Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3131392e302f32342d3234203d3e203237383233.roa
File:                     3137392e34332e3131392e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          5HW4mZUdZIJm1zYpLi3nSoBHv0GSUCoW5CsCg8t+GJo=
Subject key identifier:   BD:FC:48:13:91:B6:67:B0:03:06:38:E0:73:06:C5:66:81:10:BC:17
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       48C2E0710558A038B1ADCDD3CA20CF85448DA001
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3131392e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:12 +0000
ROA not before:           Tue 04 Feb 2025 18:03:12 +0000
ROA not after:            Tue 03 Feb 2026 18:08:12 +0000
asID:                     27823
IP address blocks:        179.43.119.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:c2:e0:71:05:58:a0:38:b1:ad:cd:d3:ca:20:cf:85:44:8d:a0:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:12 2025 GMT
            Not After : Feb  3 18:08:12 2026 GMT
        Subject: CN=BDFC481391B667B0030638E07306C5668110BC17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:a9:d4:d5:88:f3:9f:df:c8:e3:45:40:27:68:
                    0e:89:81:b0:51:88:e6:f2:42:d6:d3:a3:a9:5b:d5:
                    fe:66:dd:3e:31:72:86:f9:4a:3d:a1:d4:b4:7b:b3:
                    fe:0b:3e:89:68:9d:cc:33:8a:72:0c:3b:03:38:81:
                    a0:b8:dd:9a:f5:12:c0:64:ab:88:fa:53:a7:f7:27:
                    8e:1a:71:c7:84:62:f7:db:fe:76:17:ba:94:a7:fe:
                    d7:e4:1e:78:da:e3:da:60:cd:51:12:a6:7e:43:3a:
                    6e:e7:00:4a:2e:54:33:4d:93:7a:cd:37:58:44:da:
                    f2:25:52:f2:0b:0d:3c:35:36:11:e5:1a:36:d9:b5:
                    24:3a:9f:39:e9:1e:95:2b:3f:fc:c2:6c:64:3e:a3:
                    2f:27:de:cb:2d:d7:c1:d4:7b:3e:4d:c6:3b:7e:d3:
                    db:0b:10:6f:e9:09:6f:6a:7f:ce:63:d9:60:80:4e:
                    e8:a3:09:3d:58:60:9f:4f:61:0c:8a:e7:e3:c6:a9:
                    7a:f7:eb:17:38:30:33:37:ae:8e:72:25:70:d0:bb:
                    02:06:45:d6:58:52:c8:7d:e1:2e:34:ac:d6:69:cc:
                    9a:88:f9:f2:64:ab:88:b7:d7:25:a2:ef:35:76:c8:
                    e3:4d:28:a3:53:53:db:c0:98:3b:97:09:3d:1a:d6:
                    65:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:FC:48:13:91:B6:67:B0:03:06:38:E0:73:06:C5:66:81:10:BC:17
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3131392e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.43.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:79:ce:c6:32:09:d4:1a:80:1b:31:e3:d8:a1:d7:b7:ac:9b:
         c1:cf:0f:df:19:66:14:63:ac:f1:bb:2f:ff:b9:42:58:0a:43:
         c6:5e:be:c5:33:b1:6e:91:1a:71:38:2b:d0:84:1d:f9:d2:85:
         63:a2:bf:fa:e0:03:3b:d9:e0:a6:46:df:b8:28:8a:ec:a4:7c:
         18:d6:4c:f1:76:37:c0:63:9c:18:95:58:5f:34:0f:0f:57:b5:
         fc:bf:27:17:fd:f1:9e:53:bd:ce:c1:ec:09:75:59:7f:f2:cc:
         89:31:4e:79:85:d3:18:93:75:0d:f0:97:6a:3d:83:46:06:be:
         76:1c:f8:5a:5c:51:53:3a:59:af:f1:62:01:cd:a9:13:1f:59:
         19:4c:ad:ca:b2:27:2a:5b:1c:77:38:34:1d:21:38:65:73:b1:
         59:b3:1f:0d:81:e2:88:b6:e3:86:2a:98:c3:48:fa:c5:74:d2:
         b2:9c:b7:eb:f9:ad:d2:b3:07:a2:69:82:b9:1a:4a:c5:dc:53:
         d7:0f:82:a6:02:f7:45:78:6f:a4:75:fb:2b:ed:7e:eb:4b:7f:
         cc:5e:1a:9a:42:d4:9f:8b:9b:11:cd:e9:32:d6:8f:98:c1:0f:
         91:e6:a0:14:8f:75:29:10:53:9f:af:37:70:f8:ff:8f:ec:82:
         c5:3c:d1:28
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUSMLgcQVYoDixrc3TyiDPhUSNoAEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTJaFw0yNjAyMDMxODA4MTJaMDMxMTAvBgNV
BAMTKEJERkM0ODEzOTFCNjY3QjAwMzA2MzhFMDczMDZDNTY2ODExMEJDMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3qdTViPOf38jjRUAnaA6JgbBR
iObyQtbTo6lb1f5m3T4xcob5Sj2h1LR7s/4LPoloncwzinIMOwM4gaC43Zr1EsBk
q4j6U6f3J44acceEYvfb/nYXupSn/tfkHnja49pgzVESpn5DOm7nAEouVDNNk3rN
N1hE2vIlUvILDTw1NhHlGjbZtSQ6nznpHpUrP/zCbGQ+oy8n3sst18HUez5Nxjt+
09sLEG/pCW9qf85j2WCATuijCT1YYJ9PYQyK5+PGqXr36xc4MDM3ro5yJXDQuwIG
RdZYUsh94S40rNZpzJqI+fJkq4i31yWi7zV2yONNKKNTU9vAmDuXCT0a1mVPAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUvfxIE5G2Z7ADBjjgcwbFZoEQvBcwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzczOTJlMzQzMzJlMzEzMTM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALMrdzAN
BgkqhkiG9w0BAQsFAAOCAQEACHnOxjIJ1BqAGzHj2KHXt6ybwc8P3xlmFGOs8bsv
/7lCWApDxl6+xTOxbpEacTgr0IQd+dKFY6K/+uADO9ngpkbfuCiK7KR8GNZM8XY3
wGOcGJVYXzQPD1e1/L8nF/3xnlO9zsHsCXVZf/LMiTFOeYXTGJN1DfCXaj2DRga+
dhz4WlxRUzpZr/FiAc2pEx9ZGUytyrInKlscdzg0HSE4ZXOxWbMfDYHiiLbjhiqY
w0j6xXTSspy36/mt0rMHommCuRpKxdxT1w+CpgL3RXhvpHX7K+1+60t/zF4amkLU
n4ubEc3pMtaPmMEPkeagFI91KRBTn683cPj/j+yCxTzRKA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:47:17 2025 by rpki-client