Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132372e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3132372e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          L/3EGbE7B635rbdFQerYD6eS4tKeOoJ8SD5UcNxZamE=
Subject key identifier:   25:1D:7B:00:A4:42:B3:67:7E:42:4B:55:C6:96:9C:E2:DE:18:AF:87
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       42021FC9CD385859AC6F4020C33D35DA8A096CDC
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132372e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:23 +0000
ROA not before:           Tue 04 Feb 2025 18:03:23 +0000
ROA not after:            Tue 03 Feb 2026 18:08:23 +0000
asID:                     27823
IP address blocks:        200.58.127.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 31 Mar 2025 05:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:02:1f:c9:cd:38:58:59:ac:6f:40:20:c3:3d:35:da:8a:09:6c:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:23 2025 GMT
            Not After : Feb  3 18:08:23 2026 GMT
        Subject: CN=251D7B00A442B3677E424B55C6969CE2DE18AF87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:4c:30:c0:2d:f3:08:f5:29:24:bd:a8:80:f8:
                    8d:69:0b:db:f1:56:a4:ec:91:cc:8a:33:5a:26:4e:
                    e8:5b:9c:39:ea:56:09:cd:32:db:b8:cc:ef:1e:71:
                    9f:d1:6f:c3:c7:f1:9e:12:58:ed:97:83:ec:70:ea:
                    d1:ff:12:e7:6b:2c:32:f9:ea:aa:b8:83:89:0b:a7:
                    74:b1:17:e9:c6:bc:23:bb:01:c7:f0:6a:21:04:54:
                    3e:15:ef:3a:aa:6b:f5:a3:3b:a3:c5:95:62:9e:5b:
                    19:80:47:b2:99:c0:b0:b1:0c:18:9e:5a:b6:f2:78:
                    7e:ec:20:32:ce:24:b5:61:e7:50:00:ae:d3:50:ab:
                    ea:1a:be:5b:99:29:a0:62:99:40:82:8c:2e:95:f7:
                    2b:a4:6b:80:54:1c:0c:ef:6d:62:9d:b0:5f:97:90:
                    64:d8:9d:f9:fb:e4:b3:3f:1d:90:66:a8:b8:bc:ea:
                    73:da:8a:5d:cd:86:ad:4f:3d:0f:5d:bf:61:4a:07:
                    65:c9:89:25:13:76:f9:eb:e6:b4:e1:60:b3:0f:10:
                    48:f4:5f:f8:1b:ce:1b:dc:2c:be:c4:e3:48:bd:c2:
                    ab:3c:51:a6:83:cd:29:3f:aa:fa:71:69:db:55:84:
                    a6:72:d8:0b:cc:9f:a9:76:14:b1:8c:f3:ee:d9:74:
                    46:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:1D:7B:00:A4:42:B3:67:7E:42:4B:55:C6:96:9C:E2:DE:18:AF:87
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132372e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:ff:2a:33:7b:5a:27:87:d4:e2:6d:c1:69:5b:24:5d:1e:e5:
         21:5a:22:6f:5b:af:cc:50:87:0b:d0:d2:03:26:2b:34:58:9f:
         f4:2d:aa:cc:ca:05:42:88:52:85:3b:30:00:66:d5:9e:ce:a5:
         31:de:be:84:66:bd:6b:26:1a:91:d1:14:45:f8:e3:89:51:a0:
         eb:be:1b:96:cf:11:23:f4:9c:a0:ea:17:b9:b3:3b:3e:6f:ae:
         37:f5:82:2d:cf:1d:48:ad:1b:ab:16:5e:0e:b3:b0:30:37:cd:
         f0:b9:f1:57:b0:2a:4a:27:7e:04:c1:2b:f8:9e:22:59:4a:d5:
         82:ce:28:34:ee:43:ab:35:26:ee:a9:2e:fa:1e:c2:3e:0a:d8:
         fe:1d:60:c6:ce:ef:7a:bd:de:8b:a6:2b:83:f0:b7:26:b7:47:
         1c:02:17:17:00:e8:06:70:b1:ae:da:85:c2:4f:63:d9:07:17:
         84:89:32:df:3e:86:d4:01:14:13:7e:08:79:fc:d9:4b:b5:0f:
         5f:98:d0:d7:a9:cd:e1:42:b7:37:aa:3f:97:2c:46:58:bc:1c:
         02:51:67:40:d3:a7:eb:00:9c:2d:ca:8c:25:04:e7:23:f8:4f:
         33:5e:81:d3:43:d7:7b:5d:f7:90:69:3e:b1:d4:93:45:a9:fe:
         9f:29:30:83
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUQgIfyc04WFmsb0Agwz012ooJbNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjNaFw0yNjAyMDMxODA4MjNaMDMxMTAvBgNV
BAMTKDI1MUQ3QjAwQTQ0MkIzNjc3RTQyNEI1NUM2OTY5Q0UyREUxOEFGODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiTDDALfMI9SkkvaiA+I1pC9vx
VqTskcyKM1omTuhbnDnqVgnNMtu4zO8ecZ/Rb8PH8Z4SWO2Xg+xw6tH/EudrLDL5
6qq4g4kLp3SxF+nGvCO7AcfwaiEEVD4V7zqqa/WjO6PFlWKeWxmAR7KZwLCxDBie
WrbyeH7sIDLOJLVh51AArtNQq+oavluZKaBimUCCjC6V9yuka4BUHAzvbWKdsF+X
kGTYnfn75LM/HZBmqLi86nPail3Nhq1PPQ9dv2FKB2XJiSUTdvnr5rThYLMPEEj0
X/gbzhvcLL7E40i9wqs8UaaDzSk/qvpxadtVhKZy2AvMn6l2FLGM8+7ZdEb9AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUJR17AKRCs2d+QktVxpac4t4Yr4cwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMjM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6fzAN
BgkqhkiG9w0BAQsFAAOCAQEAgv8qM3taJ4fU4m3BaVskXR7lIVoib1uvzFCHC9DS
AyYrNFif9C2qzMoFQohShTswAGbVns6lMd6+hGa9ayYakdEURfjjiVGg674bls8R
I/ScoOoXubM7Pm+uN/WCLc8dSK0bqxZeDrOwMDfN8LnxV7AqSid+BMEr+J4iWUrV
gs4oNO5DqzUm7qku+h7CPgrY/h1gxs7ver3ei6Yrg/C3JrdHHAIXFwDoBnCxrtqF
wk9j2QcXhIky3z6G1AEUE34IefzZS7UPX5jQ16nN4UK3N6o/lyxGWLwcAlFnQNOn
6wCcLcqMJQTnI/hPM16B00PXe133kGk+sdSTRan+nykwgw==
-----END CERTIFICATE-----
Generated at Wed Mar 26 23:42:00 2025 by rpki-client