Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6DE91B35DA9AC709C34C2BD1A13A688E9A169AE888B92B4E4BBB86F25B77C458/0/3137302e3234372e3132302e302f32322d3234203d3e203532333939.roa
File:                     3137302e3234372e3132302e302f32322d3234203d3e203532333939.roa (raw, json)
Hash identifier:          ESuVmP9G2JlgH4sqS7ZPPSBK9/TB1tnIUmw7oQ8oM2A=
Subject key identifier:   CE:A2:3A:C7:13:E0:BD:F1:E3:07:21:38:B0:6D:70:68:D2:BE:E8:E8
Certificate issuer:       /CN=F78F9E6F642B6485F25A9B2331897573DEED26F6
Certificate serial:       5352A8CF632BC817DEF7B31B767A1FF786654A4E
Authority key identifier: F7:8F:9E:6F:64:2B:64:85:F2:5A:9B:23:31:89:75:73:DE:ED:26:F6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F78F9E6F642B6485F25A9B2331897573DEED26F6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6DE91B35DA9AC709C34C2BD1A13A688E9A169AE888B92B4E4BBB86F25B77C458/0/3137302e3234372e3132302e302f32322d3234203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:14:15 +0000
ROA not before:           Tue 04 Feb 2025 18:09:15 +0000
ROA not after:            Tue 03 Feb 2026 18:14:15 +0000
asID:                     52399
IP address blocks:        170.247.120.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6DE91B35DA9AC709C34C2BD1A13A688E9A169AE888B92B4E4BBB86F25B77C458/0/F78F9E6F642B6485F25A9B2331897573DEED26F6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6DE91B35DA9AC709C34C2BD1A13A688E9A169AE888B92B4E4BBB86F25B77C458/0/F78F9E6F642B6485F25A9B2331897573DEED26F6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F78F9E6F642B6485F25A9B2331897573DEED26F6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 12 Feb 2025 00:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:52:a8:cf:63:2b:c8:17:de:f7:b3:1b:76:7a:1f:f7:86:65:4a:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F78F9E6F642B6485F25A9B2331897573DEED26F6
        Validity
            Not Before: Feb  4 18:09:15 2025 GMT
            Not After : Feb  3 18:14:15 2026 GMT
        Subject: CN=CEA23AC713E0BDF1E3072138B06D7068D2BEE8E8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:24:4f:83:bd:e3:0a:de:0c:7c:f1:72:a5:9c:
                    79:2a:dc:16:ab:da:fc:35:6c:4a:27:27:cd:ed:ef:
                    b4:3f:ae:54:f9:d6:9b:9c:43:d3:c8:fe:00:da:7b:
                    3f:23:b8:a1:ae:d7:94:b0:84:ee:68:06:d4:3f:a7:
                    35:48:06:17:01:9b:c2:af:6e:a1:dc:ba:d9:38:a7:
                    f7:43:e1:e4:d0:5f:6d:69:db:d8:be:cc:e7:d5:af:
                    5b:2e:2c:d9:06:74:96:c7:f5:88:71:ea:09:a8:56:
                    19:af:18:64:56:44:03:c0:2d:92:99:95:6f:33:55:
                    5a:7f:25:0a:a4:cc:9d:96:8b:52:89:a1:6f:ec:6c:
                    27:46:ee:ed:13:f2:61:73:8c:b9:61:60:9c:69:3b:
                    c7:f7:20:1a:e8:06:4a:40:a8:88:c9:bf:0b:52:b6:
                    d8:79:4d:23:e7:a4:1e:7a:07:00:38:92:58:fb:41:
                    43:e9:25:8a:d1:ce:d6:ba:86:dd:94:04:6a:a2:59:
                    5d:16:a0:5b:6b:05:45:1e:f4:d9:3a:f7:d9:c2:66:
                    50:99:07:d4:2e:97:d2:3e:9c:b6:a2:61:98:ee:7e:
                    3b:99:a0:8a:6f:3d:86:13:96:33:fe:d2:ae:1c:a3:
                    5c:9b:fc:54:46:bf:9d:cb:d8:15:48:dd:83:62:bf:
                    82:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:A2:3A:C7:13:E0:BD:F1:E3:07:21:38:B0:6D:70:68:D2:BE:E8:E8
            X509v3 Authority Key Identifier:
                keyid:F7:8F:9E:6F:64:2B:64:85:F2:5A:9B:23:31:89:75:73:DE:ED:26:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6DE91B35DA9AC709C34C2BD1A13A688E9A169AE888B92B4E4BBB86F25B77C458/0/F78F9E6F642B6485F25A9B2331897573DEED26F6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F78F9E6F642B6485F25A9B2331897573DEED26F6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6DE91B35DA9AC709C34C2BD1A13A688E9A169AE888B92B4E4BBB86F25B77C458/0/3137302e3234372e3132302e302f32322d3234203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.247.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         56:8d:e0:4e:08:e8:a1:07:91:1a:b9:3f:7b:53:c6:5c:78:73:
         f0:e3:c9:07:14:9a:87:27:bc:d0:05:12:98:fd:c9:15:93:cf:
         e8:ea:56:ab:b3:8b:9d:2f:b6:97:1a:67:06:da:17:59:81:d0:
         2a:34:2e:08:41:58:b0:d6:b6:9b:b2:ad:87:21:fd:e6:bf:4f:
         1b:8a:45:dd:a8:83:46:2b:ad:65:9f:b1:42:a1:df:f1:af:36:
         58:2a:d2:d0:90:01:b5:b6:13:fa:cf:e0:c3:a4:64:f7:14:e7:
         32:49:9b:bc:e1:dc:2e:36:bb:61:68:da:f9:4a:67:14:3a:af:
         51:97:5a:a4:17:ce:6d:06:62:03:d9:01:97:1c:c7:68:55:d5:
         d3:3f:65:84:0b:b1:8c:dd:2e:a3:77:61:5b:4c:6e:78:9e:d9:
         d6:eb:c5:47:50:52:b0:58:2e:6c:75:b1:28:36:92:53:8b:a7:
         a7:d1:05:71:4a:60:7a:c0:c1:b5:98:0c:39:00:49:dd:b2:61:
         c7:23:d1:a2:e8:2d:50:11:d9:c7:d3:52:b0:3d:c1:b8:66:20:
         48:04:03:8f:ff:41:33:8e:bc:de:7a:8a:65:e9:ac:2e:d6:d6:
         6c:50:49:f8:cb:8e:7b:eb:34:ec:3b:85:b9:34:1a:ae:de:62:
         9c:f5:e0:25
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUU1Koz2MryBfe97Mbdnof94ZlSk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjc4RjlFNkY2NDJCNjQ4NUYyNUE5QjIzMzE4OTc1NzNE
RUVEMjZGNjAeFw0yNTAyMDQxODA5MTVaFw0yNjAyMDMxODE0MTVaMDMxMTAvBgNV
BAMTKENFQTIzQUM3MTNFMEJERjFFMzA3MjEzOEIwNkQ3MDY4RDJCRUU4RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUJE+DveMK3gx88XKlnHkq3Bar
2vw1bEonJ83t77Q/rlT51pucQ9PI/gDaez8juKGu15SwhO5oBtQ/pzVIBhcBm8Kv
bqHcutk4p/dD4eTQX21p29i+zOfVr1suLNkGdJbH9Yhx6gmoVhmvGGRWRAPALZKZ
lW8zVVp/JQqkzJ2Wi1KJoW/sbCdG7u0T8mFzjLlhYJxpO8f3IBroBkpAqIjJvwtS
tth5TSPnpB56BwA4klj7QUPpJYrRzta6ht2UBGqiWV0WoFtrBUUe9Nk699nCZlCZ
B9Qul9I+nLaiYZjufjuZoIpvPYYTljP+0q4co1yb/FRGv53L2BVI3YNiv4KDAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUzqI6xxPgvfHjByE4sG1waNK+6OgwHwYDVR0j
BBgwFoAU94+eb2QrZIXyWpsjMYl1c97tJvYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82REU5MUIzNURBOUFDNzA5QzM0QzJCRDFBMTNBNjg4RTlB
MTY5QUU4ODhCOTJCNEU0QkJCODZGMjVCNzdDNDU4LzAvRjc4RjlFNkY2NDJCNjQ4
NUYyNUE5QjIzMzE4OTc1NzNERUVEMjZGNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GNzhGOUU2RjY0MkI2NDg1RjI1
QTlCMjMzMTg5NzU3M0RFRUQyNkY2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNkRFOTFCMzVEQTlBQzcwOUMzNEMyQkQxQTEzQTY4OEU5QTE2OUFFODg4
QjkyQjRFNEJCQjg2RjI1Qjc3QzQ1OC8wLzMxMzczMDJlMzIzNDM3MmUzMTMyMzAy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNTMyMzMzOTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqvd4
MA0GCSqGSIb3DQEBCwUAA4IBAQBWjeBOCOihB5EauT97U8ZceHPw48kHFJqHJ7zQ
BRKY/ckVk8/o6lars4udL7aXGmcG2hdZgdAqNC4IQViw1rabsq2HIf3mv08bikXd
qINGK61ln7FCod/xrzZYKtLQkAG1thP6z+DDpGT3FOcySZu84dwuNrthaNr5SmcU
Oq9Rl1qkF85tBmID2QGXHMdoVdXTP2WEC7GM3S6jd2FbTG54ntnW68VHUFKwWC5s
dbEoNpJTi6en0QVxSmB6wMG1mAw5AEndsmHHI9Gi6C1QEdnH01KwPcG4ZiBIBAOP
/0Ezjrzeeopl6awu1tZsUEn4y4576zTsO4W5NBqu3mKc9eAl
-----END CERTIFICATE-----
Generated at Sun Feb 9 15:06:45 2025 by rpki-client