Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/3133312e3232312e3134342e302f32322d3234203d3e203532323333.roa
File:                     3133312e3232312e3134342e302f32322d3234203d3e203532323333.roa (raw, json)
Hash identifier:          4QadW97CHTpEJoQiHa6upB8kEjHryM6EJ4kE/u0MRAc=
Subject key identifier:   D8:69:27:4E:B3:F7:C1:0F:02:08:FD:AD:CF:AA:41:80:B6:34:A2:F2
Certificate issuer:       /CN=D1A55CA9F61A19739707656D810C4C2DDBDB13DF
Certificate serial:       0CD14EE43E3B5DD365C0A59411CAF494BF1CEEC3
Authority key identifier: D1:A5:5C:A9:F6:1A:19:73:97:07:65:6D:81:0C:4C:2D:DB:DB:13:DF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/3133312e3232312e3134342e302f32322d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:35:29 +0000
ROA not before:           Tue 04 Feb 2025 18:30:29 +0000
ROA not after:            Tue 03 Feb 2026 18:35:29 +0000
asID:                     52233
IP address blocks:        131.221.144.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:d1:4e:e4:3e:3b:5d:d3:65:c0:a5:94:11:ca:f4:94:bf:1c:ee:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D1A55CA9F61A19739707656D810C4C2DDBDB13DF
        Validity
            Not Before: Feb  4 18:30:29 2025 GMT
            Not After : Feb  3 18:35:29 2026 GMT
        Subject: CN=D869274EB3F7C10F0208FDADCFAA4180B634A2F2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:00:ef:8c:7e:16:07:2e:7c:61:ca:1b:a2:9f:
                    26:41:2c:81:c7:d9:a0:90:71:73:4d:31:f1:37:5a:
                    4d:de:9f:c1:0c:04:b2:0f:37:4c:2d:bd:4d:b0:72:
                    e6:88:e2:1f:68:49:ad:75:52:e1:cf:16:75:96:a3:
                    5d:19:8e:f1:3b:b2:58:0e:7f:12:69:0c:69:21:19:
                    38:64:8f:92:f3:1e:7a:78:7f:54:97:43:3d:bc:cc:
                    c3:40:f5:b1:bc:01:24:1f:0d:31:36:9f:12:88:20:
                    80:38:95:97:40:4b:08:c6:a1:62:9e:95:e4:7a:ab:
                    1c:80:65:2c:c4:9d:3b:b9:10:51:3b:e2:cd:39:29:
                    0e:1b:1d:c7:1d:74:00:3e:4a:e2:82:87:ec:5e:0c:
                    29:fc:c0:8c:2b:49:d6:91:4b:7f:6f:fc:9e:0e:6f:
                    e5:ef:13:65:4d:8c:16:ee:6f:fe:cc:2c:4c:be:20:
                    8c:a6:6d:d2:c2:1d:5f:16:aa:ee:60:34:96:24:68:
                    03:5c:39:27:40:66:ea:c8:bb:93:61:1a:e2:cd:09:
                    8f:bd:73:b7:ca:d3:cd:d2:7c:4e:c6:da:0b:72:59:
                    8b:87:aa:38:95:3e:de:f3:ac:5f:9a:8b:1e:33:33:
                    4b:2e:b6:de:dd:93:28:0a:b4:d2:3f:89:39:78:cf:
                    ca:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:69:27:4E:B3:F7:C1:0F:02:08:FD:AD:CF:AA:41:80:B6:34:A2:F2
            X509v3 Authority Key Identifier:
                keyid:D1:A5:5C:A9:F6:1A:19:73:97:07:65:6D:81:0C:4C:2D:DB:DB:13:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/3133312e3232312e3134342e302f32322d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.221.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         56:17:4e:21:30:1d:61:73:51:71:61:2a:54:7c:7d:bc:8f:c8:
