Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1B07A4CF9C093D46B15E6B1B09954FE9C8276009074D03772E45261D769271AC/0/AS272097.roa
File:                     AS272097.roa (raw, json)
Hash identifier:          ed30srG0NvFKX4PaQuvQZU114w2KyTD9O5Ch7osiwaA=
Subject key identifier:   11:DC:11:4A:17:69:A2:EF:BD:93:0E:5E:BF:F7:F6:DB:15:47:4E:34
Certificate issuer:       /CN=725E298CCA0B840DB726F60EED140C37FDB23BD6
Certificate serial:       3FFF4A2BBA748FD710152B4441BBA6C32514A53E
Authority key identifier: 72:5E:29:8C:CA:0B:84:0D:B7:26:F6:0E:ED:14:0C:37:FD:B2:3B:D6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/725E298CCA0B840DB726F60EED140C37FDB23BD6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1B07A4CF9C093D46B15E6B1B09954FE9C8276009074D03772E45261D769271AC/0/AS272097.roa
Signing time:             Thu 01 Aug 2024 21:05:00 +0000
ROA not before:           Thu 01 Aug 2024 21:00:00 +0000
ROA not after:            Thu 31 Jul 2025 21:05:00 +0000
asID:                     272097
IP address blocks:        181.188.252.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1B07A4CF9C093D46B15E6B1B09954FE9C8276009074D03772E45261D769271AC/0/725E298CCA0B840DB726F60EED140C37FDB23BD6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1B07A4CF9C093D46B15E6B1B09954FE9C8276009074D03772E45261D769271AC/0/725E298CCA0B840DB726F60EED140C37FDB23BD6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/725E298CCA0B840DB726F60EED140C37FDB23BD6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 31 Oct 2024 16:16:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:ff:4a:2b:ba:74:8f:d7:10:15:2b:44:41:bb:a6:c3:25:14:a5:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=725E298CCA0B840DB726F60EED140C37FDB23BD6
        Validity
            Not Before: Aug  1 21:00:00 2024 GMT
            Not After : Jul 31 21:05:00 2025 GMT
        Subject: CN=11DC114A1769A2EFBD930E5EBFF7F6DB15474E34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:a6:42:14:d8:ac:50:6b:79:85:6b:bf:31:09:
                    10:e3:59:6a:fa:b7:6d:a4:a3:8e:1b:08:8c:dd:b3:
                    d2:14:c8:ce:f7:6c:7c:14:57:99:34:a6:66:42:a9:
                    33:f5:cd:dd:d3:5d:83:02:36:cc:f0:3b:ea:2c:77:
                    42:4b:46:87:fe:bd:72:40:f5:b8:b2:c8:14:10:fb:
                    53:65:a8:25:9b:c4:2a:87:50:63:f1:4c:24:f7:e3:
                    41:29:53:5f:42:c8:17:8c:a8:20:00:9f:c2:f9:15:
                    da:43:86:27:e1:49:bc:b0:62:f3:e5:2e:d7:fb:30:
                    00:af:97:7a:b5:c3:ff:e1:7a:42:0c:1f:3a:be:20:
                    e5:6b:ab:32:66:7e:d8:29:03:db:7e:ca:f5:95:f2:
                    14:ca:e1:f4:ef:b7:7d:a6:b8:b4:97:af:76:38:49:
                    ee:9d:39:16:15:d0:db:b8:5b:a9:6c:b5:72:0b:27:
                    63:37:16:52:fe:6b:a3:9a:a5:fe:6f:6d:74:cd:e4:
                    ff:f9:9c:87:f7:c3:16:1d:59:dd:a6:3d:1e:31:05:
                    71:77:16:fc:70:cd:ab:12:db:4d:4d:c5:7c:4d:c9:
                    a0:26:71:96:b8:55:dc:00:72:da:62:4b:29:73:b8:
                    0f:fc:31:fd:80:4a:4f:93:a7:1c:7e:a7:e5:4b:97:
                    bb:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:DC:11:4A:17:69:A2:EF:BD:93:0E:5E:BF:F7:F6:DB:15:47:4E:34
            X509v3 Authority Key Identifier:
