Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131382e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3131382e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          yyLf/VHU2RM2vCU8wvfzCBUsCvY7zBBS2sLnhXARfnY=
Subject key identifier:   A6:48:15:0B:58:89:A0:79:83:C1:C9:51:73:13:D5:7E:F1:C9:DC:23
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       5B1ADD58BCB2B0ACB72E5BC5871A939B2DD401AE
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131382e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:13 +0000
ROA not before:           Tue 04 Feb 2025 18:03:13 +0000
ROA not after:            Tue 03 Feb 2026 18:08:13 +0000
asID:                     27823
IP address blocks:        200.58.118.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:1a:dd:58:bc:b2:b0:ac:b7:2e:5b:c5:87:1a:93:9b:2d:d4:01:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:13 2025 GMT
            Not After : Feb  3 18:08:13 2026 GMT
        Subject: CN=A648150B5889A07983C1C9517313D57EF1C9DC23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:3c:62:0a:77:68:15:5b:c9:4f:11:ed:ae:c3:
                    4e:79:ff:9c:f1:f6:7c:ad:48:eb:92:b6:03:fe:8e:
                    9b:00:1b:29:8e:cb:1b:83:10:30:30:3e:96:d4:6a:
                    07:c3:f7:5d:20:6d:d2:3f:0e:aa:9c:53:b9:61:b4:
                    af:4b:f8:2f:ae:06:3c:93:cf:d0:b1:79:9b:11:0d:
                    7f:88:8a:51:53:b4:aa:34:f3:f9:62:e1:47:1d:d4:
                    49:92:5a:91:e8:c3:8d:c7:0a:fe:89:35:16:83:2f:
                    ed:ed:fc:13:f8:8b:99:76:06:89:7c:7f:e6:ae:79:
                    6b:e9:5c:62:bc:39:17:f5:96:fa:6e:94:6d:db:81:
                    2b:ef:8d:fd:9b:b9:fd:20:38:92:1a:99:94:a0:b9:
                    5e:3d:a6:63:69:99:fa:56:76:73:e4:3b:bb:97:e1:
                    8b:d2:1c:aa:d6:84:58:0f:72:70:fb:04:3c:e4:fc:
                    b0:73:5b:e8:c7:02:e8:57:76:07:ae:e2:2a:7e:9e:
                    9c:99:e1:59:72:ec:f4:8f:92:bb:9b:5c:d3:d5:d9:
                    33:1b:df:57:37:74:b0:a0:9c:7b:d2:50:4a:df:f0:
                    81:a3:5a:55:fe:40:0a:5c:3e:a5:16:14:b9:ec:ef:
                    ad:dd:88:9b:09:c5:60:b0:8e:c1:6d:df:ee:52:9c:
                    55:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:48:15:0B:58:89:A0:79:83:C1:C9:51:73:13:D5:7E:F1:C9:DC:23
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131382e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:38:c8:8a:fe:27:40:3e:33:44:e9:96:4c:a7:50:e0:f1:fb:
         ca:30:1d:3b:93:83:d2:4b:d3:b2:bb:1b:26:e2:e1:c4:5f:91:
         1e:3f:f4:30:d4:7e:65:e3:58:13:85:1d:ab:91:a8:41:60:c8:
         22:1a:b9:70:44:c0:6a:ac:48:08:a0:8d:c3:76:f6:21:92:d7:
         9e:89:b4:8c:55:22:4b:1d:6c:9e:7b:a2:76:cd:0c:fe:24:cf:
         f7:50:88:1d:7f:fb:83:f5:8b:6d:76:58:4b:13:6c:d4:21:ae:
         ed:0d:9c:4c:07:2c:83:34:72:22:de:03:de:32:5f:89:bf:64:
         23:77:ac:c0:ab:dc:cf:6a:67:3f:40:9d:b6:1a:fa:84:87:89:
         94:13:7b:80:b9:3a:e1:9a:27:dc:51:2a:e0:0e:65:f0:5a:59:
         0e:b3:dd:b4:19:6a:25:23:a8:43:8a:fb:e5:43:95:d3:ef:b3:
         3d:a6:4f:dd:56:83:24:50:e9:fe:1c:0d:99:d5:7b:fa:73:de:
         9d:1d:d9:4b:2e:74:e3:8b:d1:5b:1e:07:d3:7d:60:77:3a:be:
         96:19:46:3d:6b:2f:e2:7c:33:5a:80:7d:cf:0c:24:8f:48:35:
         f0:bf:24:06:ac:af:91:27:67:19:b9:4f:e9:82:78:22:23:a8:
         07:e3:d7:bb
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUWxrdWLyysKy3LlvFhxqTmy3UAa4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTNaFw0yNjAyMDMxODA4MTNaMDMxMTAvBgNV
BAMTKEE2NDgxNTBCNTg4OUEwNzk4M0MxQzk1MTczMTNENTdFRjFDOURDMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCePGIKd2gVW8lPEe2uw055/5zx
9nytSOuStgP+jpsAGymOyxuDEDAwPpbUagfD910gbdI/DqqcU7lhtK9L+C+uBjyT
z9CxeZsRDX+IilFTtKo08/li4Ucd1EmSWpHow43HCv6JNRaDL+3t/BP4i5l2Bol8
f+aueWvpXGK8ORf1lvpulG3bgSvvjf2buf0gOJIamZSguV49pmNpmfpWdnPkO7uX
4YvSHKrWhFgPcnD7BDzk/LBzW+jHAuhXdgeu4ip+npyZ4Vly7PSPkrubXNPV2TMb
31c3dLCgnHvSUErf8IGjWlX+QApcPqUWFLns763diJsJxWCwjsFt3+5SnFXbAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUpkgVC1iJoHmDwclRcxPVfvHJ3CMwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMTM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6djAN
BgkqhkiG9w0BAQsFAAOCAQEAezjIiv4nQD4zROmWTKdQ4PH7yjAdO5OD0kvTsrsb
JuLhxF+RHj/0MNR+ZeNYE4Udq5GoQWDIIhq5cETAaqxICKCNw3b2IZLXnom0jFUi
Sx1snnuids0M/iTP91CIHX/7g/WLbXZYSxNs1CGu7Q2cTAcsgzRyIt4D3jJfib9k
I3eswKvcz2pnP0Cdthr6hIeJlBN7gLk64Zon3FEq4A5l8FpZDrPdtBlqJSOoQ4r7
5UOV0++zPaZP3VaDJFDp/hwNmdV7+nPenR3ZSy5044vRWx4H031gdzq+lhlGPWsv
4nwzWoB9zwwkj0g18L8kBqyvkSdnGblP6YJ4IiOoB+PXuw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:22 2025 by rpki-client