Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/3137302e3234352e302e302f32322d3234203d3e203532323333.roa
File:                     3137302e3234352e302e302f32322d3234203d3e203532323333.roa (raw, json)
Hash identifier:          scWNLQZ02BYUNWZOv7bjVK9Tor+7KCEBMJ2IiNIgX1k=
Subject key identifier:   2E:DD:FF:AE:FD:25:D7:63:51:E8:08:03:E8:77:1F:05:4B:77:E2:B8
Certificate issuer:       /CN=D1A55CA9F61A19739707656D810C4C2DDBDB13DF
Certificate serial:       0449706999EFA8C7AA1F9E871F3DCE2838DD89A2
Authority key identifier: D1:A5:5C:A9:F6:1A:19:73:97:07:65:6D:81:0C:4C:2D:DB:DB:13:DF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/3137302e3234352e302e302f32322d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:35:28 +0000
ROA not before:           Tue 04 Feb 2025 18:30:28 +0000
ROA not after:            Tue 03 Feb 2026 18:35:28 +0000
asID:                     52233
IP address blocks:        170.245.0.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:49:70:69:99:ef:a8:c7:aa:1f:9e:87:1f:3d:ce:28:38:dd:89:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D1A55CA9F61A19739707656D810C4C2DDBDB13DF
        Validity
            Not Before: Feb  4 18:30:28 2025 GMT
            Not After : Feb  3 18:35:28 2026 GMT
        Subject: CN=2EDDFFAEFD25D76351E80803E8771F054B77E2B8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:26:f0:55:2f:05:8c:86:81:a0:a3:b7:1a:c6:
                    b0:cc:c3:3b:5a:2b:0d:e4:e1:2d:f8:1c:cf:be:bf:
                    6c:13:f3:21:73:df:88:20:dd:ec:1c:74:a8:a5:4f:
                    79:5d:09:e7:4a:e4:e0:65:c9:93:45:a3:7b:e9:d8:
                    fc:b6:08:b6:7e:32:e9:c5:ac:18:9a:8d:0e:04:ac:
                    28:65:ef:18:a5:58:0a:a4:68:21:77:07:3c:f9:f7:
                    fc:c4:33:e8:a6:c1:ec:42:a0:e6:e3:d8:49:47:d7:
                    f0:99:4c:07:86:de:ff:39:10:36:c9:6b:4b:14:7f:
                    cc:17:3f:36:a1:85:88:48:b3:8a:e3:7e:7b:76:a8:
                    ce:dc:52:f5:c7:f3:61:62:8f:aa:a2:2f:3b:32:49:
                    b3:40:e2:0b:5f:27:d6:21:e4:32:3a:46:13:30:c5:
                    7f:5d:04:03:5d:8f:51:7d:36:e2:c7:84:80:65:e3:
                    0c:03:fc:d2:7e:28:e0:6b:b4:b3:70:ac:a9:ea:d4:
                    5d:2b:eb:df:3f:e2:fc:e5:92:60:84:6d:bd:a5:a2:
                    d9:83:a4:17:62:c6:21:bc:22:4b:41:54:5f:bd:37:
                    bf:b5:16:8c:16:e6:ab:15:23:45:c8:b8:d8:4f:4f:
                    05:48:e4:dd:ce:75:0a:7c:e1:96:41:dd:47:4f:21:
                    3d:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:DD:FF:AE:FD:25:D7:63:51:E8:08:03:E8:77:1F:05:4B:77:E2:B8
            X509v3 Authority Key Identifier:
                keyid:D1:A5:5C:A9:F6:1A:19:73:97:07:65:6D:81:0C:4C:2D:DB:DB:13:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1A55CA9F61A19739707656D810C4C2DDBDB13DF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/107759E18E96D074DFBA507C6272A1BEC47A7D8DBF0C1A971BD218A68EF1C154/0/3137302e3234352e302e302f32322d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.245.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         28:2c:1f:7e:76:fa:44:5d:ff:0c:ac:dd:d7:15:4c:9f:50:a9:
         bb:16:f6:3b:e6:3a:36:f8:54:24:ea:74:94:17:35:74:f8:bd:
         c5:59:ac:7c:a3:7f:e5:34:9c:f5:98:38:7d:6b:00:3e:f4:b9:
         53:0e:47:fe:7b:af:5b:ca:9c:9f:d4:ab:a6:79:06:aa:b0:b2:
         7c:4b:35:c4:38:b8:f3:18:98:14:4b:b7:bf:c6:16:64:fa:2c:
         bb:4b:24:2e:73:21:82:ec:01:32:c4:b6:1b:28:60:46:2b:fd:
         22:24:39:bd:fc:dd:c5:1f:a3:34:b3:3a:95:3e:7c:f5:ce:95:
         4d:76:70:a0:16:f8:85:c2:74:f8:fe:33:a7:61:06:27:8b:4d:
         7c:e0:cb:2f:2c:87:c4:75:be:85:13:07:f6:18:07:6b:0b:b1:
         62:46:22:76:bd:7d:d1:8a:9f:47:26:82:97:27:7b:2f:93:a5:
         5b:92:bb:3e:d4:d0:b7:12:95:79:e6:92:a6:1b:d7:19:bb:3e:
         be:6f:1d:b2:d4:6b:12:af:4b:10:84:07:43:87:1d:00:64:47:
         fb:a8:b5:1c:83:10:f5:31:fb:5e:be:15:ac:8e:1a:3e:fb:55:
         96:1b:a3:42:7c:d8:5a:b9:33:8d:50:c5:fc:11:26:15:5b:0e:
         f4:f4:47:96
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUBElwaZnvqMeqH56HHz3OKDjdiaIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDFBNTVDQTlGNjFBMTk3Mzk3MDc2NTZEODEwQzRDMkRE
QkRCMTNERjAeFw0yNTAyMDQxODMwMjhaFw0yNjAyMDMxODM1MjhaMDMxMTAvBgNV
BAMTKDJFRERGRkFFRkQyNUQ3NjM1MUU4MDgwM0U4NzcxRjA1NEI3N0UyQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTJvBVLwWMhoGgo7caxrDMwzta
Kw3k4S34HM++v2wT8yFz34gg3ewcdKilT3ldCedK5OBlyZNFo3vp2Py2CLZ+MunF
rBiajQ4ErChl7xilWAqkaCF3Bzz59/zEM+imwexCoObj2ElH1/CZTAeG3v85EDbJ
a0sUf8wXPzahhYhIs4rjfnt2qM7cUvXH82Fij6qiLzsySbNA4gtfJ9Yh5DI6RhMw
xX9dBANdj1F9NuLHhIBl4wwD/NJ+KOBrtLNwrKnq1F0r698/4vzlkmCEbb2lotmD
pBdixiG8IktBVF+9N7+1FowW5qsVI0XIuNhPTwVI5N3OdQp84ZZB3UdPIT2rAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQULt3/rv0l12NR6AgD6HcfBUt34rgwHwYDVR0j
BBgwFoAU0aVcqfYaGXOXB2VtgQxMLdvbE98wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMDc3NTlFMThFOTZEMDc0REZCQTUwN0M2MjcyQTFCRUM0
N0E3RDhEQkYwQzFBOTcxQkQyMThBNjhFRjFDMTU0LzAvRDFBNTVDQTlGNjFBMTk3
Mzk3MDc2NTZEODEwQzRDMkREQkRCMTNERi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMUE1NUNBOUY2MUExOTczOTcw
NzY1NkQ4MTBDNEMyRERCREIxM0RGLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTA3NzU5RTE4RTk2RDA3NERGQkE1MDdDNjI3MkExQkVDNDdBN0Q4REJG
MEMxQTk3MUJEMjE4QTY4RUYxQzE1NC8wLzMxMzczMDJlMzIzNDM1MmUzMDJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDM1MzIzMjMzMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKq9QAwDQYJ
KoZIhvcNAQELBQADggEBACgsH352+kRd/wys3dcVTJ9QqbsW9jvmOjb4VCTqdJQX
NXT4vcVZrHyjf+U0nPWYOH1rAD70uVMOR/57r1vKnJ/Uq6Z5BqqwsnxLNcQ4uPMY
mBRLt7/GFmT6LLtLJC5zIYLsATLEthsoYEYr/SIkOb383cUfozSzOpU+fPXOlU12
cKAW+IXCdPj+M6dhBieLTXzgyy8sh8R1voUTB/YYB2sLsWJGIna9fdGKn0cmgpcn
ey+TpVuSuz7U0LcSlXnmkqYb1xm7Pr5vHbLUaxKvSxCEB0OHHQBkR/uotRyDEPUx
+16+FayOGj77VZYbo0J82Fq5M41QxfwRJhVbDvT0R5Y=
-----END CERTIFICATE-----
Generated at Fri Feb 14 15:03:39 2025 by rpki-client