Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS27948.roa
File:                     AS27948.roa (raw, json)
Hash identifier:          WwDN1Z/v2uY0kOfvtzpCrVKK0zCbJpd/vs/EBHq2EV8=
Subject key identifier:   F7:3B:65:DE:C6:0D:1A:5E:6C:8D:F0:7F:C6:C1:16:FF:5D:36:89:F1
Certificate issuer:       /CN=B6F8E7D0BF951583E0959B2A92A8920330CEBE59
Certificate serial:       726776EA909BD27C8F1357EC05FBF7640B71BE8B
Authority key identifier: B6:F8:E7:D0:BF:95:15:83:E0:95:9B:2A:92:A8:92:03:30:CE:BE:59
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS27948.roa
Signing time:             Tue 04 Feb 2025 18:44:16 +0000
ROA not before:           Tue 04 Feb 2025 18:39:16 +0000
ROA not after:            Tue 03 Feb 2026 18:44:16 +0000
asID:                     27948
IP address blocks:        181.113.192.0/24 maxlen: 24
                          181.196.0.0/22 maxlen: 22
                          181.211.208.0/21 maxlen: 22
                          181.211.248.0/22 maxlen: 22
                          190.214.76.0/22 maxlen: 22
                          190.214.216.0/24 maxlen: 24
                          200.107.2.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.crl
                          rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 09 Apr 2025 06:41:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:67:76:ea:90:9b:d2:7c:8f:13:57:ec:05:fb:f7:64:0b:71:be:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B6F8E7D0BF951583E0959B2A92A8920330CEBE59
        Validity
            Not Before: Feb  4 18:39:16 2025 GMT
            Not After : Feb  3 18:44:16 2026 GMT
        Subject: CN=F73B65DEC60D1A5E6C8DF07FC6C116FF5D3689F1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:d4:ce:bd:f2:b9:0b:52:46:5b:bd:0d:34:47:
                    bd:f2:c4:dd:81:3b:45:12:7a:0c:a2:2e:53:f5:1c:
                    19:83:e0:2c:79:99:ce:7f:a8:04:3c:20:40:6c:fb:
                    34:bd:bf:3b:9e:fa:db:6a:ef:8f:e6:04:db:04:be:
                    49:c5:1b:5d:6a:8d:f2:00:c5:10:7a:c2:f6:7a:c8:
                    3b:27:03:a0:e6:13:da:1d:dd:84:0c:95:9c:20:96:
                    c3:1c:6d:0f:93:d6:c3:79:6a:1f:ff:c2:0e:c2:1d:
                    47:60:a1:69:1b:f4:9b:a9:1c:b5:a1:d5:2f:d2:b1:
                    84:42:dc:39:23:c1:60:1e:9c:4f:33:69:65:77:9d:
                    3f:78:6c:83:ca:4e:b1:1d:fa:44:05:8a:96:8f:c3:
                    98:2b:0b:54:d7:02:9b:e3:98:ff:7c:79:17:9d:79:
                    ea:b7:cd:00:fb:a5:a9:75:e2:83:c4:02:b1:2a:52:
                    df:d1:90:cc:a2:55:ff:de:2a:a4:65:26:62:f2:70:
                    e7:d1:31:0b:08:b7:5c:cd:d5:c8:3a:89:74:c6:9b:
                    d4:db:e2:f9:72:f7:ca:fc:a8:cb:fe:1f:96:93:b7:
                    2d:75:63:79:9b:5c:92:5c:b5:fa:52:9f:5c:54:f1:
                    c3:5d:9b:0f:cb:89:30:d2:5a:76:0a:8b:0e:85:eb:
                    e6:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:3B:65:DE:C6:0D:1A:5E:6C:8D:F0:7F:C6:C1:16:FF:5D:36:89:F1
            X509v3 Authority Key Identifier:
                keyid:B6:F8:E7:D0:BF:95:15:83:E0:95:9B:2A:92:A8:92:03:30:CE:BE:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS27948.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.113.192.0/24
