Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/3136302e3233382e3230342e302f32322d3234203d3e203130363137.roa
File:                     3136302e3233382e3230342e302f32322d3234203d3e203130363137.roa (raw, json)
Hash identifier:          t60JFAeK238lj3U0r7/n8e70aWggGyjr0XoE0t4CRFU=
Subject key identifier:   78:88:B3:68:B1:CE:2E:62:B6:66:C4:76:85:CE:0B:D0:97:C0:28:19
Certificate issuer:       /CN=66D7CB6044C192E36153B39F7AF75BC83FF1DCB6
Certificate serial:       447912ED6D9A26FB5798D6B27D721DB5F308BF8B
Authority key identifier: 66:D7:CB:60:44:C1:92:E3:61:53:B3:9F:7A:F7:5B:C8:3F:F1:DC:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/3136302e3233382e3230342e302f32322d3234203d3e203130363137.roa
Signing time:             Tue 22 Jul 2025 01:26:06 +0000
ROA not before:           Tue 22 Jul 2025 01:21:06 +0000
ROA not after:            Tue 21 Jul 2026 01:26:06 +0000
asID:                     10617
IP address blocks:        160.238.204.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 26 Jul 2025 15:59:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:79:12:ed:6d:9a:26:fb:57:98:d6:b2:7d:72:1d:b5:f3:08:bf:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66D7CB6044C192E36153B39F7AF75BC83FF1DCB6
        Validity
            Not Before: Jul 22 01:21:06 2025 GMT
            Not After : Jul 21 01:26:06 2026 GMT
        Subject: CN=7888B368B1CE2E62B666C47685CE0BD097C02819
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a1:7f:aa:f1:7e:23:18:2c:7d:15:52:43:09:
                    82:21:4f:c8:76:27:44:72:2d:cc:ff:43:78:19:3a:
                    d8:77:e8:90:bb:c5:23:ab:1a:42:cb:0e:d6:73:1e:
                    5a:e7:4b:3e:bb:18:09:e2:52:c6:15:fc:8b:16:60:
                    aa:69:6d:be:3c:30:0e:61:48:19:4e:59:b4:b4:00:
                    ff:f6:2e:02:98:52:3a:08:ce:62:45:a0:b5:4b:72:
                    e6:1a:6a:6b:34:0d:ba:2f:f7:5a:42:c4:50:e7:83:
                    eb:19:df:34:85:f8:f4:fe:56:a4:90:13:ca:03:96:
                    86:9e:a0:b7:bc:e7:e2:57:b9:7d:4e:b2:e5:61:a1:
                    a6:94:2c:52:c7:53:e6:38:b0:d9:c5:17:1b:88:8e:
                    d8:fe:0a:e3:ae:f5:95:b7:d5:d9:1f:46:b6:49:ce:
                    48:47:82:57:9b:7c:05:ff:ed:6a:05:5c:d4:c5:29:
                    b1:6f:58:86:f8:25:58:1e:13:be:91:b9:83:9a:fa:
                    4a:60:21:fa:ce:16:2f:ec:5f:35:96:c4:e9:d0:84:
                    3b:cd:59:f7:58:2a:69:e7:48:00:52:55:6f:eb:09:
                    7c:4b:06:ad:90:4e:a7:43:39:31:c0:18:ea:06:54:
                    cd:fe:38:2a:ae:9a:e8:c7:dd:55:55:7e:2c:0a:50:
                    28:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:88:B3:68:B1:CE:2E:62:B6:66:C4:76:85:CE:0B:D0:97:C0:28:19
            X509v3 Authority Key Identifier:
                keyid:66:D7:CB:60:44:C1:92:E3:61:53:B3:9F:7A:F7:5B:C8:3F:F1:DC:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/3136302e3233382e3230342e302f32322d3234203d3e203130363137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.238.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:7b:27:66:72:a2:39:48:f4:8a:eb:6b:cb:5f:7b:6d:15:94:
