Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5C51AF65A66F5A739893F3BA77F729CFC31576A6A2D503ADFEFA2E4BC2244A0D/0/AS3790.roa
File:                     AS3790.roa (raw, json)
Hash identifier:          2Emuzqt2HfGw7jmw7q0gKCDabSZFFDfZ53w0rN3MrIE=
Subject key identifier:   CD:2F:74:21:8B:49:0A:D7:2E:7A:AD:B1:29:57:7D:69:EC:04:4E:A5
Certificate issuer:       /CN=097F785B43ED2B7D3FDFAC24B9123C5D18C208EB
Certificate serial:       4BD1F84DA0D46398E9DD4FF4CE9082EAFAEEE57E
Authority key identifier: 09:7F:78:5B:43:ED:2B:7D:3F:DF:AC:24:B9:12:3C:5D:18:C2:08:EB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/097F785B43ED2B7D3FDFAC24B9123C5D18C208EB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5C51AF65A66F5A739893F3BA77F729CFC31576A6A2D503ADFEFA2E4BC2244A0D/0/AS3790.roa
Signing time:             Thu 18 Jun 2026 17:10:01 +0000
ROA not before:           Thu 18 Jun 2026 17:05:01 +0000
ROA not after:            Thu 17 Jun 2027 17:10:01 +0000
asID:                     3790
IP address blocks:        190.10.0.0/20 maxlen: 24
                          190.10.16.0/23 maxlen: 24
                          190.10.19.0/24 maxlen: 24
                          190.10.20.0/22 maxlen: 24
                          190.10.25.0/24 maxlen: 24
                          190.10.26.0/23 maxlen: 24
                          190.10.28.0/22 maxlen: 24
                          190.10.32.0/24 maxlen: 24
                          190.10.34.0/24 maxlen: 24
                          190.10.64.0/23 maxlen: 24
                          190.10.66.0/24 maxlen: 24
                          190.10.68.0/22 maxlen: 24
                          190.10.76.0/22 maxlen: 24
                          190.10.121.0/24 maxlen: 24
                          190.10.122.0/23 maxlen: 24
                          190.171.0.0/24 maxlen: 24
                          190.171.3.0/24 maxlen: 24
                          190.171.4.0/22 maxlen: 24
                          190.171.8.0/23 maxlen: 24
                          190.171.14.0/24 maxlen: 24
                          190.171.16.0/22 maxlen: 24
                          190.171.20.0/24 maxlen: 24
                          190.171.22.0/23 maxlen: 24
                          190.171.24.0/23 maxlen: 24
                          190.171.27.0/24 maxlen: 24
                          190.171.28.0/24 maxlen: 24
                          190.171.32.0/19 maxlen: 24
                          190.241.0.0/22 maxlen: 22
                          190.241.4.0/23 maxlen: 24
                          190.241.6.0/24 maxlen: 24
                          190.241.8.0/23 maxlen: 24
                          190.241.11.0/24 maxlen: 24
                          190.241.12.0/22 maxlen: 24
                          190.241.17.0/24 maxlen: 24
                          190.241.18.0/23 maxlen: 24
                          190.241.20.0/22 maxlen: 24
                          190.241.24.0/22 maxlen: 22
                          190.241.28.0/23 maxlen: 23
                          190.241.30.0/24 maxlen: 24
                          190.241.32.0/19 maxlen: 24
                          190.241.64.0/21 maxlen: 21
                          190.241.68.0/23 maxlen: 24
                          190.241.70.0/23 maxlen: 24
