Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135342e302f32342d3234203d3e203532333939.roa
File:                     3230302e372e3135342e302f32342d3234203d3e203532333939.roa (raw, json)
Hash identifier:          dhtadjMc7BR0aR6e+vQ34l/0FBFG16/F4z0TkQ0/Q5U=
Subject key identifier:   09:22:AA:F9:13:E2:6B:99:F3:2C:08:6C:29:9E:39:C7:88:77:26:39
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       1F7D183733BD2E0364D6D676F70FBC20372BC542
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135342e302f32342d3234203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:36:04 +0000
ROA not before:           Tue 04 Feb 2025 18:31:04 +0000
ROA not after:            Tue 03 Feb 2026 18:36:04 +0000
asID:                     52399
IP address blocks:        200.7.154.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 12 Feb 2025 16:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:7d:18:37:33:bd:2e:03:64:d6:d6:76:f7:0f:bc:20:37:2b:c5:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:31:04 2025 GMT
            Not After : Feb  3 18:36:04 2026 GMT
        Subject: CN=0922AAF913E26B99F32C086C299E39C788772639
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:b6:a0:3b:61:27:d1:37:9e:ef:d9:12:98:6e:
                    c3:85:63:7c:38:bd:b8:6c:88:e6:8a:e4:bf:43:ce:
                    cd:97:ae:02:ab:0c:d6:e7:17:94:c3:68:d4:32:ea:
                    8e:23:ea:33:d1:f3:9f:3e:14:04:2a:38:7c:9f:3b:
                    3f:37:59:1f:12:ab:d3:f1:54:1c:3a:c5:84:55:dc:
                    d2:4e:87:df:67:a4:5d:3e:27:6f:d6:79:9d:e3:b8:
                    dc:95:bd:ab:e3:c5:96:13:48:76:cf:21:e0:4d:62:
                    a7:40:97:b0:2b:79:ff:c7:37:27:a8:d0:f6:c6:28:
                    2b:4c:dd:8f:7a:b4:30:86:a7:33:d2:8e:9d:5e:4f:
                    2e:14:5d:c0:4c:78:d4:ac:88:2b:af:bb:dc:5c:10:
                    46:5b:34:ff:47:4f:d0:51:a4:9b:ce:e1:35:ed:32:
                    7b:1a:ff:f3:a1:5b:c4:ad:8c:c9:31:d4:2d:1c:41:
                    ad:7b:90:04:a3:7e:d3:2c:16:e0:f9:f3:ae:3d:9d:
                    e4:0e:8d:73:c0:45:ab:0b:4d:bd:9a:75:f4:a7:55:
                    8e:42:f0:44:8b:a8:a1:41:d8:00:f5:08:bb:3a:f1:
                    d4:98:ef:71:24:57:db:5e:9a:6a:0e:53:f5:9e:29:
                    29:aa:07:2b:6c:0c:34:9b:55:b9:d1:98:df:94:4a:
                    60:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:22:AA:F9:13:E2:6B:99:F3:2C:08:6C:29:9E:39:C7:88:77:26:39
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135342e302f32342d3234203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:d4:66:1c:55:6b:cf:3c:ad:63:42:ca:47:fd:b8:af:78:de:
         31:2e:d7:33:3b:40:38:a5:47:ef:7a:0c:e4:81:37:b8:a1:ec:
         92:cd:f2:bf:96:71:52:f2:f8:87:2d:b6:9a:10:4e:15:1b:9a:
         9e:db:98:fd:e8:9f:f0:5c:2f:75:ad:50:a8:19:98:9e:17:08:
         75:4d:db:06:95:df:74:4b:f4:ac:80:a6:de:60:5d:09:19:38:
         52:a6:d3:ae:eb:cc:a5:82:ec:b4:a2:35:57:69:c8:93:d1:94:
         83:f9:48:9a:e7:d0:1f:6a:66:e8:be:7a:0d:18:a7:16:bc:dc:
         64:84:31:a7:21:88:97:99:67:bf:2c:40:46:24:89:00:bd:e6:
         d6:fa:17:98:f1:e5:2e:75:7c:91:63:0e:bf:b3:78:95:68:ba:
         e8:11:98:6d:12:54:38:d8:b5:22:c7:ab:88:6e:12:32:6b:32:
         2f:6a:71:f8:b3:60:89:e6:23:f2:5c:e1:7c:a2:c5:5f:a8:35:
         f2:d9:73:47:39:5f:20:62:bb:7e:12:f2:e5:10:77:fd:99:87:
         a6:b3:9c:14:98:ef:31:93:f0:68:84:5b:bd:24:b1:8e:e7:db:
         08:ea:f1:f6:a6:ea:e9:1b:fc:74:2a:2b:6c:75:54:09:81:1c:
         b2:ed:7c:0b
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUH30YNzO9LgNk1tZ29w+8IDcrxUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMxMDRaFw0yNjAyMDMxODM2MDRaMDMxMTAvBgNV
BAMTKDA5MjJBQUY5MTNFMjZCOTlGMzJDMDg2QzI5OUUzOUM3ODg3NzI2MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXtqA7YSfRN57v2RKYbsOFY3w4
vbhsiOaK5L9Dzs2XrgKrDNbnF5TDaNQy6o4j6jPR858+FAQqOHyfOz83WR8Sq9Px
VBw6xYRV3NJOh99npF0+J2/WeZ3juNyVvavjxZYTSHbPIeBNYqdAl7Aref/HNyeo
0PbGKCtM3Y96tDCGpzPSjp1eTy4UXcBMeNSsiCuvu9xcEEZbNP9HT9BRpJvO4TXt
Mnsa//OhW8StjMkx1C0cQa17kASjftMsFuD58649neQOjXPARasLTb2adfSnVY5C
8ESLqKFB2AD1CLs68dSY73EkV9temmoOU/WeKSmqBytsDDSbVbnRmN+USmBdAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUCSKq+RPia5nzLAhsKZ45x4h3JjkwHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzAzMDJlMzcyZTMxMzUzNDJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIB5owDQYJ
KoZIhvcNAQELBQADggEBABDUZhxVa888rWNCykf9uK943jEu1zM7QDilR+96DOSB
N7ih7JLN8r+WcVLy+IcttpoQThUbmp7bmP3on/BcL3WtUKgZmJ4XCHVN2waV33RL
9KyApt5gXQkZOFKm067rzKWC7LSiNVdpyJPRlIP5SJrn0B9qZui+eg0Ypxa83GSE
MachiJeZZ78sQEYkiQC95tb6F5jx5S51fJFjDr+zeJVouugRmG0SVDjYtSLHq4hu
EjJrMi9qcfizYInmI/Jc4XyixV+oNfLZc0c5XyBiu34S8uUQd/2Zh6aznBSY7zGT
8GiEW70ksY7n2wjq8fam6ukb/HQqK2x1VAmBHLLtfAs=
-----END CERTIFICATE-----
Generated at Sun Feb 9 14:48:45 2025 by rpki-client