Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e39372e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e39372e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          +gC7wTL6rKKi/cfHXP5NAUsqywxwTE+klC4UMyOiuzs=
Subject key identifier:   3E:8D:03:1A:41:22:11:76:27:2D:F5:48:88:17:AD:AF:9C:C1:34:3A
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       1D82BEE31BBABD9575C0BA3DD331C738AFC6B0AD
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e39372e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:22 +0000
ROA not before:           Tue 04 Feb 2025 18:03:22 +0000
ROA not after:            Tue 03 Feb 2026 18:08:22 +0000
asID:                     27823
IP address blocks:        200.58.97.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:82:be:e3:1b:ba:bd:95:75:c0:ba:3d:d3:31:c7:38:af:c6:b0:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:22 2025 GMT
            Not After : Feb  3 18:08:22 2026 GMT
        Subject: CN=3E8D031A41221176272DF5488817ADAF9CC1343A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e4:91:22:bf:95:e6:1f:2a:62:ca:e8:14:04:
                    31:93:4e:d8:72:ce:eb:11:57:4b:24:b2:fe:07:15:
                    44:46:76:15:f5:69:55:37:bb:93:7c:cb:56:63:ed:
                    f6:f4:6a:53:d0:04:3f:ee:40:d2:02:47:2e:c6:e5:
                    4e:dc:6d:c5:89:7c:49:08:de:83:93:f8:eb:77:7c:
                    7a:af:e4:18:0d:cd:f3:44:e4:61:a7:e2:fd:74:01:
                    1e:aa:a9:f8:27:90:f1:67:6e:2a:70:74:73:5f:7e:
                    d7:56:cd:a6:20:55:05:0c:57:a1:14:f9:99:5a:53:
                    ce:97:c0:21:99:43:3d:4d:f6:09:49:6f:75:e8:0d:
                    2e:f6:59:78:a0:f9:d9:4d:93:d6:cc:08:29:42:09:
                    98:66:34:65:7a:c7:a1:ac:ad:00:93:6d:b7:65:f2:
                    96:b0:fb:00:bd:24:98:dc:81:ee:7b:0e:ef:43:f3:
                    b7:ca:26:00:0a:f1:19:38:dc:63:ae:98:15:e3:4b:
                    16:f1:7b:c8:66:6d:2a:f3:0b:86:4b:2b:2b:6c:a8:
                    6b:6a:07:3a:b4:07:eb:99:c3:60:71:79:80:c1:ef:
                    c6:3f:6f:be:c5:c4:d0:c7:7a:79:03:2c:fd:66:40:
                    6e:b8:9f:c0:cd:e2:46:05:5d:23:b5:50:ea:4d:e1:
                    df:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:8D:03:1A:41:22:11:76:27:2D:F5:48:88:17:AD:AF:9C:C1:34:3A
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e39372e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bc:59:c8:9b:53:2c:79:e0:3c:e1:88:21:2a:5d:38:49:0b:61:
         5e:2f:0a:ba:15:aa:e0:30:ca:57:9e:29:98:dc:8e:89:68:91:
         3f:a6:46:ca:24:a3:86:2e:3c:6b:01:4c:5b:e6:4e:7e:91:6a:
         f9:62:71:b0:be:1f:8f:23:66:3c:56:ea:82:c3:05:22:ea:8d:
         e3:a9:fd:7a:f8:ae:10:72:d0:b7:87:2d:9a:44:53:24:be:cd:
         22:69:f8:01:43:3d:8f:25:b8:b0:73:fe:d9:f3:05:ed:16:06:
         21:f1:ae:1a:e1:73:43:09:4e:e9:05:72:bb:4c:98:72:e3:4a:
         21:52:3d:7f:d2:01:ec:b7:5d:48:31:24:24:bb:6f:17:2b:54:
         c0:02:c7:4d:c1:01:03:a7:73:78:98:18:1f:a6:d6:7a:1b:1d:
         2f:f8:c7:05:3a:a7:0a:3a:fd:fe:6b:59:da:0e:44:ab:29:b1:
         86:2d:90:bf:22:28:36:69:05:6d:ca:4d:aa:c3:67:67:fe:28:
         eb:94:f9:27:8d:d9:bb:a4:17:e0:f4:43:06:2a:ac:30:28:d5:
         71:0d:f2:be:6d:8a:5a:a4:ed:c7:d6:f1:8b:4c:85:3e:52:77:
         07:d2:8f:fb:98:7d:5f:32:01:d1:46:d3:05:a7:4c:bf:d0:19:
         8a:7a:bd:81
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUHYK+4xu6vZV1wLo90zHHOK/GsK0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjJaFw0yNjAyMDMxODA4MjJaMDMxMTAvBgNV
BAMTKDNFOEQwMzFBNDEyMjExNzYyNzJERjU0ODg4MTdBREFGOUNDMTM0M0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz5JEiv5XmHypiyugUBDGTTthy
zusRV0sksv4HFURGdhX1aVU3u5N8y1Zj7fb0alPQBD/uQNICRy7G5U7cbcWJfEkI
3oOT+Ot3fHqv5BgNzfNE5GGn4v10AR6qqfgnkPFnbipwdHNfftdWzaYgVQUMV6EU
+ZlaU86XwCGZQz1N9glJb3XoDS72WXig+dlNk9bMCClCCZhmNGV6x6GsrQCTbbdl
8paw+wC9JJjcge57Du9D87fKJgAK8Rk43GOumBXjSxbxe8hmbSrzC4ZLKytsqGtq
Bzq0B+uZw2BxeYDB78Y/b77FxNDHenkDLP1mQG64n8DN4kYFXSO1UOpN4d/VAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUPo0DGkEiEXYnLfVIiBetr5zBNDowHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzkzNzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczODMyMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIOmEwDQYJ
KoZIhvcNAQELBQADggEBALxZyJtTLHngPOGIISpdOEkLYV4vCroVquAwyleeKZjc
jolokT+mRsoko4YuPGsBTFvmTn6RavlicbC+H48jZjxW6oLDBSLqjeOp/Xr4rhBy
0LeHLZpEUyS+zSJp+AFDPY8luLBz/tnzBe0WBiHxrhrhc0MJTukFcrtMmHLjSiFS
PX/SAey3XUgxJCS7bxcrVMACx03BAQOnc3iYGB+m1nobHS/4xwU6pwo6/f5rWdoO
RKspsYYtkL8iKDZpBW3KTarDZ2f+KOuU+SeN2bukF+D0QwYqrDAo1XEN8r5tilqk
7cfW8YtMhT5SdwfSj/uYfV8yAdFG0wWnTL/QGYp6vYE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:51:14 2025 by rpki-client