                          190.241.72.0/24 maxlen: 24
                          190.241.77.0/24 maxlen: 24
                          190.241.78.0/23 maxlen: 24
                          190.241.80.0/20 maxlen: 24
                          190.241.96.0/20 maxlen: 20
                          190.241.112.0/22 maxlen: 24
                          190.241.116.0/24 maxlen: 24
                          190.241.119.0/24 maxlen: 27
                          190.241.121.0/24 maxlen: 24
                          190.241.122.0/23 maxlen: 24
                          190.241.126.0/23 maxlen: 24
                          190.241.128.0/24 maxlen: 24
                          190.241.132.0/24 maxlen: 24
                          190.241.135.0/24 maxlen: 24
                          190.241.142.0/23 maxlen: 23
                          190.241.144.0/20 maxlen: 20
                          190.241.160.0/19 maxlen: 24
                          190.241.192.0/22 maxlen: 24
                          190.241.196.0/23 maxlen: 24
                          190.241.199.0/24 maxlen: 24
                          190.241.200.0/24 maxlen: 24
                          190.241.202.0/23 maxlen: 24
                          190.241.204.0/23 maxlen: 24
                          190.241.206.0/24 maxlen: 24
                          190.241.208.0/20 maxlen: 20
                          190.241.224.0/19 maxlen: 20
                          196.40.0.0/19 maxlen: 24
                          196.40.34.0/23 maxlen: 24
                          196.40.36.0/22 maxlen: 24
                          196.40.40.0/21 maxlen: 24
                          196.40.49.0/24 maxlen: 24
                          196.40.50.0/23 maxlen: 23
                          196.40.52.0/22 maxlen: 24
                          196.40.52.0/24 maxlen: 24
                          196.40.56.0/21 maxlen: 24
                          196.40.64.0/21 maxlen: 24
                          196.40.72.0/24 maxlen: 24
                          196.40.74.0/23 maxlen: 23
                          196.40.76.0/22 maxlen: 22
                          196.40.80.0/20 maxlen: 24
                          200.122.128.0/18 maxlen: 24
                          2001:13d8::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5C51AF65A66F5A739893F3BA77F729CFC31576A6A2D503ADFEFA2E4BC2244A0D/0/097F785B43ED2B7D3FDFAC24B9123C5D18C208EB.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5C51AF65A66F5A739893F3BA77F729CFC31576A6A2D503ADFEFA2E4BC2244A0D/0/097F785B43ED2B7D3FDFAC24B9123C5D18C208EB.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/097F785B43ED2B7D3FDFAC24B9123C5D18C208EB.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 06 Jul 2026 21:06:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:d1:f8:4d:a0:d4:63:98:e9:dd:4f:f4:ce:90:82:ea:fa:ee:e5:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=097F785B43ED2B7D3FDFAC24B9123C5D18C208EB
        Validity
            Not Before: Jun 18 17:05:01 2026 GMT
            Not After : Jun 17 17:10:01 2027 GMT
        Subject: CN=CD2F74218B490AD72E7AADB129577D69EC044EA5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:77:b7:1e:18:ab:5a:10:69:42:0f:13:1a:d5:
                    bf:c2:43:1f:2c:92:8d:ad:2e:e9:13:bf:a5:bb:87:
                    9f:ed:29:04:8e:2f:90:8c:73:53:dd:1f:64:90:28:
                    96:be:fe:0a:af:59:26:db:68:dd:a2:da:a4:a1:be:
                    9b:25:25:f8:f6:6e:de:69:f3:62:51:35:ff:15:4d:
                    b4:c1:f7:3d:42:a5:7f:8f:15:76:c1:64:55:8f:4e:
                    69:e3:ce:43:a8:62:d0:b1:41:ee:a4:54:cd:0d:51:
                    cb:c5:2a:75:4e:16:e3:77:b9:1f:bb:2c:1a:6f:79:
                    59:cd:f0:b5:55:20:fd:06:98:41:65:ef:a2:b1:91:
                    9d:54:2c:6a:d9:9d:8b:2b:7a:89:79:85:1e:cb:5a:
                    99:0c:0a:3e:53:8a:5d:44:f7:6d:22:28:2c:e4:e7:
                    e8:28:80:2d:6f:fa:92:be:19:99:18:8c:bc:53:1c:
                    ed:d8:2b:04:91:dd:b8:2d:25:5f:8b:bb:a4:2a:e5:
                    38:8d:4c:4e:3d:99:52:66:de:85:ea:bd:55:4b:08:
                    e0:fb:dc:ed:a5:6d:0a:d3:c7:d6:da:0c:21:3d:9d:
                    8b:ec:dc:c6:ec:cd:bc:b9:e6:c1:83:f6:ea:4b:23:
                    17:56:7e:7b:ab:03:5a:97:68:ff:02:f6:b9:e9:a0:
                    ba:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:2F:74:21:8B:49:0A:D7:2E:7A:AD:B1:29:57:7D:69:EC:04:4E:A5
            X509v3 Authority Key Identifier:
                keyid:09:7F:78:5B:43:ED:2B:7D:3F:DF:AC:24:B9:12:3C:5D:18:C2:08:EB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5C51AF65A66F5A739893F3BA77F729CFC31576A6A2D503ADFEFA2E4BC2244A0D/0/097F785B43ED2B7D3FDFAC24B9123C5D18C208EB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/097F785B43ED2B7D3FDFAC24B9123C5D18C208EB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5C51AF65A66F5A739893F3BA77F729CFC31576A6A2D503ADFEFA2E4BC2244A0D/0/AS3790.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.10.0.0-190.10.17.255
                  190.10.19.0-190.10.23.255
                  190.10.25.0-190.10.32.255
                  190.10.34.0/24
                  190.10.64.0-190.10.66.255
                  190.10.68.0/22
                  190.10.76.0/22
                  190.10.121.0-190.10.123.255
                  190.171.0.0/24
                  190.171.3.0-190.171.9.255
                  190.171.14.0/24
                  190.171.16.0-190.171.20.255
                  190.171.22.0-190.171.25.255
                  190.171.27.0-190.171.28.255
                  190.171.32.0/19
                  190.241.0.0-190.241.6.255
                  190.241.8.0/23
                  190.241.11.0-190.241.15.255
                  190.241.17.0-190.241.30.255
                  190.241.32.0-190.241.72.255
                  190.241.77.0-190.241.116.255
                  190.241.119.0/24
                  190.241.121.0-190.241.123.255
                  190.241.126.0-190.241.128.255
                  190.241.132.0/24
                  190.241.135.0/24
                  190.241.142.0-190.241.197.255
                  190.241.199.0-190.241.200.255
                  190.241.202.0-190.241.206.255
                  190.241.208.0-190.241.255.255
                  196.40.0.0/19
                  196.40.34.0-196.40.47.255
                  196.40.49.0-196.40.72.255
                  196.40.74.0-196.40.95.255
                  200.122.128.0/18
                IPv6:
                  2001:13d8::/32

    Signature Algorithm: sha256WithRSAEncryption
         89:ff:32:48:bd:71:3d:21:13:ec:13:cd:3d:bb:0e:a7:e0:22:
         f1:c5:95:e1:18:de:7f:d1:b3:11:16:e4:6b:68:fd:5e:ae:0c:
         4d:d6:69:03:ce:4d:2b:12:a0:d7:33:5f:fe:8e:3c:1a:d5:72:
         ef:f5:68:a1:45:2d:6c:71:ea:20:e6:cd:54:11:17:41:41:ff:
         41:ad:96:32:d4:e1:62:3d:df:53:f6:a4:5d:10:ac:d9:2d:75:
         b7:3e:b2:b0:bf:bf:ff:f2:c9:1a:9e:37:33:f7:c9:a2:5e:d8:
         59:0d:c2:cf:5c:79:e3:df:4e:07:51:48:8c:be:40:e4:f7:27:
         79:a8:67:cf:ae:15:fd:5a:68:85:47:8b:b2:e8:3f:c1:99:a3:
         71:ec:c3:ed:31:ba:18:22:e2:0b:c7:9c:15:28:4b:37:1a:ab:
         ac:ea:3a:7b:82:f1:3f:7f:41:73:c7:be:35:85:c7:bb:a5:87:
         02:05:ab:52:95:7a:a9:31:7a:b0:99:b0:77:1f:26:35:b1:95:
         a2:60:49:e3:96:4a:c3:05:c2:5e:91:df:02:24:cf:86:6e:f6:
         0f:0e:da:e0:aa:71:ee:d6:a5:e8:09:79:63:a5:d3:6f:fd:da:
         f1:77:c7:91:c2:d1:0e:c5:7c:6c:2f:20:8f:1c:9c:91:de:c5:
         86:79:5b:07
-----BEGIN CERTIFICATE-----
MIIHJzCCBg+gAwIBAgIUS9H4TaDUY5jp3U/0zpCC6vru5X4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3Rjc4NUI0M0VEMkI3RDNGREZBQzI0QjkxMjNDNUQx
OEMyMDhFQjAeFw0yNjA2MTgxNzA1MDFaFw0yNzA2MTcxNzEwMDFaMDMxMTAvBgNV
BAMTKENEMkY3NDIxOEI0OTBBRDcyRTdBQURCMTI5NTc3RDY5RUMwNDRFQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0d7ceGKtaEGlCDxMa1b/CQx8s
ko2tLukTv6W7h5/tKQSOL5CMc1PdH2SQKJa+/gqvWSbbaN2i2qShvpslJfj2bt5p
82JRNf8VTbTB9z1CpX+PFXbBZFWPTmnjzkOoYtCxQe6kVM0NUcvFKnVOFuN3uR+7
LBpveVnN8LVVIP0GmEFl76KxkZ1ULGrZnYsreol5hR7LWpkMCj5Til1E920iKCzk
5+gogC1v+pK+GZkYjLxTHO3YKwSR3bgtJV+Lu6Qq5TiNTE49mVJm3oXqvVVLCOD7
3O2lbQrTx9baDCE9nYvs3Mbszby55sGD9upLIxdWfnurA1qXaP8C9rnpoLo5AgMB
AAGjggQxMIIELTAdBgNVHQ4EFgQUzS90IYtJCtcueq2xKVd9aewETqUwHwYDVR0j
BBgwFoAUCX94W0PtK30/36wkuRI8XRjCCOswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81QzUxQUY2NUE2NkY1QTczOTg5M0YzQkE3N0Y3MjlDRkMz
MTU3NkE2QTJENTAzQURGRUZBMkU0QkMyMjQ0QTBELzAvMDk3Rjc4NUI0M0VEMkI3
RDNGREZBQzI0QjkxMjNDNUQxOEMyMDhFQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wOTdGNzg1QjQzRUQyQjdEM0ZE
RkFDMjRCOTEyM0M1RDE4QzIwOEVCLmNlcjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMG
CCsGAQUFBzALhndyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy81QzUxQUY2NUE2NkY1QTczOTg5M0YzQkE3N0Y3MjlDRkMzMTU3NkE2QTJE
NTAzQURGRUZBMkU0QkMyMjQ0QTBELzAvQVMzNzkwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBtwYIKwYBBQUHAQcBAf8EggGmMIIBojCCAY8EAgABMIIB
hzALAwMBvgoDBAG+ChAwDAMEAL4KEwMEA74KEDAMAwQAvgoZAwQAvgogAwQAvgoi
MAwDBAa+CkADBAC+CkIDBAK+CkQDBAK+CkwwDAMEAL4KeQMEAr4KeAMEAL6rADAM
AwQAvqsDAwQBvqsIAwQAvqsOMAwDBAS+qxADBAC+qxQwDAMEAb6rFgMEAb6rGDAM
AwQAvqsbAwQAvqscAwQFvqsgMAsDAwC+8QMEAL7xBgMEAb7xCDAMAwQAvvELAwQE
vvEAMAwDBAC+8REDBAC+8R4wDAMEBb7xIAMEAL7xSDAMAwQAvvFNAwQAvvF0AwQA
vvF3MAwDBAC+8XkDBAK+8XgwDAMEAb7xfgMEAL7xgAMEAL7xhAMEAL7xhzAMAwQB
vvGOAwQBvvHEMAwDBAC+8ccDBAC+8cgwDAMEAb7xygMEAL7xzjALAwQEvvHQAwMB
vvADBAXEKAAwDAMEAcQoIgMEBMQoIDAMAwQAxCgxAwQAxChIMAwDBAHEKEoDBAXE
KEADBAbIeoAwDQQCAAIwBwMFACABE9gwDQYJKoZIhvcNAQELBQADggEBAIn/Mki9
cT0hE+wTzT27DqfgIvHFleEY3n/RsxEW5Gto/V6uDE3WaQPOTSsSoNczX/6OPBrV
cu/1aKFFLWxx6iDmzVQRF0FB/0GtljLU4WI931P2pF0QrNktdbc+srC/v//yyRqe
NzP3yaJe2FkNws9ceePfTgdRSIy+QOT3J3moZ8+uFf1aaIVHi7LoP8GZo3Hsw+0x
uhgi4gvHnBUoSzcaq6zqOnuC8T9/QXPHvjWFx7ulhwIFq1KVeqkxerCZsHcfJjWx
laJgSeOWSsMFwl6R3wIkz4Zu9g8O2uCqce7WpegJeWOl02/92vF3x5HC0Q7FfGwv
II8cnJHexYZ5Wwc=
-----END CERTIFICATE-----
Generated at Fri Jul 3 04:21:50 2026 by rpki-client