Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/406B1063718A61AE561DB18A870F583D14D6513C99E94DC14F47D6DBFBBC0A2C/0/3139312e35322e3230382e302f32322d3234203d3e2037333033.roa
File:                     3139312e35322e3230382e302f32322d3234203d3e2037333033.roa (raw, json)
Hash identifier:          K0gbnG/sO3GEx7nYf0yrUba0yrF5rWaL1PD2LWdYN34=
Subject key identifier:   DA:CC:82:6B:B2:E8:93:B2:0D:22:AC:06:AE:3A:C5:63:38:69:56:91
Certificate issuer:       /CN=BFFF9ED422983457E784A1C5DF441797B00B1886
Certificate serial:       21B6914DD7E12E6D98F2C2620F296E0A1727BBE9
Authority key identifier: BF:FF:9E:D4:22:98:34:57:E7:84:A1:C5:DF:44:17:97:B0:0B:18:86
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BFFF9ED422983457E784A1C5DF441797B00B1886.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/406B1063718A61AE561DB18A870F583D14D6513C99E94DC14F47D6DBFBBC0A2C/0/3139312e35322e3230382e302f32322d3234203d3e2037333033.roa
Signing time:             Wed 09 Jul 2025 17:24:53 +0000
ROA not before:           Wed 09 Jul 2025 17:19:53 +0000
ROA not after:            Wed 08 Jul 2026 17:24:53 +0000
asID:                     7303
IP address blocks:        191.52.208.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/406B1063718A61AE561DB18A870F583D14D6513C99E94DC14F47D6DBFBBC0A2C/0/BFFF9ED422983457E784A1C5DF441797B00B1886.crl
                          rsync://repository.lacnic.net/rpki/lacnic/406B1063718A61AE561DB18A870F583D14D6513C99E94DC14F47D6DBFBBC0A2C/0/BFFF9ED422983457E784A1C5DF441797B00B1886.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BFFF9ED422983457E784A1C5DF441797B00B1886.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 28 Jul 2025 22:12:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:b6:91:4d:d7:e1:2e:6d:98:f2:c2:62:0f:29:6e:0a:17:27:bb:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BFFF9ED422983457E784A1C5DF441797B00B1886
        Validity
            Not Before: Jul  9 17:19:53 2025 GMT
            Not After : Jul  8 17:24:53 2026 GMT
        Subject: CN=DACC826BB2E893B20D22AC06AE3AC56338695691
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:05:52:4c:e9:c9:5a:40:ef:e8:94:59:2b:ea:
                    7c:98:4f:cb:76:6a:de:b6:aa:d7:c1:51:c8:8c:f2:
                    21:09:25:b7:7f:11:c4:46:24:9c:43:3c:eb:99:8b:
                    be:bd:9b:17:97:1f:3b:de:d2:bf:3f:a9:df:76:5c:
                    74:39:28:82:e8:0c:45:a9:59:1b:81:77:4e:d2:c8:
                    e4:a5:10:42:11:a1:07:22:f6:20:7c:e9:11:8d:34:
                    ca:4e:8b:6e:d7:e5:8c:8a:54:2b:f3:60:f6:ca:34:
                    f7:22:21:24:9f:c4:a7:9e:9b:f2:0b:44:04:e3:3b:
                    fa:d6:65:00:c3:02:0e:a3:a1:9f:c2:0d:e6:85:ae:
                    ec:a4:e2:f2:85:eb:5e:30:c4:3b:6b:5d:8c:91:88:
                    06:57:24:ab:99:73:31:82:50:88:da:ee:95:8d:18:
                    a1:69:79:50:fd:c1:63:42:16:60:0d:a2:62:59:de:
                    be:a6:ca:04:98:ca:fd:24:80:20:a5:d2:7f:b4:82:
                    5c:91:ca:d8:b5:d7:a4:e4:02:62:d5:2c:08:fa:fe:
                    bf:47:6e:1e:de:03:d5:10:03:58:ef:32:45:27:34:
                    bb:57:4e:f8:c3:a6:f9:f8:51:75:a0:d4:48:be:c0:
                    9d:e5:34:31:23:cb:71:0c:32:de:f0:7e:6d:de:3c:
                    2d:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:CC:82:6B:B2:E8:93:B2:0D:22:AC:06:AE:3A:C5:63:38:69:56:91
            X509v3 Authority Key Identifier:
