Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3135322e3132382f32362d3236203d3e203532343434.roa
File:                     3230312e3233342e3135322e3132382f32362d3236203d3e203532343434.roa (raw, json)
Hash identifier:          DQuU8po2Pc3uzUelZqSXXIBICW5ZTRcbjoOEkTuKbeM=
Subject key identifier:   4F:7E:C2:5E:1F:CC:AB:B3:A6:D8:35:49:AF:51:77:7D:D7:C6:1D:36
Certificate issuer:       /CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
Certificate serial:       6A43E89556F74144FB4760593AA9243B6BCC39D9
Authority key identifier: C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3135322e3132382f32362d3236203d3e203532343434.roa
Signing time:             Tue 04 Feb 2025 18:41:31 +0000
ROA not before:           Tue 04 Feb 2025 18:36:31 +0000
ROA not after:            Tue 03 Feb 2026 18:41:31 +0000
asID:                     52444
IP address blocks:        201.234.152.128/26 maxlen: 26
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl
                          rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 10 Feb 2025 12:15:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:43:e8:95:56:f7:41:44:fb:47:60:59:3a:a9:24:3b:6b:cc:39:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
        Validity
            Not Before: Feb  4 18:36:31 2025 GMT
            Not After : Feb  3 18:41:31 2026 GMT
        Subject: CN=4F7EC25E1FCCABB3A6D83549AF51777DD7C61D36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:5a:44:9e:a5:ec:bf:29:f1:e5:85:19:ba:75:
                    8c:5d:84:82:25:6b:71:6d:46:69:c7:73:46:63:25:
                    7c:77:3b:d2:3d:11:87:ca:0e:a0:8f:23:82:5c:29:
                    ec:b2:bb:d7:b8:f5:a2:4c:3d:88:92:17:c9:10:87:
                    3b:8a:ef:c8:69:2d:84:0b:3a:71:0c:6a:9f:93:64:
                    f6:ee:4a:c2:c1:ea:13:5c:c0:0b:41:bd:7d:d0:ec:
                    c2:cd:ea:68:1d:d8:5b:bb:2c:1a:9a:e4:24:46:18:
                    d8:2a:4b:eb:a9:5d:a6:6a:c8:d1:c8:1e:6c:3c:43:
                    52:1b:25:a1:ad:76:6f:40:de:23:01:76:22:c5:a2:
                    1f:56:02:6c:8a:59:1a:53:85:50:dc:dc:90:21:a3:
                    3c:83:f6:83:4a:6f:20:27:c9:06:61:dd:19:74:f1:
                    38:1d:a8:f4:e0:c8:77:f1:56:c4:45:44:4e:30:39:
                    a0:fb:b5:3a:a5:ed:88:26:65:27:de:4c:48:be:9f:
                    52:28:1f:37:d5:d0:40:94:4a:19:85:a5:f7:23:36:
                    38:ef:3c:10:cc:5d:64:28:07:1a:5c:24:af:60:3b:
                    81:a2:a5:05:0d:08:d4:42:26:2b:ee:0f:fd:05:35:
                    0c:1d:98:ed:22:f1:aa:d7:73:e1:ba:d1:51:b5:e6:
                    c5:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:7E:C2:5E:1F:CC:AB:B3:A6:D8:35:49:AF:51:77:7D:D7:C6:1D:36
            X509v3 Authority Key Identifier:
                keyid:C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230312e3233342e3135322e3132382f32362d3236203d3e203532343434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.234.152.128/26

