Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8715877014D6A3562B90597EC394B914F16FD3A53C58939A770388B3FE7D727A/0/3132382e3230312e32302e302f32322d3232203d3e20323635373430.roa
File:                     3132382e3230312e32302e302f32322d3232203d3e20323635373430.roa (raw, json)
Hash identifier:          Ck17cL7BBQ3PkSEyUeCjTel3GYwpsJaVoWQoeS/gGXc=
Subject key identifier:   86:47:19:77:CB:3B:78:3F:46:F8:68:55:49:A6:7A:D7:27:8E:89:97
Certificate issuer:       /CN=25AA12EC2868B90A693EEAD25632B15E24525ED3
Certificate serial:       26BDF66E3593CF171459CEF7D3F4A9F73DC43FD3
Authority key identifier: 25:AA:12:EC:28:68:B9:0A:69:3E:EA:D2:56:32:B1:5E:24:52:5E:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25AA12EC2868B90A693EEAD25632B15E24525ED3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8715877014D6A3562B90597EC394B914F16FD3A53C58939A770388B3FE7D727A/0/3132382e3230312e32302e302f32322d3232203d3e20323635373430.roa
Signing time:             Tue 05 Mar 2024 17:49:40 +0000
ROA not before:           Tue 05 Mar 2024 17:44:40 +0000
ROA not after:            Tue 04 Mar 2025 17:49:40 +0000
asID:                     265740
IP address blocks:        128.201.20.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8715877014D6A3562B90597EC394B914F16FD3A53C58939A770388B3FE7D727A/0/25AA12EC2868B90A693EEAD25632B15E24525ED3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8715877014D6A3562B90597EC394B914F16FD3A53C58939A770388B3FE7D727A/0/25AA12EC2868B90A693EEAD25632B15E24525ED3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25AA12EC2868B90A693EEAD25632B15E24525ED3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:bd:f6:6e:35:93:cf:17:14:59:ce:f7:d3:f4:a9:f7:3d:c4:3f:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25AA12EC2868B90A693EEAD25632B15E24525ED3
        Validity
            Not Before: Mar  5 17:44:40 2024 GMT
            Not After : Mar  4 17:49:40 2025 GMT
        Subject: CN=86471977CB3B783F46F8685549A67AD7278E8997
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:fd:e5:90:f0:45:a5:2c:9d:a3:09:65:51:e2:
                    7c:e8:03:df:a4:5d:fb:b2:f1:01:62:e9:d4:2f:1a:
                    f5:31:35:90:8c:6d:04:41:af:60:4c:8d:73:df:8c:
                    cd:40:69:ea:5d:e4:33:01:4c:bc:47:2a:b7:21:7c:
                    6a:56:3d:f4:be:53:a9:e1:5d:d8:5a:dd:cd:02:35:
                    54:59:c2:46:90:84:2f:c8:19:5c:83:17:a0:67:a8:
                    61:9f:01:23:82:3e:ff:6e:44:d2:d5:c3:22:39:20:
                    49:b4:93:db:01:0d:d2:4e:37:8d:cb:29:22:f8:69:
                    1e:82:61:25:03:76:05:d4:15:c4:df:2a:cc:20:c3:
                    fa:9c:55:8b:c5:b0:72:3c:24:02:11:10:e7:3f:78:
                    ae:1e:7f:13:da:3d:ab:7e:e9:bc:20:d8:6a:30:a9:
                    19:5e:82:64:e5:11:19:35:a9:5f:06:1b:f0:ba:0b:
                    2c:81:03:12:e4:fe:45:5b:eb:18:58:d2:b6:7e:b2:
                    4f:20:6c:2b:19:60:43:10:f2:84:ce:30:f3:7a:58:
                    cb:0b:76:19:17:6a:ee:2e:41:5b:02:0e:27:43:7e:
                    ff:55:fa:14:4b:95:67:3a:3b:9b:de:07:e1:94:66:
                    6a:f3:5f:9c:7d:01:e4:f7:64:42:18:bb:50:90:58:
                    c6:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:47:19:77:CB:3B:78:3F:46:F8:68:55:49:A6:7A:D7:27:8E:89:97
            X509v3 Authority Key Identifier:
                keyid:25:AA:12:EC:28:68:B9:0A:69:3E:EA:D2:56:32:B1:5E:24:52:5E:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8715877014D6A3562B90597EC394B914F16FD3A53C58939A770388B3FE7D727A/0/25AA12EC2868B90A693EEAD25632B15E24525ED3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25AA12EC2868B90A693EEAD25632B15E24525ED3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8715877014D6A3562B90597EC394B914F16FD3A53C58939A770388B3FE7D727A/0/3132382e3230312e32302e302f32322d3232203d3e20323635373430.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.201.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         14:ed:84:c8:00:76:62:6d:35:33:b0:ee:ba:c0:c5:e7:46:24:
         44:c8:a9:59:ff:ff:ea:e6:cf:56:87:57:2a:9a:ce:de:63:fa:
         24:1e:40:68:18:ea:ac:37:46:2f:e9:d5:74:35:8a:78:98:47:
         78:e3:d8:e3:62:94:9d:b5:67:3c:06:22:2a:da:65:6a:a4:d9:
         4c:79:cd:cf:6b:90:02:a0:8b:44:f1:1f:7a:2f:e1:8e:a0:ed:
         b4:bb:22:82:28:a9:08:49:f4:29:5d:a4:bd:1d:49:0f:cb:98:
         86:0e:58:17:e7:52:ee:7c:de:0b:41:30:a9:b1:ff:e4:ae:e6:
         c7:3d:72:c6:ca:b3:4a:b8:76:10:53:a1:df:50:e0:08:1c:00:
         2d:b6:d1:50:d3:ec:ce:ae:b8:45:eb:b8:24:18:2b:eb:10:b9:
         45:16:eb:fb:09:0a:0f:2a:c3:23:06:0f:e2:ad:7e:20:5c:75:
         25:0e:25:3b:2f:ab:25:82:6b:7e:97:d7:20:10:8a:af:54:9d:
         0f:f8:94:89:42:43:62:3c:23:4c:30:d6:fb:f0:f4:0a:3e:fd:
         f5:93:19:fa:d5:e8:1e:a3:bc:60:a8:68:a7:51:a3:97:44:01:
         04:9c:4e:3d:cf:54:ec:bb:38:de:19:23:91:15:ae:4d:3c:cd:
         16:2d:1b:db
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUJr32bjWTzxcUWc730/Sp9z3EP9MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjVBQTEyRUMyODY4QjkwQTY5M0VFQUQyNTYzMkIxNUUy
NDUyNUVEMzAeFw0yNDAzMDUxNzQ0NDBaFw0yNTAzMDQxNzQ5NDBaMDMxMTAvBgNV
BAMTKDg2NDcxOTc3Q0IzQjc4M0Y0NkY4Njg1NTQ5QTY3QUQ3Mjc4RTg5OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA/eWQ8EWlLJ2jCWVR4nzoA9+k
Xfuy8QFi6dQvGvUxNZCMbQRBr2BMjXPfjM1Aaepd5DMBTLxHKrchfGpWPfS+U6nh
Xdha3c0CNVRZwkaQhC/IGVyDF6BnqGGfASOCPv9uRNLVwyI5IEm0k9sBDdJON43L
KSL4aR6CYSUDdgXUFcTfKswgw/qcVYvFsHI8JAIREOc/eK4efxPaPat+6bwg2Gow
qRlegmTlERk1qV8GG/C6CyyBAxLk/kVb6xhY0rZ+sk8gbCsZYEMQ8oTOMPN6WMsL
dhkXau4uQVsCDidDfv9V+hRLlWc6O5veB+GUZmrzX5x9AeT3ZEIYu1CQWMbnAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUhkcZd8s7eD9G+GhVSaZ61yeOiZcwHwYDVR0j
BBgwFoAUJaoS7ChouQppPurSVjKxXiRSXtMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84NzE1ODc3MDE0RDZBMzU2MkI5MDU5N0VDMzk0QjkxNEYx
NkZEM0E1M0M1ODkzOUE3NzAzODhCM0ZFN0Q3MjdBLzAvMjVBQTEyRUMyODY4Qjkw
QTY5M0VFQUQyNTYzMkIxNUUyNDUyNUVEMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNUFBMTJFQzI4NjhCOTBBNjkz
RUVBRDI1NjMyQjE1RTI0NTI1RUQzLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODcxNTg3NzAxNEQ2QTM1NjJCOTA1OTdFQzM5NEI5MTRGMTZGRDNBNTND
NTg5MzlBNzcwMzg4QjNGRTdENzI3QS8wLzMxMzIzODJlMzIzMDMxMmUzMjMwMmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjM1MzczNDMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCgMkU
MA0GCSqGSIb3DQEBCwUAA4IBAQAU7YTIAHZibTUzsO66wMXnRiREyKlZ///q5s9W
h1cqms7eY/okHkBoGOqsN0Yv6dV0NYp4mEd449jjYpSdtWc8BiIq2mVqpNlMec3P
a5ACoItE8R96L+GOoO20uyKCKKkISfQpXaS9HUkPy5iGDlgX51LufN4LQTCpsf/k
rubHPXLGyrNKuHYQU6HfUOAIHAAtttFQ0+zOrrhF67gkGCvrELlFFuv7CQoPKsMj
Bg/irX4gXHUlDiU7L6slgmt+l9cgEIqvVJ0P+JSJQkNiPCNMMNb78PQKPv31kxn6
1egeo7xgqGinUaOXRAEEnE49z1TsuzjeGSORFa5NPM0WLRvb
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:27:16 2024 by rpki-client on console-ams.rpki-client.org