Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130392e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3130392e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          KqN3dywGUd8lpsnRNrcdTCDrfdKKkBFfxWPd/6jeI6E=
Subject key identifier:   F2:F4:2F:7E:75:91:3F:E9:3F:1A:B1:E3:EF:3C:B1:67:08:1E:BE:33
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       2F68567292E17866149C0917B6D43BC5FCC0A942
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130392e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:18 +0000
ROA not before:           Tue 04 Feb 2025 18:03:18 +0000
ROA not after:            Tue 03 Feb 2026 18:08:18 +0000
asID:                     27823
IP address blocks:        200.58.109.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 31 Mar 2025 05:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:68:56:72:92:e1:78:66:14:9c:09:17:b6:d4:3b:c5:fc:c0:a9:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:18 2025 GMT
            Not After : Feb  3 18:08:18 2026 GMT
        Subject: CN=F2F42F7E75913FE93F1AB1E3EF3CB167081EBE33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:4f:c4:7e:ea:af:3f:57:72:96:e2:8f:5d:a2:
                    ef:46:9a:b9:4a:f0:e4:0b:f8:c2:b3:73:7f:44:da:
                    20:60:4e:c6:6e:06:4d:cd:f5:5f:27:3d:d0:fd:17:
                    1f:5f:2f:22:f0:b9:96:26:56:09:cc:0f:85:67:34:
                    4c:78:6c:20:34:73:07:5b:8d:ef:e9:fd:7d:cf:4f:
                    1e:ad:e6:6f:5b:34:bc:d3:fe:cd:ff:1b:66:3a:70:
                    9c:54:44:68:b5:6c:be:f9:0b:af:b6:73:9a:49:b9:
                    11:06:a5:00:9d:4a:6b:c7:1c:cc:c4:fb:3d:93:eb:
                    ed:6a:b9:f1:ba:e7:58:88:cd:79:0d:64:a9:3d:d5:
                    ea:db:0b:ce:e7:33:99:7f:7f:f8:bb:3d:10:82:3c:
                    14:04:f3:66:ed:0a:7e:ae:f0:48:70:7d:36:01:fe:
                    0a:eb:f5:06:be:0d:b4:37:ce:54:ce:47:e6:af:28:
                    92:a5:0e:31:bc:fa:0e:1f:e3:08:65:27:3d:64:94:
                    47:d5:e2:03:1f:6b:af:c4:ef:d5:54:d7:4f:97:dc:
                    3d:af:b4:6f:60:79:e8:36:be:ee:13:0f:e9:32:6f:
                    15:31:5d:72:70:7f:19:e5:7d:0a:fd:9e:04:f5:97:
                    d3:b3:15:40:b6:42:ff:eb:7c:65:78:68:ec:5d:b7:
                    a1:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:F4:2F:7E:75:91:3F:E9:3F:1A:B1:E3:EF:3C:B1:67:08:1E:BE:33
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130392e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:76:80:a0:c7:0a:b5:b8:c6:d5:3b:18:01:66:80:24:bd:78:
         8f:a9:d8:7c:08:63:8d:b4:f4:22:02:cb:b7:86:b0:36:37:12:
         f7:e3:c4:05:f4:db:e4:4e:f8:c9:e9:cb:bf:7f:f4:ea:7f:52:
         50:b7:fd:56:b1:85:af:5f:5d:8f:1d:a2:bb:cc:49:1e:81:04:
         ce:c4:ab:66:59:28:fc:e7:17:e4:f8:e0:8b:ec:e6:87:a4:5f:
         73:4a:d9:b2:18:da:e0:23:e4:8d:68:b7:26:f0:8a:03:13:b7:
         c1:11:0b:e2:b4:01:87:e5:60:95:08:43:5d:e9:da:8e:1b:81:
         af:b6:4a:cc:b5:13:de:bd:1e:57:5b:e8:7f:b5:f1:ca:fc:dc:
         65:1d:c5:08:50:e5:87:27:a3:65:b2:64:d2:ec:e7:15:62:c1:
         d7:bd:04:dc:24:57:55:d6:6f:9d:e7:d2:7d:dc:dc:25:cd:37:
         e1:86:6a:38:25:a5:c6:d0:08:f0:d8:d6:8f:21:c9:c5:b1:d6:
         c9:a7:78:b8:11:03:5c:1c:6f:97:2a:86:b1:1b:5b:89:72:56:
         a8:4c:53:c9:fc:be:0f:be:30:67:f9:a1:2b:2b:b4:e9:13:4e:
         f5:27:28:d5:d7:3d:d9:7c:91:a5:58:80:12:69:1c:bc:05:55:
         7a:ac:e7:9d
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUL2hWcpLheGYUnAkXttQ7xfzAqUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMThaFw0yNjAyMDMxODA4MThaMDMxMTAvBgNV
BAMTKEYyRjQyRjdFNzU5MTNGRTkzRjFBQjFFM0VGM0NCMTY3MDgxRUJFMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdT8R+6q8/V3KW4o9dou9GmrlK
8OQL+MKzc39E2iBgTsZuBk3N9V8nPdD9Fx9fLyLwuZYmVgnMD4VnNEx4bCA0cwdb
je/p/X3PTx6t5m9bNLzT/s3/G2Y6cJxURGi1bL75C6+2c5pJuREGpQCdSmvHHMzE
+z2T6+1qufG651iIzXkNZKk91erbC87nM5l/f/i7PRCCPBQE82btCn6u8EhwfTYB
/grr9Qa+DbQ3zlTOR+avKJKlDjG8+g4f4whlJz1klEfV4gMfa6/E79VU10+X3D2v
tG9geeg2vu4TD+kybxUxXXJwfxnlfQr9ngT1l9OzFUC2Qv/rfGV4aOxdt6FZAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU8vQvfnWRP+k/GrHj7zyxZwgevjMwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMDM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6bTAN
BgkqhkiG9w0BAQsFAAOCAQEAM3aAoMcKtbjG1TsYAWaAJL14j6nYfAhjjbT0IgLL
t4awNjcS9+PEBfTb5E74yenLv3/06n9SULf9VrGFr19djx2iu8xJHoEEzsSrZlko
/OcX5Pjgi+zmh6Rfc0rZshja4CPkjWi3JvCKAxO3wREL4rQBh+VglQhDXenajhuB
r7ZKzLUT3r0eV1vof7XxyvzcZR3FCFDlhyejZbJk0uznFWLB170E3CRXVdZvnefS
fdzcJc034YZqOCWlxtAI8NjWjyHJxbHWyad4uBEDXBxvlyqGsRtbiXJWqExTyfy+
D74wZ/mhKyu06RNO9Sco1dc92XyRpViAEmkcvAVVeqznnQ==
-----END CERTIFICATE-----
Generated at Thu Mar 27 00:31:58 2025 by rpki-client