Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0E122FAF1730B8623D999FB338DCD2AE979344BBE1D54B4A1709C0035F73F848/0/3139302e3231312e3234352e302f32342d3234203d3e203532323935.roa
File:                     3139302e3231312e3234352e302f32342d3234203d3e203532323935.roa (raw, json)
Hash identifier:          q1TF0EljJ50zZiFH+vsjPFKxOrv5bcavZyZK524lj/g=
Subject key identifier:   BC:6B:BA:B2:0A:E4:E6:56:04:9E:3F:8D:BA:F0:36:66:39:22:3D:50
Certificate issuer:       /CN=B077359C4210D94FBBE53EA8A385C44F8DE3A26C
Certificate serial:       4C56B5FCF5A33628BC68DE2DC7D2E7E0539265E0
Authority key identifier: B0:77:35:9C:42:10:D9:4F:BB:E5:3E:A8:A3:85:C4:4F:8D:E3:A2:6C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B077359C4210D94FBBE53EA8A385C44F8DE3A26C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0E122FAF1730B8623D999FB338DCD2AE979344BBE1D54B4A1709C0035F73F848/0/3139302e3231312e3234352e302f32342d3234203d3e203532323935.roa
Signing time:             Tue 04 Feb 2025 18:09:15 +0000
ROA not before:           Tue 04 Feb 2025 18:04:15 +0000
ROA not after:            Tue 03 Feb 2026 18:09:15 +0000
asID:                     52295
IP address blocks:        190.211.245.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0E122FAF1730B8623D999FB338DCD2AE979344BBE1D54B4A1709C0035F73F848/0/B077359C4210D94FBBE53EA8A385C44F8DE3A26C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0E122FAF1730B8623D999FB338DCD2AE979344BBE1D54B4A1709C0035F73F848/0/B077359C4210D94FBBE53EA8A385C44F8DE3A26C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B077359C4210D94FBBE53EA8A385C44F8DE3A26C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 21 Feb 2025 06:43:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:56:b5:fc:f5:a3:36:28:bc:68:de:2d:c7:d2:e7:e0:53:92:65:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B077359C4210D94FBBE53EA8A385C44F8DE3A26C
        Validity
            Not Before: Feb  4 18:04:15 2025 GMT
            Not After : Feb  3 18:09:15 2026 GMT
        Subject: CN=BC6BBAB20AE4E656049E3F8DBAF0366639223D50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:33:b7:72:de:c7:f4:5a:1b:17:72:9a:2b:5c:
                    6f:11:a9:35:54:70:1e:f2:5a:85:88:ef:0a:d4:b0:
                    c2:5d:c1:87:fe:c5:e0:0a:3b:8a:6e:4c:c1:73:09:
                    e6:96:d9:80:ed:de:d9:08:ba:9a:b5:21:8c:a4:49:
                    2d:78:12:d4:fb:dc:1c:1b:14:40:6f:b2:f8:b3:73:
                    33:db:7e:eb:46:78:c1:fd:e7:f7:02:38:28:05:5d:
                    55:7c:af:fa:50:e4:65:54:8a:fc:b2:97:ae:be:1b:
                    e3:b2:8a:24:60:54:57:30:7c:99:6b:ee:c6:7a:e2:
                    79:05:6c:aa:aa:1c:87:4b:7a:7e:0d:41:66:0a:af:
                    dc:07:3c:0e:53:1b:03:2d:c3:2b:29:14:d7:93:fe:
                    df:55:f5:a3:70:e1:f3:82:98:41:5e:7b:e9:f8:49:
                    48:83:ea:4b:39:e2:b6:1f:09:f4:f5:6f:bd:fb:3d:
                    9c:67:5a:89:49:b7:41:e0:57:a4:2f:81:03:38:0b:
                    f8:50:3b:1c:2e:02:ee:bf:d5:c3:ff:f9:e4:d3:71:
                    42:c2:4f:1a:14:6d:48:47:ed:ee:34:df:5a:9a:f4:
                    98:8f:60:9d:71:89:e4:a0:b6:ea:fb:58:b5:ff:56:
                    a2:51:53:67:21:66:c3:bb:2e:d0:fe:af:0b:36:e5:
                    93:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:6B:BA:B2:0A:E4:E6:56:04:9E:3F:8D:BA:F0:36:66:39:22:3D:50
            X509v3 Authority Key Identifier:
