Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/3230302e3132352e3133332e302f32342d3234203d3e203238303431.roa
File:                     3230302e3132352e3133332e302f32342d3234203d3e203238303431.roa (raw, json)
Hash identifier:          JPKBnvDwW4DWdlK86iknKW0mNm0InkD5/dhpBLdJDxk=
Subject key identifier:   2F:08:13:C9:6F:72:66:13:C2:CD:77:56:7D:AA:E5:16:94:C1:55:D8
Certificate issuer:       /CN=D2709F777988D8BB9C29DBBB53968812568C616E
Certificate serial:       51900C7DDDA543273613524E24DD8AB01A9871EA
Authority key identifier: D2:70:9F:77:79:88:D8:BB:9C:29:DB:BB:53:96:88:12:56:8C:61:6E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2709F777988D8BB9C29DBBB53968812568C616E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/3230302e3132352e3133332e302f32342d3234203d3e203238303431.roa
Signing time:             Tue 04 Feb 2025 18:33:23 +0000
ROA not before:           Tue 04 Feb 2025 18:28:23 +0000
ROA not after:            Tue 03 Feb 2026 18:33:23 +0000
asID:                     28041
IP address blocks:        200.125.133.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/D2709F777988D8BB9C29DBBB53968812568C616E.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/D2709F777988D8BB9C29DBBB53968812568C616E.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2709F777988D8BB9C29DBBB53968812568C616E.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 09 Apr 2025 06:41:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:90:0c:7d:dd:a5:43:27:36:13:52:4e:24:dd:8a:b0:1a:98:71:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2709F777988D8BB9C29DBBB53968812568C616E
        Validity
            Not Before: Feb  4 18:28:23 2025 GMT
            Not After : Feb  3 18:33:23 2026 GMT
        Subject: CN=2F0813C96F726613C2CD77567DAAE51694C155D8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:bf:2a:06:24:33:4c:69:af:2b:f7:73:57:cf:
                    1f:fd:9d:f7:b6:8a:9c:47:8a:a1:00:3c:c0:fd:d0:
                    51:26:d9:07:04:94:e1:0a:29:91:32:c8:b7:99:78:
                    3b:67:db:ad:00:34:74:91:2d:8f:65:09:84:1b:f8:
                    70:b6:22:94:11:9c:c3:fe:7d:b2:a2:5f:1a:39:fc:
                    8f:fe:d6:c7:6a:74:d4:8d:58:ef:b3:18:79:3a:33:
                    70:48:76:7a:62:74:ca:09:f7:8f:1f:a1:ff:c3:73:
                    e1:49:9e:6d:4a:0b:cb:4d:a9:3a:7f:98:10:7f:25:
                    79:8a:59:3e:9a:d6:49:21:26:b4:17:fa:a0:62:e1:
                    2b:89:cd:ac:b8:cc:34:c2:ce:99:8a:b4:1c:19:87:
                    65:4b:30:d6:07:ca:d2:eb:f9:d7:94:71:c7:86:9d:
                    c8:ac:6d:04:0e:a1:12:9d:d8:ae:3b:88:87:67:54:
                    72:0b:52:04:97:f5:f5:ad:09:ed:cb:c3:00:c1:32:
                    69:ac:42:1f:ef:5e:87:5b:e2:16:aa:f4:f8:e2:dc:
                    49:39:f5:b3:dc:05:36:42:e8:02:c3:13:03:f5:fb:
                    a6:d7:e5:f7:96:8e:b3:e0:26:75:a6:e6:e1:7c:4d:
                    7c:75:a2:27:a0:ee:38:78:c0:7a:35:97:c9:e1:09:
                    bb:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:08:13:C9:6F:72:66:13:C2:CD:77:56:7D:AA:E5:16:94:C1:55:D8
            X509v3 Authority Key Identifier:
