Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132312e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3132312e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          kv0JQ8PrfQBlAfwiUtDvpQBt0S6ceM/YTok3k8p6GBw=
Subject key identifier:   5D:07:3E:A5:D5:93:59:A5:07:51:9D:E4:D4:03:40:E4:6A:7C:A3:49
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       1FFFBC902E76F7AAA10E6CAEDFA2BB083D1DBA1F
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132312e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:11 +0000
ROA not before:           Tue 04 Feb 2025 18:03:11 +0000
ROA not after:            Tue 03 Feb 2026 18:08:11 +0000
asID:                     27823
IP address blocks:        200.58.121.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:ff:bc:90:2e:76:f7:aa:a1:0e:6c:ae:df:a2:bb:08:3d:1d:ba:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:11 2025 GMT
            Not After : Feb  3 18:08:11 2026 GMT
        Subject: CN=5D073EA5D59359A507519DE4D40340E46A7CA349
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ac:80:6a:f4:f7:82:06:01:52:4f:41:c7:a2:
                    e1:ae:80:c7:63:82:ae:f9:b9:6c:54:eb:d6:22:4a:
                    9b:f1:86:84:f5:4e:c1:72:1e:a4:ff:90:9d:08:61:
                    62:bb:96:9a:26:6a:81:e1:d0:08:0c:68:51:e5:3d:
                    46:f4:6a:69:31:fd:b3:7d:ff:22:d7:e9:7e:55:d1:
                    50:81:23:25:da:96:ac:ac:f8:7a:5a:a0:82:c5:5c:
                    13:ed:14:53:2e:5f:ac:cf:13:22:65:fe:40:16:f6:
                    2f:6f:fb:1a:13:f1:05:b5:75:fb:b0:41:65:dc:30:
                    99:ff:ef:5a:36:df:d9:be:6d:36:b3:f4:30:2e:73:
                    50:f6:63:57:0e:af:71:1e:9e:56:e4:df:ee:c3:fe:
                    18:18:1a:14:25:54:30:13:20:0e:f8:09:62:ea:5e:
                    e6:89:cb:0e:cc:f6:79:56:16:15:d1:36:68:b8:4e:
                    18:ed:59:b6:75:fb:67:80:0c:c6:79:68:71:ec:72:
                    9e:5b:16:d5:78:15:42:7a:92:f0:2f:50:ff:25:00:
                    bd:b3:25:f4:1c:72:7f:d3:b6:bd:19:22:b8:70:c1:
                    27:12:4c:5a:49:ec:4f:27:2c:5c:14:c2:3b:89:38:
                    7f:44:a7:04:24:11:06:55:35:e2:35:13:5d:a8:32:
                    88:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:07:3E:A5:D5:93:59:A5:07:51:9D:E4:D4:03:40:E4:6A:7C:A3:49
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132312e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:06:b4:cf:b0:bf:cc:ca:89:17:1a:f6:23:11:4d:20:dd:71:
         50:29:81:d9:0a:3a:15:61:60:27:cf:ac:f8:77:3d:88:12:ee:
         ca:99:7d:98:10:2e:f1:8e:7a:3e:a9:be:6e:cd:a9:04:06:ee:
         e3:29:04:5c:f6:d1:00:3d:25:4c:59:76:11:9c:92:20:20:c5:
         ba:d3:a7:51:ad:c2:e4:29:11:0e:71:86:92:31:9f:46:30:16:
         d1:61:7b:63:d5:53:90:24:de:28:f3:7b:46:48:8c:fa:44:8a:
         be:9d:30:3d:44:05:66:68:c4:14:12:f5:a3:63:d2:cf:48:99:
         90:af:d8:a7:ee:f4:5c:ad:db:f2:4c:a2:43:e1:b1:97:4e:94:
         59:ce:66:7b:f0:f0:c9:03:39:58:1c:a5:75:76:25:42:80:82:
         f6:37:7f:90:c3:7a:c0:e8:45:5d:23:ff:75:93:ee:46:3b:79:
         16:8c:8f:53:34:72:bd:83:d7:de:ae:e2:94:b5:ca:92:9c:0f:
         1f:14:59:9e:78:02:23:79:db:03:a7:53:f1:f6:6b:7d:87:fe:
         82:4c:a8:c2:1e:28:2a:f5:37:27:db:45:45:d8:be:98:f8:9c:
         d6:dd:19:30:63:24:0d:c8:e0:91:9f:45:ee:27:68:89:4a:d8:
         43:7a:b5:cb
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUH/+8kC5296qhDmyu36K7CD0duh8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTFaFw0yNjAyMDMxODA4MTFaMDMxMTAvBgNV
BAMTKDVEMDczRUE1RDU5MzU5QTUwNzUxOURFNEQ0MDM0MEU0NkE3Q0EzNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8rIBq9PeCBgFST0HHouGugMdj
gq75uWxU69YiSpvxhoT1TsFyHqT/kJ0IYWK7lpomaoHh0AgMaFHlPUb0amkx/bN9
/yLX6X5V0VCBIyXalqys+HpaoILFXBPtFFMuX6zPEyJl/kAW9i9v+xoT8QW1dfuw
QWXcMJn/71o239m+bTaz9DAuc1D2Y1cOr3Eenlbk3+7D/hgYGhQlVDATIA74CWLq
XuaJyw7M9nlWFhXRNmi4ThjtWbZ1+2eADMZ5aHHscp5bFtV4FUJ6kvAvUP8lAL2z
JfQccn/Ttr0ZIrhwwScSTFpJ7E8nLFwUwjuJOH9EpwQkEQZVNeI1E12oMogfAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUXQc+pdWTWaUHUZ3k1ANA5Gp8o0kwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMjMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6eTAN
BgkqhkiG9w0BAQsFAAOCAQEACga0z7C/zMqJFxr2IxFNIN1xUCmB2Qo6FWFgJ8+s
+Hc9iBLuypl9mBAu8Y56Pqm+bs2pBAbu4ykEXPbRAD0lTFl2EZySICDFutOnUa3C
5CkRDnGGkjGfRjAW0WF7Y9VTkCTeKPN7RkiM+kSKvp0wPUQFZmjEFBL1o2PSz0iZ
kK/Yp+70XK3b8kyiQ+Gxl06UWc5me/DwyQM5WByldXYlQoCC9jd/kMN6wOhFXSP/
dZPuRjt5FoyPUzRyvYPX3q7ilLXKkpwPHxRZnngCI3nbA6dT8fZrfYf+gkyowh4o
KvU3J9tFRdi+mPic1t0ZMGMkDcjgkZ9F7idoiUrYQ3q1yw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:41 2025 by rpki-client