Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32322d3232203d3e203532333939.roa
File:                     3230302e372e3135322e302f32322d3232203d3e203532333939.roa (raw, json)
Hash identifier:          CE/fDlOwnj7sVpU2xVsBb7AauCCHxIIGyUptT06BDI8=
Subject key identifier:   48:C2:30:57:33:B8:27:04:1D:5B:F5:6A:F3:D3:F0:75:AB:6A:33:9E
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       58DE30E51725E754C61973BAD7C3A877F9BE940C
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32322d3232203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:36:00 +0000
ROA not before:           Tue 04 Feb 2025 18:31:00 +0000
ROA not after:            Tue 03 Feb 2026 18:36:00 +0000
asID:                     52399
IP address blocks:        200.7.152.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 10 Feb 2025 14:38:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:de:30:e5:17:25:e7:54:c6:19:73:ba:d7:c3:a8:77:f9:be:94:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:31:00 2025 GMT
            Not After : Feb  3 18:36:00 2026 GMT
        Subject: CN=48C2305733B827041D5BF56AF3D3F075AB6A339E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:dc:fe:e5:e9:78:e8:4c:9f:16:40:f8:60:ea:
                    fe:9f:03:d5:af:22:3a:44:d0:7b:66:b6:cd:06:39:
                    bb:ac:87:33:37:b6:b9:da:02:31:6e:c1:25:d2:51:
                    c4:41:f1:80:7a:77:cb:6e:25:ca:89:69:4f:34:72:
                    ae:b4:c9:d8:0f:e4:52:3e:96:6b:01:36:48:b6:58:
                    c9:84:85:6b:f0:3f:14:c7:d5:56:5c:7b:52:26:a0:
                    8f:b7:e8:d5:af:5e:29:f8:5f:59:0b:6f:c8:28:60:
                    3c:90:cd:7c:db:38:6e:68:ab:60:65:2c:ce:4b:dc:
                    47:94:01:fd:ee:8e:fe:56:36:49:bc:e3:dd:41:24:
                    d7:8b:7a:e6:84:ec:37:ad:bd:85:45:ff:64:5a:bb:
                    4e:bb:9e:85:c9:aa:52:06:e4:ba:2f:9b:1c:9f:54:
                    a5:db:fe:6c:d0:71:3f:38:54:12:48:e5:f9:95:64:
                    54:44:7f:89:6f:a5:5d:7c:88:06:a0:4e:53:ad:9c:
                    46:4b:1c:57:63:2d:3c:e6:a8:67:c7:49:1a:25:e7:
                    0c:65:c4:05:67:80:37:1e:3b:11:30:6e:27:14:61:
                    98:44:be:0b:14:bb:c4:68:fe:2d:7d:49:4e:59:c0:
                    6d:fb:5d:50:53:94:1d:00:ec:d2:eb:74:01:4a:bf:
                    48:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:C2:30:57:33:B8:27:04:1D:5B:F5:6A:F3:D3:F0:75:AB:6A:33:9E
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32322d3232203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9a:7b:ab:19:d4:d4:10:31:2f:e6:88:5a:0f:93:b3:39:ad:c9:
         20:56:ca:cd:44:c0:3e:9d:8c:ba:18:14:37:6d:a2:37:59:21:
         16:e4:49:62:21:90:2f:0a:27:c7:97:68:e4:cc:24:cc:5a:e9:
         19:04:c8:f4:58:22:bf:25:a7:d0:f1:9c:96:22:5b:5b:9d:8d:
         28:7e:1b:f4:2c:88:89:e0:62:cb:79:03:8e:b1:05:08:7c:0f:
         95:ba:a6:b3:17:31:fd:e1:0b:67:5c:ca:46:f9:ed:25:63:ac:
         70:15:11:13:db:71:89:75:c4:4c:a8:8f:18:e4:ee:81:c9:83:
         c8:e0:c4:a8:da:d0:ea:f5:89:c4:9d:e9:e0:67:dd:54:64:9e:
         28:ff:e7:bb:c7:38:9d:d4:44:3f:4a:33:dd:37:e1:f0:72:c9:
         08:25:fe:cb:58:a6:ad:a4:27:4e:d7:5b:49:a8:56:a8:d4:d9:
         95:a1:c2:9c:a5:c2:76:f5:8f:ed:69:aa:16:df:fd:c4:68:3d:
         9c:a4:d1:d0:f8:ce:0a:89:be:57:23:90:c6:1a:62:75:5f:6e:
         77:42:33:8f:66:f8:76:ff:91:18:70:ee:16:4a:3a:ee:aa:7d:
         20:b9:b2:20:ec:44:e2:43:51:be:9b:06:fc:c7:dd:88:64:90:
         16:e3:56:22
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUWN4w5Rcl51TGGXO618Ood/m+lAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMxMDBaFw0yNjAyMDMxODM2MDBaMDMxMTAvBgNV
BAMTKDQ4QzIzMDU3MzNCODI3MDQxRDVCRjU2QUYzRDNGMDc1QUI2QTMzOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl3P7l6XjoTJ8WQPhg6v6fA9Wv
IjpE0Htmts0GObushzM3trnaAjFuwSXSUcRB8YB6d8tuJcqJaU80cq60ydgP5FI+
lmsBNki2WMmEhWvwPxTH1VZce1ImoI+36NWvXin4X1kLb8goYDyQzXzbOG5oq2Bl
LM5L3EeUAf3ujv5WNkm8491BJNeLeuaE7DetvYVF/2Rau067noXJqlIG5Lovmxyf
VKXb/mzQcT84VBJI5fmVZFREf4lvpV18iAagTlOtnEZLHFdjLTzmqGfHSRol5wxl
xAVngDceOxEwbicUYZhEvgsUu8Ro/i19SU5ZwG37XVBTlB0A7NLrdAFKv0hvAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUSMIwVzO4JwQdW/Vq89PwdatqM54wHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzAzMDJlMzcyZTMxMzUzMjJlMzAy
ZjMyMzIyZDMyMzIyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALIB5gwDQYJ
KoZIhvcNAQELBQADggEBAJp7qxnU1BAxL+aIWg+TszmtySBWys1EwD6djLoYFDdt
ojdZIRbkSWIhkC8KJ8eXaOTMJMxa6RkEyPRYIr8lp9DxnJYiW1udjSh+G/QsiIng
Yst5A46xBQh8D5W6prMXMf3hC2dcykb57SVjrHAVERPbcYl1xEyojxjk7oHJg8jg
xKja0Or1icSd6eBn3VRknij/57vHOJ3URD9KM9034fByyQgl/stYpq2kJ07XW0mo
VqjU2ZWhwpylwnb1j+1pqhbf/cRoPZyk0dD4zgqJvlcjkMYaYnVfbndCM49m+Hb/
kRhw7hZKOu6qfSC5siDsROJDUb6bBvzH3YhkkBbjViI=
-----END CERTIFICATE-----
Generated at Sun Feb 9 13:58:16 2025 by rpki-client