Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131352e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3131352e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          WcnOxfJx5EEWQtI9PVcYfzoy9z8YDDocDMjGvWSE0OU=
Subject key identifier:   C2:68:F5:AE:DA:67:38:CD:96:22:7B:C7:00:77:CD:92:50:39:88:7D
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       3B57D249CE9449E806F222A22802CD419C419CA3
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131352e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:15 +0000
ROA not before:           Tue 04 Feb 2025 18:03:15 +0000
ROA not after:            Tue 03 Feb 2026 18:08:15 +0000
asID:                     27823
IP address blocks:        200.58.115.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:57:d2:49:ce:94:49:e8:06:f2:22:a2:28:02:cd:41:9c:41:9c:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:15 2025 GMT
            Not After : Feb  3 18:08:15 2026 GMT
        Subject: CN=C268F5AEDA6738CD96227BC70077CD925039887D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:de:ef:60:33:ef:f5:01:e9:99:2f:73:55:51:
                    a4:f2:16:ce:4a:e7:46:55:a2:38:4d:b2:87:6d:54:
                    12:ce:ab:a3:77:ea:50:69:f0:0a:fe:5a:33:55:8f:
                    90:83:ad:fd:34:44:98:26:9d:40:c1:69:c5:dc:a2:
                    46:9a:08:8a:29:1e:a7:eb:0c:38:6a:70:f6:22:e2:
                    84:a9:d2:35:94:0e:d7:b4:9a:c6:32:ab:eb:e3:4e:
                    2c:99:75:2a:80:c4:43:7c:23:7b:64:f9:70:02:80:
                    6a:0a:ed:21:43:1d:88:f1:15:98:61:66:f6:12:c3:
                    be:20:ea:cd:3f:3c:7d:6e:fd:22:84:a2:f6:31:71:
                    6a:fc:39:75:40:65:76:4d:1f:72:f8:28:76:5e:88:
                    55:2b:4d:ee:9d:9c:2e:11:f9:56:53:12:95:06:f7:
                    25:87:14:3b:1d:fa:44:4b:c8:3e:d7:c9:c2:28:f9:
                    fc:57:e3:37:df:91:32:e4:f5:a6:07:13:89:34:7d:
                    bf:57:ca:7c:4e:3c:74:7f:f6:7d:03:af:87:1c:36:
                    df:4b:4b:cb:49:b9:03:da:63:f5:6d:56:4a:54:15:
                    c1:e3:90:2f:f4:ef:83:89:17:56:9d:ec:f6:09:3d:
                    19:23:1a:27:70:2e:d1:1a:8c:b1:48:41:b7:2d:49:
                    5f:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:68:F5:AE:DA:67:38:CD:96:22:7B:C7:00:77:CD:92:50:39:88:7D
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131352e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:46:34:3a:28:bf:7d:c0:7b:ee:11:53:cb:d9:de:41:5d:ca:
         dd:37:dd:89:6e:ac:08:3c:a9:42:20:18:53:31:40:82:43:62:
         1f:6b:20:58:ec:2c:4d:46:f5:29:f5:ec:d7:c9:f7:77:cb:e7:
         d9:41:35:8e:af:d7:c1:79:94:7b:2c:68:93:af:41:08:18:d9:
         4d:38:a5:ac:97:76:dc:3f:67:fb:7b:f0:69:88:13:f4:85:8a:
         f1:22:52:3b:3c:ad:95:c1:ea:1f:99:6e:1f:cf:27:c5:5e:12:
         85:1a:e0:5d:3b:30:25:06:93:b6:be:b5:5b:98:1f:b4:ee:61:
         21:c7:0e:71:93:5c:76:50:15:78:32:00:0d:46:8d:fe:67:9f:
         9f:0f:cc:51:84:a9:5f:ce:0a:7f:38:f1:0c:ed:d0:bd:47:36:
         9c:2b:b5:29:1e:8c:8e:79:27:4e:b1:a3:b6:3b:45:79:dd:fa:
         a8:9c:b8:f3:86:f9:a9:00:37:42:fd:f6:84:fb:af:d8:4f:af:
         12:4b:80:bd:1e:33:10:c0:f0:26:9b:bf:6c:ff:66:4e:36:4a:
         e2:3f:fa:dd:65:19:94:1c:54:56:72:75:65:21:30:bb:00:33:
         56:a9:f8:be:9a:17:dc:52:c2:cb:e5:78:2d:68:31:80:f5:07:
         13:08:a3:a2
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUO1fSSc6USegG8iKiKALNQZxBnKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTVaFw0yNjAyMDMxODA4MTVaMDMxMTAvBgNV
BAMTKEMyNjhGNUFFREE2NzM4Q0Q5NjIyN0JDNzAwNzdDRDkyNTAzOTg4N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx3u9gM+/1AemZL3NVUaTyFs5K
50ZVojhNsodtVBLOq6N36lBp8Ar+WjNVj5CDrf00RJgmnUDBacXcokaaCIopHqfr
DDhqcPYi4oSp0jWUDte0msYyq+vjTiyZdSqAxEN8I3tk+XACgGoK7SFDHYjxFZhh
ZvYSw74g6s0/PH1u/SKEovYxcWr8OXVAZXZNH3L4KHZeiFUrTe6dnC4R+VZTEpUG
9yWHFDsd+kRLyD7XycIo+fxX4zffkTLk9aYHE4k0fb9XynxOPHR/9n0Dr4ccNt9L
S8tJuQPaY/VtVkpUFcHjkC/074OJF1ad7PYJPRkjGidwLtEajLFIQbctSV+FAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUwmj1rtpnOM2WInvHAHfNklA5iH0wHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMTM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6czAN
BgkqhkiG9w0BAQsFAAOCAQEAhEY0Oii/fcB77hFTy9neQV3K3TfdiW6sCDypQiAY
UzFAgkNiH2sgWOwsTUb1KfXs18n3d8vn2UE1jq/XwXmUeyxok69BCBjZTTilrJd2
3D9n+3vwaYgT9IWK8SJSOzytlcHqH5luH88nxV4ShRrgXTswJQaTtr61W5gftO5h
IccOcZNcdlAVeDIADUaN/mefnw/MUYSpX84KfzjxDO3QvUc2nCu1KR6MjnknTrGj
tjtFed36qJy484b5qQA3Qv32hPuv2E+vEkuAvR4zEMDwJpu/bP9mTjZK4j/63WUZ
lBxUVnJ1ZSEwuwAzVqn4vpoX3FLCy+V4LWgxgPUHEwijog==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:16 2025 by rpki-client