Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135342e302f32332d3233203d3e203532333939.roa
File:                     3230302e372e3135342e302f32332d3233203d3e203532333939.roa (raw, json)
Hash identifier:          B+++dx8tkB5oDuN1jMf5RD25rBDQaKAGYfjRw8+Pf2k=
Subject key identifier:   6E:D7:73:38:A5:43:F0:86:43:10:92:D4:77:E4:EF:E0:58:A7:C6:B4
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       26444F297B8F38E646AFA4F0065B1711333BED28
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135342e302f32332d3233203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:36:01 +0000
ROA not before:           Tue 04 Feb 2025 18:31:01 +0000
ROA not after:            Tue 03 Feb 2026 18:36:01 +0000
asID:                     52399
IP address blocks:        200.7.154.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 10 Feb 2025 14:38:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:44:4f:29:7b:8f:38:e6:46:af:a4:f0:06:5b:17:11:33:3b:ed:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:31:01 2025 GMT
            Not After : Feb  3 18:36:01 2026 GMT
        Subject: CN=6ED77338A543F086431092D477E4EFE058A7C6B4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:ec:5b:ed:85:45:4d:57:13:b8:eb:05:c7:0a:
                    97:b2:b0:e8:27:37:11:e1:6b:e8:9d:ae:b9:6a:8a:
                    b5:4f:4c:95:f8:2a:76:63:d5:9f:ce:4d:ef:1c:a3:
                    87:24:c2:b6:8d:2c:d3:01:8b:e2:20:d8:3c:5a:0e:
                    a7:0a:03:08:f5:a4:94:b8:82:ee:90:e2:70:86:81:
                    06:c4:90:a0:12:b8:ea:58:21:3a:00:39:98:cd:4b:
                    45:76:b5:4a:6f:c8:2c:37:64:17:66:9f:ba:81:d7:
                    bf:ce:57:6b:29:a0:ed:10:96:44:50:ea:4f:07:0e:
                    68:d1:28:38:7b:59:a9:5c:5e:3d:60:19:1b:e8:cd:
                    b9:3f:ba:67:8d:1f:74:c5:79:ed:2c:8a:d9:db:39:
                    b2:95:f5:d8:2a:84:fe:9f:f1:00:ee:0b:52:d7:7f:
                    c8:85:c0:45:8b:a7:1f:8a:a4:c8:ab:27:e7:46:ac:
                    6f:71:ee:60:4d:94:fc:f3:50:51:d1:0b:d2:3d:74:
                    aa:c0:bb:c1:4a:5b:26:ce:7e:b1:ea:94:72:35:b4:
                    ec:5e:ca:f0:9d:01:0e:74:2a:76:c4:1c:e2:3d:8f:
                    52:5a:95:e2:7d:69:85:3c:40:c8:d0:f1:aa:2e:94:
                    40:c5:7b:15:3d:9e:53:c2:d5:f3:6c:74:19:85:6c:
                    94:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:D7:73:38:A5:43:F0:86:43:10:92:D4:77:E4:EF:E0:58:A7:C6:B4
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135342e302f32332d3233203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         09:94:1c:70:b3:10:36:8b:f7:68:4f:75:fc:b1:14:04:44:8d:
         17:4a:83:c2:4e:cd:e6:9e:cf:4b:ae:c6:2a:72:85:9b:eb:44:
         50:ed:24:63:1c:fb:bd:a2:04:76:af:9b:51:6f:65:28:3d:15:
         d3:40:56:9f:f4:03:38:d0:c8:b4:8a:b4:f0:77:03:6b:1f:09:
         49:8a:69:a8:10:3a:aa:08:e9:74:2a:76:82:c2:d9:1b:35:52:
         17:c0:a7:c9:72:92:9d:ef:07:59:e0:99:69:cf:bc:d6:4d:77:
         b0:e1:2a:ef:d8:ef:b0:63:66:62:8b:b5:5d:e6:ee:aa:e0:d9:
         8c:00:49:37:98:b9:ef:0d:00:68:cd:f7:be:98:b9:b0:e2:a6:
         da:29:f0:b1:37:36:19:20:d4:db:e1:97:75:7d:4c:28:ff:cd:
         5b:8e:11:14:93:57:6d:9b:9b:d0:d3:ed:12:b8:d4:6c:55:86:
         6c:62:33:ff:19:2d:9a:ab:b2:d7:79:ba:ae:35:39:ad:f4:da:
         11:55:9a:16:c1:de:03:78:1c:8d:08:ff:17:12:e7:03:24:b4:
         4b:61:31:f7:d5:e6:d7:b3:13:45:c1:79:8f:a6:fe:82:5e:9f:
         56:17:58:e5:b1:7c:f9:8c:d1:00:fd:15:99:ba:f6:27:65:51:
         3b:0d:e0:72
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUJkRPKXuPOOZGr6TwBlsXETM77SgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMxMDFaFw0yNjAyMDMxODM2MDFaMDMxMTAvBgNV
BAMTKDZFRDc3MzM4QTU0M0YwODY0MzEwOTJENDc3RTRFRkUwNThBN0M2QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCM7FvthUVNVxO46wXHCpeysOgn
NxHha+idrrlqirVPTJX4KnZj1Z/OTe8co4ckwraNLNMBi+Ig2DxaDqcKAwj1pJS4
gu6Q4nCGgQbEkKASuOpYIToAOZjNS0V2tUpvyCw3ZBdmn7qB17/OV2spoO0QlkRQ
6k8HDmjRKDh7WalcXj1gGRvozbk/umeNH3TFee0sitnbObKV9dgqhP6f8QDuC1LX
f8iFwEWLpx+KpMirJ+dGrG9x7mBNlPzzUFHRC9I9dKrAu8FKWybOfrHqlHI1tOxe
yvCdAQ50KnbEHOI9j1JaleJ9aYU8QMjQ8aoulEDFexU9nlPC1fNsdBmFbJQjAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUbtdzOKVD8IZDEJLUd+Tv4FinxrQwHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzAzMDJlMzcyZTMxMzUzNDJlMzAy
ZjMyMzMyZDMyMzMyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHIB5owDQYJ
KoZIhvcNAQELBQADggEBAAmUHHCzEDaL92hPdfyxFAREjRdKg8JOzeaez0uuxipy
hZvrRFDtJGMc+72iBHavm1FvZSg9FdNAVp/0AzjQyLSKtPB3A2sfCUmKaagQOqoI
6XQqdoLC2Rs1UhfAp8lykp3vB1ngmWnPvNZNd7DhKu/Y77BjZmKLtV3m7qrg2YwA
STeYue8NAGjN976YubDiptop8LE3Nhkg1Nvhl3V9TCj/zVuOERSTV22bm9DT7RK4
1GxVhmxiM/8ZLZqrstd5uq41Oa302hFVmhbB3gN4HI0I/xcS5wMktEthMffV5tez
E0XBeY+m/oJen1YXWOWxfPmM0QD9FZm69idlUTsN4HI=
-----END CERTIFICATE-----
Generated at Sun Feb 9 14:49:25 2025 by rpki-client