                keyid:D2:70:9F:77:79:88:D8:BB:9C:29:DB:BB:53:96:88:12:56:8C:61:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/D2709F777988D8BB9C29DBBB53968812568C616E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2709F777988D8BB9C29DBBB53968812568C616E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/3230302e3132352e3133332e302f32342d3234203d3e203238303431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.125.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:c4:c3:26:02:7c:9d:4b:cd:89:98:e1:7e:bf:e2:a5:7c:da:
         d3:0e:12:03:b7:5f:7e:c9:74:f5:74:a2:8a:09:78:c9:16:12:
         0f:a5:ff:32:0a:ce:ca:41:b5:49:4c:91:3f:45:1b:a9:30:71:
         b3:9c:9f:1e:d1:79:d5:bf:0e:ce:62:1b:e4:a7:12:76:f2:db:
         2f:0a:b6:c7:78:72:22:91:1f:d3:fc:23:4f:fb:70:e1:e7:4b:
         26:5c:bb:4c:90:5f:8e:ff:f4:9c:5b:cb:36:8d:66:50:88:0c:
         17:14:47:4c:86:e7:64:83:d6:8b:7a:1d:08:0c:f1:2d:fe:e8:
         ce:81:6b:34:3a:25:58:d1:83:09:a4:48:da:1e:83:1c:62:71:
         44:61:b2:43:7e:5e:ec:b4:d2:37:20:19:71:be:76:22:a4:a5:
         24:4e:4a:6f:a2:e1:b8:e4:b7:3f:b4:b7:03:9c:13:83:1e:a3:
         ae:6b:67:30:4f:ff:97:e8:06:d6:6d:ee:23:ac:cb:39:47:8e:
         fc:e3:fc:91:6b:38:ad:44:fa:40:0a:44:c0:23:1b:2f:e5:4b:
         42:1b:9c:bc:83:8c:d1:60:8f:ad:46:f2:b8:8f:8a:de:3f:13:
         c3:f4:c1:24:00:ff:17:f6:6c:58:14:31:d9:89:26:f2:b9:1e:
         08:d7:1c:d5
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUUZAMfd2lQyc2E1JOJN2KsBqYceowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDI3MDlGNzc3OTg4RDhCQjlDMjlEQkJCNTM5Njg4MTI1
NjhDNjE2RTAeFw0yNTAyMDQxODI4MjNaFw0yNjAyMDMxODMzMjNaMDMxMTAvBgNV
BAMTKDJGMDgxM0M5NkY3MjY2MTNDMkNENzc1NjdEQUFFNTE2OTRDMTU1RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcvyoGJDNMaa8r93NXzx/9nfe2
ipxHiqEAPMD90FEm2QcElOEKKZEyyLeZeDtn260ANHSRLY9lCYQb+HC2IpQRnMP+
fbKiXxo5/I/+1sdqdNSNWO+zGHk6M3BIdnpidMoJ948fof/Dc+FJnm1KC8tNqTp/
mBB/JXmKWT6a1kkhJrQX+qBi4SuJzay4zDTCzpmKtBwZh2VLMNYHytLr+deUcceG
ncisbQQOoRKd2K47iIdnVHILUgSX9fWtCe3LwwDBMmmsQh/vXodb4haq9Pji3Ek5
9bPcBTZC6ALDEwP1+6bX5feWjrPgJnWm5uF8TXx1oieg7jh4wHo1l8nhCbtDAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQULwgTyW9yZhPCzXdWfarlFpTBVdgwHwYDVR0j
BBgwFoAU0nCfd3mI2LucKdu7U5aIElaMYW4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQ0JEQTNDQkUzRjk0QjE5RURGMDA5OTUzQzBGNDU1RDcw
NTNCMDYwODgzRkY3NEFCM0ZGQ0ExMjgxOEYwOTMyLzAvRDI3MDlGNzc3OTg4RDhC
QjlDMjlEQkJCNTM5Njg4MTI1NjhDNjE2RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMjcwOUY3Nzc5ODhEOEJCOUMy
OURCQkI1Mzk2ODgxMjU2OEM2MTZFLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUNCREEzQ0JFM0Y5NEIxOUVERjAwOTk1M0MwRjQ1NUQ3MDUzQjA2MDg4
M0ZGNzRBQjNGRkNBMTI4MThGMDkzMi8wLzMyMzAzMDJlMzEzMjM1MmUzMTMzMzMy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM4MzAzNDMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyH2F
MA0GCSqGSIb3DQEBCwUAA4IBAQA6xMMmAnydS82JmOF+v+KlfNrTDhIDt19+yXT1
dKKKCXjJFhIPpf8yCs7KQbVJTJE/RRupMHGznJ8e0XnVvw7OYhvkpxJ28tsvCrbH
eHIikR/T/CNP+3Dh50smXLtMkF+O//ScW8s2jWZQiAwXFEdMhudkg9aLeh0IDPEt
/ujOgWs0OiVY0YMJpEjaHoMcYnFEYbJDfl7stNI3IBlxvnYipKUkTkpvouG45Lc/
tLcDnBODHqOua2cwT/+X6AbWbe4jrMs5R4784/yRazitRPpACkTAIxsv5UtCG5y8
g4zRYI+tRvK4j4rePxPD9MEkAP8X9mxYFDHZiSbyuR4I1xzV
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:28:37 2025 by rpki-client