Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130322e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3130322e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          OucuUCmw8KW21yBmrNk7hWnXPIXDi5My9mXTiv6JpAI=
Subject key identifier:   10:BE:15:4E:E9:87:76:C8:7A:41:61:3B:AA:9F:77:EA:6C:0E:D5:01
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       1FDD49591931762CF342EC886EEDF483BB0CDCC7
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130322e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:21 +0000
ROA not before:           Tue 04 Feb 2025 18:03:21 +0000
ROA not after:            Tue 03 Feb 2026 18:08:21 +0000
asID:                     27823
IP address blocks:        200.58.102.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:dd:49:59:19:31:76:2c:f3:42:ec:88:6e:ed:f4:83:bb:0c:dc:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:21 2025 GMT
            Not After : Feb  3 18:08:21 2026 GMT
        Subject: CN=10BE154EE98776C87A41613BAA9F77EA6C0ED501
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:6a:c9:d3:38:dd:11:8a:ca:d0:24:39:63:01:
                    00:f7:54:57:16:ee:e9:48:43:fa:2d:16:f6:ee:89:
                    97:40:66:d8:8c:9b:ad:7a:3b:8f:f6:1b:66:e0:1e:
                    3f:bc:06:08:5d:ce:d7:13:59:6a:54:d6:52:4a:e1:
                    84:44:8b:49:77:60:a3:e8:3d:8c:b8:24:2d:03:96:
                    32:48:97:2a:9b:a3:a0:d2:e3:f6:6b:43:e9:17:b0:
                    7b:f6:4a:c3:a0:23:57:3a:66:14:e3:cd:e5:44:ce:
                    0e:88:b4:6d:bb:21:91:d4:6a:39:d3:a0:41:61:05:
                    bb:e9:9e:0e:ae:c8:aa:b3:bb:6f:56:0d:15:1c:b6:
                    9f:dd:7d:b2:b8:d5:3b:64:98:da:c6:af:6e:99:48:
                    c1:5a:37:cf:37:97:74:fb:c9:c8:25:a1:55:88:d2:
                    c5:2a:ce:ce:59:eb:af:74:f0:9c:3d:89:db:81:46:
                    31:a3:26:57:91:33:dd:b8:84:38:22:e8:df:bb:6e:
                    f0:fa:f3:ff:52:42:4e:12:29:c7:1d:26:46:28:12:
                    fc:06:ee:59:3a:42:84:53:a3:96:0d:e5:05:29:a1:
                    a7:d0:32:cc:20:34:b3:63:08:6f:53:52:e1:88:37:
                    48:a6:15:48:87:db:79:a9:65:18:6d:70:c5:e9:f5:
                    89:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:BE:15:4E:E9:87:76:C8:7A:41:61:3B:AA:9F:77:EA:6C:0E:D5:01
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130322e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:11:e7:9a:41:67:27:bf:b8:b7:2f:46:99:98:74:34:0f:0e:
         ac:d8:b2:d1:4c:6a:3a:2e:cf:cf:b8:d9:0e:2b:09:93:60:61:
         a2:74:1f:c3:43:8e:4b:aa:a8:4a:10:5d:24:87:a4:4b:ca:c1:
         fb:c3:e8:0d:e2:32:0c:b0:6a:6a:fa:23:e9:cf:3d:db:cc:a6:
         1f:c3:8f:61:9a:1f:b6:f2:2e:a1:1a:de:4c:7c:28:9e:49:a1:
         f5:9f:14:fc:17:64:e7:79:e0:26:16:8f:8d:28:5c:3b:c8:b5:
         3e:02:fd:3e:24:ed:c3:8b:84:7e:2b:41:52:ac:30:c0:e9:ba:
         76:e0:e6:59:45:3f:d3:eb:65:fd:9e:a6:cb:15:fe:90:e0:20:
         f5:7c:f4:14:aa:1a:eb:c7:06:bb:67:14:fc:f4:d4:47:85:b7:
         8d:1a:86:8a:e5:4b:b9:b0:23:39:1f:69:85:d2:5f:51:76:88:
         9d:26:38:f9:f1:ef:91:29:54:6f:93:79:d4:49:c1:e4:4c:dd:
         0d:7c:77:a9:ab:52:81:a1:8f:d7:8f:49:4c:65:d5:8b:03:02:
         cb:b0:7b:54:61:8b:45:f9:5b:64:ce:4e:8d:31:e5:b9:3c:85:
         8a:88:a2:ac:66:6b:9c:1a:26:bb:60:06:1d:c2:89:7c:93:2e:
         11:b6:ac:32
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUH91JWRkxdizzQuyIbu30g7sM3McwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjFaFw0yNjAyMDMxODA4MjFaMDMxMTAvBgNV
BAMTKDEwQkUxNTRFRTk4Nzc2Qzg3QTQxNjEzQkFBOUY3N0VBNkMwRUQ1MDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXasnTON0RisrQJDljAQD3VFcW
7ulIQ/otFvbuiZdAZtiMm616O4/2G2bgHj+8BghdztcTWWpU1lJK4YREi0l3YKPo
PYy4JC0DljJIlyqbo6DS4/ZrQ+kXsHv2SsOgI1c6ZhTjzeVEzg6ItG27IZHUajnT
oEFhBbvpng6uyKqzu29WDRUctp/dfbK41TtkmNrGr26ZSMFaN883l3T7ycgloVWI
0sUqzs5Z66908Jw9iduBRjGjJleRM924hDgi6N+7bvD68/9SQk4SKccdJkYoEvwG
7lk6QoRTo5YN5QUpoafQMswgNLNjCG9TUuGIN0imFUiH23mpZRhtcMXp9YmPAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUEL4VTumHdsh6QWE7qp936mwO1QEwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMDMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6ZjAN
BgkqhkiG9w0BAQsFAAOCAQEANRHnmkFnJ7+4ty9GmZh0NA8OrNiy0UxqOi7Pz7jZ
DisJk2BhonQfw0OOS6qoShBdJIekS8rB+8PoDeIyDLBqavoj6c8928ymH8OPYZof
tvIuoRreTHwonkmh9Z8U/Bdk53ngJhaPjShcO8i1PgL9PiTtw4uEfitBUqwwwOm6
duDmWUU/0+tl/Z6myxX+kOAg9Xz0FKoa68cGu2cU/PTUR4W3jRqGiuVLubAjOR9p
hdJfUXaInSY4+fHvkSlUb5N51EnB5EzdDXx3qatSgaGP149JTGXViwMCy7B7VGGL
RflbZM5OjTHluTyFioiirGZrnBomu2AGHcKJfJMuEbasMg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:18 2025 by rpki-client