Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131372e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3131372e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          H/3gQfH0RSBooun/1aGScCeQl8ZRJlSJHoiq7P4DhIk=
Subject key identifier:   7C:33:67:CB:68:58:32:A4:17:9F:38:B0:9B:C5:E8:13:A2:0E:44:ED
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       5E58813918E3BF33D7262580D85D47E712C6A17F
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131372e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:16 +0000
ROA not before:           Tue 04 Feb 2025 18:03:16 +0000
ROA not after:            Tue 03 Feb 2026 18:08:16 +0000
asID:                     27823
IP address blocks:        200.58.117.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:58:81:39:18:e3:bf:33:d7:26:25:80:d8:5d:47:e7:12:c6:a1:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:16 2025 GMT
            Not After : Feb  3 18:08:16 2026 GMT
        Subject: CN=7C3367CB685832A4179F38B09BC5E813A20E44ED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:11:42:93:3f:4f:72:98:b4:94:77:dd:a6:08:
                    c6:06:2e:4c:f2:62:2f:ea:24:a2:32:ab:1b:ac:3c:
                    41:30:87:62:e4:71:d3:da:cf:12:bf:d2:f9:d5:98:
                    b7:ae:25:1a:72:6a:bf:fb:b7:d0:5a:c2:23:f1:de:
                    ae:6f:f6:d7:48:52:bf:ee:ed:fb:4c:f7:d6:e3:7f:
                    62:81:f8:25:c2:e1:92:f4:ef:e4:e8:a7:a0:2d:10:
                    17:83:9c:d3:f1:45:10:f9:09:94:f8:86:21:09:7f:
                    7d:b9:b7:c2:43:91:6c:3a:a1:79:09:ae:18:77:86:
                    30:30:a2:72:ab:21:8a:bd:9d:50:00:10:a2:0f:f6:
                    b0:41:b1:01:6c:98:6f:30:50:c1:dd:e4:d4:2b:3b:
                    88:76:ef:79:e9:8e:d5:0f:8f:ce:fa:1b:66:02:25:
                    7f:65:65:c0:7f:0c:4c:64:88:31:b3:46:af:df:32:
                    61:66:46:8e:48:59:bd:5a:b0:a7:30:d6:91:fe:3b:
                    1a:09:36:ee:f4:d9:ef:9a:99:d5:cc:df:9a:c5:c8:
                    78:59:87:86:07:8a:c9:93:9c:9e:e1:ad:89:dc:38:
                    cb:61:d4:1f:d2:f9:37:b3:0e:ed:17:d8:e0:d1:2b:
                    15:cb:2d:b6:d1:d4:b8:15:36:f5:49:7c:4a:22:ea:
                    d0:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:33:67:CB:68:58:32:A4:17:9F:38:B0:9B:C5:E8:13:A2:0E:44:ED
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131372e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:01:2e:8e:87:98:de:77:b3:02:0d:47:b5:52:f0:1c:b1:46:
         0b:09:11:93:e1:51:ce:8b:3f:c2:b3:a8:da:7a:a0:b7:0e:17:
         c7:2b:69:08:29:08:17:09:d7:2a:2f:5e:6a:68:d0:43:7f:1b:
         0e:5e:b3:11:35:fb:3f:b9:7b:c2:59:62:c1:ed:93:bb:c6:d9:
         51:70:a2:28:0a:a9:79:98:ec:4c:4f:e4:65:dc:fd:db:0a:5b:
         3f:dc:a4:a6:f2:5b:5a:68:d2:5b:bd:6e:a4:be:af:62:9a:80:
         ec:5f:5b:c8:8e:cd:9d:51:95:51:9e:ca:19:0b:2a:f3:4b:36:
         33:ce:cd:5d:7f:59:e5:4d:e0:11:b5:fd:61:cb:02:88:42:91:
         56:c0:0b:b5:03:63:54:ae:b3:91:12:6d:a3:45:07:50:1a:c8:
         a4:fa:8b:8b:f7:1b:a6:c5:a9:55:b3:8b:f3:83:7d:04:c0:d9:
         ce:b1:1c:ad:e1:c4:43:cf:21:19:f4:f2:45:d1:71:12:e9:b6:
         1c:ac:b1:ae:b6:63:19:6d:68:1a:40:00:ca:94:72:4c:f9:10:
         6b:7e:0a:6c:35:41:34:66:a7:ae:4d:3a:0d:04:4b:c5:95:56:
         0b:ba:5c:93:df:10:92:79:0e:80:ea:ce:86:32:45:35:dd:24:
         90:5a:82:b2
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUXliBORjjvzPXJiWA2F1H5xLGoX8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTZaFw0yNjAyMDMxODA4MTZaMDMxMTAvBgNV
BAMTKDdDMzM2N0NCNjg1ODMyQTQxNzlGMzhCMDlCQzVFODEzQTIwRTQ0RUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxEUKTP09ymLSUd92mCMYGLkzy
Yi/qJKIyqxusPEEwh2LkcdPazxK/0vnVmLeuJRpyar/7t9BawiPx3q5v9tdIUr/u
7ftM99bjf2KB+CXC4ZL07+Top6AtEBeDnNPxRRD5CZT4hiEJf325t8JDkWw6oXkJ
rhh3hjAwonKrIYq9nVAAEKIP9rBBsQFsmG8wUMHd5NQrO4h273npjtUPj876G2YC
JX9lZcB/DExkiDGzRq/fMmFmRo5IWb1asKcw1pH+OxoJNu702e+amdXM35rFyHhZ
h4YHismTnJ7hrYncOMth1B/S+TezDu0X2ODRKxXLLbbR1LgVNvVJfEoi6tDdAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUfDNny2hYMqQXnziwm8XoE6IORO0wHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMTM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6dTAN
BgkqhkiG9w0BAQsFAAOCAQEAAAEujoeY3nezAg1HtVLwHLFGCwkRk+FRzos/wrOo
2nqgtw4XxytpCCkIFwnXKi9eamjQQ38bDl6zETX7P7l7wlliwe2Tu8bZUXCiKAqp
eZjsTE/kZdz92wpbP9ykpvJbWmjSW71upL6vYpqA7F9byI7NnVGVUZ7KGQsq80s2
M87NXX9Z5U3gEbX9YcsCiEKRVsALtQNjVK6zkRJto0UHUBrIpPqLi/cbpsWpVbOL
84N9BMDZzrEcreHEQ88hGfTyRdFxEum2HKyxrrZjGW1oGkAAypRyTPkQa34KbDVB
NGanrk06DQRLxZVWC7pck98QknkOgOrOhjJFNd0kkFqCsg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:47 2025 by rpki-client