Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS28011.roa
File:                     AS28011.roa (raw, json)
Hash identifier:          S6hb4Prt84yt2qrOYMoSBVNSyk6U//kMyJxvOVsHfu8=
Subject key identifier:   F9:93:AB:AE:B6:F8:89:C5:AC:D0:EF:7F:3E:04:8D:52:F6:59:2A:A3
Certificate issuer:       /CN=B6F8E7D0BF951583E0959B2A92A8920330CEBE59
Certificate serial:       0F397D3FDBF2F392CB694A3E170BCA69569CCB26
Authority key identifier: B6:F8:E7:D0:BF:95:15:83:E0:95:9B:2A:92:A8:92:03:30:CE:BE:59
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS28011.roa
Signing time:             Tue 04 Feb 2025 18:44:16 +0000
ROA not before:           Tue 04 Feb 2025 18:39:16 +0000
ROA not after:            Tue 03 Feb 2026 18:44:16 +0000
asID:                     28011
IP address blocks:        181.112.0.0/21 maxlen: 24
                          181.112.16.0/21 maxlen: 24
                          181.112.24.0/21 maxlen: 24
                          181.112.96.0/21 maxlen: 24
                          181.112.112.0/21 maxlen: 21
                          181.112.128.0/21 maxlen: 24
                          181.113.72.0/21 maxlen: 24
                          181.113.80.0/21 maxlen: 24
                          181.113.88.0/21 maxlen: 24
                          181.113.160.0/20 maxlen: 24
                          181.113.176.0/21 maxlen: 24
                          181.113.184.0/21 maxlen: 24
                          181.113.208.0/21 maxlen: 24
                          181.196.32.0/21 maxlen: 24
                          181.196.64.0/21 maxlen: 24
                          181.196.168.0/21 maxlen: 24
                          181.196.208.0/20 maxlen: 24
                          181.211.16.0/21 maxlen: 24
                          181.211.24.0/21 maxlen: 24
                          181.211.64.0/21 maxlen: 24
                          181.211.72.0/21 maxlen: 24
                          181.211.88.0/21 maxlen: 24
                          181.211.116.0/22 maxlen: 24
                          181.211.120.0/21 maxlen: 24
                          181.211.136.0/21 maxlen: 24
                          181.211.152.0/21 maxlen: 24
                          181.211.168.0/21 maxlen: 24
                          181.211.192.0/21 maxlen: 24
                          181.211.224.0/21 maxlen: 24
                          181.211.232.0/21 maxlen: 24
                          186.42.116.0/24 maxlen: 24
                          186.42.236.0/22 maxlen: 24
                          186.47.168.0/21 maxlen: 24
                          186.47.216.0/21 maxlen: 24
                          186.47.248.0/21 maxlen: 24
                          186.178.13.0/24 maxlen: 24
                          186.178.14.0/24 maxlen: 24
                          186.178.24.0/21 maxlen: 24
                          186.178.56.0/21 maxlen: 24
                          186.178.72.0/21 maxlen: 24
                          186.178.104.0/21 maxlen: 24
                          186.178.172.0/22 maxlen: 24
                          186.178.176.0/21 maxlen: 24
                          186.178.184.0/21 maxlen: 24
                          190.11.10.0/24 maxlen: 24