                keyid:BF:FF:9E:D4:22:98:34:57:E7:84:A1:C5:DF:44:17:97:B0:0B:18:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/406B1063718A61AE561DB18A870F583D14D6513C99E94DC14F47D6DBFBBC0A2C/0/BFFF9ED422983457E784A1C5DF441797B00B1886.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BFFF9ED422983457E784A1C5DF441797B00B1886.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/406B1063718A61AE561DB18A870F583D14D6513C99E94DC14F47D6DBFBBC0A2C/0/3139312e35322e3230382e302f32322d3234203d3e2037333033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.52.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:4c:65:35:68:81:8c:0c:94:49:c2:51:74:e0:a6:ed:ba:10:
         46:70:52:f6:69:03:17:61:43:75:2a:98:37:06:59:ae:60:b2:
         94:58:5f:b3:34:eb:fb:6b:e2:22:3f:38:e8:76:ea:3a:62:84:
         f4:8f:5a:56:f6:7b:0a:9c:13:ef:92:dd:8c:a8:ba:de:25:40:
         6d:44:f2:28:63:7c:9d:9d:3b:c9:05:83:4b:10:01:06:88:04:
         6b:84:df:09:15:8b:3f:a0:e5:e3:85:b0:0e:54:12:c6:a6:13:
         ff:fb:0c:85:22:4d:bf:f8:3e:ed:7e:dd:03:8a:67:a9:d2:29:
         89:c1:b7:7c:07:08:2c:f3:0c:40:c6:84:38:b3:78:56:cf:d9:
         7c:22:9d:b4:8e:98:68:73:f4:3c:fb:58:da:32:c9:30:f7:0f:
         49:ad:07:eb:b9:67:0f:78:03:b6:9c:83:89:75:fe:07:c0:66:
         d0:6b:df:df:db:7e:29:77:0e:e6:85:dd:32:52:ce:f6:47:fe:
         52:36:f4:44:17:ab:e4:ca:30:4d:0d:6b:f2:2f:0f:f8:8f:28:
         25:27:8e:87:7d:cb:5c:e5:4d:15:56:42:ef:66:ce:7b:be:56:
         8b:28:3b:f7:b9:94:bc:da:f3:dd:3d:43:6f:7c:97:25:8e:cd:
         00:fd:c5:6c
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUIbaRTdfhLm2Y8sJiDyluChcnu+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkZGRjlFRDQyMjk4MzQ1N0U3ODRBMUM1REY0NDE3OTdC
MDBCMTg4NjAeFw0yNTA3MDkxNzE5NTNaFw0yNjA3MDgxNzI0NTNaMDMxMTAvBgNV
BAMTKERBQ0M4MjZCQjJFODkzQjIwRDIyQUMwNkFFM0FDNTYzMzg2OTU2OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKBVJM6claQO/olFkr6nyYT8t2
at62qtfBUciM8iEJJbd/EcRGJJxDPOuZi769mxeXHzve0r8/qd92XHQ5KILoDEWp
WRuBd07SyOSlEEIRoQci9iB86RGNNMpOi27X5YyKVCvzYPbKNPciISSfxKeem/IL
RATjO/rWZQDDAg6joZ/CDeaFruyk4vKF614wxDtrXYyRiAZXJKuZczGCUIja7pWN
GKFpeVD9wWNCFmANomJZ3r6mygSYyv0kgCCl0n+0glyRyti116TkAmLVLAj6/r9H
bh7eA9UQA1jvMkUnNLtXTvjDpvn4UXWg1Ei+wJ3lNDEjy3EMMt7wfm3ePC0PAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU2syCa7Lok7INIqwGrjrFYzhpVpEwHwYDVR0j
BBgwFoAUv/+e1CKYNFfnhKHF30QXl7ALGIYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80MDZCMTA2MzcxOEE2MUFFNTYxREIxOEE4NzBGNTgzRDE0
RDY1MTNDOTlFOTREQzE0RjQ3RDZEQkZCQkMwQTJDLzAvQkZGRjlFRDQyMjk4MzQ1
N0U3ODRBMUM1REY0NDE3OTdCMDBCMTg4Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CRkZGOUVENDIyOTgzNDU3RTc4
NEExQzVERjQ0MTc5N0IwMEIxODg2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDA2QjEwNjM3MThBNjFBRTU2MURCMThBODcwRjU4M0QxNEQ2NTEzQzk5
RTk0REMxNEY0N0Q2REJGQkJDMEEyQy8wLzMxMzkzMTJlMzUzMjJlMzIzMDM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzczMzMwMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK/NNAwDQYJ
KoZIhvcNAQELBQADggEBAGhMZTVogYwMlEnCUXTgpu26EEZwUvZpAxdhQ3UqmDcG
Wa5gspRYX7M06/tr4iI/OOh26jpihPSPWlb2ewqcE++S3Yyout4lQG1E8ihjfJ2d
O8kFg0sQAQaIBGuE3wkViz+g5eOFsA5UEsamE//7DIUiTb/4Pu1+3QOKZ6nSKYnB
t3wHCCzzDEDGhDizeFbP2XwinbSOmGhz9Dz7WNoyyTD3D0mtB+u5Zw94A7acg4l1
/gfAZtBr39/bfil3DuaF3TJSzvZH/lI29EQXq+TKME0Na/IvD/iPKCUnjod9y1zl
TRVWQu9mznu+VosoO/e5lLza8909Q298lyWOzQD9xWw=
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:18:02 2025 by rpki-client