Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135332e302f32342d3234203d3e203532333939.roa
File:                     3230302e372e3135332e302f32342d3234203d3e203532333939.roa (raw, json)
Hash identifier:          tS6WLWeshqGwJp7Sf3de0IYQxs2uMGeKv6u+N0DIxrc=
Subject key identifier:   FD:C8:62:5E:4C:2B:D5:D7:02:AB:7F:8D:11:AC:A6:48:D5:78:E2:FF
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       1F90E717AEBFD261F14DD6F99BD1ADC9A3949FF2
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135332e302f32342d3234203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:36:03 +0000
ROA not before:           Tue 04 Feb 2025 18:31:03 +0000
ROA not after:            Tue 03 Feb 2026 18:36:03 +0000
asID:                     52399
IP address blocks:        200.7.153.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 12 Feb 2025 16:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:90:e7:17:ae:bf:d2:61:f1:4d:d6:f9:9b:d1:ad:c9:a3:94:9f:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:31:03 2025 GMT
            Not After : Feb  3 18:36:03 2026 GMT
        Subject: CN=FDC8625E4C2BD5D702AB7F8D11ACA648D578E2FF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:cc:7c:13:50:da:47:f8:40:38:30:6a:f0:17:
                    cc:24:da:92:e4:5b:d6:95:0b:20:7b:e4:6e:3a:cd:
                    94:a4:f4:56:19:75:6e:f9:e0:58:cd:8c:cc:12:8d:
                    a1:8e:86:37:d7:53:2c:53:e4:e5:2f:c9:d4:15:7a:
                    a5:47:05:71:c2:e6:58:12:03:b5:87:75:f8:61:83:
                    dd:15:44:b5:66:5e:9f:80:7c:93:69:d9:b8:6a:f7:
                    69:b6:12:b4:d2:f2:75:32:da:6c:6b:b2:8c:e7:fa:
                    58:89:f6:60:13:f5:e0:cf:f5:f1:d4:8e:c1:da:bb:
                    98:bf:ce:64:20:c9:4d:64:ef:0d:6d:c6:fc:1c:0d:
                    d5:d5:fe:f6:68:27:f1:1a:4d:22:a1:37:42:e1:25:
                    d2:d9:9e:a9:bf:a2:72:15:e9:6f:c6:d1:b0:50:9c:
                    40:ea:c3:f3:60:eb:3b:ea:81:5e:0a:86:1b:50:10:
                    22:02:48:65:32:8a:6e:a4:9d:a1:d6:ed:af:49:7e:
                    ce:86:56:4d:31:69:b9:fa:cf:c9:e4:92:c2:1f:b8:
                    73:65:25:ae:32:91:0e:02:4f:ce:6a:da:b7:fc:e2:
                    b5:d7:b5:9b:bc:51:95:0f:9e:21:82:09:14:f4:a5:
                    ce:a4:5a:ae:b1:5a:1f:f5:f1:25:6e:a8:fb:df:ba:
                    21:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:C8:62:5E:4C:2B:D5:D7:02:AB:7F:8D:11:AC:A6:48:D5:78:E2:FF
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135332e302f32342d3234203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:e8:25:89:d4:c0:9c:ac:8b:1b:1d:b0:ab:ba:ce:39:cf:0e:
         72:86:db:a2:ce:27:be:65:b3:0c:7f:58:4c:c8:ea:54:70:57:
         f0:cb:28:b2:41:70:08:ad:1e:67:18:72:f1:ea:48:f7:19:2f:
         d1:8e:3f:83:55:68:67:e4:a8:f2:d8:c1:0e:b6:9a:53:cd:22:
         da:c5:94:a3:10:d3:cf:0b:ae:62:2b:5a:95:8a:45:4e:26:20:
         a5:22:6b:74:dd:6d:d5:d5:9c:c0:01:60:ed:27:72:a7:5c:d1:
         db:8f:f2:4e:98:b3:c7:7c:11:50:54:92:03:24:61:af:9d:66:
         f6:4a:35:f3:e3:d2:0e:ee:f8:b8:7d:58:59:2d:38:30:de:85:
         4a:9a:e4:36:0b:2a:82:83:99:7e:25:a9:4d:25:b2:7e:82:9e:
         a0:f8:13:a6:75:2e:d3:55:88:8e:f2:82:0a:90:77:93:f2:b9:
         6d:bf:f0:e5:1d:90:0b:e0:bc:46:87:d4:4f:33:ef:fd:60:ae:
         c5:5f:23:f8:35:f4:d1:9c:af:87:00:41:8d:49:c0:9a:82:d4:
         d0:cf:dc:9b:91:c3:7f:59:47:10:16:af:49:af:84:9b:f1:78:
         3b:a4:2e:c4:d6:25:0f:22:6d:91:ba:9e:42:a5:b6:bf:16:40:
         8c:9f:8d:98
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUH5DnF66/0mHxTdb5m9GtyaOUn/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMxMDNaFw0yNjAyMDMxODM2MDNaMDMxMTAvBgNV
BAMTKEZEQzg2MjVFNEMyQkQ1RDcwMkFCN0Y4RDExQUNBNjQ4RDU3OEUyRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5zHwTUNpH+EA4MGrwF8wk2pLk
W9aVCyB75G46zZSk9FYZdW754FjNjMwSjaGOhjfXUyxT5OUvydQVeqVHBXHC5lgS
A7WHdfhhg90VRLVmXp+AfJNp2bhq92m2ErTS8nUy2mxrsozn+liJ9mAT9eDP9fHU
jsHau5i/zmQgyU1k7w1txvwcDdXV/vZoJ/EaTSKhN0LhJdLZnqm/onIV6W/G0bBQ
nEDqw/Ng6zvqgV4KhhtQECICSGUyim6knaHW7a9Jfs6GVk0xabn6z8nkksIfuHNl
Ja4ykQ4CT85q2rf84rXXtZu8UZUPniGCCRT0pc6kWq6xWh/18SVuqPvfuiH5AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU/chiXkwr1dcCq3+NEaymSNV44v8wHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzAzMDJlMzcyZTMxMzUzMzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIB5kwDQYJ
KoZIhvcNAQELBQADggEBAFroJYnUwJysixsdsKu6zjnPDnKG26LOJ75lswx/WEzI
6lRwV/DLKLJBcAitHmcYcvHqSPcZL9GOP4NVaGfkqPLYwQ62mlPNItrFlKMQ088L
rmIrWpWKRU4mIKUia3TdbdXVnMABYO0ncqdc0duP8k6Ys8d8EVBUkgMkYa+dZvZK
NfPj0g7u+Lh9WFktODDehUqa5DYLKoKDmX4lqU0lsn6CnqD4E6Z1LtNViI7yggqQ
d5PyuW2/8OUdkAvgvEaH1E8z7/1grsVfI/g19NGcr4cAQY1JwJqC1NDP3JuRw39Z
RxAWr0mvhJvxeDukLsTWJQ8ibZG6nkKltr8WQIyfjZg=
-----END CERTIFICATE-----
Generated at Sun Feb 9 14:25:00 2025 by rpki-client