Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3132332e302f32342d3234203d3e203237383233.roa
File:                     3137392e34332e3132332e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          bkfU+vWOMhL8fQV/yEH4BlN9d1ROQp+Hncps+7c5bdI=
Subject key identifier:   47:C3:10:2A:CE:B5:00:89:D8:56:BA:6E:12:DA:AA:EF:9C:07:26:76
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       058B3CE7E135F4998EAD127445A2262EA4335130
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3132332e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:28 +0000
ROA not before:           Tue 04 Feb 2025 18:03:28 +0000
ROA not after:            Tue 03 Feb 2026 18:08:28 +0000
asID:                     27823
IP address blocks:        179.43.123.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:8b:3c:e7:e1:35:f4:99:8e:ad:12:74:45:a2:26:2e:a4:33:51:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:28 2025 GMT
            Not After : Feb  3 18:08:28 2026 GMT
        Subject: CN=47C3102ACEB50089D856BA6E12DAAAEF9C072676
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:3a:2f:2e:90:20:5a:5f:fb:8f:15:4d:bb:6d:
                    39:b4:09:44:ca:a5:d4:0b:28:1b:66:13:01:01:60:
                    ae:83:4e:cc:d5:3e:0c:3d:d3:a4:9f:ec:f4:55:7d:
                    42:c1:4f:77:8a:20:05:1b:62:b2:89:cb:17:d6:46:
                    79:15:c9:5f:91:54:65:37:6a:d7:8d:b7:52:05:12:
                    57:bc:e6:aa:2e:e0:ff:de:14:6d:e3:5c:d6:1a:c3:
                    b4:42:45:19:4c:83:06:a9:69:20:14:6b:de:fd:03:
                    51:f1:34:f1:c8:45:e3:84:bc:48:5e:d6:15:4f:53:
                    9c:b4:de:8d:c9:4f:78:61:d4:32:a0:07:6c:a8:7f:
                    1d:55:f4:ed:41:af:2b:e1:bd:bc:22:45:2a:94:45:
                    5d:f1:25:13:aa:56:48:8f:82:3d:84:1b:3b:d2:55:
                    f9:35:40:cd:e0:4d:6b:c0:31:7b:86:0d:10:5e:e6:
                    a8:29:3e:f0:0f:8e:98:38:2e:06:c0:20:19:5b:7a:
                    cc:c4:cd:9b:b9:0f:c9:ab:31:c4:4e:b5:18:67:3e:
                    05:dd:1b:40:f6:22:3b:73:4e:58:5e:48:b6:d4:2a:
                    eb:28:a7:68:0e:d1:d0:97:66:df:22:cf:80:b5:93:
                    2d:cc:6d:75:05:9b:b0:93:40:52:7e:24:fe:3a:68:
                    1d:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:C3:10:2A:CE:B5:00:89:D8:56:BA:6E:12:DA:AA:EF:9C:07:26:76
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3132332e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.43.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:4b:8f:ab:7f:fd:7e:02:42:28:bc:b9:05:67:0f:af:2e:ea:
         fa:6e:6b:29:ea:ff:e3:cd:b5:e2:60:c1:0d:c6:43:92:f1:3e:
         d0:c8:7e:17:9c:af:5a:ab:49:3f:ce:5c:3f:4d:68:80:da:84:
         d6:ef:38:df:5c:44:87:e0:2e:0f:92:c2:67:c6:65:ab:6f:d7:
         1d:fe:3d:e7:3f:b8:0b:ea:e0:69:b4:bf:a2:a3:3a:03:11:44:
         28:18:e4:45:b9:23:4e:f7:e3:94:9c:1e:d0:61:08:89:36:2c:
         4e:21:bc:1a:79:8d:c0:20:19:d4:0c:d6:cc:f6:3b:7b:8d:c5:
         8a:d6:12:d5:96:17:79:d8:20:36:33:d0:4c:d2:b9:47:5d:4e:
         a1:04:fd:5e:b5:c0:cf:9f:0f:14:f0:49:44:9b:ae:82:91:bd:
         42:04:76:31:d8:21:2d:b5:9c:33:7c:88:a3:f5:8d:42:9e:5d:
         49:fc:9f:e4:09:69:3b:c5:e3:57:8c:cb:00:17:e9:03:b6:ef:
         59:61:e3:0c:56:34:da:20:14:47:93:0f:14:d1:6a:cf:32:98:
         b5:60:35:54:7b:5e:56:55:6b:40:af:5f:04:55:41:5f:2f:4c:
         8e:b5:f2:1a:a5:77:91:c7:4d:3f:11:9d:ba:11:b8:89:01:5f:
         ac:c4:63:8e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUBYs85+E19JmOrRJ0RaImLqQzUTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjhaFw0yNjAyMDMxODA4MjhaMDMxMTAvBgNV
BAMTKDQ3QzMxMDJBQ0VCNTAwODlEODU2QkE2RTEyREFBQUVGOUMwNzI2NzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMOi8ukCBaX/uPFU27bTm0CUTK
pdQLKBtmEwEBYK6DTszVPgw906Sf7PRVfULBT3eKIAUbYrKJyxfWRnkVyV+RVGU3
ateNt1IFEle85qou4P/eFG3jXNYaw7RCRRlMgwapaSAUa979A1HxNPHIReOEvEhe
1hVPU5y03o3JT3hh1DKgB2yofx1V9O1BryvhvbwiRSqURV3xJROqVkiPgj2EGzvS
Vfk1QM3gTWvAMXuGDRBe5qgpPvAPjpg4LgbAIBlbeszEzZu5D8mrMcROtRhnPgXd
G0D2IjtzTlheSLbUKusop2gO0dCXZt8iz4C1ky3MbXUFm7CTQFJ+JP46aB0ZAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUR8MQKs61AInYVrpuEtqq75wHJnYwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzczOTJlMzQzMzJlMzEzMjMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALMrezAN
BgkqhkiG9w0BAQsFAAOCAQEAF0uPq3/9fgJCKLy5BWcPry7q+m5rKer/48214mDB
DcZDkvE+0Mh+F5yvWqtJP85cP01ogNqE1u8431xEh+AuD5LCZ8Zlq2/XHf495z+4
C+rgabS/oqM6AxFEKBjkRbkjTvfjlJwe0GEIiTYsTiG8GnmNwCAZ1AzWzPY7e43F
itYS1ZYXedggNjPQTNK5R11OoQT9XrXAz58PFPBJRJuugpG9QgR2MdghLbWcM3yI
o/WNQp5dSfyf5AlpO8XjV4zLABfpA7bvWWHjDFY02iAUR5MPFNFqzzKYtWA1VHte
VlVrQK9fBFVBXy9MjrXyGqV3kcdNPxGduhG4iQFfrMRjjg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:47:45 2025 by rpki-client