                keyid:B0:77:35:9C:42:10:D9:4F:BB:E5:3E:A8:A3:85:C4:4F:8D:E3:A2:6C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0E122FAF1730B8623D999FB338DCD2AE979344BBE1D54B4A1709C0035F73F848/0/B077359C4210D94FBBE53EA8A385C44F8DE3A26C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B077359C4210D94FBBE53EA8A385C44F8DE3A26C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0E122FAF1730B8623D999FB338DCD2AE979344BBE1D54B4A1709C0035F73F848/0/3139302e3231312e3234352e302f32342d3234203d3e203532323935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.211.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:d3:50:5f:27:84:b8:2d:a0:a6:73:ae:da:9e:9d:b6:ad:a1:
         13:b4:70:93:10:05:5f:8c:00:28:5a:e9:e8:3a:f3:26:71:42:
         e7:24:2a:60:3e:4a:ca:0e:71:ce:cd:15:6f:68:f0:53:b7:36:
         bb:66:46:35:fb:53:b3:98:15:0d:7b:9d:9c:d3:a2:f7:f6:cc:
         1c:3b:ed:9d:7c:6b:a9:ee:df:cf:2f:5f:53:b2:d5:18:ae:3c:
         af:69:39:89:08:0c:60:e5:cc:22:fc:6d:93:9f:76:35:ba:b9:
         1d:dc:f4:49:f7:5e:14:7d:2f:fb:4c:88:e0:d6:c6:4d:64:b3:
         df:e1:f1:ff:35:99:69:8e:d3:e0:16:85:3e:e7:4b:bd:54:ac:
         b7:5e:d8:97:0b:b9:d1:fc:b6:39:22:f5:a3:a8:72:1f:51:7e:
         6d:f8:3a:5b:d7:ff:d1:d7:4c:2c:77:13:3f:44:ad:35:b4:14:
         f1:ab:04:93:8a:fb:bf:2a:39:5c:81:e4:a4:a7:01:15:86:85:
         ea:4f:a3:0a:55:e4:09:7c:3c:69:81:d1:3a:da:8c:18:20:e8:
         08:fb:58:76:ed:18:d5:aa:74:a9:78:a7:c6:8d:eb:0e:ae:62:
         4a:a9:93:7b:0b:14:4f:7e:3f:bb:0d:99:25:1b:4f:2a:f8:36:
         24:af:00:42
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUTFa1/PWjNii8aN4tx9Ln4FOSZeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjA3NzM1OUM0MjEwRDk0RkJCRTUzRUE4QTM4NUM0NEY4
REUzQTI2QzAeFw0yNTAyMDQxODA0MTVaFw0yNjAyMDMxODA5MTVaMDMxMTAvBgNV
BAMTKEJDNkJCQUIyMEFFNEU2NTYwNDlFM0Y4REJBRjAzNjY2MzkyMjNENTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8M7dy3sf0WhsXcporXG8RqTVU
cB7yWoWI7wrUsMJdwYf+xeAKO4puTMFzCeaW2YDt3tkIupq1IYykSS14EtT73Bwb
FEBvsvizczPbfutGeMH95/cCOCgFXVV8r/pQ5GVUivyyl66+G+OyiiRgVFcwfJlr
7sZ64nkFbKqqHIdLen4NQWYKr9wHPA5TGwMtwyspFNeT/t9V9aNw4fOCmEFee+n4
SUiD6ks54rYfCfT1b737PZxnWolJt0HgV6QvgQM4C/hQOxwuAu6/1cP/+eTTcULC
TxoUbUhH7e4031qa9JiPYJ1xieSgtur7WLX/VqJRU2chZsO7LtD+rws25ZN3AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUvGu6sgrk5lYEnj+NuvA2ZjkiPVAwHwYDVR0j
BBgwFoAUsHc1nEIQ2U+75T6oo4XET43jomwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wRTEyMkZBRjE3MzBCODYyM0Q5OTlGQjMzOERDRDJBRTk3
OTM0NEJCRTFENTRCNEExNzA5QzAwMzVGNzNGODQ4LzAvQjA3NzM1OUM0MjEwRDk0
RkJCRTUzRUE4QTM4NUM0NEY4REUzQTI2Qy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CMDc3MzU5QzQyMTBEOTRGQkJF
NTNFQThBMzg1QzQ0RjhERTNBMjZDLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEUxMjJGQUYxNzMwQjg2MjNEOTk5RkIzMzhEQ0QyQUU5NzkzNDRCQkUx
RDU0QjRBMTcwOUMwMDM1RjczRjg0OC8wLzMxMzkzMDJlMzIzMTMxMmUzMjM0MzUy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzIzOTM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvtP1
MA0GCSqGSIb3DQEBCwUAA4IBAQCa01BfJ4S4LaCmc67anp22raETtHCTEAVfjAAo
WunoOvMmcULnJCpgPkrKDnHOzRVvaPBTtza7ZkY1+1OzmBUNe52c06L39swcO+2d
fGup7t/PL19TstUYrjyvaTmJCAxg5cwi/G2Tn3Y1urkd3PRJ914UfS/7TIjg1sZN
ZLPf4fH/NZlpjtPgFoU+50u9VKy3XtiXC7nR/LY5IvWjqHIfUX5t+Dpb1//R10ws
dxM/RK01tBTxqwSTivu/KjlcgeSkpwEVhoXqT6MKVeQJfDxpgdE62owYIOgI+1h2
7RjVqnSpeKfGjesOrmJKqZN7CxRPfj+7DZklG08q+DYkrwBC
-----END CERTIFICATE-----
Generated at Mon Feb 17 02:01:00 2025 by rpki-client