Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3132302e302f32342d3234203d3e203237383233.roa
File:                     3137392e34332e3132302e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          G4g5hf3Gc05mi+iyLYJu+DuEO13BBMut16hzFIuu71E=
Subject key identifier:   6B:65:AD:0D:80:0A:E8:83:DD:F6:25:9E:C2:2B:4A:E2:D2:54:54:2F
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       2B560E107A80A6CEE4A1B71C33F8BFD2C0595BB5
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3132302e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:25 +0000
ROA not before:           Tue 04 Feb 2025 18:03:25 +0000
ROA not after:            Tue 03 Feb 2026 18:08:25 +0000
asID:                     27823
IP address blocks:        179.43.120.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:56:0e:10:7a:80:a6:ce:e4:a1:b7:1c:33:f8:bf:d2:c0:59:5b:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:25 2025 GMT
            Not After : Feb  3 18:08:25 2026 GMT
        Subject: CN=6B65AD0D800AE883DDF6259EC22B4AE2D254542F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:18:92:52:4b:7b:52:b6:64:37:a3:cf:05:96:
                    6e:88:a1:8e:27:a5:b2:db:2f:bf:7a:a2:de:f0:4c:
                    11:25:46:bc:64:5c:82:8a:77:16:08:4b:70:d5:37:
                    01:b6:41:7b:8c:e1:5b:f3:8b:30:e4:2a:6d:b9:a6:
                    79:22:c5:ab:87:84:48:be:4e:e9:f0:10:84:3b:d2:
                    ce:5b:e8:a3:11:fe:b1:62:67:46:48:1e:ea:83:68:
                    9c:15:06:7b:0c:42:a6:f3:09:61:ee:5f:c7:3b:04:
                    78:0a:e5:63:e6:9d:dd:8c:86:f7:a2:f7:7e:fa:b7:
                    22:86:86:d9:59:8e:0a:ad:37:fc:99:f9:53:78:19:
                    52:43:65:0c:7e:74:d9:37:13:22:27:2e:b0:c1:91:
                    80:9d:12:12:01:42:77:bc:a5:74:e0:73:41:09:db:
                    2c:2b:5d:9c:5b:b2:93:24:14:2c:ff:9b:5a:5f:65:
                    72:dc:77:bd:fb:6d:5c:ae:fd:bc:4a:ec:38:2b:12:
                    30:a3:a8:94:1c:a0:18:8e:1b:d3:7a:54:31:78:e4:
                    6e:46:ee:d4:a3:16:43:8d:79:e0:6a:bf:d7:33:72:
                    66:ef:da:e3:67:75:a2:00:a3:cd:5d:97:8b:6c:06:
                    e7:77:71:08:a2:28:72:1b:95:2b:39:9e:01:24:9f:
                    c1:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:65:AD:0D:80:0A:E8:83:DD:F6:25:9E:C2:2B:4A:E2:D2:54:54:2F
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3132302e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.43.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:a6:d6:33:5d:18:45:71:20:b5:80:7a:27:4b:12:22:10:7a:
         07:d8:75:70:5b:4d:7a:60:3a:7d:b8:85:68:ca:e3:7b:be:ef:
         8c:fa:eb:8b:25:32:88:75:a5:e2:8a:8a:c1:5f:c3:a4:05:16:
         06:ad:d4:bd:4a:f9:b6:62:4d:85:c7:34:7f:9f:5d:3a:6a:77:
         6b:a0:a4:e2:6b:ba:56:59:fe:c0:ed:23:3b:61:ad:f7:e5:5b:
         12:f2:dd:30:75:1a:6e:3f:8a:d0:ab:1e:fe:f4:78:39:50:e3:
         3e:82:03:64:d6:4b:58:ea:bc:54:f6:a1:6f:4d:88:e5:bd:c9:
         6f:97:5e:03:37:4d:c1:e2:53:24:3a:6c:83:36:fa:8e:22:18:
         ff:74:25:a1:3e:49:7f:63:4b:f8:bb:a4:ca:5f:fd:dc:00:0b:
         3e:29:4d:93:82:cb:c1:36:66:1c:10:d2:e2:fc:ce:91:54:fa:
         2c:33:31:a9:56:74:77:1d:d9:9d:2c:26:25:93:a6:64:ee:26:
         ee:96:ca:57:70:a0:0a:b2:63:b0:52:a8:61:67:e9:35:47:39:
         8b:9d:f7:d8:7c:24:7a:18:fc:5f:b9:22:f8:87:9f:a7:2f:02:
         1d:4e:dd:4a:16:a9:b9:ba:f7:89:f2:a0:57:a4:94:56:88:13:
         8e:8c:c9:3b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUK1YOEHqAps7kobccM/i/0sBZW7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjVaFw0yNjAyMDMxODA4MjVaMDMxMTAvBgNV
BAMTKDZCNjVBRDBEODAwQUU4ODNEREY2MjU5RUMyMkI0QUUyRDI1NDU0MkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcGJJSS3tStmQ3o88Flm6IoY4n
pbLbL796ot7wTBElRrxkXIKKdxYIS3DVNwG2QXuM4VvzizDkKm25pnkixauHhEi+
TunwEIQ70s5b6KMR/rFiZ0ZIHuqDaJwVBnsMQqbzCWHuX8c7BHgK5WPmnd2Mhvei
9376tyKGhtlZjgqtN/yZ+VN4GVJDZQx+dNk3EyInLrDBkYCdEhIBQne8pXTgc0EJ
2ywrXZxbspMkFCz/m1pfZXLcd737bVyu/bxK7DgrEjCjqJQcoBiOG9N6VDF45G5G
7tSjFkONeeBqv9czcmbv2uNndaIAo81dl4tsBud3cQiiKHIblSs5ngEkn8GPAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUa2WtDYAK6IPd9iWewitK4tJUVC8wHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzczOTJlMzQzMzJlMzEzMjMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALMreDAN
BgkqhkiG9w0BAQsFAAOCAQEAAKbWM10YRXEgtYB6J0sSIhB6B9h1cFtNemA6fbiF
aMrje77vjPrriyUyiHWl4oqKwV/DpAUWBq3UvUr5tmJNhcc0f59dOmp3a6Ck4mu6
Vln+wO0jO2Gt9+VbEvLdMHUabj+K0Kse/vR4OVDjPoIDZNZLWOq8VPahb02I5b3J
b5deAzdNweJTJDpsgzb6jiIY/3QloT5Jf2NL+Lukyl/93AALPilNk4LLwTZmHBDS
4vzOkVT6LDMxqVZ0dx3ZnSwmJZOmZO4m7pbKV3CgCrJjsFKoYWfpNUc5i5332Hwk
ehj8X7ki+Iefpy8CHU7dShapubr3ifKgV6SUVogTjozJOw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:47:27 2025 by rpki-client