Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/10A3239D082E7E699A3FC40453A171CA745EF06F61AA2D3F45B46457D228D5FF/0/3230312e37372e39362e302f32322d3234203d3e20323635353837.roa
File:                     3230312e37372e39362e302f32322d3234203d3e20323635353837.roa (raw, json)
Hash identifier:          8Ce2wjfxsh4N/CNmyXmIXmpryr4WrefPiAG5ORM7rdA=
Subject key identifier:   B5:B0:12:C9:5A:99:86:F3:E1:DE:B3:4E:EB:6B:A7:FA:BE:94:30:2F
Certificate issuer:       /CN=341943B43C82090C568D3356B7373F9CE4151BF1
Certificate serial:       547619E52AEBAFE73F7A91B0E538A11E9D96805A
Authority key identifier: 34:19:43:B4:3C:82:09:0C:56:8D:33:56:B7:37:3F:9C:E4:15:1B:F1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/341943B43C82090C568D3356B7373F9CE4151BF1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/10A3239D082E7E699A3FC40453A171CA745EF06F61AA2D3F45B46457D228D5FF/0/3230312e37372e39362e302f32322d3234203d3e20323635353837.roa
Signing time:             Tue 04 Feb 2025 18:55:08 +0000
ROA not before:           Tue 04 Feb 2025 18:50:08 +0000
ROA not after:            Tue 03 Feb 2026 18:55:08 +0000
asID:                     265587
IP address blocks:        201.77.96.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/10A3239D082E7E699A3FC40453A171CA745EF06F61AA2D3F45B46457D228D5FF/0/341943B43C82090C568D3356B7373F9CE4151BF1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/10A3239D082E7E699A3FC40453A171CA745EF06F61AA2D3F45B46457D228D5FF/0/341943B43C82090C568D3356B7373F9CE4151BF1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/341943B43C82090C568D3356B7373F9CE4151BF1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 21 Feb 2025 12:14:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:76:19:e5:2a:eb:af:e7:3f:7a:91:b0:e5:38:a1:1e:9d:96:80:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=341943B43C82090C568D3356B7373F9CE4151BF1
        Validity
            Not Before: Feb  4 18:50:08 2025 GMT
            Not After : Feb  3 18:55:08 2026 GMT
        Subject: CN=B5B012C95A9986F3E1DEB34EEB6BA7FABE94302F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:29:a7:a5:9f:31:40:4b:7f:f5:54:91:78:44:
                    69:7a:20:65:09:9c:c6:2f:bd:cf:e7:4c:88:cd:ed:
                    e7:6d:77:21:20:ff:f9:af:3a:33:10:05:03:86:0c:
                    85:6b:f5:53:2f:ad:87:52:2d:e2:fe:6e:5b:53:95:
                    f1:66:2e:fc:d0:81:c0:dc:86:1d:a7:05:3b:a8:5c:
                    88:d3:81:ca:3c:de:67:c0:5c:fc:a3:43:1c:8a:19:
                    b7:c7:65:a7:b6:10:df:a3:ae:f3:ea:97:e1:95:5a:
                    9d:ee:6d:69:8e:71:b2:1c:b8:ea:05:18:dc:f7:22:
                    b0:ed:df:7b:d4:c9:86:99:fa:b2:62:b3:dc:6f:a1:
                    e7:ec:bc:fd:c5:8a:f7:c4:2c:6b:42:1e:79:2b:bb:
                    3b:8d:70:c1:0d:b8:d7:b7:08:f6:39:9c:67:c5:08:
                    61:e8:e7:59:6d:69:ef:e6:fc:32:a3:2f:3d:c3:a6:
                    91:94:4c:86:fc:9e:80:08:48:90:ce:ad:ca:1c:b9:
                    84:7b:70:bf:d6:ba:d4:b3:b4:0a:a8:2f:35:f0:ad:
                    69:06:38:45:32:02:2b:2e:e8:d2:c4:6d:78:75:f2:
                    c7:ec:7c:6b:79:38:08:5e:aa:50:f7:db:44:f1:e9:
                    fa:48:9e:a1:d0:f7:11:de:d2:51:8c:cd:d0:76:b3:
                    76:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:B0:12:C9:5A:99:86:F3:E1:DE:B3:4E:EB:6B:A7:FA:BE:94:30:2F
            X509v3 Authority Key Identifier:
                keyid:34:19:43:B4:3C:82:09:0C:56:8D:33:56:B7:37:3F:9C:E4:15:1B:F1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/10A3239D082E7E699A3FC40453A171CA745EF06F61AA2D3F45B46457D228D5FF/0/341943B43C82090C568D3356B7373F9CE4151BF1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/341943B43C82090C568D3356B7373F9CE4151BF1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/10A3239D082E7E699A3FC40453A171CA745EF06F61AA2D3F45B46457D228D5FF/0/3230312e37372e39362e302f32322d3234203d3e20323635353837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.77.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4d:1f:c8:c9:00:b5:d6:40:23:aa:b7:a4:40:6c:ff:32:cb:44:
         a8:6a:0f:36:10:f0:9b:9f:c4:11:87:5d:ea:e0:ee:e6:49:bc:
         ce:b1:18:0a:1d:e7:e7:a8:e9:92:93:e1:0b:e9:51:32:9f:4b:
         73:95:5b:fd:b1:19:f9:26:fa:ae:26:78:43:93:ec:a1:18:92:
         c5:6f:a3:ae:1e:26:d0:6c:5d:4c:83:f7:a2:33:f4:c4:61:9c:
         f5:11:be:3f:4c:fe:22:12:f6:11:e6:bf:ff:2f:ca:f1:31:a9:
         35:8c:6a:2a:99:63:75:14:c5:b2:8b:18:e9:fb:c5:6c:8b:5e:
         25:fa:6f:27:e3:9e:5f:a4:f4:69:d7:64:3e:7f:08:49:78:59:
         4d:19:33:02:69:66:53:70:37:fc:a2:a2:a8:fc:e3:c0:7c:93:
         79:cb:f7:c7:04:7f:b0:2d:33:80:8b:68:b4:3f:85:e6:67:5a:
         a2:da:03:a7:72:ca:b5:b2:d3:a7:67:9a:09:61:d6:45:f0:2c:
         e6:f5:66:88:df:62:3c:78:c8:cd:fa:f4:f9:77:0e:75:75:39:
         46:a3:ba:23:e8:3a:5b:fb:a4:c0:fa:72:51:b5:a3:ee:20:58:
         9f:b9:12:ba:41:58:06:68:b2:67:39:0c:95:60:50:30:a3:8f:
         7c:e3:54:18
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUVHYZ5Srrr+c/epGw5TihHp2WgFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzQxOTQzQjQzQzgyMDkwQzU2OEQzMzU2QjczNzNGOUNF
NDE1MUJGMTAeFw0yNTAyMDQxODUwMDhaFw0yNjAyMDMxODU1MDhaMDMxMTAvBgNV
BAMTKEI1QjAxMkM5NUE5OTg2RjNFMURFQjM0RUVCNkJBN0ZBQkU5NDMwMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPKaelnzFAS3/1VJF4RGl6IGUJ
nMYvvc/nTIjN7edtdyEg//mvOjMQBQOGDIVr9VMvrYdSLeL+bltTlfFmLvzQgcDc
hh2nBTuoXIjTgco83mfAXPyjQxyKGbfHZae2EN+jrvPql+GVWp3ubWmOcbIcuOoF
GNz3IrDt33vUyYaZ+rJis9xvoefsvP3FivfELGtCHnkruzuNcMENuNe3CPY5nGfF
CGHo51ltae/m/DKjLz3DppGUTIb8noAISJDOrcocuYR7cL/WutSztAqoLzXwrWkG
OEUyAisu6NLEbXh18sfsfGt5OAheqlD320Tx6fpInqHQ9xHe0lGMzdB2s3alAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUtbASyVqZhvPh3rNO62un+r6UMC8wHwYDVR0j
BBgwFoAUNBlDtDyCCQxWjTNWtzc/nOQVG/EwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMEEzMjM5RDA4MkU3RTY5OUEzRkM0MDQ1M0ExNzFDQTc0
NUVGMDZGNjFBQTJEM0Y0NUI0NjQ1N0QyMjhENUZGLzAvMzQxOTQzQjQzQzgyMDkw
QzU2OEQzMzU2QjczNzNGOUNFNDE1MUJGMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zNDE5NDNCNDNDODIwOTBDNTY4
RDMzNTZCNzM3M0Y5Q0U0MTUxQkYxLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTBBMzIzOUQwODJFN0U2OTlBM0ZDNDA0NTNBMTcxQ0E3NDVFRjA2RjYx
QUEyRDNGNDVCNDY0NTdEMjI4RDVGRi8wLzMyMzAzMTJlMzczNzJlMzkzNjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNTM1MzgzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAslNYDAN
BgkqhkiG9w0BAQsFAAOCAQEATR/IyQC11kAjqrekQGz/MstEqGoPNhDwm5/EEYdd
6uDu5km8zrEYCh3n56jpkpPhC+lRMp9Lc5Vb/bEZ+Sb6riZ4Q5PsoRiSxW+jrh4m
0GxdTIP3ojP0xGGc9RG+P0z+IhL2Eea//y/K8TGpNYxqKpljdRTFsosY6fvFbIte
JfpvJ+OeX6T0addkPn8ISXhZTRkzAmlmU3A3/KKiqPzjwHyTecv3xwR/sC0zgIto
tD+F5mdaotoDp3LKtbLTp2eaCWHWRfAs5vVmiN9iPHjIzfr0+XcOdXU5RqO6I+g6
W/ukwPpyUbWj7iBYn7kSukFYBmiyZzkMlWBQMKOPfONUGA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 00:33:59 2025 by rpki-client