Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8715877014D6A3562B90597EC394B914F16FD3A53C58939A770388B3FE7D727A/0/3132382e3230312e32322e302f32342d3234203d3e20323635373430.roa
File:                     3132382e3230312e32322e302f32342d3234203d3e20323635373430.roa (raw, json)
Hash identifier:          N3vgu/+mPNCGK+4aT2jwtasMBfAmjfI5fSMVSMih108=
Subject key identifier:   57:E7:D2:0E:4A:6E:CE:16:22:60:20:FD:90:57:BF:EC:EE:76:93:3F
Certificate issuer:       /CN=25AA12EC2868B90A693EEAD25632B15E24525ED3
Certificate serial:       6B040760ECFBD80E09FA452E333BC0E1A7319CBF
Authority key identifier: 25:AA:12:EC:28:68:B9:0A:69:3E:EA:D2:56:32:B1:5E:24:52:5E:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25AA12EC2868B90A693EEAD25632B15E24525ED3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8715877014D6A3562B90597EC394B914F16FD3A53C58939A770388B3FE7D727A/0/3132382e3230312e32322e302f32342d3234203d3e20323635373430.roa
Signing time:             Tue 05 Mar 2024 17:49:41 +0000
ROA not before:           Tue 05 Mar 2024 17:44:41 +0000
ROA not after:            Tue 04 Mar 2025 17:49:41 +0000
asID:                     265740
IP address blocks:        128.201.22.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8715877014D6A3562B90597EC394B914F16FD3A53C58939A770388B3FE7D727A/0/25AA12EC2868B90A693EEAD25632B15E24525ED3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8715877014D6A3562B90597EC394B914F16FD3A53C58939A770388B3FE7D727A/0/25AA12EC2868B90A693EEAD25632B15E24525ED3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25AA12EC2868B90A693EEAD25632B15E24525ED3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:04:07:60:ec:fb:d8:0e:09:fa:45:2e:33:3b:c0:e1:a7:31:9c:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25AA12EC2868B90A693EEAD25632B15E24525ED3
        Validity
            Not Before: Mar  5 17:44:41 2024 GMT
            Not After : Mar  4 17:49:41 2025 GMT
        Subject: CN=57E7D20E4A6ECE16226020FD9057BFECEE76933F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:95:99:1d:4b:28:10:67:92:10:1d:5c:1b:8c:
                    56:14:75:8a:56:b9:0c:1a:d0:ed:16:c0:47:5a:f8:
                    a4:58:ac:57:1f:d5:e6:23:d6:63:36:b6:8f:ae:5b:
                    13:72:bb:ad:2b:a4:6b:b4:48:69:03:9c:04:32:9a:
                    64:98:74:80:6b:78:2a:fc:f3:73:2b:cd:c2:82:10:
                    1a:97:82:78:d0:da:43:b9:b8:cc:30:ff:3b:16:d3:
                    16:46:07:16:ea:2e:7e:11:61:5d:c8:f1:4c:b2:62:
                    0b:76:02:36:39:12:d1:e0:e2:51:fb:f4:63:ea:b2:
                    19:f6:b5:dc:b3:02:68:14:5b:bd:a3:8c:ae:3f:d9:
                    0d:02:18:e9:93:f9:c4:6a:12:dd:62:a2:ef:c1:93:
                    c9:b7:c4:c2:a5:f6:0c:e6:26:b4:1d:e9:16:98:14:
                    f6:bc:18:36:ba:91:af:ac:52:b9:b1:c2:6d:06:76:
                    0a:f3:1e:80:00:51:d6:61:ee:5e:bd:55:32:89:d7:
                    cf:95:d0:f9:f4:48:06:40:bd:7b:e0:94:3a:2a:b3:
                    b2:f9:c1:cc:ea:84:ad:28:fa:3e:c6:58:fb:ec:4e:
                    e2:7a:8a:48:28:38:f2:13:40:73:13:16:e4:03:48:
                    3a:51:d8:8d:25:a6:6f:2d:18:28:2b:4e:89:fe:45:
                    bf:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:E7:D2:0E:4A:6E:CE:16:22:60:20:FD:90:57:BF:EC:EE:76:93:3F
            X509v3 Authority Key Identifier:
                keyid:25:AA:12:EC:28:68:B9:0A:69:3E:EA:D2:56:32:B1:5E:24:52:5E:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8715877014D6A3562B90597EC394B914F16FD3A53C58939A770388B3FE7D727A/0/25AA12EC2868B90A693EEAD25632B15E24525ED3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25AA12EC2868B90A693EEAD25632B15E24525ED3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8715877014D6A3562B90597EC394B914F16FD3A53C58939A770388B3FE7D727A/0/3132382e3230312e32322e302f32342d3234203d3e20323635373430.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.201.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:f6:85:f2:f0:db:9d:21:02:ae:6a:d5:be:93:52:5a:32:12:
         45:c4:af:8d:7c:25:d0:d7:d0:80:55:91:b2:24:7f:74:36:08:
         69:f5:aa:50:a2:c0:12:0f:2d:c8:67:95:8c:e3:78:0e:64:2e:
         6f:3f:04:f9:58:11:db:c5:89:44:70:e6:f8:42:09:8a:83:64:
         4a:73:a3:b4:ce:27:85:ba:93:ea:dd:42:e8:4e:03:16:c2:8f:
         0b:d3:c3:cd:13:78:ed:82:f6:36:cb:84:c6:12:67:04:40:90:
         a3:14:bb:83:cc:20:c5:de:21:97:04:36:95:6c:b0:09:2b:e5:
         71:f2:4e:50:33:fd:8a:63:32:73:82:06:9e:e0:5c:be:00:4b:
         01:e1:5c:b7:59:2d:2f:06:9d:e7:0f:f0:c9:6c:b8:9b:8f:e6:
         ec:d1:06:8f:be:c3:63:a6:ad:e4:79:c6:e0:50:47:60:3f:ba:
         60:09:87:c6:54:27:8a:a8:89:c2:92:c2:56:3d:b3:6f:15:c6:
         e8:02:d9:22:e4:ac:ba:88:59:d6:87:f8:c7:2c:73:4b:90:04:
         8e:70:05:a7:0c:e2:64:75:e2:18:6a:d6:d7:2c:12:58:a6:58:
         5d:4c:b4:00:09:73:b4:af:ac:ef:b2:57:2f:2a:74:0c:e9:14:
         95:58:58:c7
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUawQHYOz72A4J+kUuMzvA4acxnL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjVBQTEyRUMyODY4QjkwQTY5M0VFQUQyNTYzMkIxNUUy
NDUyNUVEMzAeFw0yNDAzMDUxNzQ0NDFaFw0yNTAzMDQxNzQ5NDFaMDMxMTAvBgNV
BAMTKDU3RTdEMjBFNEE2RUNFMTYyMjYwMjBGRDkwNTdCRkVDRUU3NjkzM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDslZkdSygQZ5IQHVwbjFYUdYpW
uQwa0O0WwEda+KRYrFcf1eYj1mM2to+uWxNyu60rpGu0SGkDnAQymmSYdIBreCr8
83MrzcKCEBqXgnjQ2kO5uMww/zsW0xZGBxbqLn4RYV3I8UyyYgt2AjY5EtHg4lH7
9GPqshn2tdyzAmgUW72jjK4/2Q0CGOmT+cRqEt1iou/Bk8m3xMKl9gzmJrQd6RaY
FPa8GDa6ka+sUrmxwm0GdgrzHoAAUdZh7l69VTKJ18+V0Pn0SAZAvXvglDoqs7L5
wczqhK0o+j7GWPvsTuJ6ikgoOPITQHMTFuQDSDpR2I0lpm8tGCgrTon+Rb+fAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUV+fSDkpuzhYiYCD9kFe/7O52kz8wHwYDVR0j
BBgwFoAUJaoS7ChouQppPurSVjKxXiRSXtMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84NzE1ODc3MDE0RDZBMzU2MkI5MDU5N0VDMzk0QjkxNEYx
NkZEM0E1M0M1ODkzOUE3NzAzODhCM0ZFN0Q3MjdBLzAvMjVBQTEyRUMyODY4Qjkw
QTY5M0VFQUQyNTYzMkIxNUUyNDUyNUVEMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNUFBMTJFQzI4NjhCOTBBNjkz
RUVBRDI1NjMyQjE1RTI0NTI1RUQzLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODcxNTg3NzAxNEQ2QTM1NjJCOTA1OTdFQzM5NEI5MTRGMTZGRDNBNTND
NTg5MzlBNzcwMzg4QjNGRTdENzI3QS8wLzMxMzIzODJlMzIzMDMxMmUzMjMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM1MzczNDMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgMkW
MA0GCSqGSIb3DQEBCwUAA4IBAQBe9oXy8NudIQKuatW+k1JaMhJFxK+NfCXQ19CA
VZGyJH90Nghp9apQosASDy3IZ5WM43gOZC5vPwT5WBHbxYlEcOb4QgmKg2RKc6O0
zieFupPq3ULoTgMWwo8L08PNE3jtgvY2y4TGEmcEQJCjFLuDzCDF3iGXBDaVbLAJ
K+Vx8k5QM/2KYzJzggae4Fy+AEsB4Vy3WS0vBp3nD/DJbLibj+bs0QaPvsNjpq3k
ecbgUEdgP7pgCYfGVCeKqInCksJWPbNvFcboAtki5Ky6iFnWh/jHLHNLkASOcAWn
DOJkdeIYatbXLBJYplhdTLQACXO0r6zvslcvKnQM6RSVWFjH
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:27:16 2024 by rpki-client on console-ams.rpki-client.org