Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3133382e3131372e3133302e302f32332d3233203d3e203532333939.roa
File:                     3133382e3131372e3133302e302f32332d3233203d3e203532333939.roa (raw, json)
Hash identifier:          12kURaH18ZNQHLu5ZGQqPONoS6DgF1rVeBFt5JD3m8E=
Subject key identifier:   E8:4F:99:29:38:44:B8:80:EF:1A:AF:23:F0:94:05:D0:91:E3:9D:DD
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       13E6A192B34364122CF851F6A26875F810AF1A73
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3133382e3131372e3133302e302f32332d3233203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:36:03 +0000
ROA not before:           Tue 04 Feb 2025 18:31:03 +0000
ROA not after:            Tue 03 Feb 2026 18:36:03 +0000
asID:                     52399
IP address blocks:        138.117.130.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 12 Feb 2025 16:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:e6:a1:92:b3:43:64:12:2c:f8:51:f6:a2:68:75:f8:10:af:1a:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:31:03 2025 GMT
            Not After : Feb  3 18:36:03 2026 GMT
        Subject: CN=E84F99293844B880EF1AAF23F09405D091E39DDD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:33:37:cc:70:40:8d:34:94:67:44:64:ab:cb:
                    c2:af:67:09:a9:a3:a7:e2:6d:fd:3f:0d:45:54:5f:
                    00:46:a7:6a:2e:27:01:84:a2:f2:96:ed:d8:c1:d8:
                    a5:26:c6:7e:51:50:cf:35:6b:0a:5a:1f:fc:07:e8:
                    8b:f6:2d:f1:7e:ec:b6:e1:18:0a:0b:00:a2:83:44:
                    c0:16:a2:ee:80:47:0f:59:28:7d:ca:5d:2a:63:eb:
                    66:40:f9:6f:dd:3b:99:0d:e4:e6:7f:96:90:13:fc:
                    10:11:0e:90:fb:ef:6c:7c:db:9e:21:4a:94:ae:5e:
                    b3:6a:3e:21:cd:02:c9:ee:7a:c7:fc:a5:8e:de:f2:
                    35:b1:b8:b2:e0:77:f5:13:79:dd:79:dd:ae:01:2b:
                    60:8d:09:37:1b:43:78:96:65:c1:91:56:8c:c6:1d:
                    82:d1:c9:64:3c:b8:52:3b:f0:6c:2a:52:8a:ae:81:
                    d1:12:98:b0:b1:4d:b4:f0:04:5d:f7:e7:c0:c8:a2:
                    e4:68:2c:08:dd:38:e7:d5:ea:b1:c3:bc:ca:1d:f9:
                    4f:50:29:89:8d:be:57:b2:51:28:a8:6f:f0:23:90:
                    c2:30:44:36:33:59:9f:39:d8:17:9b:1a:66:62:f4:
                    2f:25:41:bd:af:05:7e:f5:f9:11:9c:50:d7:be:2f:
                    3f:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:4F:99:29:38:44:B8:80:EF:1A:AF:23:F0:94:05:D0:91:E3:9D:DD
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3133382e3131372e3133302e302f32332d3233203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.117.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         83:d1:14:0c:e1:84:4c:0c:2a:c6:f6:46:46:bd:7c:9d:75:5e:
         05:de:45:53:38:3f:f2:de:e8:7a:12:f8:07:6e:d0:c8:e2:7e:
         cc:f5:2f:57:a6:2d:6e:25:d2:36:92:ee:b2:40:5e:9a:e3:34:
         a7:e8:4e:50:e2:a6:4f:9a:e8:3c:1c:df:b1:21:08:aa:1f:fb:
         09:61:e9:e4:07:4e:a0:7d:6c:a9:ee:1a:08:34:7a:be:dd:02:
         8e:3d:d0:77:99:77:f1:5f:74:01:77:bb:83:1f:a8:6b:fc:b2:
         93:39:fa:d1:71:5e:78:71:38:c4:b7:19:73:b6:62:4c:5e:64:
         5a:f0:f3:38:14:56:46:36:c6:c8:a0:64:9b:a3:3b:af:c9:99:
         71:b8:ea:ee:55:7e:11:3c:cf:1e:e2:96:d6:a7:15:7d:47:d2:
         8b:13:d3:d8:55:6e:73:a8:6f:9b:ff:32:ab:b9:75:80:66:90:
         70:5d:c5:d7:af:58:a3:03:57:ca:6e:1f:66:60:fd:04:0e:fe:
         49:df:ce:9e:bb:af:77:16:15:6f:ac:5b:e4:87:76:95:69:ff:
         1d:4b:93:00:24:21:1a:b5:09:b0:8a:98:d6:17:1d:1d:be:68:
         65:b0:31:50:39:ca:25:60:be:ec:e5:c5:ea:1c:76:05:e7:20:
         b9:dc:47:7d
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUE+ahkrNDZBIs+FH2omh1+BCvGnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMxMDNaFw0yNjAyMDMxODM2MDNaMDMxMTAvBgNV
BAMTKEU4NEY5OTI5Mzg0NEI4ODBFRjFBQUYyM0YwOTQwNUQwOTFFMzlEREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2MzfMcECNNJRnRGSry8KvZwmp
o6fibf0/DUVUXwBGp2ouJwGEovKW7djB2KUmxn5RUM81awpaH/wH6Iv2LfF+7Lbh
GAoLAKKDRMAWou6ARw9ZKH3KXSpj62ZA+W/dO5kN5OZ/lpAT/BARDpD772x8254h
SpSuXrNqPiHNAsnuesf8pY7e8jWxuLLgd/UTed153a4BK2CNCTcbQ3iWZcGRVozG
HYLRyWQ8uFI78GwqUoqugdESmLCxTbTwBF3358DIouRoLAjdOOfV6rHDvMod+U9Q
KYmNvleyUSiob/AjkMIwRDYzWZ852BebGmZi9C8lQb2vBX71+RGcUNe+Lz/XAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU6E+ZKThEuIDvGq8j8JQF0JHjnd0wHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMxMzMzODJlMzEzMTM3MmUzMTMzMzAy
ZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNTMyMzMzOTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBinWC
MA0GCSqGSIb3DQEBCwUAA4IBAQCD0RQM4YRMDCrG9kZGvXyddV4F3kVTOD/y3uh6
EvgHbtDI4n7M9S9Xpi1uJdI2ku6yQF6a4zSn6E5Q4qZPmug8HN+xIQiqH/sJYenk
B06gfWyp7hoINHq+3QKOPdB3mXfxX3QBd7uDH6hr/LKTOfrRcV54cTjEtxlztmJM
XmRa8PM4FFZGNsbIoGSbozuvyZlxuOruVX4RPM8e4pbWpxV9R9KLE9PYVW5zqG+b
/zKruXWAZpBwXcXXr1ijA1fKbh9mYP0EDv5J386eu693FhVvrFvkh3aVaf8dS5MA
JCEatQmwipjWFx0dvmhlsDFQOcolYL7s5cXqHHYF5yC53Ed9
-----END CERTIFICATE-----
Generated at Sun Feb 9 14:35:16 2025 by rpki-client