Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135382e302f32332d3233203d3e203532333939.roa
File:                     3230302e372e3135382e302f32332d3233203d3e203532333939.roa (raw, json)
Hash identifier:          W/gfwsv+vW7p2pP/biCil1Hn0xnNZ7cWVTp+Qe5ZoFI=
Subject key identifier:   30:12:2B:35:38:D2:85:C2:CF:29:30:A5:2D:A9:60:4A:D0:5E:07:50
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       4566C720B1DAC6CDCC416D0BBC5DA0644F655C7F
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135382e302f32332d3233203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:36:01 +0000
ROA not before:           Tue 04 Feb 2025 18:31:01 +0000
ROA not after:            Tue 03 Feb 2026 18:36:01 +0000
asID:                     52399
IP address blocks:        200.7.158.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 12 Feb 2025 16:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:66:c7:20:b1:da:c6:cd:cc:41:6d:0b:bc:5d:a0:64:4f:65:5c:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:31:01 2025 GMT
            Not After : Feb  3 18:36:01 2026 GMT
        Subject: CN=30122B3538D285C2CF2930A52DA9604AD05E0750
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:41:c7:d3:ea:05:e9:c6:7c:dd:4e:61:47:11:
                    76:fb:f7:c9:6f:30:5b:48:4a:dc:bc:58:ea:b6:a7:
                    dd:83:1e:5e:70:5d:43:02:ba:f1:3d:a3:3d:0f:0c:
                    05:62:ed:e8:ab:b6:b1:e7:fa:4b:6b:f5:e8:40:81:
                    57:66:26:b9:40:90:b3:02:60:d4:90:0b:13:29:92:
                    87:d8:5c:31:66:c1:0e:20:6b:05:3a:f2:da:45:71:
                    ca:cd:9d:f5:6e:d8:7d:de:af:e0:13:e9:26:cb:8b:
                    88:8a:88:f8:1a:23:58:7a:dd:83:aa:04:92:cc:0a:
                    02:dd:c6:17:c7:6d:0e:5f:91:cc:23:12:a5:c1:94:
                    59:56:d6:2a:39:cd:5d:f2:0f:06:0d:77:1b:c5:8f:
                    90:2b:50:65:c6:7d:3e:05:ed:3b:6e:56:6a:fd:82:
                    00:64:90:ae:5c:cf:b0:d8:31:02:87:ec:26:84:3f:
                    68:e8:2c:bb:b7:d3:84:04:f7:c6:df:29:da:3a:0e:
                    25:1a:9a:f1:ea:3d:af:ee:83:93:5b:03:33:fa:43:
                    81:37:f1:b3:7b:d4:90:fa:c7:f6:5a:c5:8f:64:8e:
                    e5:74:77:3b:4e:f8:63:ae:a1:86:d8:b9:ee:bf:72:
                    9b:cd:c2:24:e1:49:6b:95:3f:fb:fb:8d:dc:40:e9:
                    f6:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:12:2B:35:38:D2:85:C2:CF:29:30:A5:2D:A9:60:4A:D0:5E:07:50
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135382e302f32332d3233203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         92:61:10:f9:44:24:83:ad:cf:ac:0d:e2:d8:61:54:85:1c:0c:
         a4:96:49:c2:37:6c:9f:10:98:4e:35:65:84:5d:e7:77:f6:cc:
         91:c9:ad:6a:40:87:6c:45:08:86:ee:1b:de:ba:4b:f2:43:46:
         34:1b:13:84:19:be:59:5f:fb:e9:89:52:24:70:bf:f1:f9:54:
         6e:dd:7b:ee:de:81:84:83:04:b0:2b:df:ec:ff:b8:19:fd:4d:
         90:de:e4:4d:a8:f2:76:d3:4b:e5:14:7c:df:82:72:d3:90:48:
         91:70:5c:16:14:59:23:48:65:0d:bb:0c:30:65:fc:47:2c:84:
         9e:38:4a:9b:bb:6b:d9:51:dd:2d:9f:69:dd:b5:ea:42:1a:6d:
         bd:79:bb:d8:61:aa:df:36:a6:44:1b:06:b8:dc:aa:14:c6:ec:
         5d:02:f5:4d:1b:90:64:a4:ed:42:ca:e0:2e:00:e2:ef:36:4e:
         38:d3:cf:30:b1:e7:93:14:8e:79:08:57:6c:e2:88:91:3b:68:
         f9:10:28:50:d5:09:4d:ab:07:cd:8f:39:3c:1d:68:af:fd:39:
         da:8d:6b:25:13:7c:4a:89:14:05:56:da:75:11:3f:1a:6a:05:
         b7:66:ba:40:b4:30:ca:2c:cc:e5:8b:67:9c:cc:a8:8d:98:ec:
         66:9a:1b:a6
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIURWbHILHaxs3MQW0LvF2gZE9lXH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMxMDFaFw0yNjAyMDMxODM2MDFaMDMxMTAvBgNV
BAMTKDMwMTIyQjM1MzhEMjg1QzJDRjI5MzBBNTJEQTk2MDRBRDA1RTA3NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiQcfT6gXpxnzdTmFHEXb798lv
MFtISty8WOq2p92DHl5wXUMCuvE9oz0PDAVi7eirtrHn+ktr9ehAgVdmJrlAkLMC
YNSQCxMpkofYXDFmwQ4gawU68tpFccrNnfVu2H3er+AT6SbLi4iKiPgaI1h63YOq
BJLMCgLdxhfHbQ5fkcwjEqXBlFlW1io5zV3yDwYNdxvFj5ArUGXGfT4F7TtuVmr9
ggBkkK5cz7DYMQKH7CaEP2joLLu304QE98bfKdo6DiUamvHqPa/ug5NbAzP6Q4E3
8bN71JD6x/ZaxY9kjuV0dztO+GOuoYbYue6/cpvNwiThSWuVP/v7jdxA6fYxAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUMBIrNTjShcLPKTClLalgStBeB1AwHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzAzMDJlMzcyZTMxMzUzODJlMzAy
ZjMyMzMyZDMyMzMyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHIB54wDQYJ
KoZIhvcNAQELBQADggEBAJJhEPlEJIOtz6wN4thhVIUcDKSWScI3bJ8QmE41ZYRd
53f2zJHJrWpAh2xFCIbuG966S/JDRjQbE4QZvllf++mJUiRwv/H5VG7de+7egYSD
BLAr3+z/uBn9TZDe5E2o8nbTS+UUfN+CctOQSJFwXBYUWSNIZQ27DDBl/EcshJ44
Spu7a9lR3S2fad216kIabb15u9hhqt82pkQbBrjcqhTG7F0C9U0bkGSk7ULK4C4A
4u82TjjTzzCx55MUjnkIV2ziiJE7aPkQKFDVCU2rB82POTwdaK/9OdqNayUTfEqJ
FAVW2nURPxpqBbdmukC0MMoszOWLZ5zMqI2Y7GaaG6Y=
-----END CERTIFICATE-----
Generated at Sun Feb 9 14:03:15 2025 by rpki-client