                          190.11.20.0/24 maxlen: 24
                          190.152.40.0/24 maxlen: 24
                          190.152.41.0/24 maxlen: 24
                          190.152.44.0/24 maxlen: 24
                          190.152.45.0/24 maxlen: 24
                          190.152.46.0/24 maxlen: 24
                          190.152.47.0/24 maxlen: 24
                          190.152.48.0/23 maxlen: 24
                          190.152.50.0/23 maxlen: 24
                          190.152.52.0/24 maxlen: 24
                          190.152.56.0/22 maxlen: 24
                          190.152.132.0/22 maxlen: 24
                          190.152.136.0/21 maxlen: 24
                          190.152.152.0/24 maxlen: 24
                          190.152.192.0/24 maxlen: 24
                          190.152.240.0/22 maxlen: 24
                          190.152.252.0/24 maxlen: 24
                          190.152.254.0/24 maxlen: 24
                          190.214.64.0/21 maxlen: 24
                          190.214.88.0/21 maxlen: 24
                          190.214.112.0/22 maxlen: 24
                          190.214.116.0/22 maxlen: 24
                          190.214.152.0/21 maxlen: 24
                          190.214.168.0/22 maxlen: 24
                          190.214.172.0/22 maxlen: 24
                          190.214.192.0/21 maxlen: 24
                          190.214.200.0/21 maxlen: 24
                          190.214.224.0/21 maxlen: 24
                          200.73.204.0/22 maxlen: 24
                          200.107.11.0/24 maxlen: 24
                          200.107.26.0/23 maxlen: 24
                          200.107.32.0/23 maxlen: 24
                          200.107.40.0/21 maxlen: 24
                          200.107.53.0/24 maxlen: 24
                          200.125.203.0/24 maxlen: 24
                          200.125.208.0/24 maxlen: 24
                          200.125.240.0/23 maxlen: 24
                          200.125.242.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.crl
                          rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 09 Apr 2025 06:41:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:39:7d:3f:db:f2:f3:92:cb:69:4a:3e:17:0b:ca:69:56:9c:cb:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B6F8E7D0BF951583E0959B2A92A8920330CEBE59
        Validity
            Not Before: Feb  4 18:39:16 2025 GMT
            Not After : Feb  3 18:44:16 2026 GMT
        Subject: CN=F993ABAEB6F889C5ACD0EF7F3E048D52F6592AA3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:bc:5e:ca:5d:c6:9e:f9:59:b8:00:ac:6a:17:
                    be:1c:ee:c5:4d:91:25:f7:25:37:88:27:3e:3c:90:
                    ab:d2:60:da:9a:36:df:c5:9f:31:39:11:df:fa:81:
                    26:8d:84:e7:b2:30:6d:f7:6e:68:4d:c3:0d:1b:8c:
                    aa:bb:15:31:1b:a4:50:47:8d:1f:13:4f:4a:0a:10:
                    af:4a:54:18:0c:05:3a:13:5b:61:3f:2d:75:5d:ae:
                    a5:d8:72:1d:c6:93:b2:b2:31:e3:f1:ea:67:18:9c:
                    05:d8:f0:f9:c7:2e:51:23:25:61:c3:5c:02:4f:78:
                    ed:45:fb:00:2f:9b:d9:f4:5e:99:5d:71:bc:76:ab:
                    61:f8:ad:a2:79:6f:b7:13:87:3f:91:b0:d8:82:bf:
                    66:b9:d1:ea:95:f5:ae:90:71:06:0a:83:d8:09:da:
                    bf:66:cd:a4:01:95:78:d2:89:05:01:90:20:4b:97:
                    8a:c0:fa:bf:2a:78:c2:7a:64:ae:41:1e:e7:40:aa:
                    a3:15:5e:93:32:78:50:5f:fd:e3:94:37:b4:1d:a5:
                    ca:92:df:61:8d:31:7e:8e:e7:12:a6:21:ce:c9:c3:
                    0a:48:ac:fd:49:f2:09:5a:0e:b3:65:6c:0c:94:37:
                    90:79:56:00:93:68:55:b7:a7:33:e8:b2:e1:59:f8:
                    88:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:93:AB:AE:B6:F8:89:C5:AC:D0:EF:7F:3E:04:8D:52:F6:59:2A:A3
            X509v3 Authority Key Identifier:
                keyid:B6:F8:E7:D0:BF:95:15:83:E0:95:9B:2A:92:A8:92:03:30:CE:BE:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS28011.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.112.0.0/21
                  181.112.16.0/20
                  181.112.96.0/21
                  181.112.112.0/21
                  181.112.128.0/21
                  181.113.72.0-181.113.95.255
                  181.113.160.0/19
                  181.113.208.0/21
                  181.196.32.0/21
                  181.196.64.0/21
                  181.196.168.0/21
                  181.196.208.0/20
                  181.211.16.0/20
                  181.211.64.0/20
                  181.211.88.0/21
                  181.211.116.0-181.211.127.255
                  181.211.136.0/21
                  181.211.152.0/21
                  181.211.168.0/21
                  181.211.192.0/21
                  181.211.224.0/20
                  186.42.116.0/24
                  186.42.236.0/22
                  186.47.168.0/21
                  186.47.216.0/21
                  186.47.248.0/21
                  186.178.13.0-186.178.14.255
                  186.178.24.0/21
                  186.178.56.0/21
                  186.178.72.0/21
                  186.178.104.0/21
                  186.178.172.0-186.178.191.255
                  190.11.10.0/24
                  190.11.20.0/24
                  190.152.40.0/23
                  190.152.44.0-190.152.52.255
                  190.152.56.0/22
                  190.152.132.0-190.152.143.255
                  190.152.152.0/24
                  190.152.192.0/24
                  190.152.240.0/22
                  190.152.252.0/24
                  190.152.254.0/24
                  190.214.64.0/21
                  190.214.88.0/21
                  190.214.112.0/21
                  190.214.152.0/21
                  190.214.168.0/21
                  190.214.192.0/20
                  190.214.224.0/21
                  200.73.204.0/22
                  200.107.11.0/24
                  200.107.26.0/23
                  200.107.32.0/23
                  200.107.40.0/21
                  200.107.53.0/24
                  200.125.203.0/24
                  200.125.208.0/24
                  200.125.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         17:f3:50:71:72:d2:6c:75:f8:77:b7:5b:5a:bf:0d:bc:94:eb:
         0e:0c:20:4d:d1:d2:0e:cf:ff:15:3a:0d:1e:99:2d:da:a9:52:
         15:2f:14:34:d3:fa:6f:70:34:62:8d:8c:5e:a5:09:0c:89:dc:
         73:4a:70:6e:94:df:a6:fd:05:66:78:2b:73:26:38:b2:7f:a0:
         38:53:98:6c:a1:68:09:bb:6e:2a:e7:bb:de:68:1e:f2:c3:6b:
         10:8f:ee:df:54:38:cf:8b:24:69:fa:11:57:ee:25:45:ce:36:
         cb:52:41:38:29:fa:27:a4:52:a9:d2:96:3f:0e:b6:d5:76:6b:
         18:1a:bf:00:02:78:1b:f2:3f:b9:71:e4:6a:24:ba:65:18:5d:
         0d:6c:ae:0e:b0:bd:45:28:69:6c:d3:e1:c8:d2:23:4b:6d:3c:
         dd:12:85:e4:95:e3:ce:0e:e6:36:bd:74:04:47:fa:35:fa:6b:
         e4:b8:42:aa:0d:2c:10:b4:2d:49:f4:52:05:15:85:8c:d7:da:
         39:d8:e0:b5:e8:96:34:5a:17:9b:b9:ed:51:72:32:d1:8c:62:
         18:56:b5:91:20:88:73:a7:86:e0:6e:1d:81:b1:53:ed:2c:20:
         28:76:4a:84:33:15:88:23:a0:f4:97:d3:35:93:00:c9:c9:24:
         c5:f1:e6:9b
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUDzl9P9vy85LLaUo+FwvKaVacyyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjZGOEU3RDBCRjk1MTU4M0UwOTU5QjJBOTJBODkyMDMz
MENFQkU1OTAeFw0yNTAyMDQxODM5MTZaFw0yNjAyMDMxODQ0MTZaMDMxMTAvBgNV
BAMTKEY5OTNBQkFFQjZGODg5QzVBQ0QwRUY3RjNFMDQ4RDUyRjY1OTJBQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcvF7KXcae+Vm4AKxqF74c7sVN
kSX3JTeIJz48kKvSYNqaNt/FnzE5Ed/6gSaNhOeyMG33bmhNww0bjKq7FTEbpFBH
jR8TT0oKEK9KVBgMBToTW2E/LXVdrqXYch3Gk7KyMePx6mcYnAXY8PnHLlEjJWHD
XAJPeO1F+wAvm9n0Xpldcbx2q2H4raJ5b7cThz+RsNiCv2a50eqV9a6QcQYKg9gJ
2r9mzaQBlXjSiQUBkCBLl4rA+r8qeMJ6ZK5BHudAqqMVXpMyeFBf/eOUN7QdpcqS
32GNMX6O5xKmIc7JwwpIrP1J8glaDrNlbAyUN5B5VgCTaFW3pzPosuFZ+IgRAgMB
AAGjggQuMIIEKjAdBgNVHQ4EFgQU+ZOrrrb4icWs0O9/PgSNUvZZKqMwHwYDVR0j
BBgwFoAUtvjn0L+VFYPglZsqkqiSAzDOvlkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83M0I2ODY4RTU2QjEyQzM1QzYzQjBBQjc2MzAyM0YyNTA4
MTIzQzMxMUNEN0VGNEY1MTYxRUY2RDBBNTUyOTlFLzAvQjZGOEU3RDBCRjk1MTU4
M0UwOTU5QjJBOTJBODkyMDMzMENFQkU1OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CNkY4RTdEMEJGOTUxNTgzRTA5
NTlCMkE5MkE4OTIwMzMwQ0VCRTU5LmNlcjCBlwYIKwYBBQUHAQsEgYowgYcwgYQG
CCsGAQUFBzALhnhyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy83M0I2ODY4RTU2QjEyQzM1QzYzQjBBQjc2MzAyM0YyNTA4MTIzQzMxMUNE
N0VGNEY1MTYxRUY2RDBBNTUyOTlFLzAvQVMyODAxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAbMGCCsGAQUFBwEHAQH/BIIBojCCAZ4wggGaBAIAATCC
AZIDBAO1cAADBAS1cBADBAO1cGADBAO1cHADBAO1cIAwDAMEA7VxSAMEBbVxQAME
BbVxoAMEA7Vx0AMEA7XEIAMEA7XEQAMEA7XEqAMEBLXE0AMEBLXTEAMEBLXTQAME
A7XTWDAMAwQCtdN0AwQHtdMAAwQDtdOIAwQDtdOYAwQDtdOoAwQDtdPAAwQEtdPg
AwQAuip0AwQCuirsAwQDui+oAwQDui/YAwQDui/4MAwDBAC6sg0DBAC6sg4DBAO6
shgDBAO6sjgDBAO6skgDBAO6smgwDAMEArqyrAMEBrqygAMEAL4LCgMEAL4LFAME
Ab6YKDAMAwQCvpgsAwQAvpg0AwQCvpg4MAwDBAK+mIQDBAS+mIADBAC+mJgDBAC+
mMADBAK+mPADBAC+mPwDBAC+mP4DBAO+1kADBAO+1lgDBAO+1nADBAO+1pgDBAO+
1qgDBAS+1sADBAO+1uADBALIScwDBADIawsDBAHIaxoDBAHIayADBAPIaygDBADI
azUDBADIfcsDBADIfdADBALIffAwDQYJKoZIhvcNAQELBQADggEBABfzUHFy0mx1
+He3W1q/DbyU6w4MIE3R0g7P/xU6DR6ZLdqpUhUvFDTT+m9wNGKNjF6lCQyJ3HNK
cG6U36b9BWZ4K3MmOLJ/oDhTmGyhaAm7birnu95oHvLDaxCP7t9UOM+LJGn6EVfu
JUXONstSQTgp+iekUqnSlj8OttV2axgavwACeBvyP7lx5GokumUYXQ1srg6wvUUo
aWzT4cjSI0ttPN0SheSV484O5ja9dARH+jX6a+S4QqoNLBC0LUn0UgUVhYzX2jnY
4LXoljRaF5u57VFyMtGMYhhWtZEgiHOnhuBuHYGxU+0sICh2SoQzFYgjoPSX0zWT
AMnJJMXx5ps=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:05:02 2025 by rpki-client