Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS52331.roa
File:                     AS52331.roa (raw, json)
Hash identifier:          f0/BtAUTVMWtt4SP4tQiYuc6TbPzy35MRhFZg02/kro=
Subject key identifier:   A7:3D:55:F2:1A:E9:7D:60:64:BA:B7:6A:3C:D9:3B:1E:1D:41:65:79
Certificate issuer:       /CN=B6F8E7D0BF951583E0959B2A92A8920330CEBE59
Certificate serial:       272202722DE61DC648D61CEE8AB2FF84DB2B5D39
Authority key identifier: B6:F8:E7:D0:BF:95:15:83:E0:95:9B:2A:92:A8:92:03:30:CE:BE:59
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS52331.roa
Signing time:             Tue 04 Feb 2025 18:44:17 +0000
ROA not before:           Tue 04 Feb 2025 18:39:17 +0000
ROA not after:            Tue 03 Feb 2026 18:44:17 +0000
asID:                     52331
IP address blocks:        186.46.112.0/24 maxlen: 25
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.crl
                          rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 09 Apr 2025 06:41:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:22:02:72:2d:e6:1d:c6:48:d6:1c:ee:8a:b2:ff:84:db:2b:5d:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B6F8E7D0BF951583E0959B2A92A8920330CEBE59
        Validity
            Not Before: Feb  4 18:39:17 2025 GMT
            Not After : Feb  3 18:44:17 2026 GMT
        Subject: CN=A73D55F21AE97D6064BAB76A3CD93B1E1D416579
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:31:53:58:6c:81:66:05:74:b7:24:89:59:f2:
                    b4:cf:71:28:99:0b:59:8b:2d:53:72:cd:68:89:48:
                    dd:83:0d:17:f0:0b:1f:dc:21:ad:93:f8:7d:05:0c:
                    19:a2:6f:8e:98:be:9a:64:51:4e:fd:ea:3e:29:d9:
                    db:c5:d7:b4:9c:5b:24:9c:ec:ed:a2:8d:ca:e7:9d:
                    66:91:ab:3d:4e:5d:5f:8d:f6:10:db:b8:12:a4:4d:
                    86:a5:07:52:48:f7:d1:d3:1a:e0:90:d0:47:0d:dc:
                    31:98:45:bc:ff:57:a9:ea:89:fa:fa:be:1b:5c:15:
                    78:12:ef:98:93:8e:b7:51:34:12:02:66:08:23:08:
                    5d:76:c9:17:97:39:ac:8c:93:83:28:7e:1c:bb:c0:
                    b4:19:82:78:d5:bf:da:3d:f6:22:1e:5b:99:b1:ec:
                    ad:b5:57:26:0b:c3:b0:9c:0f:b4:a0:04:78:7d:c8:
                    ae:61:b7:65:04:7c:da:05:1e:93:ab:37:9a:8d:88:
                    1d:d0:c3:2d:19:4f:01:98:95:48:ca:00:b4:ad:c0:
                    d1:36:e7:d4:ab:f5:1a:81:bf:16:75:91:c5:e1:02:
                    2d:ba:4e:04:35:41:4d:88:3b:0e:64:61:da:40:d9:
                    c0:d6:e3:fd:a4:e6:34:b0:b3:72:a0:71:12:dd:d6:
                    2a:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:3D:55:F2:1A:E9:7D:60:64:BA:B7:6A:3C:D9:3B:1E:1D:41:65:79
            X509v3 Authority Key Identifier:
                keyid:B6:F8:E7:D0:BF:95:15:83:E0:95:9B:2A:92:A8:92:03:30:CE:BE:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS52331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.46.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:dd:0a:f2:57:2a:67:59:ba:7f:38:8e:42:8e:19:62:a5:a8:
         ef:03:ef:2e:d7:3d:9a:b8:84:2c:ad:0f:53:e3:82:eb:d9:c7:
         fc:23:fd:23:e1:e1:27:95:29:a6:42:08:f8:a0:48:97:6a:94:
         8f:4d:f8:f3:bb:88:91:7a:fc:b2:1d:ab:2e:b7:7b:c7:bd:4b:
         69:b6:59:5b:f7:3e:5e:4a:b1:1c:4c:0d:f5:50:9c:97:84:6b:
         9f:91:77:54:5f:9d:7c:4a:6d:fd:5e:d2:77:e8:86:98:ac:02:
         1a:5f:63:c5:e2:d7:a3:69:84:d6:89:92:99:41:ef:0a:82:8b:
         49:0e:76:89:41:24:99:24:9b:90:23:11:29:1a:fe:6c:c3:48:
         73:29:7a:61:df:8f:af:85:98:19:49:ac:ef:16:81:dc:b9:65:
         20:19:8d:f3:e5:f5:91:ae:2f:6b:9b:72:08:ef:09:6f:a6:e0:
         a8:71:35:41:39:af:f6:9c:53:29:98:c6:a0:ba:f6:1d:f2:9d:
         9a:05:53:60:21:7c:ce:68:ed:96:3d:76:69:07:28:d5:95:28:
         1d:44:8b:2e:c5:1e:ea:b9:a6:94:b7:84:bf:00:9b:5f:42:98:
         f5:db:ad:27:dc:ef:f0:dc:e7:de:c3:91:3c:0c:a8:15:e3:98:
         f8:09:f6:af
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIUJyICci3mHcZI1hzuirL/hNsrXTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjZGOEU3RDBCRjk1MTU4M0UwOTU5QjJBOTJBODkyMDMz
MENFQkU1OTAeFw0yNTAyMDQxODM5MTdaFw0yNjAyMDMxODQ0MTdaMDMxMTAvBgNV
BAMTKEE3M0Q1NUYyMUFFOTdENjA2NEJBQjc2QTNDRDkzQjFFMUQ0MTY1NzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjMVNYbIFmBXS3JIlZ8rTPcSiZ
C1mLLVNyzWiJSN2DDRfwCx/cIa2T+H0FDBmib46YvppkUU796j4p2dvF17ScWySc
7O2ijcrnnWaRqz1OXV+N9hDbuBKkTYalB1JI99HTGuCQ0EcN3DGYRbz/V6nqifr6
vhtcFXgS75iTjrdRNBICZggjCF12yReXOayMk4Mofhy7wLQZgnjVv9o99iIeW5mx
7K21VyYLw7CcD7SgBHh9yK5ht2UEfNoFHpOrN5qNiB3Qwy0ZTwGYlUjKALStwNE2
59Sr9RqBvxZ1kcXhAi26TgQ1QU2IOw5kYdpA2cDW4/2k5jSws3KgcRLd1iolAgMB
AAGjggKYMIIClDAdBgNVHQ4EFgQUpz1V8hrpfWBkurdqPNk7Hh1BZXkwHwYDVR0j
BBgwFoAUtvjn0L+VFYPglZsqkqiSAzDOvlkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83M0I2ODY4RTU2QjEyQzM1QzYzQjBBQjc2MzAyM0YyNTA4
MTIzQzMxMUNEN0VGNEY1MTYxRUY2RDBBNTUyOTlFLzAvQjZGOEU3RDBCRjk1MTU4
M0UwOTU5QjJBOTJBODkyMDMzMENFQkU1OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CNkY4RTdEMEJGOTUxNTgzRTA5
NTlCMkE5MkE4OTIwMzMwQ0VCRTU5LmNlcjCBlwYIKwYBBQUHAQsEgYowgYcwgYQG
CCsGAQUFBzALhnhyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy83M0I2ODY4RTU2QjEyQzM1QzYzQjBBQjc2MzAyM0YyNTA4MTIzQzMxMUNE
N0VGNEY1MTYxRUY2RDBBNTUyOTlFLzAvQVM1MjMzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALoucDAN
BgkqhkiG9w0BAQsFAAOCAQEAXd0K8lcqZ1m6fziOQo4ZYqWo7wPvLtc9mriELK0P
U+OC69nH/CP9I+HhJ5UppkII+KBIl2qUj03487uIkXr8sh2rLrd7x71LabZZW/c+
XkqxHEwN9VCcl4Rrn5F3VF+dfEpt/V7Sd+iGmKwCGl9jxeLXo2mE1omSmUHvCoKL
SQ52iUEkmSSbkCMRKRr+bMNIcyl6Yd+Pr4WYGUms7xaB3LllIBmN8+X1ka4va5ty
CO8Jb6bgqHE1QTmv9pxTKZjGoLr2HfKdmgVTYCF8zmjtlj12aQco1ZUoHUSLLsUe
6rmmlLeEvwCbX0KY9dutJ9zv8Nzn3sORPAyoFeOY+An2rw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:05:03 2025 by rpki-client