Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230302e33322e3132322e3132382f32362d3236203d3e203532343434.roa
File:                     3230302e33322e3132322e3132382f32362d3236203d3e203532343434.roa (raw, json)
Hash identifier:          ueDUtpD/Zih9qm5irVspEGEeH43hjwKHoLCn30zdo40=
Subject key identifier:   B1:9C:DD:65:71:9E:14:33:CD:C9:A8:E9:80:A0:DE:93:04:13:24:C9
Certificate issuer:       /CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
Certificate serial:       6EDCA00A56D1A7A3CB14BC2C428A32F8E2F586B9
Authority key identifier: C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230302e33322e3132322e3132382f32362d3236203d3e203532343434.roa
Signing time:             Tue 04 Feb 2025 18:41:26 +0000
ROA not before:           Tue 04 Feb 2025 18:36:26 +0000
ROA not after:            Tue 03 Feb 2026 18:41:26 +0000
asID:                     52444
IP address blocks:        200.32.122.128/26 maxlen: 26
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl
                          rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 12 Feb 2025 23:10:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:dc:a0:0a:56:d1:a7:a3:cb:14:bc:2c:42:8a:32:f8:e2:f5:86:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
        Validity
            Not Before: Feb  4 18:36:26 2025 GMT
            Not After : Feb  3 18:41:26 2026 GMT
        Subject: CN=B19CDD65719E1433CDC9A8E980A0DE93041324C9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e9:28:86:ad:64:22:03:11:c2:45:d9:d6:84:
                    40:3b:fa:17:7c:2d:a4:cd:83:8a:b9:82:d3:e1:98:
                    80:4c:8d:96:11:b4:88:83:4f:2c:cb:ed:aa:53:28:
                    5a:14:06:91:c8:ac:e0:24:b5:5a:bc:3c:61:a3:cb:
                    3d:e2:a9:df:ea:85:31:fd:f5:48:0b:01:14:9a:e5:
                    8f:6b:f2:26:37:b9:10:b0:a0:5b:28:88:ce:f6:f6:
                    6a:5b:62:24:fa:9c:9d:d1:c4:47:b5:ad:3b:b4:2c:
                    4e:0a:7a:cc:4c:bd:24:10:77:02:63:49:b5:5a:75:
                    53:cf:90:91:73:62:9f:50:b8:12:fa:31:cc:f0:e1:
                    03:d7:8d:94:e5:15:13:fe:ca:e8:56:f7:33:39:46:
                    45:dd:e6:db:ca:de:37:24:00:82:62:9b:ac:87:57:
                    b0:38:b4:c4:15:f3:75:f2:c4:c5:9e:ea:aa:73:d6:
                    b0:92:bf:d5:d3:ad:be:e6:6a:f3:da:85:fc:ee:6e:
                    47:2f:e7:b0:79:79:b9:0a:c7:47:a1:df:ea:63:8d:
                    c7:1d:9b:33:7c:29:77:e9:7d:c5:72:c5:8d:3e:cd:
                    16:1a:0a:03:0f:90:e9:89:c9:af:ea:aa:6f:90:78:
                    c9:2c:c2:1f:c3:11:cf:bd:52:3e:c5:21:d7:0e:38:
                    c1:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:9C:DD:65:71:9E:14:33:CD:C9:A8:E9:80:A0:DE:93:04:13:24:C9
            X509v3 Authority Key Identifier:
                keyid:C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230302e33322e3132322e3132382f32362d3236203d3e203532343434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.32.122.128/26