    Signature Algorithm: sha256WithRSAEncryption
         5d:cd:e2:69:43:ec:80:ae:87:46:27:a0:98:1d:73:eb:15:20:
         cc:59:5c:c8:17:a1:1e:84:b7:84:3b:ab:42:a4:2b:63:b6:99:
         23:ff:14:ab:b1:78:f9:9a:be:34:45:46:95:f5:57:23:a2:f1:
         c1:64:b4:08:55:fe:6c:b5:9c:5e:8a:8f:0f:fe:41:9b:77:52:
         96:b1:a2:70:f6:fc:b1:27:6d:5f:98:c5:bd:6e:e6:69:8b:f8:
         7e:f1:a1:40:b8:54:b9:fb:4a:a5:56:31:7e:78:e5:d7:ac:5f:
         e6:55:26:a2:24:d8:66:e6:6a:6b:27:00:22:28:21:8e:17:84:
         3d:75:0b:f6:e5:59:a5:13:03:88:78:1c:0b:ea:f1:0b:2e:5b:
         33:d6:72:05:89:9f:d9:91:80:2d:e9:d4:d6:7a:45:2f:44:2c:
         97:85:a1:84:02:8b:71:af:eb:b3:bb:95:e9:3a:6b:0f:24:a8:
         6a:06:ed:55:2a:fb:29:bd:66:ce:6c:a8:71:9f:db:07:f2:02:
         ad:47:98:5f:96:bb:5f:67:58:bd:44:1e:42:f3:80:46:cd:5d:
         08:15:b9:bb:cd:33:c2:02:2b:f6:e4:2c:6d:fe:67:78:75:6b:
         d6:95:ba:0d:d0:41:bc:46:7f:00:84:3f:4e:07:58:01:15:96:
         11:36:90:1d
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUakPolVb3QUT7R2BZOqkkO2vMOdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg3QzU1QTQ0ODFGMTlDOUI2MTg0OTQ0QjE4N0IzODEz
QjdDRUM1NjAeFw0yNTAyMDQxODM2MzFaFw0yNjAyMDMxODQxMzFaMDMxMTAvBgNV
BAMTKDRGN0VDMjVFMUZDQ0FCQjNBNkQ4MzU0OUFGNTE3NzdERDdDNjFEMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjWkSepey/KfHlhRm6dYxdhIIl
a3FtRmnHc0ZjJXx3O9I9EYfKDqCPI4JcKeyyu9e49aJMPYiSF8kQhzuK78hpLYQL
OnEMap+TZPbuSsLB6hNcwAtBvX3Q7MLN6mgd2Fu7LBqa5CRGGNgqS+upXaZqyNHI
Hmw8Q1IbJaGtdm9A3iMBdiLFoh9WAmyKWRpThVDc3JAhozyD9oNKbyAnyQZh3Rl0
8TgdqPTgyHfxVsRFRE4wOaD7tTql7YgmZSfeTEi+n1IoHzfV0ECUShmFpfcjNjjv
PBDMXWQoBxpcJK9gO4GipQUNCNRCJivuD/0FNQwdmO0i8arXc+G60VG15sXbAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUT37CXh/Mq7Om2DVJr1F3fdfGHTYwHwYDVR0j
BBgwFoAUyHxVpEgfGcm2GElEsYezgTt87FYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMEE2NkE2QTJBNkNGRTkzQzBGNkUzREZDMjBERDMzMUI1
ODBGQjIwMzgzQjYyRkU0QjI2QzAyOTRCNDY4N0M3LzAvQzg3QzU1QTQ0ODFGMTlD
OUI2MTg0OTQ0QjE4N0IzODEzQjdDRUM1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DODdDNTVBNDQ4MUYxOUM5QjYx
ODQ5NDRCMTg3QjM4MTNCN0NFQzU2LmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDBBNjZBNkEyQTZDRkU5M0MwRjZFM0RGQzIwREQzMzFCNTgwRkIyMDM4
M0I2MkZFNEIyNkMwMjk0QjQ2ODdDNy8wLzMyMzAzMTJlMzIzMzM0MmUzMTM1MzIy
ZTMxMzIzODJmMzIzNjJkMzIzNjIwM2QzZTIwMzUzMjM0MzQzNC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAEwBwMF
BsnqmIAwDQYJKoZIhvcNAQELBQADggEBAF3N4mlD7ICuh0YnoJgdc+sVIMxZXMgX
oR6Et4Q7q0KkK2O2mSP/FKuxePmavjRFRpX1VyOi8cFktAhV/my1nF6Kjw/+QZt3
UpaxonD2/LEnbV+Yxb1u5mmL+H7xoUC4VLn7SqVWMX545desX+ZVJqIk2Gbmamsn
ACIoIY4XhD11C/blWaUTA4h4HAvq8QsuWzPWcgWJn9mRgC3p1NZ6RS9ELJeFoYQC
i3Gv67O7lek6aw8kqGoG7VUq+ym9Zs5sqHGf2wfyAq1HmF+Wu19nWL1EHkLzgEbN
XQgVubvNM8ICK/bkLG3+Z3h1a9aVug3QQbxGfwCEP04HWAEVlhE2kB0=
-----END CERTIFICATE-----
Generated at Sun Feb 9 14:32:25 2025 by rpki-client