Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/46AA70DCBED89305C56286B2D479399AC5133D09597ACEEF8837E4E6ED78BDB5/0/3230302e31322e32382e302f32322d3234203d3e20323634373830.roa
File:                     3230302e31322e32382e302f32322d3234203d3e20323634373830.roa (raw, json)
Hash identifier:          WBNy1eLt9YuzJ+wkr/k6i4TZ5cYTE/637OEwKZWgYTc=
Subject key identifier:   93:4E:7A:91:E1:95:FD:93:62:5A:9C:AE:EC:E9:73:2B:1D:DE:43:33
Certificate issuer:       /CN=20B9C47C5E606454FC314AD7D8CD786FB8049FF1
Certificate serial:       418642C7C6CF37C3614F7D514C3F59775ACE054F
Authority key identifier: 20:B9:C4:7C:5E:60:64:54:FC:31:4A:D7:D8:CD:78:6F:B8:04:9F:F1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/20B9C47C5E606454FC314AD7D8CD786FB8049FF1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/46AA70DCBED89305C56286B2D479399AC5133D09597ACEEF8837E4E6ED78BDB5/0/3230302e31322e32382e302f32322d3234203d3e20323634373830.roa
Signing time:             Tue 04 Feb 2025 18:26:09 +0000
ROA not before:           Tue 04 Feb 2025 18:21:09 +0000
ROA not after:            Tue 03 Feb 2026 18:26:09 +0000
asID:                     264780
IP address blocks:        200.12.28.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/46AA70DCBED89305C56286B2D479399AC5133D09597ACEEF8837E4E6ED78BDB5/0/20B9C47C5E606454FC314AD7D8CD786FB8049FF1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/46AA70DCBED89305C56286B2D479399AC5133D09597ACEEF8837E4E6ED78BDB5/0/20B9C47C5E606454FC314AD7D8CD786FB8049FF1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/20B9C47C5E606454FC314AD7D8CD786FB8049FF1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Feb 2025 18:28:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:86:42:c7:c6:cf:37:c3:61:4f:7d:51:4c:3f:59:77:5a:ce:05:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20B9C47C5E606454FC314AD7D8CD786FB8049FF1
        Validity
            Not Before: Feb  4 18:21:09 2025 GMT
            Not After : Feb  3 18:26:09 2026 GMT
        Subject: CN=934E7A91E195FD93625A9CAEECE9732B1DDE4333
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:5d:12:05:13:7a:ac:02:f3:9b:22:70:db:dd:
                    0b:75:48:35:e8:07:d9:30:c6:aa:aa:ef:52:8f:5c:
                    96:fa:a2:2b:a1:64:88:cd:9f:e5:cf:4c:9f:12:bc:
                    6a:c1:86:8c:a3:89:8f:9c:99:c7:97:62:ba:04:7e:
                    73:b4:a3:7f:91:6f:fb:5b:02:6c:c4:50:bb:28:60:
                    1a:09:a9:77:9a:a2:3f:6f:41:c4:69:3d:a2:c2:88:
                    38:de:ac:a0:a3:fb:c7:b6:90:e4:3e:cc:ac:ec:bb:
                    63:70:31:e7:44:2e:23:fb:83:a0:a7:de:a0:ca:b7:
                    f5:17:0f:91:fe:4b:ab:80:80:50:ff:a0:29:53:74:
                    d8:1e:ea:4a:e7:8a:34:49:1a:e3:e4:da:4b:b8:f1:
                    bb:c1:01:b4:5e:3e:3e:7c:38:0f:8e:f6:44:94:1b:
                    9d:a2:7f:c9:ec:b0:8d:b1:a3:ca:df:93:15:c1:cc:
                    86:70:e9:3a:45:e4:b1:6f:10:d7:65:ee:e8:7a:a1:
                    d3:e1:cb:38:23:18:43:67:6b:ae:e3:c7:c3:d7:79:
                    bc:58:32:58:2a:7f:2a:c5:fc:64:8d:99:72:e0:af:
                    1d:b9:b5:81:2d:b2:21:62:4d:b4:29:da:0c:e5:6c:
                    75:bb:5a:7a:2d:ba:c0:21:b5:1a:bd:33:73:73:59:
                    e4:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:4E:7A:91:E1:95:FD:93:62:5A:9C:AE:EC:E9:73:2B:1D:DE:43:33
            X509v3 Authority Key Identifier:
