Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135352e302f32342d3234203d3e203532333939.roa
File:                     3230302e372e3135352e302f32342d3234203d3e203532333939.roa (raw, json)
Hash identifier:          kFihP2Kcgc1cd82JY3hTSs2ocKmKrS6iKn+FgxdiUt0=
Subject key identifier:   2F:B4:02:B4:8A:15:A2:8E:6F:C6:74:38:76:30:99:E0:58:73:5D:70
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       41DFD9460722BCB70FF28B896CA687E00508E0EB
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135352e302f32342d3234203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:36:03 +0000
ROA not before:           Tue 04 Feb 2025 18:31:03 +0000
ROA not after:            Tue 03 Feb 2026 18:36:03 +0000
asID:                     52399
IP address blocks:        200.7.155.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 12 Feb 2025 16:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:df:d9:46:07:22:bc:b7:0f:f2:8b:89:6c:a6:87:e0:05:08:e0:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:31:03 2025 GMT
            Not After : Feb  3 18:36:03 2026 GMT
        Subject: CN=2FB402B48A15A28E6FC67438763099E058735D70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:72:18:37:f8:9f:5b:07:04:0a:15:71:44:80:
                    8e:6e:e8:4b:37:11:e0:3c:3c:d4:94:e8:52:cb:63:
                    65:69:44:17:13:9f:25:79:21:ba:37:32:c2:b3:43:
                    17:e7:2a:14:d5:e1:96:19:05:df:a3:cb:9e:54:a6:
                    cc:d4:81:02:09:e1:50:ba:13:4c:bc:44:4d:c9:0a:
                    4c:75:8d:e0:5d:1a:09:15:25:f3:ab:3c:07:8b:76:
                    d2:c3:1e:be:30:c3:85:14:3b:c4:62:4d:de:be:f6:
                    49:0e:d0:97:a3:7a:bb:56:a3:b0:75:75:9b:43:d2:
                    39:90:5b:0a:ce:d5:ee:a2:04:29:c7:e9:15:07:fe:
                    7a:ae:c7:8c:27:ea:63:67:df:db:08:3a:d9:b3:ee:
                    fc:ff:ea:a2:cb:42:97:f1:d2:14:e9:4c:06:11:6a:
                    76:86:38:40:66:29:96:b7:43:1b:80:17:ac:0d:dc:
                    90:1d:1d:19:29:c3:15:cc:13:6c:39:e7:bb:b2:30:
                    9b:3d:68:2b:6f:67:9e:41:55:9d:8d:db:33:eb:93:
                    ae:d2:3e:da:cf:76:aa:f5:fa:88:4d:8a:27:16:01:
                    51:04:79:44:84:4b:03:53:9f:c1:2c:7b:f9:ae:ed:
                    fc:0c:3c:49:48:a8:b9:4a:ce:9d:7c:ae:bc:10:4d:
                    f9:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:B4:02:B4:8A:15:A2:8E:6F:C6:74:38:76:30:99:E0:58:73:5D:70
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135352e302f32342d3234203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:c7:fb:a1:09:b6:58:f4:7f:77:d2:6a:df:94:70:de:33:4c:
         19:04:af:2b:f4:4d:2f:f9:5c:d1:97:05:fd:86:95:8f:db:d3:
         8c:dd:1e:3c:0f:a9:51:c4:4d:bb:9e:e6:e0:79:97:77:3b:bc:
         29:2e:df:5e:f5:eb:f6:f4:ad:5b:4a:d2:69:18:85:7d:ec:b2:
         f4:2a:dd:9e:89:ec:84:e9:cf:ad:95:25:c3:a8:38:69:96:e0:
         b2:f2:fc:87:d2:4e:33:21:f7:a2:3c:2a:72:26:84:c3:02:cb:
         7e:21:da:aa:94:ba:ca:4e:9a:0a:b5:1e:ce:8b:8e:c4:07:d5:
         74:6b:1e:e2:38:bf:ed:f4:00:94:81:da:02:c7:0f:19:d4:1f:
         04:5e:0f:63:56:27:23:c8:b1:8d:94:85:e3:cf:6e:de:07:17:
         49:27:47:78:59:84:c8:bd:73:9b:a5:91:23:36:42:27:01:f8:
         d9:a0:5a:76:d3:b7:b0:1e:a8:24:be:c0:29:47:f7:0e:b1:92:
         28:c9:eb:1c:1b:0d:a5:1f:21:c1:55:9f:d5:7e:21:bd:bf:24:
         47:3c:6b:b2:25:d1:d9:ea:a2:6b:a2:76:1c:1b:14:c4:08:ac:
         8c:be:14:56:92:bb:79:ae:2e:51:1e:94:bc:9d:ab:1c:b1:af:
         42:35:5b:e9
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUQd/ZRgcivLcP8ouJbKaH4AUI4OswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMxMDNaFw0yNjAyMDMxODM2MDNaMDMxMTAvBgNV
BAMTKDJGQjQwMkI0OEExNUEyOEU2RkM2NzQzODc2MzA5OUUwNTg3MzVENzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlchg3+J9bBwQKFXFEgI5u6Es3
EeA8PNSU6FLLY2VpRBcTnyV5Ibo3MsKzQxfnKhTV4ZYZBd+jy55UpszUgQIJ4VC6
E0y8RE3JCkx1jeBdGgkVJfOrPAeLdtLDHr4ww4UUO8RiTd6+9kkO0JejertWo7B1
dZtD0jmQWwrO1e6iBCnH6RUH/nqux4wn6mNn39sIOtmz7vz/6qLLQpfx0hTpTAYR
anaGOEBmKZa3QxuAF6wN3JAdHRkpwxXME2w557uyMJs9aCtvZ55BVZ2N2zPrk67S
PtrPdqr1+ohNiicWAVEEeUSESwNTn8Ese/mu7fwMPElIqLlKzp18rrwQTfkDAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUL7QCtIoVoo5vxnQ4djCZ4FhzXXAwHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzAzMDJlMzcyZTMxMzUzNTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIB5swDQYJ
KoZIhvcNAQELBQADggEBAH3H+6EJtlj0f3fSat+UcN4zTBkEryv0TS/5XNGXBf2G
lY/b04zdHjwPqVHETbue5uB5l3c7vCku31716/b0rVtK0mkYhX3ssvQq3Z6J7ITp
z62VJcOoOGmW4LLy/IfSTjMh96I8KnImhMMCy34h2qqUuspOmgq1Hs6LjsQH1XRr
HuI4v+30AJSB2gLHDxnUHwReD2NWJyPIsY2UhePPbt4HF0knR3hZhMi9c5ulkSM2
QicB+NmgWnbTt7AeqCS+wClH9w6xkijJ6xwbDaUfIcFVn9V+Ib2/JEc8a7Il0dnq
omuidhwbFMQIrIy+FFaSu3muLlEelLydqxyxr0I1W+k=
-----END CERTIFICATE-----
Generated at Sun Feb 9 15:10:25 2025 by rpki-client