Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32312d3231203d3e203532333939.roa
File:                     3230302e372e3135322e302f32312d3231203d3e203532333939.roa (raw, json)
Hash identifier:          qN6PWVdhlYeh+pExEFjWEkybemAdFRxw+muHyVxoxow=
Subject key identifier:   F0:5C:41:CB:73:06:76:A6:F1:E7:EB:23:89:85:68:45:D4:73:E7:7B
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       238E41313EE1D8EBC65EF6DA7F5BBFBD3BD675A5
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32312d3231203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:36:01 +0000
ROA not before:           Tue 04 Feb 2025 18:31:01 +0000
ROA not after:            Tue 03 Feb 2026 18:36:01 +0000
asID:                     52399
IP address blocks:        200.7.152.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 12 Feb 2025 16:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:8e:41:31:3e:e1:d8:eb:c6:5e:f6:da:7f:5b:bf:bd:3b:d6:75:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:31:01 2025 GMT
            Not After : Feb  3 18:36:01 2026 GMT
        Subject: CN=F05C41CB730676A6F1E7EB2389856845D473E77B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:d9:ef:f0:94:1d:07:3b:5a:ff:1b:98:9d:af:
                    87:d0:bd:1c:70:88:a0:51:58:a7:0f:d0:c3:8a:17:
                    66:b1:bd:cd:50:d4:41:34:a0:a8:65:01:f2:08:72:
                    ef:99:e2:5a:d6:e1:f7:67:fa:77:7b:3f:2e:46:99:
                    a1:3a:87:2a:52:c4:76:1c:aa:60:07:37:29:7c:76:
                    db:e5:7a:dd:22:f8:6e:83:91:3d:ba:68:31:29:c4:
                    92:1d:f2:bb:e3:f2:6c:41:30:84:2e:93:85:cb:e3:
                    63:37:78:37:ec:ed:d2:19:61:ea:be:4b:4a:46:4a:
                    d3:78:d8:91:e8:af:87:11:eb:4c:94:70:41:7e:00:
                    86:e7:cb:9b:e7:a0:49:d5:c1:71:a1:eb:0b:d6:e0:
                    48:40:ad:c3:d5:bc:31:0f:c6:d7:bd:23:c1:8d:ab:
                    9d:55:8a:59:ee:be:3c:89:86:db:9c:2f:b5:8d:08:
                    71:89:e7:6d:b3:00:bd:51:aa:35:ff:3a:a6:7c:66:
                    8c:ae:a9:cf:28:5d:44:d3:3b:4a:58:52:25:3e:8b:
                    7b:1c:e4:86:e5:c7:bb:04:fb:f2:00:e3:cb:6c:8a:
                    84:2d:a0:17:b0:06:eb:4d:3a:01:41:ab:7f:f0:67:
                    f1:27:9c:ae:44:2e:49:e3:ad:de:f3:de:12:28:56:
                    f5:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:5C:41:CB:73:06:76:A6:F1:E7:EB:23:89:85:68:45:D4:73:E7:7B
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32312d3231203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         22:03:49:c5:68:c8:78:0b:0c:b4:0e:32:60:2e:9d:b6:40:42:
         d1:82:e0:c7:69:11:e7:0a:12:4c:cc:0f:59:a4:ba:38:95:04:
         e4:2a:aa:35:8e:1e:5a:c4:75:4d:71:cd:d1:d8:db:4f:50:d8:
         19:70:1b:2a:07:c5:d1:d1:c7:43:dd:d0:dc:84:1b:9b:1d:78:
         2d:f5:8c:b7:30:01:d5:29:59:be:c6:53:fa:48:bb:cc:f6:13:
         8a:a9:9c:6d:e3:be:3d:a0:e0:03:23:99:8b:12:61:cc:3a:92:
         f4:02:62:d2:0d:95:08:99:24:34:f6:ea:44:48:9e:48:94:46:
         30:2e:83:02:96:ef:37:3d:8d:44:bc:06:36:cc:15:49:1e:f0:
         03:44:73:7a:2b:f7:81:67:ca:b9:97:a6:5e:24:f5:e4:ef:38:
         83:8b:85:e0:7c:a0:68:7d:85:a9:16:ba:ac:52:a5:f5:44:bf:
         b1:a5:c6:21:71:26:a7:99:b4:4f:9e:f3:5c:f4:7b:c0:db:52:
         49:c4:f9:7d:87:9e:2c:d5:3b:93:e7:f5:29:33:87:45:20:af:
         35:40:14:9d:54:82:6e:ef:8a:82:93:8b:ad:f7:4f:d5:16:ce:
         79:61:72:f2:89:72:46:bc:cc:7c:bb:e7:d5:82:59:d2:bc:a1:
         65:52:da:04
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUI45BMT7h2OvGXvbaf1u/vTvWdaUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMxMDFaFw0yNjAyMDMxODM2MDFaMDMxMTAvBgNV
BAMTKEYwNUM0MUNCNzMwNjc2QTZGMUU3RUIyMzg5ODU2ODQ1RDQ3M0U3N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDr2e/wlB0HO1r/G5idr4fQvRxw
iKBRWKcP0MOKF2axvc1Q1EE0oKhlAfIIcu+Z4lrW4fdn+nd7Py5GmaE6hypSxHYc
qmAHNyl8dtvlet0i+G6DkT26aDEpxJId8rvj8mxBMIQuk4XL42M3eDfs7dIZYeq+
S0pGStN42JHor4cR60yUcEF+AIbny5vnoEnVwXGh6wvW4EhArcPVvDEPxte9I8GN
q51VilnuvjyJhtucL7WNCHGJ522zAL1RqjX/OqZ8Zoyuqc8oXUTTO0pYUiU+i3sc
5Iblx7sE+/IA48tsioQtoBewButNOgFBq3/wZ/EnnK5ELknjrd7z3hIoVvW1AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU8FxBy3MGdqbx5+sjiYVoRdRz53swHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzAzMDJlMzcyZTMxMzUzMjJlMzAy
ZjMyMzEyZDMyMzEyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPIB5gwDQYJ
KoZIhvcNAQELBQADggEBACIDScVoyHgLDLQOMmAunbZAQtGC4MdpEecKEkzMD1mk
ujiVBOQqqjWOHlrEdU1xzdHY209Q2BlwGyoHxdHRx0Pd0NyEG5sdeC31jLcwAdUp
Wb7GU/pIu8z2E4qpnG3jvj2g4AMjmYsSYcw6kvQCYtINlQiZJDT26kRInkiURjAu
gwKW7zc9jUS8BjbMFUke8ANEc3or94FnyrmXpl4k9eTvOIOLheB8oGh9hakWuqxS
pfVEv7GlxiFxJqeZtE+e81z0e8DbUknE+X2HnizVO5Pn9Skzh0UgrzVAFJ1Ugm7v
ioKTi633T9UWznlhcvKJcka8zHy759WCWdK8oWVS2gQ=
-----END CERTIFICATE-----
Generated at Sun Feb 9 13:59:15 2025 by rpki-client