Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1A0F06438A6D2CB7E76DCCAAB955CAA75D96D39D1C3EF40D5760BD7069AF638F/0/3138362e322e3133322e302f32322d3234203d3e203532323632.roa
File:                     3138362e322e3133322e302f32322d3234203d3e203532323632.roa (raw, json)
Hash identifier:          RG4SPrl6qm3smxP3gBJ5LZO5Q7YDiAgIM+vml6/eHFA=
Subject key identifier:   60:E4:88:8E:D0:70:8D:4F:E8:60:55:8E:95:EA:EA:62:B1:47:30:6C
Certificate issuer:       /CN=E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66
Certificate serial:       1D8217D72A01CE657B0E94902C540252DF1368CA
Authority key identifier: E1:2E:5A:81:FF:61:5D:36:EE:5D:FA:42:78:2C:CB:7E:1F:D5:BB:66
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1A0F06438A6D2CB7E76DCCAAB955CAA75D96D39D1C3EF40D5760BD7069AF638F/0/3138362e322e3133322e302f32322d3234203d3e203532323632.roa
Signing time:             Tue 04 Feb 2025 20:04:55 +0000
ROA not before:           Tue 04 Feb 2025 19:59:55 +0000
ROA not after:            Tue 03 Feb 2026 20:04:55 +0000
asID:                     52262
IP address blocks:        186.2.132.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1A0F06438A6D2CB7E76DCCAAB955CAA75D96D39D1C3EF40D5760BD7069AF638F/0/E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1A0F06438A6D2CB7E76DCCAAB955CAA75D96D39D1C3EF40D5760BD7069AF638F/0/E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Feb 2025 20:43:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:82:17:d7:2a:01:ce:65:7b:0e:94:90:2c:54:02:52:df:13:68:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66
        Validity
            Not Before: Feb  4 19:59:55 2025 GMT
            Not After : Feb  3 20:04:55 2026 GMT
        Subject: CN=60E4888ED0708D4FE860558E95EAEA62B147306C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:8d:20:d2:ee:d4:31:2c:2a:14:fb:ab:8d:26:
                    95:bc:a7:c1:2b:90:b8:4f:30:70:06:e4:e5:dd:24:
                    b0:02:d5:a3:87:ea:2c:17:57:a5:cb:2f:e7:7c:72:
                    56:27:c6:92:8b:b9:0d:88:19:71:95:54:70:49:35:
                    63:c3:37:1f:a2:25:44:b5:98:ec:70:6e:aa:35:25:
                    1a:10:c7:46:89:b7:ec:b4:47:48:5c:42:da:53:e4:
                    54:9a:7e:ce:75:a3:9b:ff:25:40:a0:f3:3d:37:b2:
                    18:6e:34:64:f3:d2:45:4a:ef:4c:e4:ed:9c:69:18:
                    7a:c9:0f:c8:a0:f0:3c:7f:6f:26:5d:9a:34:f9:ec:
                    c6:2e:7a:0d:e6:b2:93:b6:a7:47:dc:80:4d:41:57:
                    8b:c5:64:47:86:ca:c7:fc:ad:68:48:49:fa:02:5b:
                    b1:94:a2:e8:84:46:d5:5f:7a:b3:ae:bf:8b:82:af:
                    44:7a:08:40:8c:1c:e5:62:53:ae:df:fc:46:0c:d0:
                    66:35:9f:fd:1b:8c:e5:2d:33:ae:0c:c1:04:86:0d:
                    95:02:32:03:39:15:46:6e:7e:98:d7:a3:b3:94:bb:
                    92:13:be:4c:b1:37:6c:68:80:de:c9:c0:7e:12:85:
                    52:4b:25:db:6a:31:cb:b4:82:48:f3:b9:03:f8:2a:
                    01:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:E4:88:8E:D0:70:8D:4F:E8:60:55:8E:95:EA:EA:62:B1:47:30:6C
            X509v3 Authority Key Identifier:
