Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/3136312e302e39362e302f32302d3234203d3e203532323333.roa
File:                     3136312e302e39362e302f32302d3234203d3e203532323333.roa (raw, json)
Hash identifier:          JbPZG0kVwFAgbodXoQyhwSLiaajrlva4AYaYqUJjsr8=
Subject key identifier:   2B:6E:CA:C9:29:10:13:95:4A:2F:C0:DD:19:E9:80:3C:B9:20:31:E2
Certificate issuer:       /CN=D1A55CA9F61A19739707656D810C4C2DDBDB13DF
Certificate serial:       3DC5FE18E2FE5B00960AAE05DB3CE8DA90EC1700
Authority key identifier: D1:A5:5C:A9:F6:1A:19:73:97:07:65:6D:81:0C:4C:2D:DB:DB:13:DF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/3136312e302e39362e302f32302d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:35:30 +0000
ROA not before:           Tue 04 Feb 2025 18:30:30 +0000
ROA not after:            Tue 03 Feb 2026 18:35:30 +0000
asID:                     52233
IP address blocks:        161.0.96.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:c5:fe:18:e2:fe:5b:00:96:0a:ae:05:db:3c:e8:da:90:ec:17:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D1A55CA9F61A19739707656D810C4C2DDBDB13DF
        Validity
            Not Before: Feb  4 18:30:30 2025 GMT
            Not After : Feb  3 18:35:30 2026 GMT
        Subject: CN=2B6ECAC9291013954A2FC0DD19E9803CB92031E2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:67:21:e1:ba:a4:ba:94:70:ce:1d:41:b3:10:
                    a6:95:91:f2:5a:de:5a:81:50:79:42:1d:2b:12:79:
                    54:33:83:9f:14:27:ac:19:31:f7:69:e0:99:e9:53:
                    03:b9:4a:bd:a0:c8:d4:a4:a6:7b:21:91:48:29:18:
                    d2:db:cd:55:c6:09:12:2e:58:29:82:8b:02:06:c2:
                    06:1b:03:4b:8e:9e:96:ba:ad:11:ec:13:39:b5:ef:
                    95:84:ac:07:20:f2:ba:40:6d:f4:9b:8f:1e:7d:e9:
                    a8:a0:43:d8:60:17:4d:f0:34:c7:20:48:f3:1c:60:
                    45:eb:47:a7:cf:88:2c:2a:ac:d7:d2:36:5b:07:3c:
                    b6:4c:04:ad:90:48:35:a7:22:6f:5f:e3:1f:7e:00:
                    24:ad:7a:65:25:0a:85:e3:04:f7:f4:4d:47:da:f4:
                    17:2c:2a:df:51:89:fa:01:bb:89:85:a2:04:b9:e8:
                    ac:14:f8:51:80:94:6e:7a:8c:c9:c4:13:bf:ca:7d:
                    3d:f8:79:ac:63:cb:9e:38:74:33:65:03:52:b3:8e:
                    05:9c:52:a8:5d:f4:59:b8:66:33:13:47:72:45:53:
                    53:aa:9b:91:ee:85:4b:d0:ff:84:b6:20:00:31:a7:
                    5f:9d:5f:f6:9f:61:a9:ed:5c:67:52:fb:23:18:aa:
                    44:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:6E:CA:C9:29:10:13:95:4A:2F:C0:DD:19:E9:80:3C:B9:20:31:E2
            X509v3 Authority Key Identifier:
                keyid:D1:A5:5C:A9:F6:1A:19:73:97:07:65:6D:81:0C:4C:2D:DB:DB:13:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/3136312e302e39362e302f32302d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.0.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         4c:55:40:a8:7f:de:ef:56:2c:08:a6:27:88:2b:db:20:d3:f3:
         ba:1e:99:f5:69:81:26:16:be:f1:23:ca:86:a8:d0:40:4f:12:
         2a:2a:ef:4d:d3:d1:c6:1e:5d:c3:e3:c2:0d:52:59:d5:0d:13:
         fc:3c:77:a8:64:92:52:fa:31:0c:54:e6:35:f2:3a:2c:27:b2:
         49:8b:9b:b9:3e:74:71:c5:6f:42:ac:ae:a5:7c:3f:f1:ba:eb:
         e7:7f:b1:56:20:c2:b6:ba:8c:33:59:8c:75:71:bf:ab:4c:17:
         6a:aa:19:21:39:cb:f8:54:d9:16:2a:f9:7f:73:c6:d5:e6:93:
         4f:34:6d:5b:33:01:17:ef:8f:9b:00:32:57:c5:ea:e3:01:ad:
         03:67:f0:84:65:9e:dc:17:60:9b:0d:a0:a8:db:a0:27:33:be:
         ab:f3:32:d6:a4:18:86:e5:b3:17:b4:ed:f2:de:01:67:12:9f:
         ba:34:d8:58:40:9e:f6:1b:40:22:5f:c1:54:d0:68:7a:16:60:
         de:d6:5e:1e:34:bb:fc:66:0b:3e:8c:f1:03:1f:20:f2:4c:fa:
         0a:d1:65:cf:d8:36:32:9a:1c:4d:40:1e:35:8d:ec:18:92:d3:
         7a:33:f8:d6:2b:47:f6:8a:ac:8b:e8:5a:2b:ad:5f:78:ec:c0:
         19:ec:b5:18
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUPcX+GOL+WwCWCq4F2zzo2pDsFwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDFBNTVDQTlGNjFBMTk3Mzk3MDc2NTZEODEwQzRDMkRE
QkRCMTNERjAeFw0yNTAyMDQxODMwMzBaFw0yNjAyMDMxODM1MzBaMDMxMTAvBgNV
BAMTKDJCNkVDQUM5MjkxMDEzOTU0QTJGQzBERDE5RTk4MDNDQjkyMDMxRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoZyHhuqS6lHDOHUGzEKaVkfJa
3lqBUHlCHSsSeVQzg58UJ6wZMfdp4JnpUwO5Sr2gyNSkpnshkUgpGNLbzVXGCRIu
WCmCiwIGwgYbA0uOnpa6rRHsEzm175WErAcg8rpAbfSbjx596aigQ9hgF03wNMcg
SPMcYEXrR6fPiCwqrNfSNlsHPLZMBK2QSDWnIm9f4x9+ACStemUlCoXjBPf0TUfa
9BcsKt9RifoBu4mFogS56KwU+FGAlG56jMnEE7/KfT34eaxjy544dDNlA1KzjgWc
Uqhd9Fm4ZjMTR3JFU1Oqm5HuhUvQ/4S2IAAxp1+dX/afYantXGdS+yMYqkQbAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUK27KySkQE5VKL8DdGemAPLkgMeIwHwYDVR0j
BBgwFoAU0aVcqfYaGXOXB2VtgQxMLdvbE98wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMDc3NTlFMThFOTZEMDc0REZCQTUwN0M2MjcyQTFCRUM0
N0E3RDhEQkYwQzFBOTcxQkQyMThBNjhFRjFDMTU0LzAvRDFBNTVDQTlGNjFBMTk3
Mzk3MDc2NTZEODEwQzRDMkREQkRCMTNERi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMUE1NUNBOUY2MUExOTczOTcw
NzY1NkQ4MTBDNEMyRERCREIxM0RGLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTA3NzU5RTE4RTk2RDA3NERGQkE1MDdDNjI3MkExQkVDNDdBN0Q4REJG
MEMxQTk3MUJEMjE4QTY4RUYxQzE1NC8wLzMxMzYzMTJlMzAyZTM5MzYyZTMwMmYz
MjMwMmQzMjM0MjAzZDNlMjAzNTMyMzIzMzMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEoQBgMA0GCSqG
SIb3DQEBCwUAA4IBAQBMVUCof97vViwIpieIK9sg0/O6Hpn1aYEmFr7xI8qGqNBA
TxIqKu9N09HGHl3D48INUlnVDRP8PHeoZJJS+jEMVOY18josJ7JJi5u5PnRxxW9C
rK6lfD/xuuvnf7FWIMK2uowzWYx1cb+rTBdqqhkhOcv4VNkWKvl/c8bV5pNPNG1b
MwEX74+bADJXxerjAa0DZ/CEZZ7cF2CbDaCo26AnM76r8zLWpBiG5bMXtO3y3gFn
Ep+6NNhYQJ72G0AiX8FU0Gh6FmDe1l4eNLv8Zgs+jPEDHyDyTPoK0WXP2DYymhxN
QB41jewYktN6M/jWK0f2iqyL6ForrV947MAZ7LUY
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:34:00 2025 by rpki-client