Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e39382e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e39382e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          yqNP7N78mZcaHyONI5Hw1YZSgxsWfqNPFqgV7mqyaPA=
Subject key identifier:   DA:B4:85:C9:DE:71:B4:A5:67:34:D5:A9:5A:95:F1:FE:A5:DF:71:74
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       27A86BF22C8B94033FF51563F19FD9C9113F82F0
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e39382e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:09 +0000
ROA not before:           Tue 04 Feb 2025 18:03:09 +0000
ROA not after:            Tue 03 Feb 2026 18:08:09 +0000
asID:                     27823
IP address blocks:        200.58.98.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:a8:6b:f2:2c:8b:94:03:3f:f5:15:63:f1:9f:d9:c9:11:3f:82:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:09 2025 GMT
            Not After : Feb  3 18:08:09 2026 GMT
        Subject: CN=DAB485C9DE71B4A56734D5A95A95F1FEA5DF7174
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:42:8b:9a:c9:06:3a:21:5f:03:61:90:1c:9a:
                    17:51:af:28:e8:1c:9a:03:4e:5d:b4:8b:de:29:e6:
                    25:5b:47:ef:a3:ef:87:42:3e:f5:b8:84:53:25:50:
                    e2:5e:82:50:6e:da:72:fe:0e:1a:13:29:df:e0:5b:
                    2b:65:12:9f:c5:1f:46:86:e3:be:95:87:f3:db:b9:
                    2e:d7:d6:cc:70:f5:15:d4:b3:6c:99:b9:6b:72:36:
                    e8:0d:25:ea:db:d8:8c:f2:2c:20:4a:c1:6b:79:1d:
                    61:16:22:8b:10:a5:a2:1f:18:4a:e4:67:fb:17:c0:
                    17:c3:bd:cc:e0:b9:bd:6e:50:4c:ff:7e:6d:e6:3d:
                    1a:90:78:d5:4c:46:99:72:93:54:de:79:f6:e6:b0:
                    89:13:f1:e1:da:43:41:1d:b2:58:7e:0e:78:dd:de:
                    5a:95:ac:08:b8:be:cc:ef:0c:45:42:fb:f9:dd:02:
                    75:15:f2:86:c9:6b:97:5d:75:ca:e4:03:2a:6c:c9:
                    d7:13:04:7c:2b:9f:7e:10:6f:d4:ec:f7:c0:5c:3f:
                    f6:09:63:92:79:1f:2a:80:1c:79:43:e4:33:4d:f9:
                    71:ef:d2:dc:a9:a3:7b:bd:3d:c5:69:77:d7:e9:ac:
                    3e:76:03:90:8e:62:6a:77:24:1a:0e:da:16:2e:a7:
                    26:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:B4:85:C9:DE:71:B4:A5:67:34:D5:A9:5A:95:F1:FE:A5:DF:71:74
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e39382e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:ec:d6:13:0d:f0:a3:78:9f:21:a0:d9:e3:8b:b7:d6:61:4c:
         e1:02:e7:92:35:48:c5:fd:2e:3e:10:56:f8:0f:7a:87:66:49:
         19:8b:30:a7:6c:09:60:1c:d6:ec:ac:5a:cb:a1:96:c2:6a:cc:
         40:a5:d5:f3:50:99:70:3e:6b:60:dc:51:fb:a3:8c:f1:c8:14:
         35:c3:ad:45:a9:d7:e8:16:6b:71:02:70:cc:f9:b9:4d:d8:7f:
         92:ab:e6:a4:e5:72:31:11:a1:f6:9d:61:c5:c8:49:c7:98:0e:
         3b:65:58:b3:6b:5f:8b:b3:79:58:73:72:10:ee:9b:f9:ed:3c:
         04:15:b0:9b:8d:f2:7d:1c:20:ad:8b:b5:90:57:af:df:62:21:
         3e:06:11:e3:78:7c:d5:98:52:1a:e8:91:79:55:22:3a:e0:31:
         5b:51:b2:56:02:36:77:40:69:dd:07:18:b5:7a:74:d7:b4:27:
         ee:b9:6e:cd:98:d4:48:f0:35:71:62:33:7f:4a:36:d6:82:0c:
         a4:83:52:45:26:89:bc:d1:eb:5a:b0:e8:64:62:07:61:39:45:
         dd:07:b6:b6:81:57:7e:14:0d:c2:6f:d9:70:38:ba:dc:06:f7:
         2b:04:e0:87:3b:3a:d6:f6:a6:b4:2b:01:8d:6e:ab:be:57:f3:
         b7:da:a4:4f
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUJ6hr8iyLlAM/9RVj8Z/ZyRE/gvAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMDlaFw0yNjAyMDMxODA4MDlaMDMxMTAvBgNV
BAMTKERBQjQ4NUM5REU3MUI0QTU2NzM0RDVBOTVBOTVGMUZFQTVERjcxNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1QouayQY6IV8DYZAcmhdRryjo
HJoDTl20i94p5iVbR++j74dCPvW4hFMlUOJeglBu2nL+DhoTKd/gWytlEp/FH0aG
476Vh/PbuS7X1sxw9RXUs2yZuWtyNugNJerb2IzyLCBKwWt5HWEWIosQpaIfGErk
Z/sXwBfDvczgub1uUEz/fm3mPRqQeNVMRplyk1TeefbmsIkT8eHaQ0Edslh+Dnjd
3lqVrAi4vszvDEVC+/ndAnUV8obJa5dddcrkAypsydcTBHwrn34Qb9Ts98BcP/YJ
Y5J5HyqAHHlD5DNN+XHv0typo3u9PcVpd9fprD52A5COYmp3JBoO2hYupyZrAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU2rSFyd5xtKVnNNWpWpXx/qXfcXQwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzkzODJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczODMyMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIOmIwDQYJ
KoZIhvcNAQELBQADggEBAKns1hMN8KN4nyGg2eOLt9ZhTOEC55I1SMX9Lj4QVvgP
eodmSRmLMKdsCWAc1uysWsuhlsJqzECl1fNQmXA+a2DcUfujjPHIFDXDrUWp1+gW
a3ECcMz5uU3Yf5Kr5qTlcjERofadYcXISceYDjtlWLNrX4uzeVhzchDum/ntPAQV
sJuN8n0cIK2LtZBXr99iIT4GEeN4fNWYUhrokXlVIjrgMVtRslYCNndAad0HGLV6
dNe0J+65bs2Y1EjwNXFiM39KNtaCDKSDUkUmibzR61qw6GRiB2E5Rd0HtraBV34U
DcJv2XA4utwG9ysE4Ic7Otb2prQrAY1uq75X87fapE8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:38 2025 by rpki-client