Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F5E52B7B2E39B1BEFD92F6DA5E0C5E6414396BD8C1335E234062C29F76A38F3A/0/3230302e322e3132302e302f32312d3234203d3e203237373932.roa
File:                     3230302e322e3132302e302f32312d3234203d3e203237373932.roa (raw, json)
Hash identifier:          WI3tRN14WeIxXWRAmxnHljAlv6Zgd4oG6VhESGt7KvU=
Subject key identifier:   80:7B:A6:91:BF:E4:53:A2:1F:36:44:1E:4F:88:60:A3:D4:8A:65:A0
Certificate issuer:       /CN=AF3F9A6BD149BB2CB7627F3B2E5B7429C55B7BF6
Certificate serial:       78C3F2A9E1F0568D17AA3D4A13014AFCE643F885
Authority key identifier: AF:3F:9A:6B:D1:49:BB:2C:B7:62:7F:3B:2E:5B:74:29:C5:5B:7B:F6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AF3F9A6BD149BB2CB7627F3B2E5B7429C55B7BF6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F5E52B7B2E39B1BEFD92F6DA5E0C5E6414396BD8C1335E234062C29F76A38F3A/0/3230302e322e3132302e302f32312d3234203d3e203237373932.roa
Signing time:             Tue 05 Mar 2024 17:56:44 +0000
ROA not before:           Tue 05 Mar 2024 17:51:44 +0000
ROA not after:            Tue 04 Mar 2025 17:56:44 +0000
asID:                     27792
IP address blocks:        200.2.120.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/F5E52B7B2E39B1BEFD92F6DA5E0C5E6414396BD8C1335E234062C29F76A38F3A/0/AF3F9A6BD149BB2CB7627F3B2E5B7429C55B7BF6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/F5E52B7B2E39B1BEFD92F6DA5E0C5E6414396BD8C1335E234062C29F76A38F3A/0/AF3F9A6BD149BB2CB7627F3B2E5B7429C55B7BF6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AF3F9A6BD149BB2CB7627F3B2E5B7429C55B7BF6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:c3:f2:a9:e1:f0:56:8d:17:aa:3d:4a:13:01:4a:fc:e6:43:f8:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AF3F9A6BD149BB2CB7627F3B2E5B7429C55B7BF6
        Validity
            Not Before: Mar  5 17:51:44 2024 GMT
            Not After : Mar  4 17:56:44 2025 GMT
        Subject: CN=807BA691BFE453A21F36441E4F8860A3D48A65A0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:4a:a3:7b:f2:91:0f:bd:69:16:a5:84:a0:8b:
                    00:c8:e1:c7:eb:15:a7:26:85:34:2c:bb:9b:4f:68:
                    9c:1e:2f:89:15:17:d7:73:7b:ea:f0:7d:9d:61:fe:
                    c2:bd:c9:d9:b3:40:74:d6:73:fc:d3:db:8c:33:c7:
                    7f:15:ac:f7:44:c5:a1:29:b5:16:b6:02:9f:9a:19:
                    4a:35:3d:1f:16:00:3b:fe:0c:42:df:0d:f3:e1:1a:
                    0a:5e:02:95:bb:22:6f:63:4b:ea:2c:44:1a:f8:8e:
                    11:ac:74:e0:44:59:39:ab:df:34:3e:e0:df:dd:a4:
                    95:9d:31:34:76:7d:64:71:22:f3:d6:dc:91:f1:d1:
                    b9:8e:6f:6d:c3:88:81:03:a3:f4:c7:90:95:f4:70:
                    5c:94:f8:3f:6d:3b:09:49:88:0b:1f:38:3f:00:fd:
                    04:3e:94:cd:b4:c8:08:d0:d1:54:9c:9b:3a:3d:15:
                    3d:54:1c:10:e2:9b:aa:18:48:c9:a6:26:61:10:48:
                    60:c2:69:b7:6f:dc:0b:a3:49:26:6e:30:5d:ef:62:
                    00:6f:68:66:01:9b:07:cd:7b:e4:1c:f7:d4:c3:b7:
                    19:cf:a9:cd:41:dd:d9:bb:e9:1b:4b:fd:49:45:e0:
                    7f:a5:2f:7f:8a:97:71:72:2f:7c:d3:ae:7b:b4:11:
                    fa:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:7B:A6:91:BF:E4:53:A2:1F:36:44:1E:4F:88:60:A3:D4:8A:65:A0
            X509v3 Authority Key Identifier:
                keyid:AF:3F:9A:6B:D1:49:BB:2C:B7:62:7F:3B:2E:5B:74:29:C5:5B:7B:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F5E52B7B2E39B1BEFD92F6DA5E0C5E6414396BD8C1335E234062C29F76A38F3A/0/AF3F9A6BD149BB2CB7627F3B2E5B7429C55B7BF6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AF3F9A6BD149BB2CB7627F3B2E5B7429C55B7BF6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F5E52B7B2E39B1BEFD92F6DA5E0C5E6414396BD8C1335E234062C29F76A38F3A/0/3230302e322e3132302e302f32312d3234203d3e203237373932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.2.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         77:b8:f6:af:bd:95:0e:dc:7f:1d:35:38:0b:f9:e6:25:2e:91:
         1a:14:6d:55:56:8b:e9:ef:f5:ce:98:72:9c:88:96:c8:11:16:
         37:f8:37:04:6c:ce:eb:ca:12:e5:f0:1a:5b:94:70:4b:c4:81:
         9b:49:ba:f0:20:8b:9c:43:62:77:72:5d:62:cc:60:41:53:fa:
         92:4a:e5:c5:11:e9:71:94:64:65:a5:c9:5c:58:80:c0:9a:bc:
         ad:41:52:7d:fc:d1:f3:53:55:d9:37:d2:0a:2c:58:b2:02:f7:
         ee:81:c1:83:af:42:f4:81:9b:ee:5f:29:e5:bd:e9:73:7a:40:
         b7:df:c7:c1:4d:0d:21:52:2a:c1:12:28:6e:5c:fd:29:e4:01:
         3b:dc:ee:fd:9d:9d:cb:86:fd:24:b6:53:a6:3d:fc:1a:cf:41:
         c4:c3:96:50:7b:44:75:bf:47:42:8a:1a:80:97:08:ac:f5:af:
         99:87:9e:67:c8:fe:cf:1c:09:31:45:ac:bd:20:5a:39:85:87:
         f8:30:bb:cb:0d:31:95:3d:c1:d0:19:3d:98:e8:4d:4c:f7:27:
         0b:cb:14:b6:49:37:6c:ca:d3:11:33:1d:46:00:05:65:31:c5:
         2b:78:b9:56:75:8e:64:5b:f9:00:c0:30:1f:60:87:da:23:c9:
         23:03:4a:01
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUeMPyqeHwVo0Xqj1KEwFK/OZD+IUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUYzRjlBNkJEMTQ5QkIyQ0I3NjI3RjNCMkU1Qjc0MjlD
NTVCN0JGNjAeFw0yNDAzMDUxNzUxNDRaFw0yNTAzMDQxNzU2NDRaMDMxMTAvBgNV
BAMTKDgwN0JBNjkxQkZFNDUzQTIxRjM2NDQxRTRGODg2MEEzRDQ4QTY1QTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvSqN78pEPvWkWpYSgiwDI4cfr
FacmhTQsu5tPaJweL4kVF9dze+rwfZ1h/sK9ydmzQHTWc/zT24wzx38VrPdExaEp
tRa2Ap+aGUo1PR8WADv+DELfDfPhGgpeApW7Im9jS+osRBr4jhGsdOBEWTmr3zQ+
4N/dpJWdMTR2fWRxIvPW3JHx0bmOb23DiIEDo/THkJX0cFyU+D9tOwlJiAsfOD8A
/QQ+lM20yAjQ0VScmzo9FT1UHBDim6oYSMmmJmEQSGDCabdv3AujSSZuMF3vYgBv
aGYBmwfNe+Qc99TDtxnPqc1B3dm76RtL/UlF4H+lL3+Kl3FyL3zTrnu0EfqzAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUgHumkb/kU6IfNkQeT4hgo9SKZaAwHwYDVR0j
BBgwFoAUrz+aa9FJuyy3Yn87Llt0KcVbe/YwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GNUU1MkI3QjJFMzlCMUJFRkQ5MkY2REE1RTBDNUU2NDE0
Mzk2QkQ4QzEzMzVFMjM0MDYyQzI5Rjc2QTM4RjNBLzAvQUYzRjlBNkJEMTQ5QkIy
Q0I3NjI3RjNCMkU1Qjc0MjlDNTVCN0JGNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BRjNGOUE2QkQxNDlCQjJDQjc2
MjdGM0IyRTVCNzQyOUM1NUI3QkY2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjVFNTJCN0IyRTM5QjFCRUZEOTJGNkRBNUUwQzVFNjQxNDM5NkJEOEMx
MzM1RTIzNDA2MkMyOUY3NkEzOEYzQS8wLzMyMzAzMDJlMzIyZTMxMzIzMDJlMzAy
ZjMyMzEyZDMyMzQyMDNkM2UyMDMyMzczNzM5MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPIAngwDQYJ
KoZIhvcNAQELBQADggEBAHe49q+9lQ7cfx01OAv55iUukRoUbVVWi+nv9c6YcpyI
lsgRFjf4NwRszuvKEuXwGluUcEvEgZtJuvAgi5xDYndyXWLMYEFT+pJK5cUR6XGU
ZGWlyVxYgMCavK1BUn380fNTVdk30gosWLIC9+6BwYOvQvSBm+5fKeW96XN6QLff
x8FNDSFSKsESKG5c/SnkATvc7v2dncuG/SS2U6Y9/BrPQcTDllB7RHW/R0KKGoCX
CKz1r5mHnmfI/s8cCTFFrL0gWjmFh/gwu8sNMZU9wdAZPZjoTUz3JwvLFLZJN2zK
0xEzHUYABWUxxSt4uVZ1jmRb+QDAMB9gh9ojySMDSgE=
-----END CERTIFICATE-----
Generated at Wed Nov 20 20:04:33 2024 by rpki-client on console-fra.rpki-client.org