         fd:1f:34:04:0d:c6:97:a0:7f:34:a0:df:89:ba:09:ec:2e:2a:
         6a:d8:d0:a7:7c:20:c5:2d:4b:f7:71:67:d0:58:89:c1:73:8b:
         4a:ec:68:ef:c2:c9:93:6a:ad:d2:2b:14:ed:1f:1f:bb:09:42:
         99:09:f8:6d:c5:ca:8f:26:7f:ad:d0:ff:33:27:b5:72:76:b7:
         d5:c7:4b:f4:4a:c6:12:d0:a4:14:71:13:58:8e:ad:4b:75:89:
         08:03:f9:ce:c7:77:51:bb:17:49:a1:53:7f:05:3a:a4:70:ac:
         50:0d:02:1e:e4:6e:f1:f6:ba:61:53:3a:ba:0d:66:f1:d1:23:
         75:3e:ee:21:ea:f7:17:71:c5:c8:cc:29:36:f6:4e:f9:e8:74:
         1b:c7:75:30:f3:2a:34:07:43:c4:d7:be:c0:05:77:36:09:6d:
         40:0f:44:04:9b:0f:80:a3:7d:6f:c4:38:23:f7:6b:ad:68:58:
         3d:1c:70:75:60:21:1f:4e:51:ae:0a:d3:65:6f:3d:0c:89:08:
         50:2c:64:3d:69:e9:db:d9:ac:3f:87:12:8b:d1:9a:fe:e1:1a:
         9b:6a:d3:ab:f8:05:ad:96:e6:d0:43:4c:2e:a8:a8:8a:c9:5f:
         bb:b5:60:7e
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIURHkS7W2aJvtXmNayfXIdtfMIv4swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjZEN0NCNjA0NEMxOTJFMzYxNTNCMzlGN0FGNzVCQzgz
RkYxRENCNjAeFw0yNTA3MjIwMTIxMDZaFw0yNjA3MjEwMTI2MDZaMDMxMTAvBgNV
BAMTKDc4ODhCMzY4QjFDRTJFNjJCNjY2QzQ3Njg1Q0UwQkQwOTdDMDI4MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6oX+q8X4jGCx9FVJDCYIhT8h2
J0RyLcz/Q3gZOth36JC7xSOrGkLLDtZzHlrnSz67GAniUsYV/IsWYKppbb48MA5h
SBlOWbS0AP/2LgKYUjoIzmJFoLVLcuYaams0Dbov91pCxFDng+sZ3zSF+PT+VqSQ
E8oDloaeoLe85+JXuX1OsuVhoaaULFLHU+Y4sNnFFxuIjtj+CuOu9ZW31dkfRrZJ
zkhHglebfAX/7WoFXNTFKbFvWIb4JVgeE76RuYOa+kpgIfrOFi/sXzWWxOnQhDvN
WfdYKmnnSABSVW/rCXxLBq2QTqdDOTHAGOoGVM3+OCqumujH3VVVfiwKUCgzAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUeIizaLHOLmK2ZsR2hc4L0JfAKBkwHwYDVR0j
BBgwFoAUZtfLYETBkuNhU7OfevdbyD/x3LYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83OTc0REYyQjRGQTZFQjc0RUVDODUxNzNGMEJBNDZCRDND
MUZGRDZGMUM2RjU5M0I0MTM1MEVBN0E1NTY1RTc4LzAvNjZEN0NCNjA0NEMxOTJF
MzYxNTNCMzlGN0FGNzVCQzgzRkYxRENCNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NkQ3Q0I2MDQ0QzE5MkUzNjE1
M0IzOUY3QUY3NUJDODNGRjFEQ0I2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzk3NERGMkI0RkE2RUI3NEVFQzg1MTczRjBCQTQ2QkQzQzFGRkQ2RjFD
NkY1OTNCNDEzNTBFQTdBNTU2NUU3OC8wLzMxMzYzMDJlMzIzMzM4MmUzMjMwMzQy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMTMwMzYzMTM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoO7M
MA0GCSqGSIb3DQEBCwUAA4IBAQBoeydmcqI5SPSK62vLX3ttFZT9HzQEDcaXoH80
oN+JugnsLipq2NCnfCDFLUv3cWfQWInBc4tK7GjvwsmTaq3SKxTtHx+7CUKZCfht
xcqPJn+t0P8zJ7VydrfVx0v0SsYS0KQUcRNYjq1LdYkIA/nOx3dRuxdJoVN/BTqk
cKxQDQIe5G7x9rphUzq6DWbx0SN1Pu4h6vcXccXIzCk29k756HQbx3Uw8yo0B0PE
177ABXc2CW1AD0QEmw+Ao31vxDgj92utaFg9HHB1YCEfTlGuCtNlbz0MiQhQLGQ9
aenb2aw/hxKL0Zr+4RqbatOr+AWtlubQQ0wuqKiKyV+7tWB+
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:38:02 2025 by rpki-client