Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3132372e302f32342d3234203d3e203237383233.roa
File:                     3137392e34332e3132372e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          S53bhrmvZVzV99dqhOPDzX7Bxbp/Ktf7G/7lojFVq6E=
Subject key identifier:   AD:E7:FB:C5:6A:D0:81:AA:8B:14:2A:D7:11:58:6D:EF:40:5C:6E:63
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       3970C8F9B93EFFAE10C147383B1C84134296B3B0
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3132372e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:22 +0000
ROA not before:           Tue 04 Feb 2025 18:03:22 +0000
ROA not after:            Tue 03 Feb 2026 18:08:22 +0000
asID:                     27823
IP address blocks:        179.43.127.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:70:c8:f9:b9:3e:ff:ae:10:c1:47:38:3b:1c:84:13:42:96:b3:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:22 2025 GMT
            Not After : Feb  3 18:08:22 2026 GMT
        Subject: CN=ADE7FBC56AD081AA8B142AD711586DEF405C6E63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:89:7f:57:cf:54:f7:b3:bd:de:78:d4:c6:85:
                    fa:c5:40:4d:77:08:1f:6b:d9:75:44:00:99:56:9b:
                    3c:46:e2:d7:d4:a3:02:2c:7a:56:9f:a8:49:a6:ca:
                    c3:b0:07:c4:a0:96:d2:4e:56:37:d2:7f:ff:ac:da:
                    37:93:fa:7e:03:c8:8e:81:87:fd:4e:dc:71:5a:82:
                    4c:40:80:cc:6c:5b:58:ba:b3:63:a6:c0:94:e0:89:
                    95:89:cc:a2:59:fa:73:18:66:63:69:3e:de:55:45:
                    81:16:00:76:f8:17:c1:a2:9b:2a:f8:9d:14:47:0c:
                    5b:e3:a1:bb:ae:19:34:66:91:45:68:47:2c:47:e1:
                    af:33:d1:45:e7:4c:7f:28:33:8a:ec:f6:41:f5:33:
                    fe:ca:47:ae:78:df:50:81:d3:0f:19:8b:55:b2:b1:
                    68:66:da:dc:da:9d:e3:ac:83:10:73:59:d8:38:d7:
                    87:29:14:25:49:0c:96:82:81:8c:ac:5f:5c:a2:25:
                    97:65:33:64:c0:01:c1:6f:0f:74:82:47:eb:e7:60:
                    ef:9b:1c:46:8b:88:66:f8:fa:11:00:52:1d:79:a7:
                    8c:b3:39:c2:cb:b6:58:b4:58:3f:2e:c4:e7:1c:10:
                    76:2d:bc:c4:83:72:d4:5e:62:04:64:e3:a5:1e:32:
                    8f:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:E7:FB:C5:6A:D0:81:AA:8B:14:2A:D7:11:58:6D:EF:40:5C:6E:63
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3132372e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.43.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cd:5f:99:14:3a:f9:3d:87:f7:50:32:3a:52:4a:2f:04:c8:a5:
         51:f7:3c:ef:46:00:25:8b:fe:01:f3:b1:2b:0c:25:c6:a0:3d:
         87:d5:6b:1c:11:1f:70:b1:d7:87:ef:f2:bf:a6:d7:ed:ee:2c:
         49:92:ce:e1:b4:07:e2:73:c7:0f:98:6d:a6:e3:47:fd:07:52:
         43:03:08:8d:a0:32:39:bb:ab:5f:b4:36:c3:a5:8f:fb:f9:22:
         23:e6:f7:8d:9c:e1:15:aa:f3:07:ee:69:6c:bb:e6:a4:d8:7a:
         8d:b2:26:71:0d:08:db:ea:03:f0:59:28:6a:f1:45:cf:f6:a0:
         ad:a2:ac:aa:9f:46:c2:ad:99:24:bc:9d:64:2a:32:d5:a2:a0:
         7b:34:a1:34:b6:10:d3:05:a8:54:08:db:ac:59:16:1c:57:c1:
         57:c5:d7:b2:71:01:e0:11:5c:be:0b:03:21:3b:c6:68:a2:22:
         92:bf:91:37:6f:4c:f0:ea:6a:12:c7:04:4d:b1:a5:b3:46:c8:
         a8:d4:5b:a6:3b:b7:d9:7b:32:70:45:d7:8c:ac:37:27:9d:9d:
         cb:3a:fb:dc:fb:57:25:3d:35:d1:ce:a5:dd:19:d2:a4:b1:64:
         cf:fc:22:67:70:bc:2a:27:77:a6:e6:52:1a:85:53:e7:1f:9b:
         43:62:c8:0e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUOXDI+bk+/64QwUc4OxyEE0KWs7AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjJaFw0yNjAyMDMxODA4MjJaMDMxMTAvBgNV
BAMTKEFERTdGQkM1NkFEMDgxQUE4QjE0MkFENzExNTg2REVGNDA1QzZFNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUiX9Xz1T3s73eeNTGhfrFQE13
CB9r2XVEAJlWmzxG4tfUowIselafqEmmysOwB8SgltJOVjfSf/+s2jeT+n4DyI6B
h/1O3HFagkxAgMxsW1i6s2OmwJTgiZWJzKJZ+nMYZmNpPt5VRYEWAHb4F8Gimyr4
nRRHDFvjobuuGTRmkUVoRyxH4a8z0UXnTH8oM4rs9kH1M/7KR65431CB0w8Zi1Wy
sWhm2tzaneOsgxBzWdg414cpFCVJDJaCgYysX1yiJZdlM2TAAcFvD3SCR+vnYO+b
HEaLiGb4+hEAUh15p4yzOcLLtli0WD8uxOccEHYtvMSDctReYgRk46UeMo9/AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUref7xWrQgaqLFCrXEVht70BcbmMwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzczOTJlMzQzMzJlMzEzMjM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALMrfzAN
BgkqhkiG9w0BAQsFAAOCAQEAzV+ZFDr5PYf3UDI6UkovBMilUfc870YAJYv+AfOx
KwwlxqA9h9VrHBEfcLHXh+/yv6bX7e4sSZLO4bQH4nPHD5htpuNH/QdSQwMIjaAy
OburX7Q2w6WP+/kiI+b3jZzhFarzB+5pbLvmpNh6jbImcQ0I2+oD8FkoavFFz/ag
raKsqp9Gwq2ZJLydZCoy1aKgezShNLYQ0wWoVAjbrFkWHFfBV8XXsnEB4BFcvgsD
ITvGaKIikr+RN29M8OpqEscETbGls0bIqNRbpju32XsycEXXjKw3J52dyzr73PtX
JT010c6l3RnSpLFkz/wiZ3C8Kid3puZSGoVT5x+bQ2LIDg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:47:55 2025 by rpki-client