Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3139372e34392e302f32342d3234203d3e203237383233.roa
File:                     3136382e3139372e34392e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          pfk0ZTF8j7h9Vt06Irf81/EHpkqxTUmDh1FDs3w/ExY=
Subject key identifier:   EE:57:B5:4D:8B:54:02:E9:44:B7:61:3F:FF:64:43:14:C2:FF:5F:69
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       53CB18CE81B17A657222D1D6F1180A751EDD88DB
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3139372e34392e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:17 +0000
ROA not before:           Tue 04 Feb 2025 18:03:17 +0000
ROA not after:            Tue 03 Feb 2026 18:08:17 +0000
asID:                     27823
IP address blocks:        168.197.49.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 18 Apr 2025 07:17:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:cb:18:ce:81:b1:7a:65:72:22:d1:d6:f1:18:0a:75:1e:dd:88:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:17 2025 GMT
            Not After : Feb  3 18:08:17 2026 GMT
        Subject: CN=EE57B54D8B5402E944B7613FFF644314C2FF5F69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:46:b5:a6:ef:ae:4d:46:45:74:c5:d8:77:32:
                    46:7f:f1:95:da:66:0c:6d:00:ee:c4:e2:61:21:39:
                    fe:23:82:1a:7b:66:57:e8:e5:ec:e6:4e:df:3e:aa:
                    98:03:91:81:4a:bd:39:cc:58:46:80:37:1b:fd:8e:
                    f9:c4:cb:5a:85:7b:f5:94:d8:c7:3a:b9:0a:54:bd:
                    40:6b:0f:fa:02:89:c5:a3:22:06:32:55:29:8c:08:
                    a3:4a:f1:87:e6:bc:c0:fe:56:1c:1c:59:1c:59:63:
                    0f:c7:13:fe:ea:2e:87:01:4d:09:f9:87:d6:d6:47:
                    27:74:17:4d:99:7a:24:49:6d:a1:d6:0e:ce:d4:8b:
                    67:d7:a7:da:14:81:6d:5d:3b:ad:d2:58:37:ec:6e:
                    85:92:f2:bd:d9:f4:09:0f:ee:29:65:96:1f:f5:e6:
                    36:a5:db:e6:4e:65:83:c5:6f:16:47:a9:f1:30:60:
                    03:b3:50:a3:35:d6:21:b2:dd:e2:1f:0a:a9:48:ae:
                    72:a5:c6:28:dd:c7:c0:8c:57:da:65:2b:d8:84:e9:
                    8b:be:56:f9:ae:67:20:38:c9:00:45:ec:fe:dc:68:
                    d0:5d:e5:3f:5b:ef:eb:76:43:92:9f:6f:08:93:ca:
                    9e:89:84:6e:60:92:31:f0:ba:67:31:62:83:66:bf:
                    d1:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:57:B5:4D:8B:54:02:E9:44:B7:61:3F:FF:64:43:14:C2:FF:5F:69
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3139372e34392e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.197.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:3f:ce:f4:33:b3:fd:c2:4c:db:0a:a6:0a:22:62:7d:a5:88:
         11:32:7d:50:2c:63:78:cb:ea:cc:ee:65:52:bc:ab:ab:07:14:
         77:58:da:12:9e:00:35:04:19:52:2a:6f:35:a1:7c:45:c8:73:
         b8:64:be:4a:44:de:20:12:b8:88:a7:df:fa:80:23:7e:5d:a3:
         f7:c7:14:af:37:5f:76:0e:8b:4f:39:f3:62:38:64:4c:17:8d:
         82:d2:fe:36:b8:9f:fc:a6:f2:2f:5e:84:85:68:aa:ab:0c:5b:
         7c:41:13:37:d7:a6:5d:37:4c:50:8a:ab:33:66:d7:37:40:d3:
         9d:78:f4:f0:8d:26:d9:48:fa:e3:30:f6:64:7b:0f:3e:f8:15:
         80:f7:47:d9:6a:d1:e0:91:0b:42:f8:0c:07:96:4b:34:32:ee:
         3e:af:39:ba:ec:00:d8:67:3e:f5:77:8a:35:c4:ad:3c:ed:f8:
         fc:6e:1b:67:05:0b:3c:47:38:1d:5c:bd:80:65:ab:47:09:a0:
         dc:fb:ce:27:6d:40:84:ca:31:8c:9b:17:c2:c0:df:4e:f9:dd:
         7f:7e:7e:5d:cf:7b:3f:ce:23:ad:b4:cd:e2:de:c4:83:3d:ed:
         31:49:21:81:17:b2:53:95:91:11:c9:63:a9:67:7e:4a:c2:c9:
         02:53:7e:77
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUU8sYzoGxemVyItHW8RgKdR7diNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTdaFw0yNjAyMDMxODA4MTdaMDMxMTAvBgNV
BAMTKEVFNTdCNTREOEI1NDAyRTk0NEI3NjEzRkZGNjQ0MzE0QzJGRjVGNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDORrWm765NRkV0xdh3MkZ/8ZXa
ZgxtAO7E4mEhOf4jghp7Zlfo5ezmTt8+qpgDkYFKvTnMWEaANxv9jvnEy1qFe/WU
2Mc6uQpUvUBrD/oCicWjIgYyVSmMCKNK8YfmvMD+VhwcWRxZYw/HE/7qLocBTQn5
h9bWRyd0F02ZeiRJbaHWDs7Ui2fXp9oUgW1dO63SWDfsboWS8r3Z9AkP7illlh/1
5jal2+ZOZYPFbxZHqfEwYAOzUKM11iGy3eIfCqlIrnKlxijdx8CMV9plK9iE6Yu+
VvmuZyA4yQBF7P7caNBd5T9b7+t2Q5KfbwiTyp6JhG5gkjHwumcxYoNmv9ETAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU7le1TYtUAulEt2E//2RDFML/X2kwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzYzODJlMzEzOTM3MmUzNDM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKjFMTAN
BgkqhkiG9w0BAQsFAAOCAQEALz/O9DOz/cJM2wqmCiJifaWIETJ9UCxjeMvqzO5l
UryrqwcUd1jaEp4ANQQZUipvNaF8RchzuGS+SkTeIBK4iKff+oAjfl2j98cUrzdf
dg6LTznzYjhkTBeNgtL+Nrif/KbyL16EhWiqqwxbfEETN9emXTdMUIqrM2bXN0DT
nXj08I0m2Uj64zD2ZHsPPvgVgPdH2WrR4JELQvgMB5ZLNDLuPq85uuwA2Gc+9XeK
NcStPO34/G4bZwULPEc4HVy9gGWrRwmg3PvOJ21AhMoxjJsXwsDfTvndf35+Xc97
P84jrbTN4t7Egz3tMUkhgReyU5WREcljqWd+SsLJAlN+dw==
-----END CERTIFICATE-----
Generated at Tue Apr 15 00:49:38 2025 by rpki-client