         bf:30:22:28:8b:37:30:9c:83:64:11:01:32:fa:86:fb:d1:b0:
         f9:55:51:8b:21:56:2f:68:a0:ae:aa:b9:9d:d2:a9:72:ff:36:
         55:4d:55:ab:a6:21:60:ac:05:67:ce:d6:c3:83:4b:27:a8:76:
         98:5a:27:33:cb:b1:6e:7c:34:0a:1c:4d:b4:35:8d:bf:89:ee:
         3a:0b:8f:7c:a0:c1:47:95:b9:fd:46:75:20:ca:47:43:e3:a7:
         7a:85:5f:f2:1f:bc:5a:0b:d4:fd:4b:dd:be:f7:79:ab:1d:f8:
         30:f7:42:00:1d:93:cc:32:13:6f:95:de:89:89:98:f0:5e:6d:
         21:1a:03:4f:5c:2b:d3:c9:64:5c:b6:52:14:f3:08:e6:c8:63:
         08:84:15:e4:dd:02:c3:f5:3b:a5:8b:d1:4d:8c:b8:a9:49:ec:
         1a:9c:e2:ce:6b:4c:6d:53:de:b0:f5:b2:21:b7:b2:b2:c6:8a:
         13:07:b2:6f:26:6c:c6:a4:18:59:aa:35:c3:e6:29:de:61:c3:
         a7:14:91:d9:89:58:26:c7:5e:22:8f:ad:a9:5e:b8:b8:c1:52:
         bd:21:26:69:49:c8:44:09:91:b8:00:77:68:62:f4:9a:57:bc:
         88:85:96:a5
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUDNFO5D47XdNlwKWUEcr0lL8c7sMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDFBNTVDQTlGNjFBMTk3Mzk3MDc2NTZEODEwQzRDMkRE
QkRCMTNERjAeFw0yNTAyMDQxODMwMjlaFw0yNjAyMDMxODM1MjlaMDMxMTAvBgNV
BAMTKEQ4NjkyNzRFQjNGN0MxMEYwMjA4RkRBRENGQUE0MTgwQjYzNEEyRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfAO+MfhYHLnxhyhuinyZBLIHH
2aCQcXNNMfE3Wk3en8EMBLIPN0wtvU2wcuaI4h9oSa11UuHPFnWWo10ZjvE7slgO
fxJpDGkhGThkj5LzHnp4f1SXQz28zMNA9bG8ASQfDTE2nxKIIIA4lZdASwjGoWKe
leR6qxyAZSzEnTu5EFE74s05KQ4bHccddAA+SuKCh+xeDCn8wIwrSdaRS39v/J4O
b+XvE2VNjBbub/7MLEy+IIymbdLCHV8Wqu5gNJYkaANcOSdAZurIu5NhGuLNCY+9
c7fK083SfE7G2gtyWYuHqjiVPt7zrF+aix4zM0sutt7dkygKtNI/iTl4z8o5AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU2GknTrP3wQ8CCP2tz6pBgLY0ovIwHwYDVR0j
BBgwFoAU0aVcqfYaGXOXB2VtgQxMLdvbE98wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMDc3NTlFMThFOTZEMDc0REZCQTUwN0M2MjcyQTFCRUM0
N0E3RDhEQkYwQzFBOTcxQkQyMThBNjhFRjFDMTU0LzAvRDFBNTVDQTlGNjFBMTk3
Mzk3MDc2NTZEODEwQzRDMkREQkRCMTNERi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMUE1NUNBOUY2MUExOTczOTcw
NzY1NkQ4MTBDNEMyRERCREIxM0RGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTA3NzU5RTE4RTk2RDA3NERGQkE1MDdDNjI3MkExQkVDNDdBN0Q4REJG
MEMxQTk3MUJEMjE4QTY4RUYxQzE1NC8wLzMxMzMzMTJlMzIzMjMxMmUzMTM0MzQy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNTMyMzIzMzMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCg92Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBWF04hMB1hc1FxYSpUfH28j8i/MCIoizcwnINk
EQEy+ob70bD5VVGLIVYvaKCuqrmd0qly/zZVTVWrpiFgrAVnztbDg0snqHaYWicz
y7FufDQKHE20NY2/ie46C498oMFHlbn9RnUgykdD46d6hV/yH7xaC9T9S92+93mr
Hfgw90IAHZPMMhNvld6JiZjwXm0hGgNPXCvTyWRctlIU8wjmyGMIhBXk3QLD9Tul
i9FNjLipSewanOLOa0xtU96w9bIht7KyxooTB7JvJmzGpBhZqjXD5ineYcOnFJHZ
iVgmx14ij62pXri4wVK9ISZpSchECZG4AHdoYvSaV7yIhZal
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:57:13 2025 by rpki-client