Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3138312e3138342e302f32322d3234203d3e203237383233.roa
File:                     3136382e3138312e3138342e302f32322d3234203d3e203237383233.roa (raw, json)
Hash identifier:          knD+4dM9SgBl0Q22vVxn8euiteZPv2QsaKsdeUCtnAE=
Subject key identifier:   EF:6F:E2:B3:8D:63:93:49:A3:DD:69:66:50:47:14:90:3D:FC:DA:85
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       37BD37A4713697DE377E9D4A99CB72834E6EED8E
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3138312e3138342e302f32322d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:28 +0000
ROA not before:           Tue 04 Feb 2025 18:03:28 +0000
ROA not after:            Tue 03 Feb 2026 18:08:28 +0000
asID:                     27823
IP address blocks:        168.181.184.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 31 Mar 2025 05:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:bd:37:a4:71:36:97:de:37:7e:9d:4a:99:cb:72:83:4e:6e:ed:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:28 2025 GMT
            Not After : Feb  3 18:08:28 2026 GMT
        Subject: CN=EF6FE2B38D639349A3DD6966504714903DFCDA85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:30:10:11:2a:55:b1:50:37:8a:c3:5e:47:c8:
                    dc:7a:43:98:4e:80:4e:f6:fb:aa:d3:e8:49:13:83:
                    d6:50:81:82:ab:b3:dc:da:1d:ed:99:53:51:d7:fd:
                    63:d8:1b:24:29:25:ab:ac:08:de:48:c7:47:63:bf:
                    c2:15:53:ab:51:9c:9e:9d:5b:6e:fe:4d:c9:2a:aa:
                    90:bf:1b:ea:32:63:12:28:31:14:e2:87:b5:17:a9:
                    09:33:58:b3:30:73:09:61:1a:7a:5c:61:e6:aa:9c:
                    d4:77:95:57:a0:3b:37:eb:ee:88:8e:6b:ce:de:75:
                    07:d5:ca:89:6c:3e:79:a1:6a:7b:bc:a8:72:23:9c:
                    de:b0:06:4e:8f:6c:52:3f:13:ef:4e:c3:a5:58:15:
                    2e:04:58:d7:69:a3:d5:56:83:d6:b6:43:fd:6f:20:
                    13:81:89:0a:b7:ad:39:a9:5a:36:dd:18:36:15:d0:
                    02:44:cf:89:7a:85:f4:7c:39:c9:6e:59:a6:4b:9c:
                    46:4f:33:77:5e:ec:8d:fc:17:0c:85:d7:c5:74:a9:
                    ce:7b:aa:17:5b:7c:05:e3:d9:ee:69:28:d1:65:f1:
                    5d:1d:32:1b:50:cd:2a:ea:86:56:fa:32:61:ce:82:
                    3c:e2:47:81:33:22:98:9c:a0:99:8f:38:ce:8b:4b:
                    17:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:6F:E2:B3:8D:63:93:49:A3:DD:69:66:50:47:14:90:3D:FC:DA:85
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3138312e3138342e302f32322d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.181.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         cc:13:2c:e7:ae:91:d4:97:b6:da:80:67:7e:88:b8:86:d1:8e:
         7e:73:29:d6:e6:7b:05:74:8a:80:01:89:30:bb:e3:eb:0e:a1:
         d6:23:68:c1:1a:ab:fa:6e:e5:1a:14:e0:50:0f:19:34:42:9f:
         0e:ac:14:63:c5:e0:7f:fe:30:86:1e:7a:47:83:ea:89:cd:77:
         54:e6:23:fb:a3:48:03:aa:17:24:1d:7d:e8:cd:83:89:71:5c:
         c3:f6:d5:a4:cb:03:ea:e9:fb:c7:55:77:85:1b:ee:9e:56:ab:
         56:cd:58:8e:3e:00:c6:e2:df:83:98:90:4d:c0:36:5b:18:71:
         bb:a1:bc:d7:2b:24:d4:b2:41:ca:82:21:7c:3e:be:af:5f:7d:
         58:da:01:06:29:5f:51:fd:17:1f:f7:97:97:de:b4:c1:51:bf:
         51:3a:34:4b:81:5c:14:64:a8:b3:fe:3f:8c:d2:ea:49:3f:8d:
         a5:06:1a:5d:77:d1:fb:06:a1:23:14:6d:c7:84:f0:08:05:c3:
         7a:f3:68:fa:cc:17:f5:7c:4d:1f:78:02:1b:ee:ce:a3:6c:64:
         f4:e8:ea:c6:3f:d2:fe:29:37:64:c4:ae:ba:cb:15:90:48:22:
         70:60:71:10:87:5f:76:1c:0b:8a:e7:93:32:2e:1e:8e:ad:c1:
         7f:25:76:c9
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUN703pHE2l943fp1Kmctyg05u7Y4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjhaFw0yNjAyMDMxODA4MjhaMDMxMTAvBgNV
BAMTKEVGNkZFMkIzOEQ2MzkzNDlBM0RENjk2NjUwNDcxNDkwM0RGQ0RBODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2MBARKlWxUDeKw15HyNx6Q5hO
gE72+6rT6EkTg9ZQgYKrs9zaHe2ZU1HX/WPYGyQpJausCN5Ix0djv8IVU6tRnJ6d
W27+TckqqpC/G+oyYxIoMRTih7UXqQkzWLMwcwlhGnpcYeaqnNR3lVegOzfr7oiO
a87edQfVyolsPnmhanu8qHIjnN6wBk6PbFI/E+9Ow6VYFS4EWNdpo9VWg9a2Q/1v
IBOBiQq3rTmpWjbdGDYV0AJEz4l6hfR8OcluWaZLnEZPM3de7I38FwyF18V0qc57
qhdbfAXj2e5pKNFl8V0dMhtQzSrqhlb6MmHOgjziR4EzIpicoJmPOM6LSxfZAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU72/is41jk0mj3WlmUEcUkD382oUwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzYzODJlMzEzODMxMmUzMTM4MzQy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM3MzgzMjMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqLW4
MA0GCSqGSIb3DQEBCwUAA4IBAQDMEyznrpHUl7bagGd+iLiG0Y5+cynW5nsFdIqA
AYkwu+PrDqHWI2jBGqv6buUaFOBQDxk0Qp8OrBRjxeB//jCGHnpHg+qJzXdU5iP7
o0gDqhckHX3ozYOJcVzD9tWkywPq6fvHVXeFG+6eVqtWzViOPgDG4t+DmJBNwDZb
GHG7obzXKyTUskHKgiF8Pr6vX31Y2gEGKV9R/Rcf95eX3rTBUb9ROjRLgVwUZKiz
/j+M0upJP42lBhpdd9H7BqEjFG3HhPAIBcN682j6zBf1fE0feAIb7s6jbGT06OrG
P9L+KTdkxK66yxWQSCJwYHEQh192HAuK55MyLh6OrcF/JXbJ
-----END CERTIFICATE-----
Generated at Thu Mar 27 00:03:49 2025 by rpki-client