Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230302e34312e32312e302f32342d3234203d3e203532343434.roa
File:                     3230302e34312e32312e302f32342d3234203d3e203532343434.roa (raw, json)
Hash identifier:          7U0loeNQ1FR135sa8XW4qXmlY9gTWqFOaU3U4X4Y23E=
Subject key identifier:   09:73:EE:B5:BF:3D:DE:1B:ED:E8:BF:5D:65:CA:22:83:1E:7E:D8:AC
Certificate issuer:       /CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
Certificate serial:       4F8104A98B3A64959D8A01161FD2332421E09B1D
Authority key identifier: C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230302e34312e32312e302f32342d3234203d3e203532343434.roa
Signing time:             Tue 04 Feb 2025 18:41:36 +0000
ROA not before:           Tue 04 Feb 2025 18:36:36 +0000
ROA not after:            Tue 03 Feb 2026 18:41:36 +0000
asID:                     52444
IP address blocks:        200.41.21.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl
                          rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 12 Feb 2025 23:10:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:81:04:a9:8b:3a:64:95:9d:8a:01:16:1f:d2:33:24:21:e0:9b:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
        Validity
            Not Before: Feb  4 18:36:36 2025 GMT
            Not After : Feb  3 18:41:36 2026 GMT
        Subject: CN=0973EEB5BF3DDE1BEDE8BF5D65CA22831E7ED8AC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ff:d7:cf:29:dc:4b:59:3d:9c:11:f1:9f:a8:
                    10:6f:7a:8d:54:e0:74:bc:b5:64:77:42:c3:c2:6c:
                    68:70:b6:ad:cb:a1:89:c6:66:65:fd:d7:88:2a:2a:
                    8c:43:11:ac:54:fd:45:94:5e:e1:42:34:80:fc:46:
                    56:32:d4:3a:53:79:d9:19:25:d6:d7:bd:fa:ef:ed:
                    df:81:1d:41:3b:39:66:63:fa:f8:43:dc:d9:f7:5d:
                    bc:f4:62:ec:54:24:9f:c1:2b:97:e4:b1:77:69:fd:
                    ef:a3:2c:ae:ca:76:da:f1:1b:d7:3e:0a:b6:be:26:
                    7d:c8:df:aa:f1:0a:40:f9:09:e5:88:14:6c:52:72:
                    f8:78:9c:b7:c9:c7:5c:2c:7a:6c:8d:e7:2d:18:e3:
                    ef:0c:c4:e1:5d:1d:9b:1a:7a:9a:e6:a2:7b:6c:d0:
                    7a:f0:55:d2:70:80:e7:54:10:1f:c1:0a:db:4d:eb:
                    ab:da:37:af:47:5d:8b:8f:05:e8:92:eb:d6:c1:a6:
                    94:e0:a0:da:ba:16:70:40:b1:17:18:26:a9:f7:ba:
                    d5:7d:ff:83:66:c1:84:bc:88:db:1f:4e:ac:8b:f9:
                    df:9e:98:b6:41:8a:06:17:2c:ed:96:02:dd:50:6b:
                    76:fd:2a:c4:c2:9f:62:9b:e3:61:06:dc:04:b4:9e:
                    a1:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:73:EE:B5:BF:3D:DE:1B:ED:E8:BF:5D:65:CA:22:83:1E:7E:D8:AC
            X509v3 Authority Key Identifier:
                keyid:C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230302e34312e32312e302f32342d3234203d3e203532343434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.41.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:a9:5f:6d:6e:4e:b6:b5:11:bf:90:f6:d4:ab:ce:c3:76:ca:
         fa:8e:30:1e:54:d7:22:53:12:5b:bb:4d:7e:70:71:30:7e:3f:
         c4:9b:0f:cf:94:66:57:26:09:07:4d:ff:41:6e:7f:09:c5:e4:
         fd:b5:5b:1b:85:ca:30:eb:05:8c:52:8a:b9:ff:7d:19:64:63:
         18:e2:ff:1d:4c:10:b8:bc:ce:9c:5d:a4:57:33:cd:4b:aa:ef:
         f4:c0:f9:a8:a5:3f:af:54:c6:d3:5f:03:76:54:5a:8e:ad:b6:
         af:1b:64:9c:99:7d:0b:0f:1e:4f:6e:39:45:23:ef:68:d4:f3:
         a1:0b:fa:b6:8f:a8:2c:6b:d0:98:1d:4f:49:63:70:9e:4c:60:
         e7:6a:7e:11:12:9b:6b:51:95:5d:aa:df:a0:fe:4d:9e:90:fb:
         01:dd:cc:c9:db:23:9b:2b:4f:7b:92:ea:2a:22:40:62:ad:77:
         3e:3e:ce:d2:a0:a5:8d:dd:b6:31:54:be:20:7a:df:34:73:56:
         cf:02:e7:ff:72:eb:12:5e:bc:ad:0f:dc:f3:0e:1d:16:0c:87:
         df:c4:0a:c2:51:05:7e:ca:21:40:b6:60:72:23:07:61:3e:5f:
         51:98:14:27:ff:33:7f:7f:69:1f:f0:f2:c0:83:e8:d6:68:af:
         e5:8e:f7:62
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUT4EEqYs6ZJWdigEWH9IzJCHgmx0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg3QzU1QTQ0ODFGMTlDOUI2MTg0OTQ0QjE4N0IzODEz
QjdDRUM1NjAeFw0yNTAyMDQxODM2MzZaFw0yNjAyMDMxODQxMzZaMDMxMTAvBgNV
BAMTKDA5NzNFRUI1QkYzRERFMUJFREU4QkY1RDY1Q0EyMjgzMUU3RUQ4QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx/9fPKdxLWT2cEfGfqBBveo1U
4HS8tWR3QsPCbGhwtq3LoYnGZmX914gqKoxDEaxU/UWUXuFCNID8RlYy1DpTedkZ
JdbXvfrv7d+BHUE7OWZj+vhD3Nn3Xbz0YuxUJJ/BK5fksXdp/e+jLK7KdtrxG9c+
Cra+Jn3I36rxCkD5CeWIFGxScvh4nLfJx1wsemyN5y0Y4+8MxOFdHZsaeprmonts
0HrwVdJwgOdUEB/BCttN66vaN69HXYuPBeiS69bBppTgoNq6FnBAsRcYJqn3utV9
/4NmwYS8iNsfTqyL+d+emLZBigYXLO2WAt1Qa3b9KsTCn2Kb42EG3AS0nqHxAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUCXPutb893hvt6L9dZcoigx5+2KwwHwYDVR0j
BBgwFoAUyHxVpEgfGcm2GElEsYezgTt87FYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMEE2NkE2QTJBNkNGRTkzQzBGNkUzREZDMjBERDMzMUI1
ODBGQjIwMzgzQjYyRkU0QjI2QzAyOTRCNDY4N0M3LzAvQzg3QzU1QTQ0ODFGMTlD
OUI2MTg0OTQ0QjE4N0IzODEzQjdDRUM1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DODdDNTVBNDQ4MUYxOUM5QjYx
ODQ5NDRCMTg3QjM4MTNCN0NFQzU2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDBBNjZBNkEyQTZDRkU5M0MwRjZFM0RGQzIwREQzMzFCNTgwRkIyMDM4
M0I2MkZFNEIyNkMwMjk0QjQ2ODdDNy8wLzMyMzAzMDJlMzQzMTJlMzIzMTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzNDM0MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIKRUwDQYJ
KoZIhvcNAQELBQADggEBAEepX21uTra1Eb+Q9tSrzsN2yvqOMB5U1yJTElu7TX5w
cTB+P8SbD8+UZlcmCQdN/0FufwnF5P21WxuFyjDrBYxSirn/fRlkYxji/x1MELi8
zpxdpFczzUuq7/TA+ailP69UxtNfA3ZUWo6ttq8bZJyZfQsPHk9uOUUj72jU86EL
+raPqCxr0JgdT0ljcJ5MYOdqfhESm2tRlV2q36D+TZ6Q+wHdzMnbI5srT3uS6ioi
QGKtdz4+ztKgpY3dtjFUviB63zRzVs8C5/9y6xJevK0P3PMOHRYMh9/ECsJRBX7K
IUC2YHIjB2E+X1GYFCf/M39/aR/w8sCD6NZor+WO92I=
-----END CERTIFICATE-----
Generated at Sun Feb 9 15:29:47 2025 by rpki-client