Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135382e302f32342d3234203d3e203532333939.roa
File:                     3230302e372e3135382e302f32342d3234203d3e203532333939.roa (raw, json)
Hash identifier:          7xmx4h/ZlDYKo7lSuFKhrOIlE9OS/VDIdWZ+NBlQeBM=
Subject key identifier:   71:C7:1F:44:A6:96:66:CB:10:46:C8:26:FE:FE:0C:87:DA:2A:DF:2B
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       574C1B1BFC62942BAF7A511B57702B43F9495451
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135382e302f32342d3234203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:35:57 +0000
ROA not before:           Tue 04 Feb 2025 18:30:57 +0000
ROA not after:            Tue 03 Feb 2026 18:35:57 +0000
asID:                     52399
IP address blocks:        200.7.158.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 12 Feb 2025 16:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:4c:1b:1b:fc:62:94:2b:af:7a:51:1b:57:70:2b:43:f9:49:54:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:30:57 2025 GMT
            Not After : Feb  3 18:35:57 2026 GMT
        Subject: CN=71C71F44A69666CB1046C826FEFE0C87DA2ADF2B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:0a:ef:b8:ba:9d:34:51:33:ec:9f:65:c3:9d:
                    36:0b:12:14:41:31:f5:e3:bd:46:0f:55:a9:4b:f8:
                    70:33:57:45:af:87:8d:91:1f:89:bf:30:d9:bb:75:
                    c5:70:0e:5f:72:21:b5:dd:5f:70:a3:dc:06:59:40:
                    e5:a7:ba:f6:85:98:47:f4:f2:41:74:2a:31:3a:b8:
                    cf:64:d2:85:58:4c:1b:75:b8:1e:d6:62:70:49:ec:
                    75:92:db:aa:e2:ee:3b:b3:69:ec:4e:4e:df:7a:06:
                    85:9b:a7:31:a9:6b:0b:6c:4f:7e:47:1a:c4:c7:17:
                    7e:de:a4:e6:c1:15:14:a2:fa:bb:1e:22:7f:a1:66:
                    4b:b6:f6:eb:8f:6f:32:00:17:9e:29:5f:e5:13:1e:
                    c1:d2:17:67:23:89:de:0a:88:b9:c1:22:58:59:4c:
                    53:42:4e:80:a7:a5:f8:42:07:26:05:87:ec:45:bd:
                    2d:96:9a:a4:ca:af:2f:de:22:21:77:d6:c9:12:42:
                    61:fe:7a:9e:55:d0:bc:ef:73:b0:44:94:74:37:06:
                    29:30:ad:5b:91:2e:47:a1:dc:bf:09:69:01:90:51:
                    75:a3:2a:aa:ae:00:70:b2:e5:08:ea:7f:42:71:3d:
                    13:2d:22:87:d5:95:6e:0b:ae:aa:ae:15:9b:d0:ea:
                    b8:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:C7:1F:44:A6:96:66:CB:10:46:C8:26:FE:FE:0C:87:DA:2A:DF:2B
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135382e302f32342d3234203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:b1:fa:2b:73:ee:8e:0a:5d:a0:94:8e:93:20:0e:91:96:73:
         fc:44:d1:d2:88:8c:a5:7f:4e:dc:b9:c0:89:99:fa:60:37:a5:
         bc:45:a1:45:35:13:5a:85:89:34:ea:b7:f9:5e:53:36:32:43:
         6b:76:50:be:c8:ac:f4:b8:99:97:d9:2b:83:a3:8a:ff:60:58:
         b6:b0:97:34:b3:03:37:e7:87:4e:8f:7c:e5:3d:38:07:10:77:
         e0:29:3d:23:a5:c0:c4:75:84:7d:bb:ba:06:bd:50:1b:c5:37:
         f5:92:d2:e0:2f:56:33:fa:90:ce:45:12:8d:b4:18:65:c9:5d:
         3b:2d:ba:3e:1d:4e:70:70:be:7c:fd:3f:22:b3:8c:53:e6:ed:
         87:37:29:fe:ca:86:70:bb:36:50:bf:da:96:90:29:a7:f2:12:
         c3:1e:1b:85:6d:1b:e3:2b:43:bd:4f:38:ea:1f:89:66:de:ba:
         29:43:26:60:e5:e7:42:8f:04:1c:6e:d7:8b:33:0a:b5:6e:78:
         79:b1:c9:67:e6:9d:92:2c:f7:0b:a2:06:37:75:61:d5:8d:79:
         4e:23:0d:90:7d:ea:47:b8:c6:81:b1:4d:05:e1:f5:94:05:f3:
         3a:e7:84:04:b3:81:17:5e:03:f5:de:a8:8f:64:61:03:f1:1b:
         39:53:ae:42
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUV0wbG/xilCuvelEbV3ArQ/lJVFEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMwNTdaFw0yNjAyMDMxODM1NTdaMDMxMTAvBgNV
BAMTKDcxQzcxRjQ0QTY5NjY2Q0IxMDQ2QzgyNkZFRkUwQzg3REEyQURGMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZCu+4up00UTPsn2XDnTYLEhRB
MfXjvUYPValL+HAzV0Wvh42RH4m/MNm7dcVwDl9yIbXdX3Cj3AZZQOWnuvaFmEf0
8kF0KjE6uM9k0oVYTBt1uB7WYnBJ7HWS26ri7juzaexOTt96BoWbpzGpawtsT35H
GsTHF37epObBFRSi+rseIn+hZku29uuPbzIAF54pX+UTHsHSF2cjid4KiLnBIlhZ
TFNCToCnpfhCByYFh+xFvS2WmqTKry/eIiF31skSQmH+ep5V0Lzvc7BElHQ3Bikw
rVuRLkeh3L8JaQGQUXWjKqquAHCy5Qjqf0JxPRMtIofVlW4LrqquFZvQ6rhrAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUcccfRKaWZssQRsgm/v4Mh9oq3yswHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzAzMDJlMzcyZTMxMzUzODJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIB54wDQYJ
KoZIhvcNAQELBQADggEBABOx+itz7o4KXaCUjpMgDpGWc/xE0dKIjKV/Tty5wImZ
+mA3pbxFoUU1E1qFiTTqt/leUzYyQ2t2UL7IrPS4mZfZK4Ojiv9gWLawlzSzAzfn
h06PfOU9OAcQd+ApPSOlwMR1hH27uga9UBvFN/WS0uAvVjP6kM5FEo20GGXJXTst
uj4dTnBwvnz9PyKzjFPm7Yc3Kf7KhnC7NlC/2paQKafyEsMeG4VtG+MrQ71POOof
iWbeuilDJmDl50KPBBxu14szCrVueHmxyWfmnZIs9wuiBjd1YdWNeU4jDZB96ke4
xoGxTQXh9ZQF8zrnhASzgRdeA/XeqI9kYQPxGzlTrkI=
-----END CERTIFICATE-----
Generated at Sun Feb 9 14:02:15 2025 by rpki-client