Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e3231392e34302e302f32342d3234203d3e203237383233.roa
File:                     3133382e3231392e34302e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          oV8J6WbzAFluB04K/WIS5tWNPVIe6yKo+pTMxepxERo=
Subject key identifier:   F8:3F:CF:DD:74:2F:C2:4A:4B:BE:6C:11:27:E3:9F:B9:F1:EE:A9:46
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       2405E0738B6596C997BA58863FE5060DEC5D23EE
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e3231392e34302e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:15 +0000
ROA not before:           Tue 04 Feb 2025 18:03:15 +0000
ROA not after:            Tue 03 Feb 2026 18:08:15 +0000
asID:                     27823
IP address blocks:        138.219.40.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:05:e0:73:8b:65:96:c9:97:ba:58:86:3f:e5:06:0d:ec:5d:23:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:15 2025 GMT
            Not After : Feb  3 18:08:15 2026 GMT
        Subject: CN=F83FCFDD742FC24A4BBE6C1127E39FB9F1EEA946
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b9:99:ba:76:15:0f:f7:21:df:f2:5a:91:8b:
                    c3:59:79:f5:bb:f2:2f:d1:93:0c:dd:b8:21:1c:f7:
                    28:4e:ca:ca:e5:31:80:28:a8:aa:e8:c5:94:83:f4:
                    3a:5a:fa:6c:27:96:90:a2:89:47:2c:ed:46:8d:5d:
                    b1:86:db:e7:2b:bc:10:43:ac:a2:76:ce:50:8f:65:
                    59:6b:27:bf:4e:ab:f1:4d:df:c5:bf:e9:08:4e:0f:
                    a2:6c:17:62:e6:13:25:86:ce:1a:ed:8b:c2:db:ad:
                    16:a2:b8:45:df:4e:66:53:68:22:b8:f9:15:1e:00:
                    68:6b:0d:5e:2d:51:58:cd:90:fd:fd:06:e6:d4:90:
                    0f:00:9e:b5:4c:28:69:0d:32:c2:c7:4c:39:85:af:
                    61:c2:16:72:41:bd:30:53:63:ff:d5:35:06:ea:89:
                    0a:ff:1f:c7:5d:56:46:ea:f4:76:d2:98:3a:7b:4d:
                    21:87:b1:a5:85:91:71:5e:e1:78:f3:04:68:4e:24:
                    82:31:59:bf:f7:bf:e7:1a:cb:4a:c7:02:2c:5d:b3:
                    08:2e:45:85:85:56:c6:66:34:e0:c9:c4:c9:4d:a8:
                    33:9c:e1:ac:77:c4:85:b7:cb:47:10:46:c2:26:dc:
                    7c:9f:3a:2a:1b:80:99:71:ab:08:5b:00:db:a6:7e:
                    19:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:3F:CF:DD:74:2F:C2:4A:4B:BE:6C:11:27:E3:9F:B9:F1:EE:A9:46
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e3231392e34302e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.219.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:03:85:34:bd:0d:28:aa:8e:d0:0b:6e:9f:46:c2:7a:df:8f:
         22:24:0b:22:9c:df:a6:d5:7b:a5:ec:0d:10:2d:8a:14:47:ef:
         08:5d:29:60:89:f9:6b:e1:4a:74:9a:1c:6a:f8:4b:4b:cb:2a:
         a1:fa:db:81:cc:07:39:77:24:94:47:3b:c2:35:79:c2:6a:45:
         c6:81:a9:8e:08:a4:a0:05:84:74:d6:03:0e:51:fd:10:4c:ea:
         9a:da:9c:ee:a9:6d:fe:e2:59:a4:f4:48:4a:ff:2f:2f:c3:f6:
         b9:56:b4:f4:e2:b7:a0:13:f8:02:84:d2:44:61:b7:59:ea:5a:
         48:dd:7f:05:95:ff:97:bd:a8:c5:d8:7c:0b:d4:99:f9:43:a3:
         6a:22:29:2a:e7:da:32:86:0f:22:a9:93:de:cf:0c:1e:22:82:
         48:13:6d:04:cd:ae:48:93:9b:d5:cd:7c:1f:c2:66:4b:27:cd:
         02:58:f8:41:1f:47:31:d3:31:2d:d1:bd:c3:0d:9b:78:2a:61:
         69:0d:a9:e0:8e:f5:89:ae:23:8b:13:25:05:db:40:73:91:1e:
         bc:77:e8:1d:8a:95:ca:2c:0f:7c:44:07:32:3e:e9:2b:b6:53:
         20:e6:08:0f:f5:39:c2:eb:4a:f2:29:6f:33:30:0c:44:dd:dd:
         34:c2:41:de
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUJAXgc4tllsmXuliGP+UGDexdI+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTVaFw0yNjAyMDMxODA4MTVaMDMxMTAvBgNV
BAMTKEY4M0ZDRkRENzQyRkMyNEE0QkJFNkMxMTI3RTM5RkI5RjFFRUE5NDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9uZm6dhUP9yHf8lqRi8NZefW7
8i/RkwzduCEc9yhOysrlMYAoqKroxZSD9Dpa+mwnlpCiiUcs7UaNXbGG2+crvBBD
rKJ2zlCPZVlrJ79Oq/FN38W/6QhOD6JsF2LmEyWGzhrti8LbrRaiuEXfTmZTaCK4
+RUeAGhrDV4tUVjNkP39BubUkA8AnrVMKGkNMsLHTDmFr2HCFnJBvTBTY//VNQbq
iQr/H8ddVkbq9HbSmDp7TSGHsaWFkXFe4XjzBGhOJIIxWb/3v+cay0rHAixdswgu
RYWFVsZmNODJxMlNqDOc4ax3xIW3y0cQRsIm3HyfOiobgJlxqwhbANumfhmfAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU+D/P3XQvwkpLvmwRJ+OfufHuqUYwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzMzODJlMzIzMTM5MmUzNDMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIrbKDAN
BgkqhkiG9w0BAQsFAAOCAQEAGwOFNL0NKKqO0Atun0bCet+PIiQLIpzfptV7pewN
EC2KFEfvCF0pYIn5a+FKdJocavhLS8sqofrbgcwHOXcklEc7wjV5wmpFxoGpjgik
oAWEdNYDDlH9EEzqmtqc7qlt/uJZpPRISv8vL8P2uVa09OK3oBP4AoTSRGG3Wepa
SN1/BZX/l72oxdh8C9SZ+UOjaiIpKufaMoYPIqmT3s8MHiKCSBNtBM2uSJOb1c18
H8JmSyfNAlj4QR9HMdMxLdG9ww2beCphaQ2p4I71ia4jixMlBdtAc5EevHfoHYqV
yiwPfEQHMj7pK7ZTIOYID/U5wutK8ilvMzAMRN3dNMJB3g==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:51:11 2025 by rpki-client