Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130342e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3130342e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          GqThVZcQeZgDaMwl9UXYxsuwYhvDuwQXpBxhk++5hSo=
Subject key identifier:   83:76:7A:6D:B3:10:60:90:B4:73:D2:51:0E:A8:5E:66:43:75:F0:88
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       7F0093D53763E390E6DBB34C8411FCCD4A3A2950
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130342e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:21 +0000
ROA not before:           Tue 04 Feb 2025 18:03:21 +0000
ROA not after:            Tue 03 Feb 2026 18:08:21 +0000
asID:                     27823
IP address blocks:        200.58.104.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:00:93:d5:37:63:e3:90:e6:db:b3:4c:84:11:fc:cd:4a:3a:29:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:21 2025 GMT
            Not After : Feb  3 18:08:21 2026 GMT
        Subject: CN=83767A6DB3106090B473D2510EA85E664375F088
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c6:19:8c:4f:ee:7a:1d:b3:c7:c1:f7:a7:03:
                    79:7a:89:1b:70:bd:89:bd:39:29:d4:bb:61:ae:85:
                    53:d9:6e:5f:ca:96:a5:b6:14:97:ee:2f:07:2c:de:
                    dc:1f:26:57:50:c7:04:1f:94:ce:6e:d0:11:5c:a4:
                    e4:b4:0b:ee:ed:52:d3:e3:69:bb:e6:1f:3c:e4:f3:
                    6b:ab:4c:68:61:c3:28:d5:0e:4e:20:01:ab:c6:fe:
                    4c:af:14:49:d2:c1:af:ef:46:7d:8d:a1:97:34:46:
                    36:c3:2d:39:f7:18:35:54:ff:62:66:a2:de:8a:3b:
                    6d:30:1f:94:01:e6:32:28:5e:58:60:4f:bc:8c:f8:
                    cf:01:fc:f9:d7:f6:f2:81:fd:bc:73:53:df:db:9d:
                    19:18:2f:2a:56:39:85:03:a8:45:16:d9:00:c1:3d:
                    95:d0:78:90:17:2d:ed:77:40:76:d3:de:e3:5f:c1:
                    6b:a1:8b:56:99:af:2b:ab:61:30:7b:2a:fb:4d:42:
                    6f:8d:36:a8:2d:f1:c4:1a:fd:36:21:3c:8a:59:5d:
                    f6:3d:f7:a3:bb:f5:a0:70:94:8c:1d:1d:fb:71:d4:
                    ac:50:f9:2b:e4:38:59:84:83:91:f6:f7:ff:78:6c:
                    19:9b:e0:9d:52:58:d2:f6:90:a3:e3:91:d7:f0:82:
                    b2:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:76:7A:6D:B3:10:60:90:B4:73:D2:51:0E:A8:5E:66:43:75:F0:88
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130342e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:24:08:2c:2a:72:78:47:15:c3:46:28:fa:aa:d8:6c:61:fe:
         84:c3:06:78:85:06:67:00:69:df:dc:86:33:02:b8:30:32:18:
         8b:2b:ad:a8:09:0f:62:db:e2:25:9e:ee:4e:f9:b8:d2:e6:2e:
         9e:2a:32:1f:0e:8c:35:e5:ff:29:ba:b7:c8:98:e4:a2:b8:95:
         1a:84:ff:49:07:29:a8:3b:f4:86:c9:35:fd:c6:03:dc:ce:2c:
         f0:86:68:1f:dd:31:eb:be:50:81:7a:59:1c:f6:b8:0d:35:ee:
         20:aa:68:e6:c8:ed:ca:9b:8e:9d:26:af:5a:94:9e:0e:b9:cb:
         69:34:90:54:ca:d2:54:12:36:f3:d8:d7:14:56:e5:2b:45:eb:
         cc:cc:61:c6:4c:91:14:e7:3e:ac:7c:0b:ff:19:44:d3:b3:3d:
         92:7d:74:e3:b1:62:18:ad:5c:19:c6:ca:f4:b6:9c:63:0d:ec:
         61:ae:a1:72:f1:41:b1:a6:ce:de:aa:77:6f:56:1f:79:f5:0c:
         a4:32:5a:c2:1f:fa:f6:bb:da:f6:5e:1b:f9:e0:48:2c:85:45:
         2d:75:e7:e7:8d:92:6a:37:3e:53:84:69:b3:f3:23:ec:11:f1:
         c9:bb:f4:fb:b1:2a:cd:27:4e:3f:75:41:6d:1d:1c:f3:89:7c:
         35:44:8e:90
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUfwCT1Tdj45Dm27NMhBH8zUo6KVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjFaFw0yNjAyMDMxODA4MjFaMDMxMTAvBgNV
BAMTKDgzNzY3QTZEQjMxMDYwOTBCNDczRDI1MTBFQTg1RTY2NDM3NUYwODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6xhmMT+56HbPHwfenA3l6iRtw
vYm9OSnUu2GuhVPZbl/KlqW2FJfuLwcs3twfJldQxwQflM5u0BFcpOS0C+7tUtPj
abvmHzzk82urTGhhwyjVDk4gAavG/kyvFEnSwa/vRn2NoZc0RjbDLTn3GDVU/2Jm
ot6KO20wH5QB5jIoXlhgT7yM+M8B/PnX9vKB/bxzU9/bnRkYLypWOYUDqEUW2QDB
PZXQeJAXLe13QHbT3uNfwWuhi1aZryurYTB7KvtNQm+NNqgt8cQa/TYhPIpZXfY9
96O79aBwlIwdHftx1KxQ+SvkOFmEg5H29/94bBmb4J1SWNL2kKPjkdfwgrI7AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUg3Z6bbMQYJC0c9JRDqheZkN18IgwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMDM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6aDAN
BgkqhkiG9w0BAQsFAAOCAQEAAiQILCpyeEcVw0Yo+qrYbGH+hMMGeIUGZwBp39yG
MwK4MDIYiyutqAkPYtviJZ7uTvm40uYunioyHw6MNeX/Kbq3yJjkoriVGoT/SQcp
qDv0hsk1/cYD3M4s8IZoH90x675QgXpZHPa4DTXuIKpo5sjtypuOnSavWpSeDrnL
aTSQVMrSVBI289jXFFblK0XrzMxhxkyRFOc+rHwL/xlE07M9kn1047FiGK1cGcbK
9LacYw3sYa6hcvFBsabO3qp3b1YfefUMpDJawh/69rva9l4b+eBILIVFLXXn542S
ajc+U4Rps/Mj7BHxybv0+7EqzSdOP3VBbR0c84l8NUSOkA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:51:10 2025 by rpki-client