                  181.196.0.0/22
                  181.211.208.0/21
                  181.211.248.0/22
                  190.214.76.0/22
                  190.214.216.0/24
                  200.107.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:c5:bc:9c:fc:10:52:6a:aa:4f:57:c3:3c:4c:51:03:58:16:
         62:09:e7:12:49:48:d4:81:7a:a7:35:ad:51:1d:fa:eb:14:48:
         dc:63:a5:4e:08:4c:41:06:4a:05:c0:ec:c0:dc:f9:de:fc:79:
         7c:1b:37:b8:24:06:c2:45:df:fe:93:7c:42:f7:fe:fa:d5:43:
         96:93:b9:c0:ea:79:df:4a:cb:ab:07:c0:aa:12:68:4a:ac:c2:
         1d:ca:3e:a3:47:c7:03:9a:7d:7f:29:55:4e:e2:6d:37:9c:d2:
         8d:23:9c:63:23:ca:ef:95:c7:52:dc:ae:eb:35:de:b7:80:45:
         c2:05:6d:87:09:a7:31:d3:49:9b:d2:35:ed:bf:49:38:e7:47:
         11:33:b9:02:e2:1d:97:4c:e0:62:6c:66:a9:e3:6a:7c:b0:7e:
         cc:d9:c3:ed:f6:2d:71:13:f4:b6:b6:92:a9:fa:ae:1b:95:ba:
         1e:7d:78:cb:7b:57:70:ae:4f:2f:74:d9:d7:55:58:70:60:62:
         03:a4:f7:9a:14:08:76:9e:b2:20:05:5d:8a:fb:82:68:c6:36:
         11:e4:5b:cd:c4:e9:56:6a:69:c4:fa:04:1b:17:46:83:cb:0d:
         5d:d7:17:2d:eb:e9:be:06:9a:51:38:46:c8:8d:60:af:27:c4:
         3a:21:be:2c
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgIUcmd26pCb0nyPE1fsBfv3ZAtxvoswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjZGOEU3RDBCRjk1MTU4M0UwOTU5QjJBOTJBODkyMDMz
MENFQkU1OTAeFw0yNTAyMDQxODM5MTZaFw0yNjAyMDMxODQ0MTZaMDMxMTAvBgNV
BAMTKEY3M0I2NURFQzYwRDFBNUU2QzhERjA3RkM2QzExNkZGNUQzNjg5RjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa1M698rkLUkZbvQ00R73yxN2B
O0USegyiLlP1HBmD4Cx5mc5/qAQ8IEBs+zS9vzue+ttq74/mBNsEvknFG11qjfIA
xRB6wvZ6yDsnA6DmE9od3YQMlZwglsMcbQ+T1sN5ah//wg7CHUdgoWkb9JupHLWh
1S/SsYRC3DkjwWAenE8zaWV3nT94bIPKTrEd+kQFipaPw5grC1TXApvjmP98eRed
eeq3zQD7pal14oPEArEqUt/RkMyiVf/eKqRlJmLycOfRMQsIt1zN1cg6iXTGm9Tb
4vly98r8qMv+H5aTty11Y3mbXJJctfpSn1xU8cNdmw/LiTDSWnYKiw6F6+a1AgMB
AAGjggK8MIICuDAdBgNVHQ4EFgQU9ztl3sYNGl5sjfB/xsEW/102ifEwHwYDVR0j
BBgwFoAUtvjn0L+VFYPglZsqkqiSAzDOvlkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83M0I2ODY4RTU2QjEyQzM1QzYzQjBBQjc2MzAyM0YyNTA4
MTIzQzMxMUNEN0VGNEY1MTYxRUY2RDBBNTUyOTlFLzAvQjZGOEU3RDBCRjk1MTU4
M0UwOTU5QjJBOTJBODkyMDMzMENFQkU1OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CNkY4RTdEMEJGOTUxNTgzRTA5
NTlCMkE5MkE4OTIwMzMwQ0VCRTU5LmNlcjCBlwYIKwYBBQUHAQsEgYowgYcwgYQG
CCsGAQUFBzALhnhyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy83M0I2ODY4RTU2QjEyQzM1QzYzQjBBQjc2MzAyM0YyNTA4MTIzQzMxMUNE
N0VGNEY1MTYxRUY2RDBBNTUyOTlFLzAvQVMyNzk0OC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEALVxwAME
ArXEAAMEA7XT0AMEArXT+AMEAr7WTAMEAL7W2AMEAMhrAjANBgkqhkiG9w0BAQsF
AAOCAQEAgsW8nPwQUmqqT1fDPExRA1gWYgnnEklI1IF6pzWtUR366xRI3GOlTghM
QQZKBcDswNz53vx5fBs3uCQGwkXf/pN8Qvf++tVDlpO5wOp530rLqwfAqhJoSqzC
Hco+o0fHA5p9fylVTuJtN5zSjSOcYyPK75XHUtyu6zXet4BFwgVthwmnMdNJm9I1
7b9JOOdHETO5AuIdl0zgYmxmqeNqfLB+zNnD7fYtcRP0traSqfquG5W6Hn14y3tX
cK5PL3TZ11VYcGBiA6T3mhQIdp6yIAVdivuCaMY2EeRbzcTpVmppxPoEGxdGg8sN
XdcXLevpvgaaUThGyI1gryfEOiG+LA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:05:07 2025 by rpki-client