Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F07683129CA3E800D69AF5F5B271B176F08A7292C6CEAFC11058DF7EE913314C/0/3230302e33352e3139342e302f32342d3234203d3e203232333133.roa
File:                     3230302e33352e3139342e302f32342d3234203d3e203232333133.roa (raw, json)
Hash identifier:          R50X/f2RnkWNtxAGTtIzk+2uLFVfNS66QDowELfL9ho=
Subject key identifier:   B6:D4:CE:0A:01:E8:62:1D:BA:A4:85:C2:12:E7:31:29:A8:A0:EA:7F
Certificate issuer:       /CN=B36629A694EF7217EF3DE5E128104C1E14B4BEB3
Certificate serial:       78206511ABDFD211F0DB1FA8D211B90525EC1084
Authority key identifier: B3:66:29:A6:94:EF:72:17:EF:3D:E5:E1:28:10:4C:1E:14:B4:BE:B3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B36629A694EF7217EF3DE5E128104C1E14B4BEB3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F07683129CA3E800D69AF5F5B271B176F08A7292C6CEAFC11058DF7EE913314C/0/3230302e33352e3139342e302f32342d3234203d3e203232333133.roa
Signing time:             Mon 27 May 2024 19:50:06 +0000
ROA not before:           Mon 27 May 2024 19:45:06 +0000
ROA not after:            Mon 26 May 2025 19:50:06 +0000
asID:                     22313
IP address blocks:        200.35.194.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/F07683129CA3E800D69AF5F5B271B176F08A7292C6CEAFC11058DF7EE913314C/0/B36629A694EF7217EF3DE5E128104C1E14B4BEB3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/F07683129CA3E800D69AF5F5B271B176F08A7292C6CEAFC11058DF7EE913314C/0/B36629A694EF7217EF3DE5E128104C1E14B4BEB3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B36629A694EF7217EF3DE5E128104C1E14B4BEB3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 20 Sep 2024 22:22:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:20:65:11:ab:df:d2:11:f0:db:1f:a8:d2:11:b9:05:25:ec:10:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B36629A694EF7217EF3DE5E128104C1E14B4BEB3
        Validity
            Not Before: May 27 19:45:06 2024 GMT
            Not After : May 26 19:50:06 2025 GMT
        Subject: CN=B6D4CE0A01E8621DBAA485C212E73129A8A0EA7F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:54:4a:5b:68:a6:8a:95:66:3b:f9:01:88:b8:
                    a1:1d:ce:3c:8e:b6:f9:dd:1e:7a:c0:32:31:69:48:
                    65:50:27:3a:94:fe:44:79:e2:4b:0b:3e:0a:45:3d:
                    33:32:66:3c:5e:95:09:7e:45:2b:6b:b3:cf:29:9f:
                    8f:60:ec:32:71:90:50:6f:9e:a0:b7:84:2d:f2:ce:
                    1c:0c:33:99:c7:02:19:76:11:d5:c1:b1:2b:3c:d7:
                    9e:f2:8d:e1:58:f6:1f:ae:80:1f:e0:4a:b9:ee:25:
                    83:ab:de:ad:02:b1:a1:d6:52:53:5a:93:a3:9e:38:
                    d2:56:5c:ee:60:73:5d:f6:95:ce:e2:30:f0:61:05:
                    22:1f:66:b8:7b:5e:87:b7:b2:0d:c0:50:6d:fb:0e:
                    77:38:95:0b:8e:4f:20:6e:13:92:78:ed:f1:9b:9c:
                    d0:f6:8a:96:ae:92:ef:7b:ea:86:54:eb:4a:9f:b2:
                    b3:6a:4e:d4:c1:d9:71:92:d9:6c:82:aa:6a:b4:cd:
                    4b:f0:d1:0f:a1:25:1c:ad:e2:02:57:0a:2c:52:21:
                    e5:40:9b:39:69:9f:4d:49:62:95:a4:c2:b7:7f:75:
                    73:fd:d2:53:3b:9f:a1:ec:08:a6:ab:91:75:3b:0b:
                    b6:76:ab:9e:ee:ef:92:f4:05:70:cc:94:f4:0a:f3:
                    61:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:D4:CE:0A:01:E8:62:1D:BA:A4:85:C2:12:E7:31:29:A8:A0:EA:7F
            X509v3 Authority Key Identifier:
