Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3138312e3138372e302f32342d3234203d3e203237383233.roa
File:                     3136382e3138312e3138372e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          cJMFmk49TN87UihIatCLP8PW3gfvoIFd/1+D7QthCEc=
Subject key identifier:   0A:CD:3D:72:85:FD:1B:53:08:7F:C7:90:A5:D3:93:E5:AB:A3:A6:A3
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       6139A68B82F28977ECC7945E8F080672FF6E8B58
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3138312e3138372e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:17 +0000
ROA not before:           Tue 04 Feb 2025 18:03:17 +0000
ROA not after:            Tue 03 Feb 2026 18:08:17 +0000
asID:                     27823
IP address blocks:        168.181.187.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:39:a6:8b:82:f2:89:77:ec:c7:94:5e:8f:08:06:72:ff:6e:8b:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:17 2025 GMT
            Not After : Feb  3 18:08:17 2026 GMT
        Subject: CN=0ACD3D7285FD1B53087FC790A5D393E5ABA3A6A3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:03:ce:d0:80:a7:4c:d4:b6:7b:9a:bc:cf:54:
                    39:68:c8:96:d8:6e:b7:15:68:ee:9c:a6:0b:d2:b5:
                    8a:46:8f:c7:b9:68:3c:9a:80:24:68:0c:88:18:74:
                    16:25:fc:7f:ca:e1:97:70:00:20:e0:f9:78:db:c3:
                    bd:ee:fd:31:a3:5f:5b:06:a2:c9:14:dc:c8:19:f0:
                    94:92:ae:02:9c:a4:24:64:c9:b9:0d:a0:70:a5:b4:
                    52:81:7c:83:04:f8:03:ca:98:a8:02:5d:62:5a:67:
                    86:87:cb:a0:e6:c1:1a:77:be:7b:cf:fc:8d:73:d4:
                    bf:bc:72:32:9b:d8:ba:a9:e9:af:d6:fc:4f:f3:95:
                    3a:01:59:f2:dc:78:48:87:bb:83:da:70:81:e6:87:
                    c3:76:5b:e7:34:79:79:7e:2c:8d:3a:e6:dd:2f:5f:
                    14:db:44:2f:df:14:a1:2d:22:10:89:9f:80:b5:d4:
                    2d:99:08:ae:b6:8c:56:d2:43:79:a5:a0:94:e2:47:
                    a7:03:14:97:2d:96:e7:e6:4e:82:24:fc:71:a5:ab:
                    38:e2:f6:08:bf:ca:c7:d8:da:10:fe:0a:ad:87:b7:
                    79:64:f5:be:92:db:5f:40:d1:45:48:04:84:31:f1:
                    80:1d:b3:53:83:66:3d:1e:2d:61:48:ee:d5:40:33:
                    cd:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:CD:3D:72:85:FD:1B:53:08:7F:C7:90:A5:D3:93:E5:AB:A3:A6:A3
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3138312e3138372e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.181.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:9a:b3:d1:30:01:51:eb:6e:73:1f:97:5d:29:bd:33:b0:19:
         ef:a8:2b:bb:76:74:18:33:58:e4:9a:62:bf:65:18:ee:f5:17:
         18:ea:40:fb:0e:63:b6:80:3f:7d:bb:8e:28:db:a5:c0:0c:e8:
         ed:31:05:60:b3:b2:b8:0b:e3:a1:eb:62:9d:90:81:30:9b:32:
         5d:3a:7a:65:39:90:7d:6b:df:48:4d:bb:32:9d:55:4d:3e:07:
         0c:6a:2a:e2:64:11:dd:ec:95:c2:18:20:6a:ed:05:3e:2d:72:
         b8:8b:83:92:30:bd:aa:ad:70:36:cf:4b:34:84:86:98:ca:04:
         7e:f4:29:67:3e:05:5c:55:18:15:47:eb:b3:f6:20:91:00:1e:
         32:1b:80:cf:d5:8b:fd:e4:db:d4:cb:de:c6:8e:6d:9d:e4:f8:
         90:13:d3:62:e3:f9:62:ae:5e:6a:ab:7a:04:b2:2a:02:1b:fd:
         12:6d:ec:8e:68:94:bb:8d:52:18:05:49:39:54:66:b2:02:8e:
         95:53:af:72:91:c0:b7:a6:b0:93:8a:e4:6b:3f:be:44:5e:ca:
         f3:ac:6d:9e:88:d6:51:5f:4f:9a:cf:d4:86:83:62:58:e9:c0:
         d5:cf:82:68:af:06:ab:b3:08:8d:87:43:35:95:22:d8:b1:46:
         fe:f0:f4:0c
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUYTmmi4LyiXfsx5RejwgGcv9ui1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTdaFw0yNjAyMDMxODA4MTdaMDMxMTAvBgNV
BAMTKDBBQ0QzRDcyODVGRDFCNTMwODdGQzc5MEE1RDM5M0U1QUJBM0E2QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoA87QgKdM1LZ7mrzPVDloyJbY
brcVaO6cpgvStYpGj8e5aDyagCRoDIgYdBYl/H/K4ZdwACDg+Xjbw73u/TGjX1sG
oskU3MgZ8JSSrgKcpCRkybkNoHCltFKBfIME+APKmKgCXWJaZ4aHy6DmwRp3vnvP
/I1z1L+8cjKb2Lqp6a/W/E/zlToBWfLceEiHu4PacIHmh8N2W+c0eXl+LI065t0v
XxTbRC/fFKEtIhCJn4C11C2ZCK62jFbSQ3mloJTiR6cDFJctlufmToIk/HGlqzji
9gi/ysfY2hD+Cq2Ht3lk9b6S219A0UVIBIQx8YAds1ODZj0eLWFI7tVAM82XAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUCs09coX9G1MIf8eQpdOT5aujpqMwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzYzODJlMzEzODMxMmUzMTM4Mzcy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzgzMjMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqLW7
MA0GCSqGSIb3DQEBCwUAA4IBAQCDmrPRMAFR625zH5ddKb0zsBnvqCu7dnQYM1jk
mmK/ZRju9RcY6kD7DmO2gD99u44o26XADOjtMQVgs7K4C+Oh62KdkIEwmzJdOnpl
OZB9a99ITbsynVVNPgcMairiZBHd7JXCGCBq7QU+LXK4i4OSML2qrXA2z0s0hIaY
ygR+9ClnPgVcVRgVR+uz9iCRAB4yG4DP1Yv95NvUy97Gjm2d5PiQE9Ni4/lirl5q
q3oEsioCG/0SbeyOaJS7jVIYBUk5VGayAo6VU69ykcC3prCTiuRrP75EXsrzrG2e
iNZRX0+az9SGg2JY6cDVz4JorwarswiNh0M1lSLYsUb+8PQM
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:48:26 2025 by rpki-client