Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132362e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3132362e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          G1l1OnzH8b2wU8IhgqCZrr08Re01zMwq7hwPEJOD4KQ=
Subject key identifier:   F6:7A:A1:32:BE:0E:5D:D1:3D:F8:58:5B:02:BF:40:A2:70:D9:AD:7F
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       6D6AC418BF56AD70F20CE6E69752AFC07A83A9FE
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132362e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:14 +0000
ROA not before:           Tue 04 Feb 2025 18:03:14 +0000
ROA not after:            Tue 03 Feb 2026 18:08:14 +0000
asID:                     27823
IP address blocks:        200.58.126.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:6a:c4:18:bf:56:ad:70:f2:0c:e6:e6:97:52:af:c0:7a:83:a9:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:14 2025 GMT
            Not After : Feb  3 18:08:14 2026 GMT
        Subject: CN=F67AA132BE0E5DD13DF8585B02BF40A270D9AD7F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:cb:7d:c3:cc:e3:a3:14:99:08:51:8e:c0:82:
                    06:42:47:5d:a0:6f:05:56:0c:5c:43:cd:a2:48:e5:
                    8d:d5:b2:ea:df:38:ae:9a:21:f6:5a:45:4b:99:42:
                    ce:4a:92:51:b1:21:1e:db:4d:7a:8c:28:75:bc:87:
                    1a:d5:e1:8b:2a:fb:03:fe:e0:cf:bf:12:52:d9:4a:
                    62:ae:e6:e0:2c:34:7f:d9:a5:5a:25:a5:fb:56:fb:
                    71:f1:79:cb:78:ea:88:6b:71:03:ad:14:d2:31:49:
                    27:cb:9f:7a:d9:15:17:a6:c4:82:66:0c:54:0f:c0:
                    db:54:64:36:e5:bf:0d:c8:10:e6:12:67:1d:1e:d8:
                    05:1a:9d:c3:15:26:e1:f0:ef:06:48:0f:25:8f:a4:
                    a4:80:3b:54:5c:28:1b:30:3a:64:f0:7a:ee:c7:6c:
                    06:c7:5e:2f:3c:51:1b:78:4b:d3:44:d7:b6:46:af:
                    6e:48:06:cc:2c:c8:bb:b1:cb:97:c7:ad:e1:f7:7b:
                    46:f9:70:5a:6c:09:cd:17:1a:49:f7:16:33:dc:90:
                    67:76:e9:36:13:2d:c2:26:26:65:11:2a:23:8d:f0:
                    be:6a:5e:db:a1:80:af:ac:dd:4e:ca:c7:3a:e0:6e:
                    e8:d3:a0:f1:93:58:fe:57:07:6a:d3:db:8b:0c:27:
                    a6:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:7A:A1:32:BE:0E:5D:D1:3D:F8:58:5B:02:BF:40:A2:70:D9:AD:7F
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132362e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:5f:86:83:e3:86:2a:d2:81:70:cb:41:9d:cb:e6:76:6e:15:
         2f:3f:55:f5:e5:9b:2d:49:ed:74:e9:83:39:1a:f7:2a:2b:45:
         e6:72:6c:24:ab:a3:fe:17:46:c5:bc:0d:10:53:4e:a6:3f:03:
         88:4a:3b:4e:16:e0:53:92:81:6c:25:8e:c5:41:50:5a:9d:1b:
         c6:ff:73:55:ef:ac:89:d4:6e:27:e9:3b:e1:ce:83:a9:0c:59:
         d2:d3:e5:27:71:c7:d2:40:94:ba:de:6e:b2:4d:51:22:f2:c3:
         8a:74:14:f9:18:10:11:f9:6d:06:09:99:8e:15:d9:72:90:c8:
         07:c1:14:b9:39:b0:0d:07:ce:72:97:55:0c:30:fe:c0:1f:ef:
         78:1f:db:7e:9e:03:0a:61:fd:ed:2e:fc:45:c1:40:e0:5f:f6:
         56:25:73:0c:23:ae:1d:88:39:5f:be:20:e9:f7:fb:02:ec:18:
         bc:7c:20:bc:a9:09:99:ce:cc:f1:06:e1:70:ed:5c:b5:4d:12:
         29:f4:f9:bb:3c:59:a0:60:90:c7:bd:dd:57:84:b6:60:b0:3f:
         7d:70:c6:d1:f9:d0:0a:d5:22:11:e7:32:a4:24:4c:4b:be:d8:
         1f:73:6a:a8:f4:ab:59:e3:50:f9:77:a4:78:3a:89:d5:4c:70:
         5b:76:2a:19
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUbWrEGL9WrXDyDObml1KvwHqDqf4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTRaFw0yNjAyMDMxODA4MTRaMDMxMTAvBgNV
BAMTKEY2N0FBMTMyQkUwRTVERDEzREY4NTg1QjAyQkY0MEEyNzBEOUFEN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsy33DzOOjFJkIUY7AggZCR12g
bwVWDFxDzaJI5Y3VsurfOK6aIfZaRUuZQs5KklGxIR7bTXqMKHW8hxrV4Ysq+wP+
4M+/ElLZSmKu5uAsNH/ZpVolpftW+3Hxect46ohrcQOtFNIxSSfLn3rZFRemxIJm
DFQPwNtUZDblvw3IEOYSZx0e2AUancMVJuHw7wZIDyWPpKSAO1RcKBswOmTweu7H
bAbHXi88URt4S9NE17ZGr25IBswsyLuxy5fHreH3e0b5cFpsCc0XGkn3FjPckGd2
6TYTLcImJmURKiON8L5qXtuhgK+s3U7KxzrgbujToPGTWP5XB2rT24sMJ6ZpAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU9nqhMr4OXdE9+FhbAr9AonDZrX8wHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMjM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6fjAN
BgkqhkiG9w0BAQsFAAOCAQEAdV+Gg+OGKtKBcMtBncvmdm4VLz9V9eWbLUntdOmD
ORr3KitF5nJsJKuj/hdGxbwNEFNOpj8DiEo7ThbgU5KBbCWOxUFQWp0bxv9zVe+s
idRuJ+k74c6DqQxZ0tPlJ3HH0kCUut5usk1RIvLDinQU+RgQEfltBgmZjhXZcpDI
B8EUuTmwDQfOcpdVDDD+wB/veB/bfp4DCmH97S78RcFA4F/2ViVzDCOuHYg5X74g
6ff7AuwYvHwgvKkJmc7M8QbhcO1ctU0SKfT5uzxZoGCQx73dV4S2YLA/fXDG0fnQ
CtUiEecypCRMS77YH3NqqPSrWeNQ+XekeDqJ1UxwW3YqGQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:47:01 2025 by rpki-client