Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/83B688452524F2979AAE57E0EB5ABF964704B0800B03BC6AB87582BB3BA1B1A2/0/3137392e36312e39362e302f32302d3234203d3e20323634373830.roa
File:                     3137392e36312e39362e302f32302d3234203d3e20323634373830.roa (raw, json)
Hash identifier:          7TOSuqD7R200u810oEOVUXXCArqesbq71whBj8J8JBY=
Subject key identifier:   54:89:E0:10:F2:E6:45:02:0C:24:D9:08:0C:C2:26:EF:CF:57:CA:2A
Certificate issuer:       /CN=C5158AC830CCC436B01612C96B9D65F6ADA38F18
Certificate serial:       68007FC099F5FB847A302EDEEEF81DF20E568F2B
Authority key identifier: C5:15:8A:C8:30:CC:C4:36:B0:16:12:C9:6B:9D:65:F6:AD:A3:8F:18
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C5158AC830CCC436B01612C96B9D65F6ADA38F18.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/83B688452524F2979AAE57E0EB5ABF964704B0800B03BC6AB87582BB3BA1B1A2/0/3137392e36312e39362e302f32302d3234203d3e20323634373830.roa
Signing time:             Tue 04 Feb 2025 18:56:19 +0000
ROA not before:           Tue 04 Feb 2025 18:51:19 +0000
ROA not after:            Tue 03 Feb 2026 18:56:19 +0000
asID:                     264780
IP address blocks:        179.61.96.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/83B688452524F2979AAE57E0EB5ABF964704B0800B03BC6AB87582BB3BA1B1A2/0/C5158AC830CCC436B01612C96B9D65F6ADA38F18.crl
                          rsync://repository.lacnic.net/rpki/lacnic/83B688452524F2979AAE57E0EB5ABF964704B0800B03BC6AB87582BB3BA1B1A2/0/C5158AC830CCC436B01612C96B9D65F6ADA38F18.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C5158AC830CCC436B01612C96B9D65F6ADA38F18.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Feb 2025 22:17:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:00:7f:c0:99:f5:fb:84:7a:30:2e:de:ee:f8:1d:f2:0e:56:8f:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C5158AC830CCC436B01612C96B9D65F6ADA38F18
        Validity
            Not Before: Feb  4 18:51:19 2025 GMT
            Not After : Feb  3 18:56:19 2026 GMT
        Subject: CN=5489E010F2E645020C24D9080CC226EFCF57CA2A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:bf:49:56:24:83:f0:d8:bb:9f:3d:a7:0a:35:
                    6b:4e:e3:db:f8:ae:ed:e9:0d:73:75:80:56:0c:d7:
                    7e:ac:2b:97:9c:20:0e:63:0b:36:0c:f4:a7:81:ff:
                    3e:9e:aa:20:3a:07:71:f2:bd:9e:7a:8a:57:3b:3a:
                    7b:cf:29:a7:a4:60:7c:bc:fa:8b:83:6e:13:cf:f3:
                    1c:cc:49:06:9e:f1:71:0e:6f:8b:a2:7f:54:4a:16:
                    d6:b1:57:b4:8e:51:c2:5b:50:c5:1e:8d:4e:81:4b:
                    a3:df:5b:3c:2a:cd:c2:e8:f8:83:d8:d2:13:01:dd:
                    7f:ba:88:2e:50:88:28:fe:fe:f5:c3:1d:04:14:6d:
                    0b:7f:c8:b1:ab:12:0c:20:47:f4:05:f7:4f:56:32:
                    09:b0:60:ce:51:9a:c9:60:64:e8:63:e2:eb:85:56:
                    c0:66:2b:3c:60:22:f1:37:a7:1c:fa:24:5a:45:e0:
                    b6:89:e1:a6:03:62:cf:c9:10:d4:54:e6:ac:4d:3d:
                    4f:12:ee:53:50:ad:c2:2f:e5:ba:fc:25:24:e8:7b:
                    0b:1c:c4:49:4d:9e:3e:69:51:7c:b6:39:8a:64:26:
                    22:50:e4:f4:40:52:e6:f1:20:9c:18:a8:9c:e9:9e:
                    5c:a6:74:03:2c:e7:1f:84:d4:fc:eb:8c:fb:2a:84:
                    75:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:89:E0:10:F2:E6:45:02:0C:24:D9:08:0C:C2:26:EF:CF:57:CA:2A
            X509v3 Authority Key Identifier:
