Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3131352e302f32342d3234203d3e203237383233.roa
File:                     3137392e34332e3131352e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          2BFua2/nGt3jA4J5n7MJXLgINvwKlODSlN5EchwZBPI=
Subject key identifier:   63:B4:4C:16:E4:E1:39:A1:77:26:C5:43:C4:86:C6:3B:37:4C:01:1D
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       3DD2D3AFCBE5CDC0DBD9FD8F03F3156FDA7660
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3131352e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:27 +0000
ROA not before:           Tue 04 Feb 2025 18:03:27 +0000
ROA not after:            Tue 03 Feb 2026 18:08:27 +0000
asID:                     27823
IP address blocks:        179.43.115.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:d2:d3:af:cb:e5:cd:c0:db:d9:fd:8f:03:f3:15:6f:da:76:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:27 2025 GMT
            Not After : Feb  3 18:08:27 2026 GMT
        Subject: CN=63B44C16E4E139A17726C543C486C63B374C011D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d9:66:6b:ca:ce:d1:68:7b:d4:ad:21:13:c9:
                    b4:da:ca:ba:c4:65:bb:b4:69:c5:93:d5:db:eb:ad:
                    16:44:ed:f8:bf:11:f1:5c:d5:39:a8:f8:3c:2c:b4:
                    d3:f2:41:1b:f5:eb:46:c2:f6:d1:60:da:0d:6e:ff:
                    11:b2:04:ed:78:26:fc:9b:00:14:2c:2a:bd:1e:d8:
                    1f:5f:5d:bd:47:16:20:11:d3:3d:5d:11:ed:15:7f:
                    87:ee:04:e1:4f:f1:98:03:ef:4e:4d:b4:78:34:49:
                    e9:ca:a4:ee:f7:7d:a2:a4:56:e5:98:ab:e4:b6:55:
                    e3:99:56:58:d0:56:60:bc:55:d4:31:67:80:9d:0f:
                    49:08:7c:99:1d:79:21:b5:a4:ef:86:f4:46:00:75:
                    16:6f:7c:da:b3:0b:9e:a9:3c:e1:8f:a3:c7:38:f0:
                    5d:29:b9:7e:fa:5a:43:33:e3:d4:04:89:17:b3:69:
                    bd:a0:f3:ef:77:9f:51:6f:66:e2:bc:29:fe:a1:57:
                    5f:75:e8:6b:9d:2e:39:21:b0:cf:c9:11:32:34:6a:
                    73:bd:33:a2:f8:8c:7b:a2:07:f3:7a:44:15:17:11:
                    b0:6a:d9:a8:b1:64:d3:af:96:ee:a8:11:c5:e0:f1:
                    40:92:8e:49:ec:e6:4b:70:0c:c5:05:34:d1:9c:11:
                    2f:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:B4:4C:16:E4:E1:39:A1:77:26:C5:43:C4:86:C6:3B:37:4C:01:1D
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3131352e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.43.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:04:cf:2e:14:a1:7b:be:e7:0d:22:08:66:92:47:5e:b5:c1:
         0d:8d:9c:0f:80:77:be:04:9f:12:37:1b:ca:49:56:9c:d8:c5:
         81:fc:e7:48:ab:d0:7b:7f:d3:0b:21:a9:0d:2c:08:fc:d2:60:
         49:4b:49:aa:34:16:86:a9:a5:3a:8d:49:80:a9:d5:b3:e2:c3:
         ac:5f:c5:d7:bc:7c:d0:72:39:09:b5:ae:fd:0e:d1:3b:2c:d9:
         51:70:e2:13:bc:0e:e2:d5:46:9f:2c:70:26:24:32:c2:79:02:
         df:bb:10:a0:ef:50:a4:e8:56:70:af:05:8e:13:6c:ad:34:d4:
         fd:73:a2:d0:70:1b:90:cb:76:45:11:38:4b:81:b4:26:f4:64:
         3d:b9:6b:b3:79:97:92:65:0e:b0:aa:5e:af:fb:5a:20:9c:cb:
         79:46:cb:ae:18:89:a9:e8:1d:9c:ae:21:c3:13:d4:c6:73:e4:
         7e:fc:86:38:52:7e:99:d6:44:c9:81:5e:f8:67:0d:09:6c:ec:
         ea:51:a0:af:2a:b2:19:0c:eb:74:c2:cc:d9:f3:55:45:2d:9e:
         0c:b2:8e:c5:2c:ac:de:8e:32:b5:cb:11:04:d8:ef:6c:27:23:
         ff:cb:54:6b:c5:4c:64:5a:25:92:15:8a:c6:49:6c:3f:e9:4c:
         25:ba:b9:f5
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgITPdLTr8vlzcDb2f2PA/MVb9p2YDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyhBNUMzMURDQTQwNjJGQkE4RkY0MTc1QzUxOEVGMjI0NkNG
NTcwRDgwMB4XDTI1MDIwNDE4MDMyN1oXDTI2MDIwMzE4MDgyN1owMzExMC8GA1UE
AxMoNjNCNDRDMTZFNEUxMzlBMTc3MjZDNTQzQzQ4NkM2M0IzNzRDMDExRDCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALrZZmvKztFoe9StIRPJtNrKusRl
u7RpxZPV2+utFkTt+L8R8VzVOaj4PCy00/JBG/XrRsL20WDaDW7/EbIE7Xgm/JsA
FCwqvR7YH19dvUcWIBHTPV0R7RV/h+4E4U/xmAPvTk20eDRJ6cqk7vd9oqRW5Zir
5LZV45lWWNBWYLxV1DFngJ0PSQh8mR15IbWk74b0RgB1Fm982rMLnqk84Y+jxzjw
XSm5fvpaQzPj1ASJF7NpvaDz73efUW9m4rwp/qFXX3Xoa50uOSGwz8kRMjRqc70z
oviMe6IH83pEFRcRsGrZqLFk06+W7qgRxeDxQJKOSezmS3AMxQU00ZwRL4ECAwEA
AaOCAsgwggLEMB0GA1UdDgQWBBRjtEwW5OE5oXcmxUPEhsY7N0wBHTAfBgNVHSME
GDAWgBSlwx3KQGL7qP9BdcUY7yJGz1cNgDAOBgNVHQ8BAf8EBAMCB4AwgbAGA1Ud
HwSBqDCBpTCBoqCBn6CBnIaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0
L3Jwa2kvbGFjbmljLzE2QjFCNTdCMTlCNzQzQzFFMEI2N0RDNTAyMEU3NjlGRjY5
N0Q1RDhGRTY3NjQ1NDQzQzAxNzBBNTlBNjI4RjQvMC9BNUMzMURDQTQwNjJGQkE4
RkY0MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNybDCBuQYIKwYBBQUHAQEEgawwgakw
gaYGCCsGAQUFBzAChoGZcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBr
aS9sYWNuaWMvRkRDMzU5NERENEU1NEJBREU3MDlBQzBEMjU1Q0YyNzlDNDc3MTZE
MkU4QjNGNEQ0NURDNDYzNTU4OTlCMzZENC8wL0E1QzMxRENBNDA2MkZCQThGRjQx
NzVDNTE4RUYyMjQ2Q0Y1NzBEODAuY2VyMIHHBggrBgEFBQcBCwSBujCBtzCBtAYI
KwYBBQUHMAuGgadyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2OTdENUQ4RkU2
NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvMzEzNzM5MmUzNDMzMmUzMTMxMzUyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzgzMjMzLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsytzMA0G
CSqGSIb3DQEBCwUAA4IBAQAOBM8uFKF7vucNIghmkkdetcENjZwPgHe+BJ8SNxvK
SVac2MWB/OdIq9B7f9MLIakNLAj80mBJS0mqNBaGqaU6jUmAqdWz4sOsX8XXvHzQ
cjkJta79DtE7LNlRcOITvA7i1UafLHAmJDLCeQLfuxCg71Ck6FZwrwWOE2ytNNT9
c6LQcBuQy3ZFEThLgbQm9GQ9uWuzeZeSZQ6wql6v+1ognMt5RsuuGImp6B2criHD
E9TGc+R+/IY4Un6Z1kTJgV74Zw0JbOzqUaCvKrIZDOt0wszZ81VFLZ4Mso7FLKze
jjK1yxEE2O9sJyP/y1RrxUxkWiWSFYrGSWw/6Uwlurn1
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:47:12 2025 by rpki-client