                keyid:B3:66:29:A6:94:EF:72:17:EF:3D:E5:E1:28:10:4C:1E:14:B4:BE:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F07683129CA3E800D69AF5F5B271B176F08A7292C6CEAFC11058DF7EE913314C/0/B36629A694EF7217EF3DE5E128104C1E14B4BEB3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B36629A694EF7217EF3DE5E128104C1E14B4BEB3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F07683129CA3E800D69AF5F5B271B176F08A7292C6CEAFC11058DF7EE913314C/0/3230302e33352e3139342e302f32342d3234203d3e203232333133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.35.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:0e:85:14:ed:8e:42:ce:c6:80:3d:57:1f:95:af:36:ce:95:
         77:2b:5e:44:76:3c:bc:d8:b1:d8:39:5d:07:88:a4:31:05:02:
         72:82:02:0a:67:c8:c9:05:cc:71:5f:2a:79:d2:df:ea:5e:c2:
         cc:8a:3f:50:20:53:83:ba:e1:09:72:00:7a:34:ea:fb:0d:70:
         57:b2:9b:3d:b9:5e:bf:3b:21:21:29:92:1f:a4:2e:64:e4:a4:
         09:49:06:92:9e:41:c2:1b:b5:36:b8:a7:06:6e:44:7f:de:88:
         ea:ee:de:c2:ab:da:fa:80:a3:62:a8:af:5c:8e:23:93:0f:35:
         73:54:1b:07:fc:97:86:a2:f0:9f:58:4e:51:71:bc:f9:f0:13:
         3f:e6:df:a3:ef:cf:b3:8c:63:6a:8f:db:2e:4d:c1:97:fb:a9:
         69:1e:8a:05:02:8d:54:6b:0e:69:ec:e8:60:2b:34:bb:a6:0a:
         73:ae:2f:19:a4:51:65:ff:43:2f:73:c2:e6:e9:2d:46:c6:e9:
         93:bd:d3:69:6f:5d:1b:5b:84:6c:68:af:ce:ee:26:31:fd:cf:
         57:10:3a:f1:a2:1f:a8:3f:23:57:f6:a9:7d:26:b0:4e:3d:47:
         3d:aa:6e:9c:25:bb:e8:f6:15:66:74:fb:0c:6b:20:ba:70:10:
         e0:2b:f7:bb
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUeCBlEavf0hHw2x+o0hG5BSXsEIQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjM2NjI5QTY5NEVGNzIxN0VGM0RFNUUxMjgxMDRDMUUx
NEI0QkVCMzAeFw0yNDA1MjcxOTQ1MDZaFw0yNTA1MjYxOTUwMDZaMDMxMTAvBgNV
BAMTKEI2RDRDRTBBMDFFODYyMURCQUE0ODVDMjEyRTczMTI5QThBMEVBN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSVEpbaKaKlWY7+QGIuKEdzjyO
tvndHnrAMjFpSGVQJzqU/kR54ksLPgpFPTMyZjxelQl+RStrs88pn49g7DJxkFBv
nqC3hC3yzhwMM5nHAhl2EdXBsSs8157yjeFY9h+ugB/gSrnuJYOr3q0CsaHWUlNa
k6OeONJWXO5gc132lc7iMPBhBSIfZrh7Xoe3sg3AUG37Dnc4lQuOTyBuE5J47fGb
nND2ipauku976oZU60qfsrNqTtTB2XGS2WyCqmq0zUvw0Q+hJRyt4gJXCixSIeVA
mzlpn01JYpWkwrd/dXP90lM7n6HsCKarkXU7C7Z2q57u75L0BXDMlPQK82EdAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUttTOCgHoYh26pIXCEucxKaig6n8wHwYDVR0j
BBgwFoAUs2YpppTvchfvPeXhKBBMHhS0vrMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMDc2ODMxMjlDQTNFODAwRDY5QUY1RjVCMjcxQjE3NkYw
OEE3MjkyQzZDRUFGQzExMDU4REY3RUU5MTMzMTRDLzAvQjM2NjI5QTY5NEVGNzIx
N0VGM0RFNUUxMjgxMDRDMUUxNEI0QkVCMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CMzY2MjlBNjk0RUY3MjE3RUYz
REU1RTEyODEwNEMxRTE0QjRCRUIzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjA3NjgzMTI5Q0EzRTgwMEQ2OUFGNUY1QjI3MUIxNzZGMDhBNzI5MkM2
Q0VBRkMxMTA1OERGN0VFOTEzMzE0Qy8wLzMyMzAzMDJlMzMzNTJlMzEzOTM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMjMzMzEzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMgjwjAN
BgkqhkiG9w0BAQsFAAOCAQEAog6FFO2OQs7GgD1XH5WvNs6VdyteRHY8vNix2Dld
B4ikMQUCcoICCmfIyQXMcV8qedLf6l7CzIo/UCBTg7rhCXIAejTq+w1wV7KbPble
vzshISmSH6QuZOSkCUkGkp5Bwhu1NrinBm5Ef96I6u7ewqva+oCjYqivXI4jkw81
c1QbB/yXhqLwn1hOUXG8+fATP+bfo+/Ps4xjao/bLk3Bl/upaR6KBQKNVGsOaezo
YCs0u6YKc64vGaRRZf9DL3PC5uktRsbpk73TaW9dG1uEbGivzu4mMf3PVxA68aIf
qD8jV/apfSawTj1HPapunCW76PYVZnT7DGsgunAQ4Cv3uw==
-----END CERTIFICATE-----
Generated at Tue Sep 17 12:21:20 2024 by rpki-client on console-ams.rpki-client.org