Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3139372e35302e302f32342d3234203d3e203237383233.roa
File:                     3136382e3139372e35302e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          LMIEZ73pzbgvIpNDgqIy4ofrGVo7tgyHEFFKEJ5o0M0=
Subject key identifier:   3F:46:19:25:0A:4A:C0:16:AA:EC:66:38:6E:DA:F6:91:EE:0A:F2:51
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       64D9CD38A83E29C8D4C83E389D836A80E81419A4
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3139372e35302e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:19 +0000
ROA not before:           Tue 04 Feb 2025 18:03:19 +0000
ROA not after:            Tue 03 Feb 2026 18:08:19 +0000
asID:                     27823
IP address blocks:        168.197.50.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 31 Mar 2025 05:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:d9:cd:38:a8:3e:29:c8:d4:c8:3e:38:9d:83:6a:80:e8:14:19:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:19 2025 GMT
            Not After : Feb  3 18:08:19 2026 GMT
        Subject: CN=3F4619250A4AC016AAEC66386EDAF691EE0AF251
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d7:b1:f5:3c:f6:e6:02:46:9b:49:ea:ba:1e:
                    72:85:6e:84:e6:f0:9b:d0:a1:b4:e1:88:45:02:cd:
                    16:cb:aa:ac:cf:6a:76:ee:8d:62:dd:48:95:2b:34:
                    86:49:fe:b8:c4:13:d9:8f:ed:ee:11:7d:4a:a3:3d:
                    aa:7e:72:26:03:58:ad:d6:df:e4:92:ef:f3:09:73:
                    3c:c3:0a:90:13:1f:22:64:33:c7:fc:97:76:b0:55:
                    8a:74:13:ed:e3:3d:f5:87:db:47:66:b8:41:d7:7f:
                    36:89:c2:9a:22:55:4a:01:e4:61:33:8d:27:ba:17:
                    e9:0b:f0:d6:ea:da:84:58:8b:5e:21:bc:9e:ad:4d:
                    24:d6:03:fb:41:f6:ae:28:c8:0d:00:38:d1:61:bf:
                    b3:bf:6e:42:ea:cb:19:28:51:3f:8c:64:b3:d5:4e:
                    75:ba:ef:d4:2d:19:c5:53:27:ad:01:7c:50:88:8f:
                    f8:a1:cb:22:45:ff:f3:cd:cf:a8:e5:d1:f6:10:59:
                    4e:fa:78:e8:53:c5:ac:d3:aa:f2:8d:82:97:98:aa:
                    e2:45:fa:d4:21:4a:81:b5:c7:7c:13:30:f7:79:c6:
                    3c:87:f0:09:f1:5d:f8:bf:87:45:bd:ac:8e:a4:36:
                    fb:70:cc:0a:80:52:4e:38:29:57:f1:70:b9:67:2b:
                    7e:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:46:19:25:0A:4A:C0:16:AA:EC:66:38:6E:DA:F6:91:EE:0A:F2:51
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3139372e35302e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.197.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:3d:f7:b1:d8:28:a4:e6:ec:cb:bf:21:0e:1f:01:8e:5a:f5:
         3b:b1:a6:fd:5c:67:0f:e0:69:5d:ce:ec:05:3f:61:84:44:8e:
         76:e5:5b:67:77:f7:29:41:63:3a:76:50:72:fb:15:a0:07:29:
         f2:65:e0:dd:13:c5:86:1c:5b:8a:df:83:7c:50:ac:ff:db:20:
         1d:cb:6d:cf:68:d9:0a:53:3a:5f:60:21:ed:bc:1b:39:eb:bd:
         2d:59:83:d5:d6:7b:ab:0f:43:03:e3:64:ff:64:fc:41:e2:41:
         47:7a:e0:79:9e:81:fa:a7:62:c1:8f:07:62:4d:be:ad:77:74:
         15:6a:2e:1e:2f:eb:61:b9:87:bd:cc:3c:3c:1c:fd:de:96:71:
         f2:50:75:37:a0:56:33:e6:5c:8b:57:86:21:47:93:47:70:72:
         51:46:0d:a2:c3:52:6e:75:36:25:47:c0:2f:71:69:1e:94:3a:
         4e:e0:12:ea:33:8b:eb:05:f1:b4:17:b5:f5:da:50:78:1d:8e:
         af:22:29:15:01:06:be:3b:33:67:c5:6d:89:04:89:98:03:81:
         db:52:b9:71:f1:2c:d4:b3:f5:b3:e2:46:69:a4:4c:2c:8c:69:
         48:6f:4d:94:dc:3a:fe:47:a6:0a:11:0c:39:49:0b:27:d3:03:
         2a:c8:bf:27
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUZNnNOKg+KcjUyD44nYNqgOgUGaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTlaFw0yNjAyMDMxODA4MTlaMDMxMTAvBgNV
BAMTKDNGNDYxOTI1MEE0QUMwMTZBQUVDNjYzODZFREFGNjkxRUUwQUYyNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL17H1PPbmAkabSeq6HnKFboTm
8JvQobThiEUCzRbLqqzPanbujWLdSJUrNIZJ/rjEE9mP7e4RfUqjPap+ciYDWK3W
3+SS7/MJczzDCpATHyJkM8f8l3awVYp0E+3jPfWH20dmuEHXfzaJwpoiVUoB5GEz
jSe6F+kL8Nbq2oRYi14hvJ6tTSTWA/tB9q4oyA0AONFhv7O/bkLqyxkoUT+MZLPV
TnW679QtGcVTJ60BfFCIj/ihyyJF//PNz6jl0fYQWU76eOhTxazTqvKNgpeYquJF
+tQhSoG1x3wTMPd5xjyH8AnxXfi/h0W9rI6kNvtwzAqAUk44KVfxcLlnK35hAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUP0YZJQpKwBaq7GY4btr2ke4K8lEwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzYzODJlMzEzOTM3MmUzNTMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKjFMjAN
BgkqhkiG9w0BAQsFAAOCAQEAXz33sdgopObsy78hDh8Bjlr1O7Gm/VxnD+BpXc7s
BT9hhESOduVbZ3f3KUFjOnZQcvsVoAcp8mXg3RPFhhxbit+DfFCs/9sgHcttz2jZ
ClM6X2Ah7bwbOeu9LVmD1dZ7qw9DA+Nk/2T8QeJBR3rgeZ6B+qdiwY8HYk2+rXd0
FWouHi/rYbmHvcw8PBz93pZx8lB1N6BWM+Zci1eGIUeTR3ByUUYNosNSbnU2JUfA
L3FpHpQ6TuAS6jOL6wXxtBe19dpQeB2OryIpFQEGvjszZ8VtiQSJmAOB21K5cfEs
1LP1s+JGaaRMLIxpSG9NlNw6/kemChEMOUkLJ9MDKsi/Jw==
-----END CERTIFICATE-----
Generated at Thu Mar 27 00:25:36 2025 by rpki-client