Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e33362e3233392e302f32342d3234203d3e203237383233.roa
File:                     3133382e33362e3233392e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          GgEMBy3nPgDtqHuLZj8Akp4Xfpygso0jTJNFbo8BeJk=
Subject key identifier:   E2:38:7F:23:4D:E6:16:05:86:FC:F7:E6:5F:D3:8C:C0:27:3D:72:96
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       6944C89BD0707F7175CB62C92011586CB14FE003
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e33362e3233392e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:13 +0000
ROA not before:           Tue 04 Feb 2025 18:03:13 +0000
ROA not after:            Tue 03 Feb 2026 18:08:13 +0000
asID:                     27823
IP address blocks:        138.36.239.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:44:c8:9b:d0:70:7f:71:75:cb:62:c9:20:11:58:6c:b1:4f:e0:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:13 2025 GMT
            Not After : Feb  3 18:08:13 2026 GMT
        Subject: CN=E2387F234DE6160586FCF7E65FD38CC0273D7296
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:4b:8c:e5:fc:3f:fa:5e:af:97:51:a3:49:5b:
                    4d:2a:40:a0:74:0d:55:d4:2d:d8:2a:e7:2c:ac:06:
                    d6:f2:e5:cf:11:4d:70:15:b1:89:2b:ed:83:d2:6b:
                    ac:0b:d1:ca:ed:a5:e7:96:02:09:a9:39:aa:3a:4e:
                    9e:87:5f:43:d0:68:4e:37:f0:bd:10:a4:d7:04:8d:
                    d6:95:e6:b6:2a:e7:b7:c0:ff:31:71:40:e1:31:06:
                    81:33:b0:11:5f:c0:ec:94:81:55:e2:8a:19:2c:ed:
                    a9:13:f0:72:11:c7:b0:cd:ef:e7:d4:6e:96:09:ec:
                    d7:7c:41:74:10:e3:26:47:5e:7b:ec:aa:45:c6:1f:
                    a4:a1:46:60:b4:d1:c9:d5:a7:53:15:e2:9c:1f:4d:
                    c7:df:d5:64:f9:a4:3b:1d:c9:3e:c5:f7:3c:6a:01:
                    34:46:92:0c:c8:1c:f3:87:a5:c7:44:bd:f8:96:65:
                    50:1b:9b:d8:36:43:5a:bf:2c:e7:a6:d4:64:36:26:
                    8b:0a:98:1c:13:df:a8:2d:32:66:64:59:6f:19:32:
                    72:99:0b:85:9d:3a:03:05:c4:99:2d:80:29:f5:83:
                    09:3f:8c:8c:f6:a8:c7:60:4a:f5:4f:df:6b:3a:bb:
                    a6:b7:ec:80:e1:65:7f:e2:a1:a8:25:b8:c6:25:d0:
                    05:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:38:7F:23:4D:E6:16:05:86:FC:F7:E6:5F:D3:8C:C0:27:3D:72:96
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e33362e3233392e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.36.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:8d:9f:cd:03:ab:c5:c3:9b:2f:4a:0e:5d:9d:ef:3a:52:22:
         92:b3:cc:ce:68:83:2f:2b:5f:3d:38:a1:df:1b:bd:f8:09:a6:
         54:fc:e3:ce:87:ad:7f:fb:9b:3f:06:bf:37:9f:70:74:0b:fb:
         bd:0a:84:8d:ce:41:46:cc:a9:78:3b:2a:62:28:0e:c8:94:0c:
         9e:fc:93:76:c4:37:cd:b4:72:e9:81:a7:f2:4c:9e:ce:54:76:
         9f:24:73:dc:1b:d1:e8:e8:62:0a:5c:f5:4b:c3:3d:ce:64:e3:
         5f:e2:2e:ff:ce:d7:54:cf:89:ff:8c:f1:d9:2d:25:5f:4c:cc:
         8d:e9:ad:19:1d:26:6c:af:14:3b:62:0f:c8:a1:be:c6:24:24:
         16:16:ab:39:8d:49:0e:0d:4d:44:15:05:f2:d5:a0:e9:e1:4d:
         cd:3f:da:7c:26:04:8d:8e:ed:31:0b:d2:82:e4:c9:05:f0:40:
         7c:ea:24:c6:9c:f1:8b:45:55:da:95:34:74:74:0d:47:82:df:
         30:94:f0:7d:de:5f:0d:7e:11:b7:f2:eb:80:30:11:1f:e1:ce:
         a0:bd:99:42:c8:fb:87:75:57:d2:06:bb:e1:e9:6b:15:f8:04:
         a0:4d:e3:e6:5a:e5:21:a7:a3:51:45:cb:9f:3d:d2:a0:d2:c7:
         7d:e7:f1:be
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUaUTIm9Bwf3F1y2LJIBFYbLFP4AMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTNaFw0yNjAyMDMxODA4MTNaMDMxMTAvBgNV
BAMTKEUyMzg3RjIzNERFNjE2MDU4NkZDRjdFNjVGRDM4Q0MwMjczRDcyOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSS4zl/D/6Xq+XUaNJW00qQKB0
DVXULdgq5yysBtby5c8RTXAVsYkr7YPSa6wL0crtpeeWAgmpOao6Tp6HX0PQaE43
8L0QpNcEjdaV5rYq57fA/zFxQOExBoEzsBFfwOyUgVXiihks7akT8HIRx7DN7+fU
bpYJ7Nd8QXQQ4yZHXnvsqkXGH6ShRmC00cnVp1MV4pwfTcff1WT5pDsdyT7F9zxq
ATRGkgzIHPOHpcdEvfiWZVAbm9g2Q1q/LOem1GQ2JosKmBwT36gtMmZkWW8ZMnKZ
C4WdOgMFxJktgCn1gwk/jIz2qMdgSvVP32s6u6a37IDhZX/ioagluMYl0AUZAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU4jh/I03mFgWG/PfmX9OMwCc9cpYwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzMzODJlMzMzNjJlMzIzMzM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIok7zAN
BgkqhkiG9w0BAQsFAAOCAQEAcY2fzQOrxcObL0oOXZ3vOlIikrPMzmiDLytfPTih
3xu9+AmmVPzjzoetf/ubPwa/N59wdAv7vQqEjc5BRsypeDsqYigOyJQMnvyTdsQ3
zbRy6YGn8kyezlR2nyRz3BvR6OhiClz1S8M9zmTjX+Iu/87XVM+J/4zx2S0lX0zM
jemtGR0mbK8UO2IPyKG+xiQkFharOY1JDg1NRBUF8tWg6eFNzT/afCYEjY7tMQvS
guTJBfBAfOokxpzxi0VV2pU0dHQNR4LfMJTwfd5fDX4Rt/LrgDARH+HOoL2ZQsj7
h3VX0ga74elrFfgEoE3j5lrlIaejUUXLnz3SoNLHfefxvg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:49 2025 by rpki-client