Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3131322e302f32342d3234203d3e203237383233.roa
File:                     3137392e34332e3131322e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          ynL/Nb+BcjaXrSGmCGTQYzuUkl/H/xTWQj2C5LbjOxk=
Subject key identifier:   29:9E:9F:E4:86:9D:24:21:B6:52:F1:29:0D:27:D6:F9:B8:CC:DE:9F
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       2C4A3242ECF695A8C2C09120D66E12D5C45DA297
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3131322e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:10 +0000
ROA not before:           Tue 04 Feb 2025 18:03:10 +0000
ROA not after:            Tue 03 Feb 2026 18:08:10 +0000
asID:                     27823
IP address blocks:        179.43.112.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 31 Mar 2025 05:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:4a:32:42:ec:f6:95:a8:c2:c0:91:20:d6:6e:12:d5:c4:5d:a2:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:10 2025 GMT
            Not After : Feb  3 18:08:10 2026 GMT
        Subject: CN=299E9FE4869D2421B652F1290D27D6F9B8CCDE9F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:58:3e:4d:f1:e3:7b:16:a4:b6:af:ca:f7:28:
                    31:1b:15:a5:46:de:e8:f9:9c:00:93:60:3b:96:79:
                    f0:c1:66:57:a1:7a:c9:ad:fc:b1:86:c7:13:a5:59:
                    86:44:ba:43:c8:ef:20:57:23:fb:cc:5c:11:cd:a8:
                    c3:3f:a8:09:ee:10:6f:8e:a6:bd:ad:f5:fa:e9:44:
                    06:fb:df:5f:2b:c9:e6:5e:f4:23:d0:14:df:2c:c3:
                    f3:eb:21:ea:02:9a:fd:98:fb:91:a0:02:ef:42:21:
                    c0:bd:ea:40:f4:cb:47:30:8e:e5:e6:5f:87:a1:1a:
                    96:54:c3:07:35:79:80:11:20:5d:d9:14:9b:7c:f2:
                    fa:52:5f:39:3e:b0:96:a7:12:21:5c:c7:95:8f:46:
                    b8:97:2b:2d:fc:71:96:73:69:83:d6:72:4d:e5:49:
                    a7:4c:bf:18:0f:e1:c1:eb:9d:58:c5:76:8a:3a:98:
                    10:0f:25:83:56:77:60:70:f0:fb:ef:ba:6b:8b:d9:
                    f6:90:fe:24:b5:34:85:bb:45:c9:c2:53:6d:d7:e7:
                    f1:65:fe:e1:1e:3f:6a:1e:3b:fe:4e:c2:dd:bf:3a:
                    15:5b:94:c1:32:68:6d:8c:29:fd:5a:0a:f2:03:0c:
                    03:40:d9:63:f1:90:fa:8f:75:38:28:1d:2d:be:d3:
                    fd:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:9E:9F:E4:86:9D:24:21:B6:52:F1:29:0D:27:D6:F9:B8:CC:DE:9F
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3131322e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.43.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:30:1a:eb:55:ff:79:57:27:0c:b4:6a:23:c7:07:d1:13:51:
         1e:f1:a3:9d:62:98:6e:b7:0d:b4:44:b3:9b:32:2e:67:ec:d0:
         55:51:ee:a8:24:2f:01:f9:cb:c1:80:2e:1e:77:ad:a0:ba:4b:
         3e:3a:6d:a0:2c:aa:5e:38:1b:af:48:7b:b8:ac:3a:f9:9b:49:
         08:54:85:3d:a7:9f:7b:72:54:16:e9:9a:51:a3:c0:e9:1e:06:
         f8:c1:4f:9d:c7:99:69:b4:01:f0:4c:ec:88:51:04:86:a2:a7:
         d9:d7:8f:b0:c9:50:0a:c2:8f:a5:2a:fd:51:dc:e5:9f:fc:f8:
         6f:30:28:2a:6f:c2:a7:a1:d6:e5:5d:fc:a3:5a:b8:43:ae:55:
         4e:96:00:cb:41:fb:aa:0c:2f:2d:fd:a9:e9:ce:fa:4e:14:85:
         27:e6:d2:d1:00:1b:6e:56:04:e4:bb:59:93:4e:d4:3d:9f:f8:
         e3:be:fe:51:09:7d:53:15:b0:cb:0c:01:f7:ab:87:e8:29:8b:
         46:ce:24:c2:ac:e9:90:8c:aa:59:e2:64:c8:43:35:eb:5a:cd:
         8f:48:2b:e2:9f:29:fc:61:64:b1:21:e9:4a:ec:c5:23:28:ec:
         6a:2b:79:bd:a8:fa:7a:9a:aa:80:a9:c7:4c:9d:0e:1c:ed:ad:
         ad:09:14:8c
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIULEoyQuz2lajCwJEg1m4S1cRdopcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTBaFw0yNjAyMDMxODA4MTBaMDMxMTAvBgNV
BAMTKDI5OUU5RkU0ODY5RDI0MjFCNjUyRjEyOTBEMjdENkY5QjhDQ0RFOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5WD5N8eN7FqS2r8r3KDEbFaVG
3uj5nACTYDuWefDBZlehesmt/LGGxxOlWYZEukPI7yBXI/vMXBHNqMM/qAnuEG+O
pr2t9frpRAb7318ryeZe9CPQFN8sw/PrIeoCmv2Y+5GgAu9CIcC96kD0y0cwjuXm
X4ehGpZUwwc1eYARIF3ZFJt88vpSXzk+sJanEiFcx5WPRriXKy38cZZzaYPWck3l
SadMvxgP4cHrnVjFdoo6mBAPJYNWd2Bw8PvvumuL2faQ/iS1NIW7RcnCU23X5/Fl
/uEeP2oeO/5Owt2/OhVblMEyaG2MKf1aCvIDDANA2WPxkPqPdTgoHS2+0/1tAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUKZ6f5IadJCG2UvEpDSfW+bjM3p8wHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzczOTJlMzQzMzJlMzEzMTMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALMrcDAN
BgkqhkiG9w0BAQsFAAOCAQEAeTAa61X/eVcnDLRqI8cH0RNRHvGjnWKYbrcNtESz
mzIuZ+zQVVHuqCQvAfnLwYAuHnetoLpLPjptoCyqXjgbr0h7uKw6+ZtJCFSFPaef
e3JUFumaUaPA6R4G+MFPnceZabQB8EzsiFEEhqKn2dePsMlQCsKPpSr9Udzln/z4
bzAoKm/Cp6HW5V38o1q4Q65VTpYAy0H7qgwvLf2p6c76ThSFJ+bS0QAbblYE5LtZ
k07UPZ/4477+UQl9UxWwywwB96uH6CmLRs4kwqzpkIyqWeJkyEM161rNj0gr4p8p
/GFksSHpSuzFIyjsait5vaj6epqqgKnHTJ0OHO2trQkUjA==
-----END CERTIFICATE-----
Generated at Thu Mar 27 00:49:25 2025 by rpki-client