Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/3230302e36392e34342e302f32322d3233203d3e203130363137.roa
File:                     3230302e36392e34342e302f32322d3233203d3e203130363137.roa (raw, json)
Hash identifier:          zyMSKq4P145y/h4bFt/C7H50lGBODL6wMNA00+h3ZRE=
Subject key identifier:   75:F5:DB:DB:A3:EF:F0:A0:2D:42:60:9A:BE:F7:2E:6C:05:E3:FB:28
Certificate issuer:       /CN=16D6DAFBF5511C53569330FFFD2E9E564974D14D
Certificate serial:       5361F8720F856040019E5FD6E60A64682E3C860E
Authority key identifier: 16:D6:DA:FB:F5:51:1C:53:56:93:30:FF:FD:2E:9E:56:49:74:D1:4D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/3230302e36392e34342e302f32322d3233203d3e203130363137.roa
Signing time:             Tue 04 Feb 2025 18:48:46 +0000
ROA not before:           Tue 04 Feb 2025 18:43:46 +0000
ROA not after:            Tue 03 Feb 2026 18:48:46 +0000
asID:                     10617
IP address blocks:        200.69.44.0/22 maxlen: 23
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Feb 2025 17:38:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:61:f8:72:0f:85:60:40:01:9e:5f:d6:e6:0a:64:68:2e:3c:86:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16D6DAFBF5511C53569330FFFD2E9E564974D14D
        Validity
            Not Before: Feb  4 18:43:46 2025 GMT
            Not After : Feb  3 18:48:46 2026 GMT
        Subject: CN=75F5DBDBA3EFF0A02D42609ABEF72E6C05E3FB28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:be:08:bb:bc:3f:d0:ef:b8:4a:df:65:8d:a3:
                    57:41:be:bc:e3:16:73:b5:2f:8a:e8:77:14:87:31:
                    0f:f0:74:e8:93:f2:4d:31:e1:ae:36:0a:ca:c8:52:
                    38:08:fa:f3:8f:69:7e:b0:8b:51:69:9a:b0:c3:06:
                    db:9d:e3:7a:67:2c:1b:e7:e7:dd:0f:e6:54:f3:29:
                    5d:4d:52:22:19:28:74:99:58:8b:9f:bf:87:7c:69:
                    9a:6a:bf:e7:73:dc:43:2d:2d:15:ad:06:06:10:41:
                    5b:cf:5e:f5:2c:af:ad:84:d4:b6:fb:fe:1d:d7:6f:
                    91:17:be:d1:9d:63:ba:0a:07:79:10:ed:3c:ab:91:
                    18:b4:9e:e1:e1:74:84:76:fd:1e:16:5f:2b:36:c7:
                    99:72:fc:69:8c:43:df:57:2a:3e:0c:7e:84:d0:75:
                    dc:3b:26:be:69:b3:11:4e:d0:ab:f9:95:c0:86:fb:
                    82:2b:cd:77:d7:b7:71:6d:d8:5e:65:76:e2:a6:76:
                    3e:a4:db:50:07:91:7a:06:aa:66:39:a1:d4:70:ac:
                    3b:2e:34:6c:75:95:86:9e:ed:3c:e1:0a:0c:f2:28:
                    93:4a:3d:4c:a3:2b:ea:cb:da:6e:90:c5:ff:1d:9c:
                    0e:82:94:ed:2a:6b:e8:c5:a6:c7:c1:48:5e:37:d7:
                    9a:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:F5:DB:DB:A3:EF:F0:A0:2D:42:60:9A:BE:F7:2E:6C:05:E3:FB:28
            X509v3 Authority Key Identifier:
                keyid:16:D6:DA:FB:F5:51:1C:53:56:93:30:FF:FD:2E:9E:56:49:74:D1:4D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/3230302e36392e34342e302f32322d3233203d3e203130363137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.69.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a1:27:26:e8:26:58:69:a2:26:0f:e7:94:01:53:3d:40:07:9d:
         06:29:e4:c7:d2:1c:98:07:2a:11:8a:b5:04:5b:76:c3:61:aa:
         87:2f:d0:c7:55:cf:44:98:35:9b:54:41:1a:49:49:b1:a7:de:
         24:ae:92:7f:fb:e6:69:08:e8:95:30:93:87:32:b1:06:3e:81:
         0d:6d:3f:f1:d8:7a:c1:b9:8f:6a:fa:c4:a3:cf:b4:98:a2:bb:
         c4:09:9f:c3:37:2b:96:d1:6d:76:cd:68:25:d7:5f:7d:d3:68:
         2d:33:43:5b:d4:8b:bd:33:e7:b0:30:71:30:b8:57:8d:12:27:
         36:b5:25:ea:fa:74:c7:ed:a1:79:8a:12:fa:8b:7a:0d:2a:b7:
         17:66:9c:86:d1:f5:26:5c:ab:b8:86:ee:a8:29:f2:84:f2:61:
         2e:50:08:c7:d1:24:d8:cc:ac:c7:15:8c:3a:4e:73:f6:18:49:
         c4:19:9a:fa:65:99:30:9d:b9:16:fa:d8:a0:e0:68:1f:11:46:
         47:53:92:15:0a:14:5d:d8:a5:89:e9:8e:86:be:f5:50:7a:34:
         3a:18:c3:d7:07:11:2a:f9:42:e5:89:24:9f:85:21:9b:ca:29:
         0d:82:2b:1e:a8:29:76:aa:dd:1d:2d:55:3a:32:c0:c1:ec:f8:
         39:23:69:37
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUU2H4cg+FYEABnl/W5gpkaC48hg4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTZENkRBRkJGNTUxMUM1MzU2OTMzMEZGRkQyRTlFNTY0
OTc0RDE0RDAeFw0yNTAyMDQxODQzNDZaFw0yNjAyMDMxODQ4NDZaMDMxMTAvBgNV
BAMTKDc1RjVEQkRCQTNFRkYwQTAyRDQyNjA5QUJFRjcyRTZDMDVFM0ZCMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7vgi7vD/Q77hK32WNo1dBvrzj
FnO1L4rodxSHMQ/wdOiT8k0x4a42CsrIUjgI+vOPaX6wi1FpmrDDBtud43pnLBvn
590P5lTzKV1NUiIZKHSZWIufv4d8aZpqv+dz3EMtLRWtBgYQQVvPXvUsr62E1Lb7
/h3Xb5EXvtGdY7oKB3kQ7TyrkRi0nuHhdIR2/R4WXys2x5ly/GmMQ99XKj4MfoTQ
ddw7Jr5psxFO0Kv5lcCG+4IrzXfXt3Ft2F5lduKmdj6k21AHkXoGqmY5odRwrDsu
NGx1lYae7TzhCgzyKJNKPUyjK+rL2m6Qxf8dnA6ClO0qa+jFpsfBSF4315phAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUdfXb26Pv8KAtQmCavvcubAXj+ygwHwYDVR0j
BBgwFoAUFtba+/VRHFNWkzD//S6eVkl00U0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83NkE0ODNDODQwQjU5RDVBMzg2Q0MzNUZFODkxNzc0RjA3
Qzk0MEMyQTQ3M0EwQzgwOEZGNzlFOUQ2NzNBQzAxLzAvMTZENkRBRkJGNTUxMUM1
MzU2OTMzMEZGRkQyRTlFNTY0OTc0RDE0RC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNkQ2REFGQkY1NTExQzUzNTY5
MzMwRkZGRDJFOUU1NjQ5NzREMTRELmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzZBNDgzQzg0MEI1OUQ1QTM4NkNDMzVGRTg5MTc3NEYwN0M5NDBDMkE0
NzNBMEM4MDhGRjc5RTlENjczQUMwMS8wLzMyMzAzMDJlMzYzOTJlMzQzNDJlMzAy
ZjMyMzIyZDMyMzMyMDNkM2UyMDMxMzAzNjMxMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALIRSwwDQYJ
KoZIhvcNAQELBQADggEBAKEnJugmWGmiJg/nlAFTPUAHnQYp5MfSHJgHKhGKtQRb
dsNhqocv0MdVz0SYNZtUQRpJSbGn3iSukn/75mkI6JUwk4cysQY+gQ1tP/HYesG5
j2r6xKPPtJiiu8QJn8M3K5bRbXbNaCXXX33TaC0zQ1vUi70z57AwcTC4V40SJza1
Jer6dMftoXmKEvqLeg0qtxdmnIbR9SZcq7iG7qgp8oTyYS5QCMfRJNjMrMcVjDpO
c/YYScQZmvplmTCduRb62KDgaB8RRkdTkhUKFF3YpYnpjoa+9VB6NDoYw9cHESr5
QuWJJJ+FIZvKKQ2CKx6oKXaq3R0tVToywMHs+DkjaTc=
-----END CERTIFICATE-----
Generated at Thu Feb 13 19:11:42 2025 by rpki-client