QlbrA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:07:25 2024 by rpki-client on console-ams.rpki-client.org