                keyid:C5:15:8A:C8:30:CC:C4:36:B0:16:12:C9:6B:9D:65:F6:AD:A3:8F:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/83B688452524F2979AAE57E0EB5ABF964704B0800B03BC6AB87582BB3BA1B1A2/0/C5158AC830CCC436B01612C96B9D65F6ADA38F18.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C5158AC830CCC436B01612C96B9D65F6ADA38F18.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/83B688452524F2979AAE57E0EB5ABF964704B0800B03BC6AB87582BB3BA1B1A2/0/3137392e36312e39362e302f32302d3234203d3e20323634373830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         4f:4a:a9:df:f6:ba:e2:99:d2:43:0f:f0:a7:b3:6a:50:ff:72:
         d5:e4:03:83:92:a1:52:5a:1c:c6:fe:6a:80:10:ae:77:0e:b2:
         70:c8:2c:38:6f:b2:65:ad:e6:d7:db:ec:3a:46:15:31:e6:bc:
         3a:a7:c4:26:78:86:74:51:17:ca:f6:d4:4b:6c:a3:60:09:15:
         e7:76:8c:f2:0c:95:7d:fc:ab:08:1b:a3:c0:1f:1c:d2:c3:e0:
         68:71:75:25:a9:29:e2:c5:fa:ab:16:6b:81:28:b0:1a:56:2c:
         90:6a:97:c3:21:28:cb:8a:1b:ea:98:a4:ac:0f:46:7a:4d:bd:
         0d:9f:e4:53:b7:c6:7a:2a:d1:ae:66:b6:3c:c3:24:1b:aa:f7:
         f9:e3:44:6e:45:96:d5:23:29:c0:2d:89:ba:3b:64:d0:9f:8d:
         4b:fd:e6:ab:d0:88:04:ba:a5:25:21:84:92:3d:5a:3f:1a:c3:
         00:fa:81:0e:c4:42:04:7e:f1:db:f0:d4:b1:91:32:fe:32:52:
         d4:22:7f:12:f2:a4:a3:ec:fe:3f:4d:7c:62:a1:22:dc:8d:75:
         e6:e5:4f:09:5e:ef:98:81:5d:16:cf:67:54:4a:5e:37:50:b1:
         32:9d:37:a3:b5:34:e2:96:c3:40:99:26:fc:ba:97:5d:b7:43:
         cf:a0:02:80
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUaAB/wJn1+4R6MC7e7vgd8g5WjyswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzUxNThBQzgzMENDQzQzNkIwMTYxMkM5NkI5RDY1RjZB
REEzOEYxODAeFw0yNTAyMDQxODUxMTlaFw0yNjAyMDMxODU2MTlaMDMxMTAvBgNV
BAMTKDU0ODlFMDEwRjJFNjQ1MDIwQzI0RDkwODBDQzIyNkVGQ0Y1N0NBMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgv0lWJIPw2LufPacKNWtO49v4
ru3pDXN1gFYM136sK5ecIA5jCzYM9KeB/z6eqiA6B3HyvZ56ilc7OnvPKaekYHy8
+ouDbhPP8xzMSQae8XEOb4uif1RKFtaxV7SOUcJbUMUejU6BS6PfWzwqzcLo+IPY
0hMB3X+6iC5QiCj+/vXDHQQUbQt/yLGrEgwgR/QF909WMgmwYM5RmslgZOhj4uuF
VsBmKzxgIvE3pxz6JFpF4LaJ4aYDYs/JENRU5qxNPU8S7lNQrcIv5br8JSToewsc
xElNnj5pUXy2OYpkJiJQ5PRAUubxIJwYqJzpnlymdAMs5x+E1PzrjPsqhHU9AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUVIngEPLmRQIMJNkIDMIm789XyiowHwYDVR0j
BBgwFoAUxRWKyDDMxDawFhLJa51l9q2jjxgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84M0I2ODg0NTI1MjRGMjk3OUFBRTU3RTBFQjVBQkY5NjQ3
MDRCMDgwMEIwM0JDNkFCODc1ODJCQjNCQTFCMUEyLzAvQzUxNThBQzgzMENDQzQz
NkIwMTYxMkM5NkI5RDY1RjZBREEzOEYxOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DNTE1OEFDODMwQ0NDNDM2QjAx
NjEyQzk2QjlENjVGNkFEQTM4RjE4LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODNCNjg4NDUyNTI0RjI5NzlBQUU1N0UwRUI1QUJGOTY0NzA0QjA4MDBC
MDNCQzZBQjg3NTgyQkIzQkExQjFBMi8wLzMxMzczOTJlMzYzMTJlMzkzNjJlMzAy
ZjMyMzAyZDMyMzQyMDNkM2UyMDMyMzYzNDM3MzgzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLM9YDAN
BgkqhkiG9w0BAQsFAAOCAQEAT0qp3/a64pnSQw/wp7NqUP9y1eQDg5KhUlocxv5q
gBCudw6ycMgsOG+yZa3m19vsOkYVMea8OqfEJniGdFEXyvbUS2yjYAkV53aM8gyV
ffyrCBujwB8c0sPgaHF1Jakp4sX6qxZrgSiwGlYskGqXwyEoy4ob6pikrA9Gek29
DZ/kU7fGeirRrma2PMMkG6r3+eNEbkWW1SMpwC2Jujtk0J+NS/3mq9CIBLqlJSGE
kj1aPxrDAPqBDsRCBH7x2/DUsZEy/jJS1CJ/EvKko+z+P018YqEi3I115uVPCV7v
mIFdFs9nVEpeN1CxMp03o7U04pbDQJkm/LqXXbdDz6ACgA==
-----END CERTIFICATE-----
Generated at Thu Feb 13 20:22:42 2025 by rpki-client