Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3139372e34382e302f32322d3234203d3e203237383233.roa
File:                     3136382e3139372e34382e302f32322d3234203d3e203237383233.roa (raw, json)
Hash identifier:          K7HxdZf0yCxm7euKL4LZ76bU9tPGMS7lDVS47JxXTt4=
Subject key identifier:   AF:B9:D7:5B:13:9B:87:0C:39:26:EB:D9:52:8B:C7:C7:41:3D:B6:1F
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       5E700AB4C5CC27D37B01055CCBC292F4D4437116
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3139372e34382e302f32322d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:25 +0000
ROA not before:           Tue 04 Feb 2025 18:03:25 +0000
ROA not after:            Tue 03 Feb 2026 18:08:25 +0000
asID:                     27823
IP address blocks:        168.197.48.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:70:0a:b4:c5:cc:27:d3:7b:01:05:5c:cb:c2:92:f4:d4:43:71:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:25 2025 GMT
            Not After : Feb  3 18:08:25 2026 GMT
        Subject: CN=AFB9D75B139B870C3926EBD9528BC7C7413DB61F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b5:db:d8:1d:53:0f:9f:df:7e:88:e9:ac:a7:
                    4a:50:a4:02:fd:82:1b:e7:f3:99:20:3a:7a:08:66:
                    6b:75:ad:5f:58:1f:fa:80:69:d4:af:3e:ec:2e:59:
                    98:35:6e:13:a1:3e:0d:5b:ed:c9:3a:0c:a1:37:a8:
                    68:ec:ec:5b:bd:44:75:cd:4a:44:bf:2e:73:46:f0:
                    94:be:71:b2:37:2a:32:29:5c:2d:19:1c:ea:e8:0f:
                    07:10:e7:94:8c:fd:64:46:fb:e5:5f:91:95:5f:2d:
                    47:46:31:1b:2f:4e:19:63:08:e4:e3:54:ed:51:d5:
                    f5:cb:5b:a9:fd:9a:56:7f:d1:fc:97:97:a8:c3:f6:
                    92:1a:e1:a6:66:8f:06:0f:53:9d:06:60:07:5d:c8:
                    b0:01:a1:14:4c:4a:26:63:64:32:ac:40:2b:37:e0:
                    7a:14:e4:c7:18:93:92:20:bf:56:94:db:31:86:f4:
                    e9:24:cf:37:77:ac:e4:e0:3f:33:98:72:ec:b7:6d:
                    d0:c7:b2:5c:31:ee:26:09:a5:63:cb:d4:62:35:56:
                    f0:a6:f4:b2:ee:74:6e:67:fd:51:9c:4b:6c:af:fc:
                    88:ba:86:ae:e3:5d:15:92:78:94:68:e6:e8:3b:cf:
                    c0:8b:f2:69:30:67:7f:e7:10:18:82:67:08:5f:8e:
                    91:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:B9:D7:5B:13:9B:87:0C:39:26:EB:D9:52:8B:C7:C7:41:3D:B6:1F
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3139372e34382e302f32322d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.197.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         46:e2:21:8a:d5:5e:bc:20:d8:96:4b:3b:ae:89:6c:05:cb:da:
         a5:e3:89:a4:60:b0:8f:80:67:54:81:31:2c:0d:f1:0e:93:d3:
         0d:f9:82:c9:9e:e1:08:0d:2c:2e:9b:bf:e8:2d:08:16:6a:63:
         1f:25:27:58:92:45:f6:2d:29:76:c4:86:48:9e:b6:7d:2c:ca:
         0e:f4:e8:e1:fe:01:93:e9:83:f1:26:e2:69:71:0e:03:76:9b:
         86:7c:51:15:ca:f9:93:54:c9:e3:de:b9:9b:d9:fb:d1:c7:21:
         41:b6:4b:e2:23:56:30:e4:66:d3:19:70:2f:98:e7:ac:4d:02:
         5f:0c:90:00:4e:33:78:4a:82:ef:1a:fd:1b:bf:02:0e:3b:b5:
         cf:e9:64:1f:b9:40:3a:50:bf:56:8c:df:cd:f0:2c:29:4c:35:
         29:4b:57:82:69:4a:98:42:71:fc:4b:6c:a6:49:1a:40:5d:4b:
         7e:7d:db:83:3b:d2:a3:4e:17:70:db:58:ff:61:a1:50:7e:85:
         4d:a8:13:f1:46:18:9a:54:df:52:51:35:37:96:ce:7b:35:ad:
         76:2a:95:7a:b2:e4:30:5b:c9:c7:76:4e:29:e8:db:c2:76:1b:
         21:70:f4:ed:5d:ce:57:8d:26:4b:20:40:2c:0b:2e:7b:37:f9:
         65:9e:a0:90
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUXnAKtMXMJ9N7AQVcy8KS9NRDcRYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjVaFw0yNjAyMDMxODA4MjVaMDMxMTAvBgNV
BAMTKEFGQjlENzVCMTM5Qjg3MEMzOTI2RUJEOTUyOEJDN0M3NDEzREI2MUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmtdvYHVMPn99+iOmsp0pQpAL9
ghvn85kgOnoIZmt1rV9YH/qAadSvPuwuWZg1bhOhPg1b7ck6DKE3qGjs7Fu9RHXN
SkS/LnNG8JS+cbI3KjIpXC0ZHOroDwcQ55SM/WRG++VfkZVfLUdGMRsvThljCOTj
VO1R1fXLW6n9mlZ/0fyXl6jD9pIa4aZmjwYPU50GYAddyLABoRRMSiZjZDKsQCs3
4HoU5McYk5Igv1aU2zGG9Okkzzd3rOTgPzOYcuy3bdDHslwx7iYJpWPL1GI1VvCm
9LLudG5n/VGcS2yv/Ii6hq7jXRWSeJRo5ug7z8CL8mkwZ3/nEBiCZwhfjpFNAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUr7nXWxObhww5JuvZUovHx0E9th8wHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzYzODJlMzEzOTM3MmUzNDM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqjFMDAN
BgkqhkiG9w0BAQsFAAOCAQEARuIhitVevCDYlks7rolsBcvapeOJpGCwj4BnVIEx
LA3xDpPTDfmCyZ7hCA0sLpu/6C0IFmpjHyUnWJJF9i0pdsSGSJ62fSzKDvTo4f4B
k+mD8SbiaXEOA3abhnxRFcr5k1TJ4965m9n70cchQbZL4iNWMORm0xlwL5jnrE0C
XwyQAE4zeEqC7xr9G78CDju1z+lkH7lAOlC/VozfzfAsKUw1KUtXgmlKmEJx/Ets
pkkaQF1Lfn3bgzvSo04XcNtY/2GhUH6FTagT8UYYmlTfUlE1N5bOezWtdiqVerLk
MFvJx3ZOKejbwnYbIXD07V3OV40mSyBALAsuezf5ZZ6gkA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:47:35 2025 by rpki-client