Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135362e302f32322d3232203d3e203532333939.roa
File:                     3230302e372e3135362e302f32322d3232203d3e203532333939.roa (raw, json)
Hash identifier:          cudxMuP1NLYJpaoKjvogUZG4DBlwgoxjbQOATaywuvk=
Subject key identifier:   08:24:C2:37:24:FA:4F:F9:C8:0B:A3:17:40:8C:7C:0B:C8:8B:8D:FD
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       70F63C84E8E94164D13EB7634F6CE22CD40A4600
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135362e302f32322d3232203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:36:00 +0000
ROA not before:           Tue 04 Feb 2025 18:31:00 +0000
ROA not after:            Tue 03 Feb 2026 18:36:00 +0000
asID:                     52399
IP address blocks:        200.7.156.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 12 Feb 2025 16:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:f6:3c:84:e8:e9:41:64:d1:3e:b7:63:4f:6c:e2:2c:d4:0a:46:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:31:00 2025 GMT
            Not After : Feb  3 18:36:00 2026 GMT
        Subject: CN=0824C23724FA4FF9C80BA317408C7C0BC88B8DFD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:2c:42:8e:3d:69:0a:38:7b:18:2b:b6:41:14:
                    f3:09:2c:ea:c2:df:7b:62:e6:94:37:5f:e1:f1:ef:
                    97:53:ed:64:08:78:8b:79:34:4f:5a:e4:65:e0:ce:
                    46:ff:86:c2:f0:aa:e5:9a:cd:eb:fc:d8:69:d8:58:
                    4f:fd:9d:45:60:2e:4d:38:1a:e8:b1:21:4a:d5:c3:
                    6f:e0:ec:31:23:54:76:b8:bb:17:5c:58:da:4b:7d:
                    3c:2d:ac:a0:44:b8:ce:03:7f:83:cf:c9:ea:63:d1:
                    2f:d6:43:b4:6c:d4:07:e8:8f:eb:ed:bf:29:3d:c3:
                    b2:5c:49:53:42:2f:7c:3b:3e:17:e8:3a:db:bb:75:
                    75:59:82:e0:f4:34:3a:d5:8c:87:77:d3:fb:69:85:
                    b1:8f:ef:d0:48:9a:e5:3f:2e:48:45:57:b4:79:5d:
                    88:a2:93:02:63:6d:99:ab:78:fc:eb:31:2e:79:5d:
                    32:72:33:7a:c6:22:f1:79:c7:62:68:0d:2d:ec:18:
                    8b:eb:c8:0f:be:b1:0e:f0:b3:f8:b8:ae:1c:61:44:
                    f3:2f:e8:f8:b4:2e:6d:d0:a5:aa:a1:05:61:3a:21:
                    a1:77:e9:f0:c9:18:9b:8d:53:98:49:b1:fb:ca:ba:
                    62:d2:6b:31:7d:62:c1:ba:10:ff:be:79:6b:f7:74:
                    11:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:24:C2:37:24:FA:4F:F9:C8:0B:A3:17:40:8C:7C:0B:C8:8B:8D:FD
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135362e302f32322d3232203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:5f:fe:32:29:20:6c:44:4d:98:b7:28:e4:1e:b0:4f:15:bb:
         49:39:5c:eb:de:22:df:ce:ca:d3:b4:f0:c4:ea:b0:dd:1c:a9:
         89:82:44:00:fb:52:4a:2f:27:a2:04:38:ad:48:02:85:07:11:
         bd:e0:d6:cc:72:03:75:0e:52:c0:0c:72:07:78:5b:b5:45:5f:
         5f:b1:54:de:86:b6:8c:f7:b7:68:2b:99:0b:f6:5c:fc:07:a4:
         89:2e:06:22:54:42:b5:77:f8:51:2c:b0:3e:3d:c2:4a:aa:25:
         64:0e:c6:01:49:55:fd:ac:0d:59:fe:1e:e0:0a:71:fd:9b:51:
         86:83:33:99:cc:b9:a4:41:fc:1e:00:2f:87:de:a8:95:ae:77:
         a2:b6:34:9f:0c:aa:f4:1e:f1:0a:f8:be:44:2b:85:0f:5e:b5:
         2b:9c:c1:df:61:ef:92:ef:54:27:65:19:eb:b8:cc:87:79:fa:
         72:d2:de:19:aa:67:d3:28:e5:44:80:87:3a:d6:ce:9e:a1:82:
         29:75:6f:f7:b1:fb:30:ac:d7:36:cc:87:07:91:7a:47:e1:11:
         2b:5d:ef:8e:8e:b0:06:87:67:6c:d7:36:31:bd:d6:be:76:46:
         f0:b0:45:92:b1:e1:36:a5:30:60:b1:7a:31:3d:22:12:2f:19:
         67:a5:18:56
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUcPY8hOjpQWTRPrdjT2ziLNQKRgAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMxMDBaFw0yNjAyMDMxODM2MDBaMDMxMTAvBgNV
BAMTKDA4MjRDMjM3MjRGQTRGRjlDODBCQTMxNzQwOEM3QzBCQzg4QjhERkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOLEKOPWkKOHsYK7ZBFPMJLOrC
33ti5pQ3X+Hx75dT7WQIeIt5NE9a5GXgzkb/hsLwquWazev82GnYWE/9nUVgLk04
GuixIUrVw2/g7DEjVHa4uxdcWNpLfTwtrKBEuM4Df4PPyepj0S/WQ7Rs1Afoj+vt
vyk9w7JcSVNCL3w7PhfoOtu7dXVZguD0NDrVjId30/tphbGP79BImuU/LkhFV7R5
XYiikwJjbZmrePzrMS55XTJyM3rGIvF5x2JoDS3sGIvryA++sQ7ws/i4rhxhRPMv
6Pi0Lm3QpaqhBWE6IaF36fDJGJuNU5hJsfvKumLSazF9YsG6EP++eWv3dBEnAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUCCTCNyT6T/nIC6MXQIx8C8iLjf0wHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzAzMDJlMzcyZTMxMzUzNjJlMzAy
ZjMyMzIyZDMyMzIyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALIB5wwDQYJ
KoZIhvcNAQELBQADggEBACFf/jIpIGxETZi3KOQesE8Vu0k5XOveIt/OytO08MTq
sN0cqYmCRAD7UkovJ6IEOK1IAoUHEb3g1sxyA3UOUsAMcgd4W7VFX1+xVN6Gtoz3
t2grmQv2XPwHpIkuBiJUQrV3+FEssD49wkqqJWQOxgFJVf2sDVn+HuAKcf2bUYaD
M5nMuaRB/B4AL4feqJWud6K2NJ8MqvQe8Qr4vkQrhQ9etSucwd9h75LvVCdlGeu4
zId5+nLS3hmqZ9Mo5USAhzrWzp6hgil1b/ex+zCs1zbMhweRekfhEStd746OsAaH
Z2zXNjG91r52RvCwRZKx4TalMGCxejE9IhIvGWelGFY=
-----END CERTIFICATE-----
Generated at Sun Feb 9 15:25:26 2025 by rpki-client