Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3131332e302f32342d3234203d3e203237383233.roa
File:                     3137392e34332e3131332e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          XwjhL8FRH3mPgPUzrZyFpFDm6UJtkjzPnHNXJFocl7Q=
Subject key identifier:   C2:6C:F3:92:1D:E8:EB:E4:14:EA:15:1B:77:ED:D8:58:5D:7F:72:F7
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       72CFF3BD8F2A2EB00AE47D6F98F08AD6DB79D76C
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3131332e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:16 +0000
ROA not before:           Tue 04 Feb 2025 18:03:16 +0000
ROA not after:            Tue 03 Feb 2026 18:08:16 +0000
asID:                     27823
IP address blocks:        179.43.113.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:cf:f3:bd:8f:2a:2e:b0:0a:e4:7d:6f:98:f0:8a:d6:db:79:d7:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:16 2025 GMT
            Not After : Feb  3 18:08:16 2026 GMT
        Subject: CN=C26CF3921DE8EBE414EA151B77EDD8585D7F72F7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:e9:9f:bc:1c:7f:c1:8c:6d:0d:fd:3f:2b:22:
                    6f:91:60:2c:a7:91:d1:66:9e:35:4a:9e:57:7a:aa:
                    01:92:88:fd:73:9d:b5:e0:ff:0b:2d:c7:e8:a2:d9:
                    9f:13:27:f6:b6:4a:ea:4c:a0:ca:a5:1e:e2:8c:19:
                    89:fe:c5:33:34:19:fd:af:dd:14:40:6c:9d:71:12:
                    d9:c2:28:26:b4:5b:69:2d:83:92:2b:33:ad:62:7c:
                    ef:91:b5:42:ad:31:17:aa:db:95:2d:3f:f4:d5:cb:
                    2f:ca:f3:e0:80:1c:ef:f0:88:4b:6e:2f:1d:dc:6e:
                    4a:79:3e:56:69:6a:20:81:89:3c:97:fc:36:4a:41:
                    09:63:5f:f9:a1:c7:8d:07:94:60:01:4a:74:65:b8:
                    28:ab:15:91:14:63:64:87:31:0d:ac:44:ab:c0:01:
                    70:b2:a0:fb:66:94:07:13:ae:51:ce:31:5c:9e:d8:
                    04:ab:b2:7e:1d:a1:7a:45:71:a1:49:d7:e6:f9:5c:
                    83:11:eb:7d:8d:d5:a9:49:f7:7d:c1:d3:ae:a2:d7:
                    2c:8d:ae:68:c9:84:48:22:2b:8c:93:c8:ad:79:8f:
                    70:a3:59:6d:08:07:74:b9:47:aa:27:30:c9:e1:9e:
                    92:cd:d3:3c:66:4d:1f:f7:d9:42:07:9e:2d:c4:97:
                    43:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:6C:F3:92:1D:E8:EB:E4:14:EA:15:1B:77:ED:D8:58:5D:7F:72:F7
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3131332e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.43.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:b2:f2:34:4d:b8:79:d1:cf:0d:3a:30:6c:d0:a7:c5:a0:30:
         16:a0:03:53:7e:2c:fe:bc:8f:c1:3f:50:ff:88:4e:3f:57:60:
         18:2b:48:fa:09:ae:6a:e8:88:85:07:f3:63:b3:55:c3:02:a8:
         be:f0:d1:ba:a0:83:70:98:f1:66:a3:cf:c4:2a:86:cd:bc:4a:
         c1:a5:1e:be:12:64:f3:cc:d0:fc:a7:69:4f:4a:eb:11:a7:18:
         1a:f8:d6:f6:1e:e7:40:68:4f:82:39:02:f7:80:e8:1f:21:75:
         ab:cc:17:44:f2:e6:30:a9:4b:c6:f7:13:e9:ad:8a:d3:9c:19:
         72:38:de:8b:be:3c:67:76:65:be:aa:f4:29:ac:56:56:3b:d8:
         0a:13:b2:6f:a5:0f:d5:0a:9b:b9:61:a7:99:2b:a5:1d:2e:5f:
         7e:cd:8e:a7:48:7f:4b:c0:22:5d:db:62:d8:27:87:06:40:94:
         f0:f7:69:be:58:ad:d2:95:ec:72:0d:e7:93:95:a0:b0:94:17:
         ec:49:ef:fa:94:15:ba:18:5f:dc:b6:4f:03:88:d3:5f:49:64:
         0e:8a:95:af:4a:27:e0:8d:a3:3d:6f:30:29:cd:de:bb:c2:f4:
         69:23:08:48:50:fa:74:14:da:ec:cc:8c:02:a1:8f:11:f7:7f:
         31:ec:e8:c5
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUcs/zvY8qLrAK5H1vmPCK1tt512wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTZaFw0yNjAyMDMxODA4MTZaMDMxMTAvBgNV
BAMTKEMyNkNGMzkyMURFOEVCRTQxNEVBMTUxQjc3RUREODU4NUQ3RjcyRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH6Z+8HH/BjG0N/T8rIm+RYCyn
kdFmnjVKnld6qgGSiP1znbXg/wstx+ii2Z8TJ/a2SupMoMqlHuKMGYn+xTM0Gf2v
3RRAbJ1xEtnCKCa0W2ktg5IrM61ifO+RtUKtMReq25UtP/TVyy/K8+CAHO/wiEtu
Lx3cbkp5PlZpaiCBiTyX/DZKQQljX/mhx40HlGABSnRluCirFZEUY2SHMQ2sRKvA
AXCyoPtmlAcTrlHOMVye2ASrsn4doXpFcaFJ1+b5XIMR632N1alJ933B066i1yyN
rmjJhEgiK4yTyK15j3CjWW0IB3S5R6onMMnhnpLN0zxmTR/32UIHni3El0P5AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUwmzzkh3o6+QU6hUbd+3YWF1/cvcwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzczOTJlMzQzMzJlMzEzMTMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALMrcTAN
BgkqhkiG9w0BAQsFAAOCAQEAdrLyNE24edHPDTowbNCnxaAwFqADU34s/ryPwT9Q
/4hOP1dgGCtI+gmuauiIhQfzY7NVwwKovvDRuqCDcJjxZqPPxCqGzbxKwaUevhJk
88zQ/KdpT0rrEacYGvjW9h7nQGhPgjkC94DoHyF1q8wXRPLmMKlLxvcT6a2K05wZ
cjjei748Z3Zlvqr0KaxWVjvYChOyb6UP1QqbuWGnmSulHS5ffs2Op0h/S8AiXdti
2CeHBkCU8Pdpvlit0pXscg3nk5WgsJQX7Env+pQVuhhf3LZPA4jTX0lkDoqVr0on
4I2jPW8wKc3eu8L0aSMISFD6dBTa7MyMAqGPEfd/MezoxQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:47:18 2025 by rpki-client