Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e3231392e34332e302f32342d3234203d3e203237383233.roa
File:                     3133382e3231392e34332e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          JR2ge88gPVhn9cjRWDr6/U2BUn5y+mG4CWI+BKUfRDQ=
Subject key identifier:   3B:1A:FE:E3:E8:E0:30:4C:63:50:17:65:9E:0D:DA:EE:48:68:DB:44
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       59586A947357BFCCA1B1AD80A9AB40BAF648CC03
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e3231392e34332e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:22 +0000
ROA not before:           Tue 04 Feb 2025 18:03:22 +0000
ROA not after:            Tue 03 Feb 2026 18:08:22 +0000
asID:                     27823
IP address blocks:        138.219.43.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 31 Mar 2025 05:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:58:6a:94:73:57:bf:cc:a1:b1:ad:80:a9:ab:40:ba:f6:48:cc:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:22 2025 GMT
            Not After : Feb  3 18:08:22 2026 GMT
        Subject: CN=3B1AFEE3E8E0304C635017659E0DDAEE4868DB44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:cc:67:17:4f:e0:99:80:77:ab:00:f8:98:47:
                    3e:a5:05:83:fd:76:82:cb:47:52:41:aa:72:2c:23:
                    91:32:1b:0e:89:9f:9f:4d:1c:45:7b:fe:00:ad:3a:
                    42:a7:d1:7e:03:93:6f:1f:42:54:13:bb:6c:52:d3:
                    ec:3d:ff:9f:e6:21:af:cb:9e:74:66:d1:c1:25:9c:
                    6a:2b:9f:fc:f1:be:df:59:fa:fb:9d:a0:79:cf:64:
                    56:8e:86:cc:82:e7:7e:3d:77:6b:94:c2:88:de:2d:
                    00:ed:28:3d:25:54:bc:86:8e:eb:4f:a7:0c:71:ad:
                    53:0e:61:6e:31:37:da:1a:73:a3:c8:4e:b6:0b:92:
                    0b:d2:61:94:be:f8:5a:e2:1e:c9:b7:11:d5:68:21:
                    84:7d:52:88:ff:f4:12:45:1d:93:7a:2d:c5:bd:63:
                    be:95:c4:2d:b4:37:47:5f:40:57:8a:41:75:88:05:
                    44:48:cb:0e:fe:35:dc:af:17:48:e7:04:f7:00:36:
                    d0:13:c1:96:a5:06:69:8f:c4:0a:22:d9:00:1a:5a:
                    15:f1:95:df:6c:d8:05:89:18:25:e2:0d:87:90:ce:
                    28:a8:17:39:f2:18:91:00:2e:57:40:13:01:18:ab:
                    7b:4c:2e:cc:f4:8f:5c:ab:ee:56:5f:58:d8:b7:a1:
                    ff:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:1A:FE:E3:E8:E0:30:4C:63:50:17:65:9E:0D:DA:EE:48:68:DB:44
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e3231392e34332e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.219.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:8e:66:6d:3b:35:68:17:60:5c:e3:da:f5:92:e7:39:86:01:
         91:24:29:70:bc:1a:29:0c:db:87:cc:72:50:50:a3:99:93:66:
         b6:f3:99:db:72:de:d0:ba:8d:d9:c8:4e:19:25:bc:41:c3:cd:
         21:5f:94:6e:e8:8c:d0:7e:56:db:fc:38:cb:92:83:48:9e:e7:
         2c:fa:f3:f9:f5:29:e2:c2:09:c8:74:22:4c:9c:fb:ba:f3:3b:
         20:25:be:c2:cc:97:28:30:23:30:be:bb:d6:f0:f8:68:b9:e1:
         79:77:2c:f3:81:31:1f:1e:88:52:76:e9:1d:f5:5e:c2:ea:b3:
         ba:c8:35:9b:e8:1e:6c:46:e1:de:fe:1a:b6:9d:a1:65:c2:49:
         f6:2a:fa:63:6c:2a:21:e0:34:ca:b1:38:0e:1b:a3:45:d0:d7:
         aa:3b:e3:0e:dc:47:e2:88:e0:ee:15:ab:53:14:df:81:1d:02:
         a1:25:26:7d:73:c7:53:dc:35:6c:59:7d:ee:a9:fe:28:83:5c:
         b8:15:d9:55:b0:fc:08:77:d6:11:91:85:ee:37:58:c6:52:d5:
         83:ad:ea:21:d0:9d:bb:ec:3b:4a:20:58:dd:fe:5a:a6:76:64:
         5f:e9:75:7b:92:8e:db:05:25:09:41:d4:8f:a5:fe:3a:07:8b:
         0a:32:f7:8f
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUWVhqlHNXv8yhsa2AqatAuvZIzAMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjJaFw0yNjAyMDMxODA4MjJaMDMxMTAvBgNV
BAMTKDNCMUFGRUUzRThFMDMwNEM2MzUwMTc2NTlFMEREQUVFNDg2OERCNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHzGcXT+CZgHerAPiYRz6lBYP9
doLLR1JBqnIsI5EyGw6Jn59NHEV7/gCtOkKn0X4Dk28fQlQTu2xS0+w9/5/mIa/L
nnRm0cElnGorn/zxvt9Z+vudoHnPZFaOhsyC5349d2uUwojeLQDtKD0lVLyGjutP
pwxxrVMOYW4xN9oac6PITrYLkgvSYZS++FriHsm3EdVoIYR9Uoj/9BJFHZN6LcW9
Y76VxC20N0dfQFeKQXWIBURIyw7+NdyvF0jnBPcANtATwZalBmmPxAoi2QAaWhXx
ld9s2AWJGCXiDYeQziioFznyGJEALldAEwEYq3tMLsz0j1yr7lZfWNi3of9/AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUOxr+4+jgMExjUBdlng3a7kho20QwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzMzODJlMzIzMTM5MmUzNDMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIrbKzAN
BgkqhkiG9w0BAQsFAAOCAQEAWI5mbTs1aBdgXOPa9ZLnOYYBkSQpcLwaKQzbh8xy
UFCjmZNmtvOZ23Le0LqN2chOGSW8QcPNIV+UbuiM0H5W2/w4y5KDSJ7nLPrz+fUp
4sIJyHQiTJz7uvM7ICW+wsyXKDAjML671vD4aLnheXcs84ExHx6IUnbpHfVewuqz
usg1m+gebEbh3v4atp2hZcJJ9ir6Y2wqIeA0yrE4DhujRdDXqjvjDtxH4ojg7hWr
UxTfgR0CoSUmfXPHU9w1bFl97qn+KINcuBXZVbD8CHfWEZGF7jdYxlLVg63qIdCd
u+w7SiBY3f5apnZkX+l1e5KO2wUlCUHUj6X+OgeLCjL3jw==
-----END CERTIFICATE-----
Generated at Thu Mar 27 01:17:53 2025 by rpki-client