Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131342e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3131342e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          SNHEYAfJYCG2SAsRRg5/Np2fJYPCz6YnSyVXwjLpXhQ=
Subject key identifier:   7D:B8:B8:44:B1:93:14:C6:85:D1:5B:E0:2F:C6:DE:6D:4F:B1:D9:FA
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       78828306747E6E2E0EAF9D71F3F825D2A65857AC
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131342e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:24 +0000
ROA not before:           Tue 04 Feb 2025 18:03:24 +0000
ROA not after:            Tue 03 Feb 2026 18:08:24 +0000
asID:                     27823
IP address blocks:        200.58.114.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:82:83:06:74:7e:6e:2e:0e:af:9d:71:f3:f8:25:d2:a6:58:57:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:24 2025 GMT
            Not After : Feb  3 18:08:24 2026 GMT
        Subject: CN=7DB8B844B19314C685D15BE02FC6DE6D4FB1D9FA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:6d:35:d7:73:01:b5:f6:96:ec:a2:dd:73:3c:
                    04:04:6d:62:d8:60:75:5d:95:60:05:bf:0e:d3:0b:
                    0e:83:64:07:c0:3b:c1:4f:eb:9e:8f:24:3d:25:41:
                    09:6d:0a:5f:4c:5e:5d:66:43:35:d1:da:0e:42:df:
                    82:9d:dd:f5:ae:66:90:ad:ed:d7:82:e2:6b:81:77:
                    cc:c9:f6:b1:46:08:8a:e5:59:bf:8b:a3:9d:8d:15:
                    0c:d7:2d:4e:3a:6a:e6:88:06:6e:b7:27:fe:ae:d9:
                    5c:5d:d4:e8:59:99:28:cf:2c:e2:28:dd:c1:c8:77:
                    e5:c9:61:b8:71:53:7d:89:69:b7:36:e0:a7:78:ac:
                    ca:eb:4a:73:82:d4:80:aa:b5:79:e5:1f:08:01:ef:
                    55:87:c2:69:75:c0:53:7a:33:e8:93:86:4a:1f:4e:
                    26:b1:41:a6:7e:49:1d:57:53:6b:fe:8a:e5:ad:40:
                    02:83:f0:16:bb:8f:e6:7e:7d:53:38:47:69:4d:76:
                    66:c5:05:43:77:49:63:49:3b:43:15:cb:56:df:a4:
                    1b:df:37:93:8e:ce:e1:85:d4:d0:00:e7:4c:d6:65:
                    5f:01:74:4d:73:df:10:12:b3:26:04:d9:d1:10:33:
                    55:e9:41:f5:58:7c:4d:cc:55:29:3d:02:2d:04:4d:
                    e5:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:B8:B8:44:B1:93:14:C6:85:D1:5B:E0:2F:C6:DE:6D:4F:B1:D9:FA
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131342e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:7c:c0:e8:e9:ee:df:47:c2:17:ff:82:0e:ee:93:21:89:d8:
         3c:18:ca:c8:13:0d:f8:22:bc:ea:66:95:34:c5:ad:34:c8:c7:
         86:4c:37:c2:23:72:b1:6f:b7:bc:73:1f:c2:40:de:03:43:78:
         dc:05:aa:2c:d1:b4:2f:4e:79:b7:0f:d5:31:90:98:6f:44:99:
         28:0b:1f:79:98:d1:4c:04:d5:3c:73:4d:13:22:ac:86:27:a2:
         04:cf:b0:0c:53:c8:bc:25:7d:93:c2:f9:76:e5:d2:03:eb:e5:
         7b:09:42:99:f1:3a:31:cd:2e:0d:3b:ba:b9:bb:61:2d:57:1a:
         89:dc:77:1d:e0:af:68:5b:e9:70:6f:b0:a0:a6:57:e6:c2:79:
         fb:ff:72:44:88:b2:5b:fa:dd:59:c4:73:41:96:93:1e:b7:ed:
         9b:64:0c:a1:60:c7:fd:1f:6e:46:b1:e3:e7:dc:7a:cf:15:4b:
         e2:01:c6:25:83:7d:e7:5c:f1:5b:8f:51:7b:46:86:d6:72:cf:
         9d:8a:74:1e:e2:2c:69:60:6f:b4:b7:14:5d:cf:21:6b:03:41:
         61:b7:8b:09:b7:15:ed:7b:ab:2d:64:58:f8:8a:3a:5c:c2:6b:
         5f:73:c8:7b:5f:83:65:dd:ef:0d:fb:5c:00:ab:58:c2:73:32:
         a2:a9:81:7c
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUeIKDBnR+bi4Or51x8/gl0qZYV6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjRaFw0yNjAyMDMxODA4MjRaMDMxMTAvBgNV
BAMTKDdEQjhCODQ0QjE5MzE0QzY4NUQxNUJFMDJGQzZERTZENEZCMUQ5RkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEbTXXcwG19pbsot1zPAQEbWLY
YHVdlWAFvw7TCw6DZAfAO8FP656PJD0lQQltCl9MXl1mQzXR2g5C34Kd3fWuZpCt
7deC4muBd8zJ9rFGCIrlWb+Lo52NFQzXLU46auaIBm63J/6u2Vxd1OhZmSjPLOIo
3cHId+XJYbhxU32Jabc24Kd4rMrrSnOC1ICqtXnlHwgB71WHwml1wFN6M+iThkof
TiaxQaZ+SR1XU2v+iuWtQAKD8Ba7j+Z+fVM4R2lNdmbFBUN3SWNJO0MVy1bfpBvf
N5OOzuGF1NAA50zWZV8BdE1z3xASsyYE2dEQM1XpQfVYfE3MVSk9Ai0ETeXjAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUfbi4RLGTFMaF0VvgL8bebU+x2fowHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMTM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6cjAN
BgkqhkiG9w0BAQsFAAOCAQEAVXzA6Onu30fCF/+CDu6TIYnYPBjKyBMN+CK86maV
NMWtNMjHhkw3wiNysW+3vHMfwkDeA0N43AWqLNG0L055tw/VMZCYb0SZKAsfeZjR
TATVPHNNEyKshieiBM+wDFPIvCV9k8L5duXSA+vlewlCmfE6Mc0uDTu6ubthLVca
idx3HeCvaFvpcG+woKZX5sJ5+/9yRIiyW/rdWcRzQZaTHrftm2QMoWDH/R9uRrHj
59x6zxVL4gHGJYN951zxW49Re0aG1nLPnYp0HuIsaWBvtLcUXc8hawNBYbeLCbcV
7XurLWRY+Io6XMJrX3PIe1+DZd3vDftcAKtYwnMyoqmBfA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:08 2025 by rpki-client