Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131322e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3131322e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          7QQIHm1QQFw78gCjbKTHfSobsU/4F81Qx+fpys6gzJU=
Subject key identifier:   68:67:69:C7:B8:37:9B:82:2A:4B:96:A7:AB:37:A4:AC:10:B5:7B:E3
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       10D5CFF9F7B4FCD1F7B3FCE3727703EF77896263
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131322e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:23 +0000
ROA not before:           Tue 04 Feb 2025 18:03:23 +0000
ROA not after:            Tue 03 Feb 2026 18:08:23 +0000
asID:                     27823
IP address blocks:        200.58.112.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 31 Mar 2025 05:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:d5:cf:f9:f7:b4:fc:d1:f7:b3:fc:e3:72:77:03:ef:77:89:62:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:23 2025 GMT
            Not After : Feb  3 18:08:23 2026 GMT
        Subject: CN=686769C7B8379B822A4B96A7AB37A4AC10B57BE3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5d:54:00:ac:b5:3b:36:40:3b:1f:9f:2a:b1:
                    f9:4d:ab:b2:c9:b6:2b:da:5b:ac:f7:c1:0f:cb:07:
                    b3:8b:ae:0c:ca:ba:fb:78:30:14:e8:a6:19:59:20:
                    a0:8e:a3:3f:ea:93:05:11:b3:5d:d9:15:17:8b:93:
                    d1:3b:48:67:53:84:0f:ce:b7:3d:1f:49:79:8d:7e:
                    92:d5:cf:cb:54:dd:07:d4:cc:e3:2f:11:80:9c:d2:
                    2d:8e:4e:81:11:88:06:d3:7f:f4:45:fe:38:6f:fe:
                    a2:c4:3e:c2:fc:2b:ea:97:19:07:0d:ee:6b:d0:17:
                    55:44:13:85:6e:1a:d4:6e:bf:7a:ad:19:56:79:27:
                    8a:ac:e7:14:36:d0:fd:22:a6:c4:7d:fd:c9:77:b0:
                    cd:a4:a2:e4:f1:b9:3c:eb:d1:cd:82:f3:3d:d3:fa:
                    6f:f6:71:18:a1:1b:48:be:31:47:2a:43:6b:dc:51:
                    67:8c:6a:82:ff:35:57:c0:1c:e2:28:62:10:90:b7:
                    67:33:7e:53:cc:03:4c:c5:d7:f4:9d:20:c6:c8:00:
                    7e:e8:54:30:54:f2:45:6e:45:72:3f:27:f2:db:7f:
                    ef:ef:75:47:5b:74:b6:74:9e:31:cf:06:27:5d:37:
                    fe:dd:65:9f:03:eb:2c:07:2f:6e:a4:43:fe:9c:2f:
                    76:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:67:69:C7:B8:37:9B:82:2A:4B:96:A7:AB:37:A4:AC:10:B5:7B:E3
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131322e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:cf:23:82:94:22:52:ad:c8:3d:f3:91:ab:fd:8d:0d:68:8d:
         54:a3:5f:af:9e:0e:70:f9:c4:86:0d:ed:c8:4f:53:b1:1b:0f:
         40:16:d0:0c:3b:88:73:ef:9d:43:2f:a1:2f:de:b8:ad:57:72:
         fd:50:8b:05:36:43:bf:d5:a7:fc:43:3b:6f:2f:41:4d:b4:17:
         4e:38:86:b6:a7:fa:af:19:7c:cd:53:71:79:82:41:0e:ed:2f:
         c1:e4:11:c2:e8:ee:a2:a9:ca:1c:aa:c8:11:3c:26:a7:51:ab:
         d3:c1:a5:17:bf:e1:f6:ea:8b:22:aa:ac:32:eb:d9:51:a6:ab:
         9c:7a:b3:67:92:1f:aa:08:c2:20:a9:9b:86:79:11:5f:f6:97:
         83:a9:7c:11:41:a4:24:fc:05:49:25:85:7c:0e:5e:a2:71:5c:
         d2:b7:40:a7:ad:d0:73:59:46:cc:ba:11:6e:3e:ba:0a:0e:82:
         15:cc:0c:3d:b3:9d:45:b0:c7:7c:9e:54:fa:b3:d6:fd:6d:be:
         4a:c1:6f:5b:fc:77:0d:d3:d1:3f:b9:9d:b2:40:c8:43:27:0a:
         ae:63:c6:49:9a:6d:f7:e6:48:e1:c7:39:4a:5b:a0:66:18:be:
         91:21:ba:47:00:aa:98:0a:4d:07:1a:bd:f1:62:ea:0b:f6:01:
         17:7e:96:7f
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUENXP+fe0/NH3s/zjcncD73eJYmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjNaFw0yNjAyMDMxODA4MjNaMDMxMTAvBgNV
BAMTKDY4Njc2OUM3QjgzNzlCODIyQTRCOTZBN0FCMzdBNEFDMTBCNTdCRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeXVQArLU7NkA7H58qsflNq7LJ
tivaW6z3wQ/LB7OLrgzKuvt4MBTophlZIKCOoz/qkwURs13ZFReLk9E7SGdThA/O
tz0fSXmNfpLVz8tU3QfUzOMvEYCc0i2OToERiAbTf/RF/jhv/qLEPsL8K+qXGQcN
7mvQF1VEE4VuGtRuv3qtGVZ5J4qs5xQ20P0ipsR9/cl3sM2kouTxuTzr0c2C8z3T
+m/2cRihG0i+MUcqQ2vcUWeMaoL/NVfAHOIoYhCQt2czflPMA0zF1/SdIMbIAH7o
VDBU8kVuRXI/J/Lbf+/vdUdbdLZ0njHPBiddN/7dZZ8D6ywHL26kQ/6cL3aZAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUaGdpx7g3m4IqS5anqzekrBC1e+MwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMTMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6cDAN
BgkqhkiG9w0BAQsFAAOCAQEAFc8jgpQiUq3IPfORq/2NDWiNVKNfr54OcPnEhg3t
yE9TsRsPQBbQDDuIc++dQy+hL964rVdy/VCLBTZDv9Wn/EM7by9BTbQXTjiGtqf6
rxl8zVNxeYJBDu0vweQRwujuoqnKHKrIETwmp1Gr08GlF7/h9uqLIqqsMuvZUaar
nHqzZ5IfqgjCIKmbhnkRX/aXg6l8EUGkJPwFSSWFfA5eonFc0rdAp63Qc1lGzLoR
bj66Cg6CFcwMPbOdRbDHfJ5U+rPW/W2+SsFvW/x3DdPRP7mdskDIQycKrmPGSZpt
9+ZI4cc5SlugZhi+kSG6RwCqmApNBxq98WLqC/YBF36Wfw==
-----END CERTIFICATE-----
Generated at Thu Mar 27 01:02:46 2025 by rpki-client