    Signature Algorithm: sha256WithRSAEncryption
         97:8f:4f:52:a2:f5:3d:ff:5e:20:47:38:34:66:c3:c6:e1:6f:
         84:ec:df:98:e3:8b:a8:7d:c5:d7:6b:c4:bd:10:1c:c2:19:eb:
         28:74:f3:b4:b7:0a:5c:23:ec:1f:63:02:44:e3:d0:66:bf:80:
         65:87:95:ba:c2:8d:87:bc:7f:15:93:d1:4e:df:02:4f:33:02:
         ff:24:09:33:be:5a:a3:6a:4e:63:8c:7d:26:19:a8:81:4f:88:
         27:c3:76:f9:a9:3a:57:f2:15:5d:54:86:1d:99:15:0e:e7:01:
         ed:89:b7:b3:8c:ad:03:f3:93:9e:66:ac:2f:57:40:a1:39:ca:
         5b:99:79:c9:4a:e9:eb:d8:e7:48:21:2b:f5:94:77:14:55:6b:
         de:b4:d4:f1:eb:75:f3:a4:19:4b:73:9f:d3:59:28:85:01:cd:
         d6:b7:3b:e3:fa:d4:8b:b5:f6:89:da:c9:f6:7c:2e:f0:60:6a:
         4a:ba:b2:8c:86:25:bb:c7:3b:73:fe:71:51:04:27:93:e8:a9:
         01:f2:15:58:a9:bf:f2:64:18:cb:23:90:18:f9:2d:c0:bd:29:
         06:7b:fa:81:1e:35:87:ef:ec:56:a3:71:2f:fc:81:92:7c:b0:
         30:6a:97:52:d3:6e:ed:04:c6:72:e1:f2:08:ff:f8:f6:7f:d5:
         70:65:ec:d1
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgIUbtygClbRp6PLFLwsQooy+OL1hrkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg3QzU1QTQ0ODFGMTlDOUI2MTg0OTQ0QjE4N0IzODEz
QjdDRUM1NjAeFw0yNTAyMDQxODM2MjZaFw0yNjAyMDMxODQxMjZaMDMxMTAvBgNV
BAMTKEIxOUNERDY1NzE5RTE0MzNDREM5QThFOTgwQTBERTkzMDQxMzI0QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe6SiGrWQiAxHCRdnWhEA7+hd8
LaTNg4q5gtPhmIBMjZYRtIiDTyzL7apTKFoUBpHIrOAktVq8PGGjyz3iqd/qhTH9
9UgLARSa5Y9r8iY3uRCwoFsoiM729mpbYiT6nJ3RxEe1rTu0LE4KesxMvSQQdwJj
SbVadVPPkJFzYp9QuBL6Mczw4QPXjZTlFRP+yuhW9zM5RkXd5tvK3jckAIJim6yH
V7A4tMQV83XyxMWe6qpz1rCSv9XTrb7mavPahfzubkcv57B5ebkKx0eh3+pjjccd
mzN8KXfpfcVyxY0+zRYaCgMPkOmJya/qqm+QeMkswh/DEc+9Uj7FIdcOOMH1AgMB
AAGjggLNMIICyTAdBgNVHQ4EFgQUsZzdZXGeFDPNyajpgKDekwQTJMkwHwYDVR0j
BBgwFoAUyHxVpEgfGcm2GElEsYezgTt87FYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMEE2NkE2QTJBNkNGRTkzQzBGNkUzREZDMjBERDMzMUI1
ODBGQjIwMzgzQjYyRkU0QjI2QzAyOTRCNDY4N0M3LzAvQzg3QzU1QTQ0ODFGMTlD
OUI2MTg0OTQ0QjE4N0IzODEzQjdDRUM1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DODdDNTVBNDQ4MUYxOUM5QjYx
ODQ5NDRCMTg3QjM4MTNCN0NFQzU2LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDBBNjZBNkEyQTZDRkU5M0MwRjZFM0RGQzIwREQzMzFCNTgwRkIyMDM4
M0I2MkZFNEIyNkMwMjk0QjQ2ODdDNy8wLzMyMzAzMDJlMzMzMjJlMzEzMjMyMmUz
MTMyMzgyZjMyMzYyZDMyMzYyMDNkM2UyMDM1MzIzNDM0MzQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgABMAcDBQbI
IHqAMA0GCSqGSIb3DQEBCwUAA4IBAQCXj09SovU9/14gRzg0ZsPG4W+E7N+Y44uo
fcXXa8S9EBzCGesodPO0twpcI+wfYwJE49Bmv4Blh5W6wo2HvH8Vk9FO3wJPMwL/
JAkzvlqjak5jjH0mGaiBT4gnw3b5qTpX8hVdVIYdmRUO5wHtibezjK0D85OeZqwv
V0ChOcpbmXnJSunr2OdIISv1lHcUVWvetNTx63XzpBlLc5/TWSiFAc3Wtzvj+tSL
tfaJ2sn2fC7wYGpKurKMhiW7xztz/nFRBCeT6KkB8hVYqb/yZBjLI5AY+S3AvSkG
e/qBHjWH7+xWo3Ev/IGSfLAwapdS027tBMZy4fII//j2f9VwZezR
-----END CERTIFICATE-----
Generated at Sun Feb 9 14:17:17 2025 by rpki-client