                keyid:72:5E:29:8C:CA:0B:84:0D:B7:26:F6:0E:ED:14:0C:37:FD:B2:3B:D6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1B07A4CF9C093D46B15E6B1B09954FE9C8276009074D03772E45261D769271AC/0/725E298CCA0B840DB726F60EED140C37FDB23BD6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/725E298CCA0B840DB726F60EED140C37FDB23BD6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1B07A4CF9C093D46B15E6B1B09954FE9C8276009074D03772E45261D769271AC/0/AS272097.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.188.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:eb:e8:76:56:e2:2d:b0:39:bd:36:ed:f3:e8:26:8c:98:ac:
         f6:1f:db:67:e3:ab:c5:c3:72:53:e8:03:9a:81:44:a6:9e:76:
         b8:91:70:9f:a4:97:db:31:e9:34:21:8d:cd:f4:69:bf:9c:48:
         39:ef:6b:02:cd:f5:8b:99:e5:1f:7f:3d:03:26:0b:47:ff:40:
         50:09:ed:26:dd:8e:ba:e5:79:4b:c4:98:9d:80:9e:a8:32:12:
         05:08:7a:ab:99:5f:42:4a:26:fb:5b:1d:21:9d:79:7c:ca:6b:
         83:c9:92:a8:a3:9c:30:2a:a6:b1:de:98:b9:1e:b1:ff:9a:e7:
         42:f8:f4:22:28:91:78:88:c5:6b:d6:4a:a2:f9:89:12:fe:12:
         21:57:aa:86:ed:3f:e0:c4:f4:89:8b:28:c9:10:2b:be:52:82:
         a0:90:f5:3b:42:91:67:8d:01:74:e9:42:6b:e3:15:69:1d:93:
         f9:fd:54:88:04:2f:b9:7a:9b:7c:29:aa:7c:46:af:d8:01:8c:
         17:0b:5e:02:c2:70:39:59:c6:30:8c:7c:a2:06:be:4b:8b:e2:
         3b:68:b9:7e:f2:37:84:e2:e1:e6:b1:c4:79:8b:0e:91:cc:b0:
         b2:36:ab:fc:36:55:f4:e2:9c:98:79:f2:e8:ac:8d:47:dc:94:
         14:c1:e8:1b
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIUP/9KK7p0j9cQFStEQbumwyUUpT4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzI1RTI5OENDQTBCODQwREI3MjZGNjBFRUQxNDBDMzdG
REIyM0JENjAeFw0yNDA4MDEyMTAwMDBaFw0yNTA3MzEyMTA1MDBaMDMxMTAvBgNV
BAMTKDExREMxMTRBMTc2OUEyRUZCRDkzMEU1RUJGRjdGNkRCMTU0NzRFMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUpkIU2KxQa3mFa78xCRDjWWr6
t22ko44bCIzds9IUyM73bHwUV5k0pmZCqTP1zd3TXYMCNszwO+osd0JLRof+vXJA
9biyyBQQ+1NlqCWbxCqHUGPxTCT340EpU19CyBeMqCAAn8L5FdpDhifhSbywYvPl
Ltf7MACvl3q1w//hekIMHzq+IOVrqzJmftgpA9t+yvWV8hTK4fTvt32muLSXr3Y4
Se6dORYV0Nu4W6lstXILJ2M3FlL+a6Oapf5vbXTN5P/5nIf3wxYdWd2mPR4xBXF3
FvxwzasS201NxXxNyaAmcZa4VdwActpiSylzuA/8Mf2ASk+Tpxx+p+VLl7u3AgMB
AAGjggKZMIIClTAdBgNVHQ4EFgQUEdwRShdpou+9kw5ev/f22xVHTjQwHwYDVR0j
BBgwFoAUcl4pjMoLhA23JvYO7RQMN/2yO9YwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQjA3QTRDRjlDMDkzRDQ2QjE1RTZCMUIwOTk1NEZFOUM4
Mjc2MDA5MDc0RDAzNzcyRTQ1MjYxRDc2OTI3MUFDLzAvNzI1RTI5OENDQTBCODQw
REI3MjZGNjBFRUQxNDBDMzdGREIyM0JENi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83MjVFMjk4Q0NBMEI4NDBEQjcy
NkY2MEVFRDE0MEMzN0ZEQjIzQkQ2LmNlcjCBmAYIKwYBBQUHAQsEgYswgYgwgYUG
CCsGAQUFBzALhnlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy8xQjA3QTRDRjlDMDkzRDQ2QjE1RTZCMUIwOTk1NEZFOUM4Mjc2MDA5MDc0
RDAzNzcyRTQ1MjYxRDc2OTI3MUFDLzAvQVMyNzIwOTcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC1vPww
DQYJKoZIhvcNAQELBQADggEBAKXr6HZW4i2wOb027fPoJoyYrPYf22fjq8XDclPo
A5qBRKaedriRcJ+kl9sx6TQhjc30ab+cSDnvawLN9YuZ5R9/PQMmC0f/QFAJ7Sbd
jrrleUvEmJ2AnqgyEgUIequZX0JKJvtbHSGdeXzKa4PJkqijnDAqprHemLkesf+a
50L49CIokXiIxWvWSqL5iRL+EiFXqobtP+DE9ImLKMkQK75SgqCQ9TtCkWeNAXTp
QmvjFWkdk/n9VIgEL7l6m3wpqnxGr9gBjBcLXgLCcDlZxjCMfKIGvkuL4jtouX7y
N4Ti4eaxxHmLDpHMsLI2q/w2VfTinJh58uisjUfclBTB6Bs=
-----END CERTIFICATE-----
Generated at Sun Oct 27 21:21:47 2024 by rpki-client on console-ams.rpki-client.org