Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3133382e3131372e3132382e302f32322d3232203d3e203532333939.roa
File:                     3133382e3131372e3132382e302f32322d3232203d3e203532333939.roa (raw, json)
Hash identifier:          8x4mKjKvDeL+L6tN5ga40l4SaaVrvmJdXSBlvuC9ojM=
Subject key identifier:   66:1E:E8:7F:4D:67:7E:76:0B:BD:A8:AC:BB:F5:B2:ED:E1:1B:29:C4
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       03E7A28479CB49A520886862A184334061BBCFC7
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3133382e3131372e3132382e302f32322d3232203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:35:59 +0000
ROA not before:           Tue 04 Feb 2025 18:30:59 +0000
ROA not after:            Tue 03 Feb 2026 18:35:59 +0000
asID:                     52399
IP address blocks:        138.117.128.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 10 Feb 2025 14:38:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:e7:a2:84:79:cb:49:a5:20:88:68:62:a1:84:33:40:61:bb:cf:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:30:59 2025 GMT
            Not After : Feb  3 18:35:59 2026 GMT
        Subject: CN=661EE87F4D677E760BBDA8ACBBF5B2EDE11B29C4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b1:e6:ae:9f:08:e9:ff:c2:12:dd:64:5b:da:
                    57:6b:f1:3f:f0:64:4d:0b:ff:bc:59:db:39:56:04:
                    7f:0d:c5:ba:04:d6:ad:f4:96:3b:5a:1f:10:f5:d4:
                    5e:44:33:5b:8c:15:bb:44:4e:6f:91:ff:ea:ea:eb:
                    86:b9:4d:ea:20:3d:55:a3:52:67:23:33:20:d6:f9:
                    20:48:1b:5c:c5:65:b3:c2:ad:30:6d:3c:0a:99:02:
                    d8:80:40:61:65:58:91:5b:f9:a7:1c:d4:53:ef:e1:
                    9e:2f:1d:3d:23:21:c3:69:31:66:c1:62:1e:85:a6:
                    cb:0f:c3:cf:7e:77:1d:7a:49:f2:99:dc:e9:6b:16:
                    c8:1a:cb:ae:49:f1:58:d6:eb:1a:15:9e:ba:99:b1:
                    40:92:23:f5:7d:f4:38:6a:80:9a:f7:be:3d:a7:50:
                    05:05:45:87:93:6b:05:82:7e:9c:e8:35:93:61:44:
                    52:06:95:74:48:e2:4e:f8:e6:d3:6b:4a:d1:8b:c7:
                    98:2f:cb:65:13:bc:97:92:50:9d:5f:59:5c:86:af:
                    6a:75:e7:d4:b8:5e:9b:b4:b5:a8:85:70:c6:a6:68:
                    fe:5e:61:23:6c:53:b9:b1:f5:d2:af:f0:90:74:ba:
                    76:1e:2f:46:fc:37:a3:62:4a:b5:dc:b3:e2:de:8d:
                    a6:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:1E:E8:7F:4D:67:7E:76:0B:BD:A8:AC:BB:F5:B2:ED:E1:1B:29:C4
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3133382e3131372e3132382e302f32322d3232203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.117.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:59:5c:ef:b4:b1:d9:19:bd:23:d0:27:7e:40:d6:8e:24:1c:
         c7:df:84:77:14:90:d2:61:aa:f1:9b:23:e9:ed:a4:40:ca:eb:
         a6:29:8e:5a:56:df:bf:ac:10:91:84:7c:26:97:eb:0f:23:a4:
         2c:3f:bd:49:61:3d:1a:c1:36:76:03:20:0d:73:df:34:2e:98:
         5e:9d:18:e1:f2:34:97:bd:c6:f3:72:ee:57:ff:91:d5:4a:75:
         a7:c8:37:00:99:8e:e9:a9:85:2c:be:36:52:84:6f:5d:3f:88:
         3d:26:4e:a5:5a:5b:22:e2:44:75:7b:74:d3:85:34:bf:ed:46:
         68:18:30:42:eb:32:43:57:1f:3d:75:57:13:af:83:92:76:18:
         c9:3b:41:94:3c:7c:3f:90:33:08:41:c5:45:55:ac:84:bd:72:
         cf:3c:a3:f5:40:a6:a7:97:a6:25:de:e9:3e:08:7e:83:d9:fb:
         6a:df:e7:ae:65:bd:1f:e6:89:60:64:8f:e4:b8:60:59:34:12:
         38:9d:b3:14:95:6e:58:a5:91:af:5d:a2:26:a2:c6:77:78:7a:
         b0:31:22:84:e0:d8:9a:eb:7c:35:b2:24:1f:fd:f6:d0:b3:a0:
         17:ed:50:c5:d5:3b:af:9c:9f:47:44:f9:cc:7a:2b:46:2c:51:
         76:88:42:25
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUA+eihHnLSaUgiGhioYQzQGG7z8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMwNTlaFw0yNjAyMDMxODM1NTlaMDMxMTAvBgNV
BAMTKDY2MUVFODdGNEQ2NzdFNzYwQkJEQThBQ0JCRjVCMkVERTExQjI5QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdseaunwjp/8IS3WRb2ldr8T/w
ZE0L/7xZ2zlWBH8NxboE1q30ljtaHxD11F5EM1uMFbtETm+R/+rq64a5TeogPVWj
UmcjMyDW+SBIG1zFZbPCrTBtPAqZAtiAQGFlWJFb+acc1FPv4Z4vHT0jIcNpMWbB
Yh6FpssPw89+dx16SfKZ3OlrFsgay65J8VjW6xoVnrqZsUCSI/V99DhqgJr3vj2n
UAUFRYeTawWCfpzoNZNhRFIGlXRI4k745tNrStGLx5gvy2UTvJeSUJ1fWVyGr2p1
59S4Xpu0taiFcMamaP5eYSNsU7mx9dKv8JB0unYeL0b8N6NiSrXcs+LejaZVAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUZh7of01nfnYLvaisu/Wy7eEbKcQwHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMxMzMzODJlMzEzMTM3MmUzMTMyMzgy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNTMyMzMzOTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCinWA
MA0GCSqGSIb3DQEBCwUAA4IBAQBpWVzvtLHZGb0j0Cd+QNaOJBzH34R3FJDSYarx
myPp7aRAyuumKY5aVt+/rBCRhHwml+sPI6QsP71JYT0awTZ2AyANc980LphenRjh
8jSXvcbzcu5X/5HVSnWnyDcAmY7pqYUsvjZShG9dP4g9Jk6lWlsi4kR1e3TThTS/
7UZoGDBC6zJDVx89dVcTr4OSdhjJO0GUPHw/kDMIQcVFVayEvXLPPKP1QKanl6Yl
3uk+CH6D2ftq3+euZb0f5olgZI/kuGBZNBI4nbMUlW5YpZGvXaImosZ3eHqwMSKE
4Nia63w1siQf/fbQs6AX7VDF1TuvnJ9HRPnMeitGLFF2iEIl
-----END CERTIFICATE-----
Generated at Sun Feb 9 14:56:58 2025 by rpki-client