Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135372e302f32342d3234203d3e203532333939.roa
File:                     3230302e372e3135372e302f32342d3234203d3e203532333939.roa (raw, json)
Hash identifier:          viy2p7K0zzuBQWhHiZiCjvfk0wWBWv0BnvOfBkQZjj4=
Subject key identifier:   00:2C:01:A1:C8:9E:4C:71:B4:E9:42:DD:B4:3F:35:05:55:FA:2F:BA
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       6E22BA6C56631D2F79CC348F66D5F4C0D496E4BC
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135372e302f32342d3234203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:35:57 +0000
ROA not before:           Tue 04 Feb 2025 18:30:57 +0000
ROA not after:            Tue 03 Feb 2026 18:35:57 +0000
asID:                     52399
IP address blocks:        200.7.157.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 10 Feb 2025 14:38:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:22:ba:6c:56:63:1d:2f:79:cc:34:8f:66:d5:f4:c0:d4:96:e4:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:30:57 2025 GMT
            Not After : Feb  3 18:35:57 2026 GMT
        Subject: CN=002C01A1C89E4C71B4E942DDB43F350555FA2FBA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c1:f9:e9:6d:cf:9e:47:84:fa:e4:c2:91:33:
                    e5:f8:d0:f3:40:df:46:7d:69:0c:60:ff:d7:c2:a1:
                    4a:9a:61:25:46:bc:26:32:63:2e:ca:57:c1:d1:78:
                    02:e8:9e:66:da:c3:38:f0:2b:04:1a:38:1c:5c:f6:
                    d7:20:b5:5b:8d:2a:7b:81:73:3d:c1:be:68:51:34:
                    2a:da:3c:b2:05:a7:92:6c:5a:24:c6:81:82:03:a3:
                    01:30:83:e8:d3:3c:c9:bc:38:28:a6:c6:ca:49:37:
                    75:8c:f9:a9:63:88:b4:c8:d5:b2:fa:bd:4b:c8:58:
                    b2:13:42:c4:7b:45:b4:cf:08:3b:66:0e:20:db:ed:
                    e3:af:dc:49:b0:99:ab:f4:c7:d1:20:ab:7d:31:41:
                    29:24:22:44:be:d6:ff:3c:9c:1c:4e:8f:eb:c4:80:
                    29:d7:43:0f:50:0c:f1:52:42:1f:f9:04:b1:5a:82:
                    f6:74:c2:2a:7f:b1:3f:03:36:6c:10:ff:7d:d9:99:
                    e9:84:df:07:48:9a:77:1e:08:0a:fc:9c:d8:7b:eb:
                    4c:53:ad:4b:53:76:7a:29:22:36:6e:ae:47:f2:6e:
                    12:df:cb:cc:8b:14:5e:bf:4f:a6:54:00:10:84:ff:
                    45:41:44:01:af:94:13:1a:84:c3:6c:5f:66:ee:8e:
                    d0:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:2C:01:A1:C8:9E:4C:71:B4:E9:42:DD:B4:3F:35:05:55:FA:2F:BA
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135372e302f32342d3234203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:e6:7e:da:ac:61:cc:8a:b8:fd:97:16:ac:27:f9:a1:9a:ec:
         94:b3:ca:92:6f:2f:f6:00:f5:46:04:f6:ce:25:01:5b:c8:49:
         2a:a5:bb:71:3e:c0:26:fd:05:0e:88:c2:14:23:c4:ba:a4:1f:
         3d:9a:d9:e5:be:be:a8:58:4c:2d:f5:79:2d:c8:8a:a6:8c:d8:
         b2:fc:65:55:5c:d9:a5:fa:9f:ae:c4:04:c0:f6:e5:81:c3:e3:
         2e:df:c6:ec:59:b0:c2:f7:a6:af:ef:9b:db:dc:ef:dd:25:97:
         29:f4:59:63:f8:27:8d:cf:08:b8:70:a8:44:1b:20:b8:19:af:
         47:79:f8:00:ce:05:c8:6a:3c:b3:42:08:37:63:c9:fc:86:3c:
         e9:b5:d2:7b:42:4a:40:fd:e6:81:6a:93:e6:f7:fa:51:0e:f6:
         fa:02:74:c9:4b:61:9c:7f:67:72:00:da:c8:c3:b4:41:bd:79:
         5e:49:90:f2:17:d4:14:43:ed:b4:0c:fc:d6:d1:7f:c1:c1:f2:
         b8:5d:43:98:15:1f:58:83:7c:06:96:a5:ab:d8:11:b9:14:bf:
         70:62:02:65:ef:d9:40:93:7e:20:64:f9:c6:ac:4d:71:66:38:
         96:d8:55:48:dc:68:a7:03:b8:f1:75:b6:d7:10:fa:96:3c:f6:
         54:dc:48:44
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUbiK6bFZjHS95zDSPZtX0wNSW5LwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMwNTdaFw0yNjAyMDMxODM1NTdaMDMxMTAvBgNV
BAMTKDAwMkMwMUExQzg5RTRDNzFCNEU5NDJEREI0M0YzNTA1NTVGQTJGQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzwfnpbc+eR4T65MKRM+X40PNA
30Z9aQxg/9fCoUqaYSVGvCYyYy7KV8HReALonmbawzjwKwQaOBxc9tcgtVuNKnuB
cz3BvmhRNCraPLIFp5JsWiTGgYIDowEwg+jTPMm8OCimxspJN3WM+aljiLTI1bL6
vUvIWLITQsR7RbTPCDtmDiDb7eOv3Emwmav0x9Egq30xQSkkIkS+1v88nBxOj+vE
gCnXQw9QDPFSQh/5BLFagvZ0wip/sT8DNmwQ/33ZmemE3wdImnceCAr8nNh760xT
rUtTdnopIjZurkfybhLfy8yLFF6/T6ZUABCE/0VBRAGvlBMahMNsX2bujtDzAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUACwBocieTHG06ULdtD81BVX6L7owHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzAzMDJlMzcyZTMxMzUzNzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIB50wDQYJ
KoZIhvcNAQELBQADggEBAGvmftqsYcyKuP2XFqwn+aGa7JSzypJvL/YA9UYE9s4l
AVvISSqlu3E+wCb9BQ6IwhQjxLqkHz2a2eW+vqhYTC31eS3IiqaM2LL8ZVVc2aX6
n67EBMD25YHD4y7fxuxZsML3pq/vm9vc790llyn0WWP4J43PCLhwqEQbILgZr0d5
+ADOBchqPLNCCDdjyfyGPOm10ntCSkD95oFqk+b3+lEO9voCdMlLYZx/Z3IA2sjD
tEG9eV5JkPIX1BRD7bQM/NbRf8HB8rhdQ5gVH1iDfAaWpavYEbkUv3BiAmXv2UCT
fiBk+casTXFmOJbYVUjcaKcDuPF1ttcQ+pY89lTcSEQ=
-----END CERTIFICATE-----
Generated at Sun Feb 9 15:43:30 2025 by rpki-client