Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32342d3234203d3e203532333939.roa
File:                     3230302e372e3135322e302f32342d3234203d3e203532333939.roa (raw, json)
Hash identifier:          0mITqxC0YrEaSs1Y5J2VAX0IqdjRDjHIVbiUQfkZWY8=
Subject key identifier:   E9:77:78:A2:AB:D9:50:87:87:37:38:DF:00:78:2C:93:B5:34:FE:59
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       0F749023049A2B47E157767DF2BF6BBE50787FBE
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32342d3234203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:35:58 +0000
ROA not before:           Tue 04 Feb 2025 18:30:58 +0000
ROA not after:            Tue 03 Feb 2026 18:35:58 +0000
asID:                     52399
IP address blocks:        200.7.152.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 12 Feb 2025 16:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:74:90:23:04:9a:2b:47:e1:57:76:7d:f2:bf:6b:be:50:78:7f:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:30:58 2025 GMT
            Not After : Feb  3 18:35:58 2026 GMT
        Subject: CN=E97778A2ABD95087873738DF00782C93B534FE59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:82:d7:4d:d2:4c:a0:bf:c5:78:ac:34:3a:59:
                    d7:d2:7e:5a:48:6d:2e:d4:44:20:ca:85:8b:97:bb:
                    9b:7b:e2:b5:7e:3f:dd:6d:7a:68:d7:cc:85:5f:9a:
                    a2:f1:2e:67:38:74:24:5f:7c:a1:44:10:b8:47:5a:
                    f7:b1:3d:44:d9:96:59:01:cf:c2:23:05:b7:48:d4:
                    f4:20:da:9e:a7:16:da:00:97:a1:e8:a2:3c:8e:32:
                    b9:d2:2a:09:f9:d4:a5:18:e9:3b:25:91:87:d3:d6:
                    50:08:29:1f:1e:5c:38:d7:f4:34:01:ce:b9:30:f7:
                    23:89:ce:57:cb:0a:5b:2c:6c:f7:4b:41:3f:c4:06:
                    aa:75:05:09:38:05:42:a0:ca:52:5a:be:a1:96:73:
                    4c:8a:0f:d6:19:2e:40:49:df:69:7d:3d:a7:a5:c1:
                    d6:c3:f3:b6:b1:9f:4a:8b:84:76:da:49:27:eb:47:
                    05:e9:29:cf:a3:eb:57:9a:7b:e4:b9:30:23:07:0c:
                    32:b1:9d:61:d0:a3:2c:8d:e3:47:f5:a7:42:64:31:
                    74:f4:3c:c3:24:d1:4c:2a:e4:f8:85:49:c4:ec:2a:
                    23:2a:9f:93:36:e4:3e:1e:68:9d:6d:73:eb:04:7e:
                    aa:2a:af:58:b7:3b:5b:6a:fc:ad:c6:83:47:7f:62:
                    53:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:77:78:A2:AB:D9:50:87:87:37:38:DF:00:78:2C:93:B5:34:FE:59
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32342d3234203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:44:47:76:62:8e:6b:df:2e:e5:8e:2a:fc:74:b7:97:20:6b:
         a9:81:9d:f5:45:76:bb:8c:84:60:c8:84:d9:6a:98:7b:51:8a:
         a7:5a:8f:72:78:7e:b1:11:7d:56:f2:83:15:cf:37:0b:97:60:
         7f:e2:00:2d:26:84:68:40:23:4b:cd:50:36:71:3d:cd:7c:eb:
         7e:9d:47:e6:5a:d2:9b:d7:3f:ec:68:a4:f1:ed:7a:63:4c:9f:
         00:9e:c1:b9:56:db:0f:55:a7:28:79:d3:82:c7:2d:52:36:08:
         ff:94:32:bd:d4:7a:f8:fd:18:3d:fd:c2:b0:b3:a8:6c:37:bf:
         7c:37:e3:dc:81:46:b5:8c:0f:d4:e0:95:fb:79:aa:fd:a5:6a:
         91:ab:90:0c:48:8b:61:92:e1:0a:fd:b7:f7:c0:d6:2e:fc:89:
         02:64:0e:23:3d:d6:9d:2b:55:86:ec:58:af:16:72:3d:e0:80:
         17:5e:f9:04:89:90:66:d8:bb:a7:24:93:39:51:33:54:13:04:
         f5:ea:70:a4:71:e6:eb:bb:bb:fa:98:7d:4b:45:d5:8a:a8:63:
         6d:04:97:d5:4b:c9:59:67:c8:ce:fd:ef:6e:81:78:24:7c:bb:
         5b:95:9b:9c:3c:24:59:26:24:f1:c0:c0:e4:f5:e0:aa:c9:48:
         d2:ee:a6:c4
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUD3SQIwSaK0fhV3Z98r9rvlB4f74wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMwNThaFw0yNjAyMDMxODM1NThaMDMxMTAvBgNV
BAMTKEU5Nzc3OEEyQUJEOTUwODc4NzM3MzhERjAwNzgyQzkzQjUzNEZFNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCggtdN0kygv8V4rDQ6WdfSflpI
bS7URCDKhYuXu5t74rV+P91temjXzIVfmqLxLmc4dCRffKFEELhHWvexPUTZllkB
z8IjBbdI1PQg2p6nFtoAl6HoojyOMrnSKgn51KUY6TslkYfT1lAIKR8eXDjX9DQB
zrkw9yOJzlfLClssbPdLQT/EBqp1BQk4BUKgylJavqGWc0yKD9YZLkBJ32l9Pael
wdbD87axn0qLhHbaSSfrRwXpKc+j61eae+S5MCMHDDKxnWHQoyyN40f1p0JkMXT0
PMMk0Uwq5PiFScTsKiMqn5M25D4eaJ1tc+sEfqoqr1i3O1tq/K3Gg0d/YlNfAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU6Xd4oqvZUIeHNzjfAHgsk7U0/lkwHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzAzMDJlMzcyZTMxMzUzMjJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIB5gwDQYJ
KoZIhvcNAQELBQADggEBAHJER3ZijmvfLuWOKvx0t5cga6mBnfVFdruMhGDIhNlq
mHtRiqdaj3J4frERfVbygxXPNwuXYH/iAC0mhGhAI0vNUDZxPc18636dR+Za0pvX
P+xopPHtemNMnwCewblW2w9Vpyh504LHLVI2CP+UMr3Uevj9GD39wrCzqGw3v3w3
49yBRrWMD9Tglft5qv2lapGrkAxIi2GS4Qr9t/fA1i78iQJkDiM91p0rVYbsWK8W
cj3ggBde+QSJkGbYu6ckkzlRM1QTBPXqcKRx5uu7u/qYfUtF1YqoY20El9VLyVln
yM79726BeCR8u1uVm5w8JFkmJPHAwOT14KrJSNLupsQ=
-----END CERTIFICATE-----
Generated at Sun Feb 9 13:56:56 2025 by rpki-client