Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3133382e3131372e3133312e302f32342d3234203d3e203532333939.roa
File:                     3133382e3131372e3133312e302f32342d3234203d3e203532333939.roa (raw, json)
Hash identifier:          w0l39Mm3z+BR/+csmol1pQCSrJwdO4QRUfcXzTnqRgE=
Subject key identifier:   D6:6A:58:6A:B2:C5:69:D7:C9:D0:C3:0D:F1:54:C7:67:41:33:1F:35
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       0DD9E4478AE322D25C751A6D66FECE2D89EB8633
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3133382e3131372e3133312e302f32342d3234203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:35:57 +0000
ROA not before:           Tue 04 Feb 2025 18:30:57 +0000
ROA not after:            Tue 03 Feb 2026 18:35:57 +0000
asID:                     52399
IP address blocks:        138.117.131.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 10 Feb 2025 14:38:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:d9:e4:47:8a:e3:22:d2:5c:75:1a:6d:66:fe:ce:2d:89:eb:86:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:30:57 2025 GMT
            Not After : Feb  3 18:35:57 2026 GMT
        Subject: CN=D66A586AB2C569D7C9D0C30DF154C76741331F35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:0b:91:26:0a:18:ee:ee:1f:82:c0:c7:d2:b6:
                    85:6f:9c:fa:71:0b:fc:c5:1e:ec:28:fb:e5:b9:67:
                    09:0f:8d:9e:51:86:0d:1a:2c:3d:0f:62:0e:cc:af:
                    2e:22:50:17:35:59:a1:79:f9:73:59:c1:83:11:cb:
                    76:fc:cb:ea:b0:c3:45:8e:96:e6:9c:99:4f:cb:50:
                    54:90:01:39:9a:45:c5:81:8e:41:56:7f:1b:51:d0:
                    32:2a:55:18:d1:80:f2:c0:2f:a4:62:30:0f:92:a2:
                    12:42:56:ed:8e:f6:46:f5:49:cb:3a:93:a6:22:d0:
                    34:7a:3f:8a:57:0e:25:1d:54:ed:3c:f9:47:ef:a1:
                    b2:91:79:82:d1:b4:4f:a6:da:c3:80:f6:4c:bc:ed:
                    9e:d0:c7:76:50:4a:52:3f:ec:3c:ea:a7:57:1b:3c:
                    c1:27:62:15:54:fc:8a:a6:f7:4b:46:04:96:0c:69:
                    37:ef:62:79:93:7b:9b:cd:7a:16:8d:31:12:48:23:
                    66:c9:27:3e:4f:7a:85:d3:b3:61:52:45:26:c1:82:
                    b1:9c:d6:38:56:07:e3:fc:0f:c5:87:69:91:97:88:
                    fd:2e:34:15:61:f0:9b:67:df:26:d5:60:33:a6:2b:
                    b8:3c:bb:00:e1:cf:e0:b0:07:fb:11:ac:ed:0f:a5:
                    24:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:6A:58:6A:B2:C5:69:D7:C9:D0:C3:0D:F1:54:C7:67:41:33:1F:35
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3133382e3131372e3133312e302f32342d3234203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.117.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:e0:97:16:7b:7c:20:b9:93:ef:69:41:ee:e7:4c:5c:80:88:
         b3:0a:e5:d2:93:b9:54:4b:da:cf:be:74:ca:fa:32:4f:1c:6c:
         1e:de:7a:b4:15:6c:af:64:c0:f8:b3:88:96:0e:e6:37:d9:94:
         4a:83:25:18:6e:01:ea:81:38:0e:d0:13:48:06:f0:23:17:a0:
         16:e7:79:d2:7f:d7:81:e4:49:b7:72:f8:4c:6e:a2:79:42:3b:
         6e:ea:d9:43:00:6c:4b:93:54:9e:80:64:be:8a:29:d3:b5:0e:
         95:17:ec:12:31:c4:7f:02:0a:0a:5c:32:55:9c:37:fd:35:e1:
         10:a8:d7:2c:0c:21:dd:c4:e2:b2:0e:14:da:b6:02:67:74:9c:
         e9:68:5e:33:c9:bf:77:ae:60:93:d8:92:e1:54:df:0f:fa:57:
         55:1d:32:e4:6a:da:a3:bc:16:06:50:59:18:cf:e4:b4:ce:31:
         d7:92:72:c1:26:98:2c:8f:d9:46:da:24:9b:51:d1:3c:f6:da:
         4e:5b:22:dc:d6:c7:01:93:ce:9d:4f:72:a2:d5:2b:46:4a:9a:
         a1:42:e1:65:6c:52:4d:fb:aa:ba:73:f8:fa:db:71:4e:be:99:
         fb:d2:be:2f:9a:11:b9:8b:6e:e2:54:80:75:9c:74:d6:96:4f:
         a9:32:38:4f
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUDdnkR4rjItJcdRptZv7OLYnrhjMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMwNTdaFw0yNjAyMDMxODM1NTdaMDMxMTAvBgNV
BAMTKEQ2NkE1ODZBQjJDNTY5RDdDOUQwQzMwREYxNTRDNzY3NDEzMzFGMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFC5EmChju7h+CwMfStoVvnPpx
C/zFHuwo++W5ZwkPjZ5Rhg0aLD0PYg7Mry4iUBc1WaF5+XNZwYMRy3b8y+qww0WO
luacmU/LUFSQATmaRcWBjkFWfxtR0DIqVRjRgPLAL6RiMA+SohJCVu2O9kb1Scs6
k6Yi0DR6P4pXDiUdVO08+UfvobKReYLRtE+m2sOA9ky87Z7Qx3ZQSlI/7Dzqp1cb
PMEnYhVU/Iqm90tGBJYMaTfvYnmTe5vNehaNMRJII2bJJz5PeoXTs2FSRSbBgrGc
1jhWB+P8D8WHaZGXiP0uNBVh8Jtn3ybVYDOmK7g8uwDhz+CwB/sRrO0PpSRdAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU1mpYarLFadfJ0MMN8VTHZ0EzHzUwHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMxMzMzODJlMzEzMTM3MmUzMTMzMzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzMzOTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAinWD
MA0GCSqGSIb3DQEBCwUAA4IBAQCd4JcWe3wguZPvaUHu50xcgIizCuXSk7lUS9rP
vnTK+jJPHGwe3nq0FWyvZMD4s4iWDuY32ZRKgyUYbgHqgTgO0BNIBvAjF6AW53nS
f9eB5Em3cvhMbqJ5Qjtu6tlDAGxLk1SegGS+iinTtQ6VF+wSMcR/AgoKXDJVnDf9
NeEQqNcsDCHdxOKyDhTatgJndJzpaF4zyb93rmCT2JLhVN8P+ldVHTLkatqjvBYG
UFkYz+S0zjHXknLBJpgsj9lG2iSbUdE89tpOWyLc1scBk86dT3Ki1StGSpqhQuFl
bFJN+6q6c/j623FOvpn70r4vmhG5i27iVIB1nHTWlk+pMjhP
-----END CERTIFICATE-----
Generated at Sun Feb 9 14:54:57 2025 by rpki-client