                keyid:20:B9:C4:7C:5E:60:64:54:FC:31:4A:D7:D8:CD:78:6F:B8:04:9F:F1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/46AA70DCBED89305C56286B2D479399AC5133D09597ACEEF8837E4E6ED78BDB5/0/20B9C47C5E606454FC314AD7D8CD786FB8049FF1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/20B9C47C5E606454FC314AD7D8CD786FB8049FF1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/46AA70DCBED89305C56286B2D479399AC5133D09597ACEEF8837E4E6ED78BDB5/0/3230302e31322e32382e302f32322d3234203d3e20323634373830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.12.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         94:6f:0c:10:aa:93:cc:8d:dd:3c:95:b3:4d:8d:1c:47:50:db:
         98:4f:28:18:4a:d9:8f:ad:b6:fb:c5:cc:2c:b2:27:16:5c:7f:
         4b:4a:c5:f4:56:9f:17:72:28:4d:6e:17:7c:98:08:df:12:b1:
         08:14:ff:fe:6f:ff:fd:d6:5e:31:0d:46:ed:d3:fe:7b:cd:ad:
         45:94:f3:31:a4:59:62:55:5b:1d:34:c7:a2:d5:96:bf:26:c8:
         7b:3f:06:2c:e3:20:a9:98:46:5e:36:cb:d5:60:b7:71:a9:ed:
         6c:4b:45:86:7d:92:38:06:b2:6b:f0:97:f8:2a:b0:c3:e5:1e:
         90:44:36:6e:2d:7e:f7:f8:39:f0:d5:25:23:a9:28:3e:f4:3a:
         bc:2e:6a:4a:99:d6:bf:5b:fb:45:5e:0d:3f:d8:19:18:da:2e:
         30:13:f0:52:a2:38:1d:b7:49:31:03:c5:d6:48:83:ee:ca:96:
         c8:47:dc:4d:d1:b6:29:21:31:80:17:dd:6f:49:bc:f4:18:96:
         99:95:17:7d:06:c3:ed:2f:00:92:98:39:ea:f5:f8:da:7c:0d:
         20:18:f9:85:99:fd:d5:1f:d4:14:3f:ee:5d:68:5a:41:01:72:
         b7:1a:a1:05:9b:c3:d4:07:60:14:68:a9:9d:b4:bc:f1:97:8e:
         f6:d9:28:f7
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUQYZCx8bPN8NhT31RTD9Zd1rOBU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjBCOUM0N0M1RTYwNjQ1NEZDMzE0QUQ3RDhDRDc4NkZC
ODA0OUZGMTAeFw0yNTAyMDQxODIxMDlaFw0yNjAyMDMxODI2MDlaMDMxMTAvBgNV
BAMTKDkzNEU3QTkxRTE5NUZEOTM2MjVBOUNBRUVDRTk3MzJCMURERTQzMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbXRIFE3qsAvObInDb3Qt1SDXo
B9kwxqqq71KPXJb6oiuhZIjNn+XPTJ8SvGrBhoyjiY+cmceXYroEfnO0o3+Rb/tb
AmzEULsoYBoJqXeaoj9vQcRpPaLCiDjerKCj+8e2kOQ+zKzsu2NwMedELiP7g6Cn
3qDKt/UXD5H+S6uAgFD/oClTdNge6krnijRJGuPk2ku48bvBAbRePj58OA+O9kSU
G52if8nssI2xo8rfkxXBzIZw6TpF5LFvENdl7uh6odPhyzgjGENna67jx8PXebxY
MlgqfyrF/GSNmXLgrx25tYEtsiFiTbQp2gzlbHW7WnotusAhtRq9M3NzWeRlAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUk056keGV/ZNiWpyu7OlzKx3eQzMwHwYDVR0j
BBgwFoAUILnEfF5gZFT8MUrX2M14b7gEn/EwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NkFBNzBEQ0JFRDg5MzA1QzU2Mjg2QjJENDc5Mzk5QUM1
MTMzRDA5NTk3QUNFRUY4ODM3RTRFNkVENzhCREI1LzAvMjBCOUM0N0M1RTYwNjQ1
NEZDMzE0QUQ3RDhDRDc4NkZCODA0OUZGMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMEI5QzQ3QzVFNjA2NDU0RkMz
MTRBRDdEOENENzg2RkI4MDQ5RkYxLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDZBQTcwRENCRUQ4OTMwNUM1NjI4NkIyRDQ3OTM5OUFDNTEzM0QwOTU5
N0FDRUVGODgzN0U0RTZFRDc4QkRCNS8wLzMyMzAzMDJlMzEzMjJlMzIzODJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNDM3MzgzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsgMHDAN
BgkqhkiG9w0BAQsFAAOCAQEAlG8MEKqTzI3dPJWzTY0cR1DbmE8oGErZj622+8XM
LLInFlx/S0rF9FafF3IoTW4XfJgI3xKxCBT//m///dZeMQ1G7dP+e82tRZTzMaRZ
YlVbHTTHotWWvybIez8GLOMgqZhGXjbL1WC3cantbEtFhn2SOAaya/CX+Cqww+Ue
kEQ2bi1+9/g58NUlI6koPvQ6vC5qSpnWv1v7RV4NP9gZGNouMBPwUqI4HbdJMQPF
1kiD7sqWyEfcTdG2KSExgBfdb0m89BiWmZUXfQbD7S8Akpg56vX42nwNIBj5hZn9
1R/UFD/uXWhaQQFytxqhBZvD1AdgFGipnbS88ZeO9tko9w==
-----END CERTIFICATE-----
Generated at Thu Feb 13 19:32:02 2025 by rpki-client