Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/73FD58C8733F15D6FF8EFF28E5FF4B7B8F736433EE8BBB1CEFE0CC1761E70D9F/0/3135382e3235312e302e302f31362d3234203d3e203136373432.roa
File:                     3135382e3235312e302e302f31362d3234203d3e203136373432.roa (raw, json)
Hash identifier:          cVYKl5O8f9z3NYpBa+p3xA35kL1kOYR1h6UugSk1zJ0=
Subject key identifier:   01:8D:9D:CC:6C:7B:D4:AB:D6:09:AE:51:59:29:8B:5A:38:3E:18:FB
Certificate issuer:       /CN=5C7C6A52F20FE78CEAEC0A417809AAB6D82B7789
Certificate serial:       05EBF02D2C24DB4D04AA452D93FFD08BBBC57B40
Authority key identifier: 5C:7C:6A:52:F2:0F:E7:8C:EA:EC:0A:41:78:09:AA:B6:D8:2B:77:89
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5C7C6A52F20FE78CEAEC0A417809AAB6D82B7789.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/73FD58C8733F15D6FF8EFF28E5FF4B7B8F736433EE8BBB1CEFE0CC1761E70D9F/0/3135382e3235312e302e302f31362d3234203d3e203136373432.roa
Signing time:             Tue 20 May 2025 16:19:53 +0000
ROA not before:           Tue 20 May 2025 16:14:53 +0000
ROA not after:            Tue 19 May 2026 16:19:53 +0000
asID:                     16742
IP address blocks:        158.251.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/73FD58C8733F15D6FF8EFF28E5FF4B7B8F736433EE8BBB1CEFE0CC1761E70D9F/0/5C7C6A52F20FE78CEAEC0A417809AAB6D82B7789.crl
                          rsync://repository.lacnic.net/rpki/lacnic/73FD58C8733F15D6FF8EFF28E5FF4B7B8F736433EE8BBB1CEFE0CC1761E70D9F/0/5C7C6A52F20FE78CEAEC0A417809AAB6D82B7789.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5C7C6A52F20FE78CEAEC0A417809AAB6D82B7789.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 08:43:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:eb:f0:2d:2c:24:db:4d:04:aa:45:2d:93:ff:d0:8b:bb:c5:7b:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5C7C6A52F20FE78CEAEC0A417809AAB6D82B7789
        Validity
            Not Before: May 20 16:14:53 2025 GMT
            Not After : May 19 16:19:53 2026 GMT
        Subject: CN=018D9DCC6C7BD4ABD609AE5159298B5A383E18FB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:7f:94:29:64:86:a5:af:af:e0:14:c7:b5:3a:
                    26:b8:35:c7:82:39:52:52:ff:09:ba:1d:a2:e6:46:
                    67:88:74:55:2e:f6:18:fe:33:dd:83:13:75:b2:72:
                    8e:a3:28:28:8e:55:70:11:6f:04:07:ec:e0:ee:5e:
                    6f:48:d9:3b:95:bb:9c:ee:56:61:e4:ee:83:b5:46:
                    e2:ff:08:a9:f8:51:a0:43:18:22:a3:46:c5:e0:8d:
                    93:9c:9a:b6:94:05:4a:3d:8a:71:e2:b8:d4:91:60:
                    04:c4:43:c1:f9:3e:a2:8d:b2:ca:62:1e:02:b3:ab:
                    8d:69:1f:c3:44:22:3b:74:ee:54:b3:2d:2f:eb:3e:
                    65:62:e7:9f:92:23:05:04:15:dc:1e:8d:a1:20:15:
                    34:ff:da:a7:3a:d7:51:ea:a1:81:5c:d0:c4:37:1e:
                    3b:96:0e:ca:60:98:89:c3:b7:c2:8b:2b:54:5b:59:
                    83:29:bf:c4:1b:23:56:7c:76:19:a3:6b:3e:d1:a5:
                    82:2e:f3:45:89:81:7a:7d:0d:ac:58:66:41:bf:7d:
                    65:8f:82:c1:91:be:38:d3:26:33:7c:2d:fd:ec:81:
                    d9:74:07:99:44:e6:d4:7a:8d:6f:c9:d4:97:d5:7f:
                    83:1b:2f:8c:78:c6:b9:65:ee:97:8e:eb:62:87:21:
                    ee:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:8D:9D:CC:6C:7B:D4:AB:D6:09:AE:51:59:29:8B:5A:38:3E:18:FB
            X509v3 Authority Key Identifier:
                keyid:5C:7C:6A:52:F2:0F:E7:8C:EA:EC:0A:41:78:09:AA:B6:D8:2B:77:89

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/73FD58C8733F15D6FF8EFF28E5FF4B7B8F736433EE8BBB1CEFE0CC1761E70D9F/0/5C7C6A52F20FE78CEAEC0A417809AAB6D82B7789.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5C7C6A52F20FE78CEAEC0A417809AAB6D82B7789.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/73FD58C8733F15D6FF8EFF28E5FF4B7B8F736433EE8BBB1CEFE0CC1761E70D9F/0/3135382e3235312e302e302f31362d3234203d3e203136373432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.251.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         55:10:cd:41:6e:f5:6a:db:da:e2:f0:98:50:30:a0:df:86:b0:
         8c:df:9d:68:ab:3f:7f:78:e8:0b:1c:3f:3f:09:b0:19:ed:52:
         ec:ae:d7:34:e3:4f:e0:ee:d7:0f:5f:fc:2a:b3:09:58:a0:93:
         12:f1:b9:eb:73:af:49:b1:ab:1e:35:c2:3e:c7:f8:ab:a3:8e:
         73:81:82:d9:d9:f5:39:48:24:54:8f:96:97:5f:cc:fe:59:4c:
         74:93:fb:51:35:0c:9a:59:ae:4e:92:b6:1e:13:b5:5c:af:9d:
         91:e1:34:d5:79:af:2a:c5:98:35:f3:d1:28:e8:b2:81:d9:03:
         82:ec:54:75:6d:e4:47:8e:50:0b:c5:92:91:33:eb:ad:d2:b3:
         1a:bd:0f:ca:10:cb:4f:6f:8d:1a:58:5f:49:d7:fb:a2:77:f5:
         77:a6:0f:e4:86:c2:37:ff:9c:21:90:bc:3a:83:ee:d5:50:93:
         bb:17:47:56:39:0d:e1:e5:f7:a3:e6:30:3c:e4:a8:05:12:ba:
         d7:a2:54:6a:46:c3:af:9d:9f:66:b2:1f:a7:a6:52:48:56:cf:
         db:49:cc:82:e6:bd:4c:44:26:e4:b3:fa:51:4f:c1:b6:0f:9f:
         f8:1d:b1:3e:d8:88:92:9c:7b:94:ea:f2:6a:35:9e:13:21:22:
         b3:31:37:bf
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUBevwLSwk200EqkUtk//Qi7vFe0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUM3QzZBNTJGMjBGRTc4Q0VBRUMwQTQxNzgwOUFBQjZE
ODJCNzc4OTAeFw0yNTA1MjAxNjE0NTNaFw0yNjA1MTkxNjE5NTNaMDMxMTAvBgNV
BAMTKDAxOEQ5RENDNkM3QkQ0QUJENjA5QUU1MTU5Mjk4QjVBMzgzRTE4RkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmf5QpZIalr6/gFMe1Oia4NceC
OVJS/wm6HaLmRmeIdFUu9hj+M92DE3Wyco6jKCiOVXARbwQH7ODuXm9I2TuVu5zu
VmHk7oO1RuL/CKn4UaBDGCKjRsXgjZOcmraUBUo9inHiuNSRYATEQ8H5PqKNsspi
HgKzq41pH8NEIjt07lSzLS/rPmVi55+SIwUEFdwejaEgFTT/2qc611HqoYFc0MQ3
HjuWDspgmInDt8KLK1RbWYMpv8QbI1Z8dhmjaz7RpYIu80WJgXp9DaxYZkG/fWWP
gsGRvjjTJjN8Lf3sgdl0B5lE5tR6jW/J1JfVf4MbL4x4xrll7peO62KHIe5rAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUAY2dzGx71KvWCa5RWSmLWjg+GPswHwYDVR0j
BBgwFoAUXHxqUvIP54zq7ApBeAmqttgrd4kwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83M0ZENThDODczM0YxNUQ2RkY4RUZGMjhFNUZGNEI3QjhG
NzM2NDMzRUU4QkJCMUNFRkUwQ0MxNzYxRTcwRDlGLzAvNUM3QzZBNTJGMjBGRTc4
Q0VBRUMwQTQxNzgwOUFBQjZEODJCNzc4OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81QzdDNkE1MkYyMEZFNzhDRUFF
QzBBNDE3ODA5QUFCNkQ4MkI3Nzg5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzNGRDU4Qzg3MzNGMTVENkZGOEVGRjI4RTVGRjRCN0I4RjczNjQzM0VF
OEJCQjFDRUZFMENDMTc2MUU3MEQ5Ri8wLzMxMzUzODJlMzIzNTMxMmUzMDJlMzAy
ZjMxMzYyZDMyMzQyMDNkM2UyMDMxMzYzNzM0MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwCe+zANBgkq
hkiG9w0BAQsFAAOCAQEAVRDNQW71atva4vCYUDCg34awjN+daKs/f3joCxw/Pwmw
Ge1S7K7XNONP4O7XD1/8KrMJWKCTEvG563OvSbGrHjXCPsf4q6OOc4GC2dn1OUgk
VI+Wl1/M/llMdJP7UTUMmlmuTpK2HhO1XK+dkeE01XmvKsWYNfPRKOiygdkDguxU
dW3kR45QC8WSkTPrrdKzGr0PyhDLT2+NGlhfSdf7onf1d6YP5IbCN/+cIZC8OoPu
1VCTuxdHVjkN4eX3o+YwPOSoBRK616JUakbDr52fZrIfp6ZSSFbP20nMgua9TEQm
5LP6UU/Btg+f+B2xPtiIkpx7lOryajWeEyEiszE3vw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 05:52:59 2025 by rpki-client