Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/3133382e3231392e3134302e302f32322d3234203d3e203532323333.roa
File:                     3133382e3231392e3134302e302f32322d3234203d3e203532323333.roa (raw, json)
Hash identifier:          gepYFtCeYqrntz5vudf0v76ted/PXE6mMcRMdn7dhkU=
Subject key identifier:   3C:50:1F:BD:67:AE:25:70:6C:31:14:EA:60:C7:B1:7C:37:87:55:87
Certificate issuer:       /CN=D1A55CA9F61A19739707656D810C4C2DDBDB13DF
Certificate serial:       7E8E75B5FF1C55EE6B6A5594811C7117CD81D152
Authority key identifier: D1:A5:5C:A9:F6:1A:19:73:97:07:65:6D:81:0C:4C:2D:DB:DB:13:DF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/3133382e3231392e3134302e302f32322d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:35:28 +0000
ROA not before:           Tue 04 Feb 2025 18:30:28 +0000
ROA not after:            Tue 03 Feb 2026 18:35:28 +0000
asID:                     52233
IP address blocks:        138.219.140.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:8e:75:b5:ff:1c:55:ee:6b:6a:55:94:81:1c:71:17:cd:81:d1:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D1A55CA9F61A19739707656D810C4C2DDBDB13DF
        Validity
            Not Before: Feb  4 18:30:28 2025 GMT
            Not After : Feb  3 18:35:28 2026 GMT
        Subject: CN=3C501FBD67AE25706C3114EA60C7B17C37875587
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c4:62:8e:4c:a2:df:98:68:29:d2:16:c8:ca:
                    b4:10:f4:d6:5e:e0:01:c0:48:9b:7e:a2:77:e6:51:
                    20:74:97:6b:d3:18:08:06:8c:db:c4:da:a7:c9:5b:
                    35:92:8f:80:1f:8c:fa:d7:14:c8:88:d2:4c:df:81:
                    f9:94:ed:33:3a:aa:1e:c4:5a:dc:9f:7c:5a:36:c2:
                    0d:f7:13:2b:1e:5c:4b:95:49:10:5b:e0:40:cd:da:
                    4e:c8:7c:3a:69:fd:6b:cf:3c:e6:b0:b4:bf:31:a8:
                    b3:d2:22:88:44:70:f1:e5:bc:59:7c:b7:ec:6e:6f:
                    83:65:a1:f9:cb:ac:0e:72:63:60:8a:63:e1:1f:db:
                    5c:8d:b4:e0:c9:05:28:61:d9:8c:13:62:71:33:9d:
                    8e:87:b0:a4:e8:ef:78:cd:85:1e:90:37:55:2b:12:
                    86:0e:d0:6a:e2:a4:e6:ac:28:03:8d:09:d4:f5:28:
                    f3:37:f0:dc:5d:31:6e:3c:72:b0:41:16:4c:e7:78:
                    aa:71:cd:fd:8c:9e:a4:f3:34:f8:6c:e0:15:b1:ac:
                    08:53:30:88:45:35:5d:ee:dc:35:2b:fb:9a:d2:88:
                    c6:58:44:2b:8a:ea:32:6a:47:13:f9:a6:48:77:79:
                    12:a8:fd:82:b5:5e:d0:3b:a9:20:8a:9a:83:60:4b:
                    a4:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:50:1F:BD:67:AE:25:70:6C:31:14:EA:60:C7:B1:7C:37:87:55:87
            X509v3 Authority Key Identifier:
                keyid:D1:A5:5C:A9:F6:1A:19:73:97:07:65:6D:81:0C:4C:2D:DB:DB:13:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/3133382e3231392e3134302e302f32322d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.219.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2f:4b:93:5e:0a:18:74:8b:76:d5:ab:b6:32:96:c2:b1:86:25:
         a5:00:f5:e4:18:63:75:03:2a:c8:99:4d:3a:10:f0:81:a4:7f:
         5a:3c:b3:e3:c7:96:f4:a0:ed:24:a3:88:1d:ae:10:80:57:3b:
         d9:a7:ed:ff:d7:8e:6b:1f:ce:4f:ff:02:52:0c:9a:dc:70:1c:
         3e:7f:e2:56:fc:e0:56:61:d7:83:b9:59:10:3e:0e:6c:e3:f8:
         d6:20:7e:4e:5d:a2:3d:ae:23:1c:f4:e4:ed:7a:c8:fb:4b:f6:
         fb:5f:88:c9:b1:ee:bd:b4:f1:74:2b:a0:11:42:8e:67:c8:94:
         ef:04:81:28:f7:4c:77:e9:72:69:e0:ed:1d:cf:02:ed:19:4f:
         90:eb:8d:40:6d:a4:89:f5:db:71:ce:d5:1c:41:5b:fd:0c:49:
         df:e3:3f:bb:69:c2:79:ee:21:62:b5:46:23:e7:69:f6:c2:a7:
         b1:d2:5d:94:86:83:59:0e:bf:ce:4c:9d:9c:ff:06:b4:49:1e:
         45:90:c5:26:f4:f9:16:fd:89:b8:81:c9:12:f6:89:2d:48:25:
         37:a2:a1:47:a6:3c:cc:8b:cc:76:b8:65:e5:72:e2:c8:0f:74:
         fc:25:88:14:5d:34:9c:f3:30:f5:a4:c0:03:a3:d4:1f:78:f7:
         29:97:90:33
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUfo51tf8cVe5ralWUgRxxF82B0VIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDFBNTVDQTlGNjFBMTk3Mzk3MDc2NTZEODEwQzRDMkRE
QkRCMTNERjAeFw0yNTAyMDQxODMwMjhaFw0yNjAyMDMxODM1MjhaMDMxMTAvBgNV
BAMTKDNDNTAxRkJENjdBRTI1NzA2QzMxMTRFQTYwQzdCMTdDMzc4NzU1ODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xGKOTKLfmGgp0hbIyrQQ9NZe
4AHASJt+onfmUSB0l2vTGAgGjNvE2qfJWzWSj4AfjPrXFMiI0kzfgfmU7TM6qh7E
WtyffFo2wg33EyseXEuVSRBb4EDN2k7IfDpp/WvPPOawtL8xqLPSIohEcPHlvFl8
t+xub4NlofnLrA5yY2CKY+Ef21yNtODJBShh2YwTYnEznY6HsKTo73jNhR6QN1Ur
EoYO0GripOasKAONCdT1KPM38NxdMW48crBBFkzneKpxzf2MnqTzNPhs4BWxrAhT
MIhFNV3u3DUr+5rSiMZYRCuK6jJqRxP5pkh3eRKo/YK1XtA7qSCKmoNgS6SrAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUPFAfvWeuJXBsMRTqYMexfDeHVYcwHwYDVR0j
BBgwFoAU0aVcqfYaGXOXB2VtgQxMLdvbE98wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMDc3NTlFMThFOTZEMDc0REZCQTUwN0M2MjcyQTFCRUM0
N0E3RDhEQkYwQzFBOTcxQkQyMThBNjhFRjFDMTU0LzAvRDFBNTVDQTlGNjFBMTk3
Mzk3MDc2NTZEODEwQzRDMkREQkRCMTNERi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMUE1NUNBOUY2MUExOTczOTcw
NzY1NkQ4MTBDNEMyRERCREIxM0RGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTA3NzU5RTE4RTk2RDA3NERGQkE1MDdDNjI3MkExQkVDNDdBN0Q4REJG
MEMxQTk3MUJEMjE4QTY4RUYxQzE1NC8wLzMxMzMzODJlMzIzMTM5MmUzMTM0MzAy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNTMyMzIzMzMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCituM
MA0GCSqGSIb3DQEBCwUAA4IBAQAvS5NeChh0i3bVq7YylsKxhiWlAPXkGGN1AyrI
mU06EPCBpH9aPLPjx5b0oO0ko4gdrhCAVzvZp+3/145rH85P/wJSDJrccBw+f+JW
/OBWYdeDuVkQPg5s4/jWIH5OXaI9riMc9OTtesj7S/b7X4jJse69tPF0K6ARQo5n
yJTvBIEo90x36XJp4O0dzwLtGU+Q641AbaSJ9dtxztUcQVv9DEnf4z+7acJ57iFi
tUYj52n2wqex0l2UhoNZDr/OTJ2c/wa0SR5FkMUm9PkW/Ym4gckS9oktSCU3oqFH
pjzMi8x2uGXlcuLID3T8JYgUXTSc8zD1pMADo9QfePcpl5Az
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:50:17 2025 by rpki-client