                keyid:E1:2E:5A:81:FF:61:5D:36:EE:5D:FA:42:78:2C:CB:7E:1F:D5:BB:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1A0F06438A6D2CB7E76DCCAAB955CAA75D96D39D1C3EF40D5760BD7069AF638F/0/E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E12E5A81FF615D36EE5DFA42782CCB7E1FD5BB66.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1A0F06438A6D2CB7E76DCCAAB955CAA75D96D39D1C3EF40D5760BD7069AF638F/0/3138362e322e3133322e302f32322d3234203d3e203532323632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.2.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         55:df:d5:18:20:bf:3a:08:66:6d:30:11:7b:f8:51:f7:e9:8c:
         92:c8:68:82:2a:47:3a:ee:f4:c1:07:4a:a7:13:04:db:90:6b:
         9a:ae:e4:9e:f2:df:82:9a:9c:5e:ef:d9:81:bb:06:70:60:6a:
         2c:ce:42:da:ce:1b:46:1c:d3:6b:8f:7f:d8:80:b4:f4:17:0b:
         b9:a1:11:00:f3:c5:78:47:e5:39:3c:c9:0e:14:69:2f:47:18:
         4d:b9:ee:65:64:38:0d:c5:13:d7:d8:9c:53:b4:22:5b:e0:a5:
         82:0d:36:49:a8:6c:b7:01:02:92:f3:9b:2c:79:d2:e8:03:99:
         ee:74:d0:b9:53:b4:26:dc:de:97:70:2b:6f:2c:d6:ab:8b:a0:
         e6:e1:0a:3f:b7:b2:1e:ef:c2:99:19:cb:02:62:7c:25:7b:7b:
         29:39:c0:bf:75:12:bc:c7:29:9e:55:97:10:e2:55:de:07:54:
         80:b3:d2:ba:2f:87:fb:5d:b7:ab:9b:81:1b:c5:01:23:29:9f:
         ed:f7:7f:d2:7c:5e:34:d0:53:95:66:48:8f:13:c9:dd:bb:1f:
         a0:29:f0:4c:a1:00:5c:c1:c7:ea:2e:d3:ad:eb:2b:25:bd:23:
         47:c7:94:94:fa:08:2f:ed:b2:cd:5b:d4:ec:20:c5:ff:0d:aa:
         3b:41:72:ac
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUHYIX1yoBzmV7DpSQLFQCUt8TaMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTEyRTVBODFGRjYxNUQzNkVFNURGQTQyNzgyQ0NCN0Ux
RkQ1QkI2NjAeFw0yNTAyMDQxOTU5NTVaFw0yNjAyMDMyMDA0NTVaMDMxMTAvBgNV
BAMTKDYwRTQ4ODhFRDA3MDhENEZFODYwNTU4RTk1RUFFQTYyQjE0NzMwNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4jSDS7tQxLCoU+6uNJpW8p8Er
kLhPMHAG5OXdJLAC1aOH6iwXV6XLL+d8clYnxpKLuQ2IGXGVVHBJNWPDNx+iJUS1
mOxwbqo1JRoQx0aJt+y0R0hcQtpT5FSafs51o5v/JUCg8z03shhuNGTz0kVK70zk
7ZxpGHrJD8ig8Dx/byZdmjT57MYueg3mspO2p0fcgE1BV4vFZEeGysf8rWhISfoC
W7GUouiERtVferOuv4uCr0R6CECMHOViU67f/EYM0GY1n/0bjOUtM64MwQSGDZUC
MgM5FUZufpjXo7OUu5ITvkyxN2xogN7JwH4ShVJLJdtqMcu0gkjzuQP4KgE7AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUYOSIjtBwjU/oYFWOlerqYrFHMGwwHwYDVR0j
BBgwFoAU4S5agf9hXTbuXfpCeCzLfh/Vu2YwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQTBGMDY0MzhBNkQyQ0I3RTc2RENDQUFCOTU1Q0FBNzVE
OTZEMzlEMUMzRUY0MEQ1NzYwQkQ3MDY5QUY2MzhGLzAvRTEyRTVBODFGRjYxNUQz
NkVFNURGQTQyNzgyQ0NCN0UxRkQ1QkI2Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FMTJFNUE4MUZGNjE1RDM2RUU1
REZBNDI3ODJDQ0I3RTFGRDVCQjY2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUEwRjA2NDM4QTZEMkNCN0U3NkRDQ0FBQjk1NUNBQTc1RDk2RDM5RDFD
M0VGNDBENTc2MEJENzA2OUFGNjM4Ri8wLzMxMzgzNjJlMzIyZTMxMzMzMjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDM1MzIzMjM2MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK6AoQwDQYJ
KoZIhvcNAQELBQADggEBAFXf1RggvzoIZm0wEXv4UffpjJLIaIIqRzru9MEHSqcT
BNuQa5qu5J7y34KanF7v2YG7BnBgaizOQtrOG0Yc02uPf9iAtPQXC7mhEQDzxXhH
5Tk8yQ4UaS9HGE257mVkOA3FE9fYnFO0IlvgpYINNkmobLcBApLzmyx50ugDme50
0LlTtCbc3pdwK28s1quLoObhCj+3sh7vwpkZywJifCV7eyk5wL91ErzHKZ5VlxDi
Vd4HVICz0rovh/tdt6ubgRvFASMpn+33f9J8XjTQU5VmSI8Tyd27H6Ap8EyhAFzB
x+ou063rKyW9I0fHlJT6CC/tss1b1Owgxf8NqjtBcqw=
-----END CERTIFICATE-----
Generated at Thu Feb 13 19:38:59 2025 by rpki-client