Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/15C85B6971D8D8902B705C564D1660D37001C140BF3ED675F1B28C2402AD2C87/0/3139312e3130332e36372e302f32342d3234203d3e203532323632.roa
File:                     3139312e3130332e36372e302f32342d3234203d3e203532323632.roa (raw, json)
Hash identifier:          fi/+wjwQqKBs2w63M6m3lj3B0DPevioBsF+WFi2uh+Y=
Subject key identifier:   5C:3F:2A:39:63:0C:F8:C7:A8:B5:94:DB:47:8A:9A:F5:FC:DA:FB:82
Certificate issuer:       /CN=1347BDD7F619ECAD7A91CFDA273E81ED8836F7E8
Certificate serial:       379D5251880D4092723A77F109299CD1C4D928C6
Authority key identifier: 13:47:BD:D7:F6:19:EC:AD:7A:91:CF:DA:27:3E:81:ED:88:36:F7:E8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1347BDD7F619ECAD7A91CFDA273E81ED8836F7E8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/15C85B6971D8D8902B705C564D1660D37001C140BF3ED675F1B28C2402AD2C87/0/3139312e3130332e36372e302f32342d3234203d3e203532323632.roa
Signing time:             Tue 04 Feb 2025 18:24:09 +0000
ROA not before:           Tue 04 Feb 2025 18:19:09 +0000
ROA not after:            Tue 03 Feb 2026 18:24:09 +0000
asID:                     52262
IP address blocks:        191.103.67.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/15C85B6971D8D8902B705C564D1660D37001C140BF3ED675F1B28C2402AD2C87/0/1347BDD7F619ECAD7A91CFDA273E81ED8836F7E8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/15C85B6971D8D8902B705C564D1660D37001C140BF3ED675F1B28C2402AD2C87/0/1347BDD7F619ECAD7A91CFDA273E81ED8836F7E8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1347BDD7F619ECAD7A91CFDA273E81ED8836F7E8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 12:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:9d:52:51:88:0d:40:92:72:3a:77:f1:09:29:9c:d1:c4:d9:28:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1347BDD7F619ECAD7A91CFDA273E81ED8836F7E8
        Validity
            Not Before: Feb  4 18:19:09 2025 GMT
            Not After : Feb  3 18:24:09 2026 GMT
        Subject: CN=5C3F2A39630CF8C7A8B594DB478A9AF5FCDAFB82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:8c:de:c4:70:d2:11:85:a6:e2:ca:2a:5e:ef:
                    c7:02:56:3b:f7:20:dc:bd:2f:fa:c3:76:98:de:cc:
                    12:e0:92:d1:12:5d:40:7c:2b:06:f2:b5:86:ac:c1:
                    f3:90:55:9d:d5:f6:c1:e7:15:b4:62:1f:13:04:8f:
                    7d:18:61:fd:56:b5:a8:c5:8d:81:b2:8b:55:20:eb:
                    ed:db:ef:2a:1a:3f:f5:f9:d2:1f:45:2b:de:c0:a4:
                    8b:4b:13:70:20:b9:0f:0c:c1:72:f0:de:0a:04:6f:
                    01:70:e7:ed:da:70:e1:85:15:67:78:d7:c5:cb:da:
                    df:df:7f:2a:c3:be:e8:18:2e:c6:0f:4b:c4:7b:d6:
                    1d:43:d2:b7:0b:59:e6:94:8b:e7:5c:b2:02:ed:00:
                    ec:14:e0:2b:21:a8:33:18:03:23:5e:3c:46:14:1f:
                    99:20:6a:0a:cb:7e:09:f3:ac:df:9b:2c:91:cb:a9:
                    ea:07:af:e5:05:2d:7d:5b:79:fe:76:96:0d:26:d6:
                    49:6c:2e:39:83:a2:db:c9:ba:b3:06:a5:e7:0f:97:
                    58:e8:64:fc:f9:e2:e7:99:e9:5a:e9:a6:fe:c4:cf:
                    ea:39:8f:0d:13:a3:ec:60:52:19:74:ba:a6:e0:f2:
                    ea:b7:f8:fe:88:79:54:85:e7:72:a1:23:88:c4:29:
                    35:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:3F:2A:39:63:0C:F8:C7:A8:B5:94:DB:47:8A:9A:F5:FC:DA:FB:82
            X509v3 Authority Key Identifier:
                keyid:13:47:BD:D7:F6:19:EC:AD:7A:91:CF:DA:27:3E:81:ED:88:36:F7:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/15C85B6971D8D8902B705C564D1660D37001C140BF3ED675F1B28C2402AD2C87/0/1347BDD7F619ECAD7A91CFDA273E81ED8836F7E8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1347BDD7F619ECAD7A91CFDA273E81ED8836F7E8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/15C85B6971D8D8902B705C564D1660D37001C140BF3ED675F1B28C2402AD2C87/0/3139312e3130332e36372e302f32342d3234203d3e203532323632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.103.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:b0:24:a8:6b:00:50:40:cb:fc:bb:5c:d0:fe:61:02:90:0c:
         3d:6c:4a:c8:73:43:50:c4:22:a2:80:bd:85:84:51:e1:0b:f7:
         8c:dd:32:da:0a:21:a2:54:10:38:c4:f3:99:8a:a0:e8:8a:50:
         7a:fe:a5:00:52:de:1d:55:a7:80:21:7b:66:70:ee:f0:e5:1d:
         45:e0:a3:bc:3e:95:81:bd:91:dd:58:73:82:3f:cb:54:5d:32:
         a1:b5:88:ed:c8:42:00:ea:b4:10:4b:cf:3c:17:b7:4a:af:99:
         50:66:c2:17:a6:2c:ca:37:b6:f8:cd:50:c1:11:4f:2f:32:21:
         7a:28:1e:b4:aa:d9:de:31:b6:18:ec:53:bf:c0:b3:df:ea:a3:
         f6:ab:a9:0c:99:2f:b5:fd:03:5a:20:3e:45:4b:02:a4:be:13:
         98:29:37:cc:43:b4:d5:0c:47:6b:53:80:8e:8e:98:92:97:b6:
         2a:4a:cf:19:9f:8c:5f:be:f6:39:cb:bc:d0:a2:1a:2e:fa:ec:
         58:e6:f0:a7:61:f4:24:26:75:ea:72:f8:85:5a:52:3e:90:95:
         cc:56:e0:d0:ba:f9:0b:b7:52:54:11:7c:2e:28:4a:08:b6:de:
         e1:b2:dd:b0:47:2b:d2:eb:48:8b:d4:7f:9e:17:e5:48:70:d6:
         a5:69:71:22
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUN51SUYgNQJJyOnfxCSmc0cTZKMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTM0N0JERDdGNjE5RUNBRDdBOTFDRkRBMjczRTgxRUQ4
ODM2RjdFODAeFw0yNTAyMDQxODE5MDlaFw0yNjAyMDMxODI0MDlaMDMxMTAvBgNV
BAMTKDVDM0YyQTM5NjMwQ0Y4QzdBOEI1OTREQjQ3OEE5QUY1RkNEQUZCODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1jN7EcNIRhabiyipe78cCVjv3
INy9L/rDdpjezBLgktESXUB8KwbytYaswfOQVZ3V9sHnFbRiHxMEj30YYf1WtajF
jYGyi1Ug6+3b7yoaP/X50h9FK97ApItLE3AguQ8MwXLw3goEbwFw5+3acOGFFWd4
18XL2t/ffyrDvugYLsYPS8R71h1D0rcLWeaUi+dcsgLtAOwU4CshqDMYAyNePEYU
H5kgagrLfgnzrN+bLJHLqeoHr+UFLX1bef52lg0m1klsLjmDotvJurMGpecPl1jo
ZPz54ueZ6Vrppv7Ez+o5jw0To+xgUhl0uqbg8uq3+P6IeVSF53KhI4jEKTUPAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUXD8qOWMM+MeotZTbR4qa9fza+4IwHwYDVR0j
BBgwFoAUE0e91/YZ7K16kc/aJz6B7Yg29+gwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNUM4NUI2OTcxRDhEODkwMkI3MDVDNTY0RDE2NjBEMzcw
MDFDMTQwQkYzRUQ2NzVGMUIyOEMyNDAyQUQyQzg3LzAvMTM0N0JERDdGNjE5RUNB
RDdBOTFDRkRBMjczRTgxRUQ4ODM2RjdFOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xMzQ3QkREN0Y2MTlFQ0FEN0E5
MUNGREEyNzNFODFFRDg4MzZGN0U4LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTVDODVCNjk3MUQ4RDg5MDJCNzA1QzU2NEQxNjYwRDM3MDAxQzE0MEJG
M0VENjc1RjFCMjhDMjQwMkFEMkM4Ny8wLzMxMzkzMTJlMzEzMDMzMmUzNjM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMyMzYzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAL9nQzAN
BgkqhkiG9w0BAQsFAAOCAQEAjLAkqGsAUEDL/Ltc0P5hApAMPWxKyHNDUMQiooC9
hYRR4Qv3jN0y2goholQQOMTzmYqg6IpQev6lAFLeHVWngCF7ZnDu8OUdReCjvD6V
gb2R3Vhzgj/LVF0yobWI7chCAOq0EEvPPBe3Sq+ZUGbCF6Ysyje2+M1QwRFPLzIh
eigetKrZ3jG2GOxTv8Cz3+qj9qupDJkvtf0DWiA+RUsCpL4TmCk3zEO01QxHa1OA
jo6Ykpe2KkrPGZ+MX772Ocu80KIaLvrsWObwp2H0JCZ16nL4hVpSPpCVzFbg0Lr5
C7dSVBF8LihKCLbe4bLdsEcr0utIi9R/nhflSHDWpWlxIg==
-----END CERTIFICATE-----
Generated at Thu Feb 13 20:12:02 2025 by rpki-client