Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8C3DCD134D6C2BBC15295709504834DBAD7AC33D95AEC8228564D09869C17E2C/0/3137302e38302e3136382e302f32322d3234203d3e203532343434.roa
File:                     3137302e38302e3136382e302f32322d3234203d3e203532343434.roa (raw, json)
Hash identifier:          YzBlq9LJxUa2egIa/XcTATWX4kStmU1HxR+w8ephmk4=
Subject key identifier:   6E:0C:F8:FD:F0:B4:2C:CA:09:FB:63:BD:96:29:3E:E0:F0:6B:1A:3D
Certificate issuer:       /CN=B33031ED49C5CD9D439BD38100D10BFD779C4683
Certificate serial:       11B663D7AAFBC0D0C6DDABB425C70410A0DF2EE2
Authority key identifier: B3:30:31:ED:49:C5:CD:9D:43:9B:D3:81:00:D1:0B:FD:77:9C:46:83
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B33031ED49C5CD9D439BD38100D10BFD779C4683.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8C3DCD134D6C2BBC15295709504834DBAD7AC33D95AEC8228564D09869C17E2C/0/3137302e38302e3136382e302f32322d3234203d3e203532343434.roa
Signing time:             Tue 04 Feb 2025 18:50:40 +0000
ROA not before:           Tue 04 Feb 2025 18:45:40 +0000
ROA not after:            Tue 03 Feb 2026 18:50:40 +0000
asID:                     52444
IP address blocks:        170.80.168.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8C3DCD134D6C2BBC15295709504834DBAD7AC33D95AEC8228564D09869C17E2C/0/B33031ED49C5CD9D439BD38100D10BFD779C4683.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8C3DCD134D6C2BBC15295709504834DBAD7AC33D95AEC8228564D09869C17E2C/0/B33031ED49C5CD9D439BD38100D10BFD779C4683.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B33031ED49C5CD9D439BD38100D10BFD779C4683.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 11 Feb 2025 23:18:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:b6:63:d7:aa:fb:c0:d0:c6:dd:ab:b4:25:c7:04:10:a0:df:2e:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B33031ED49C5CD9D439BD38100D10BFD779C4683
        Validity
            Not Before: Feb  4 18:45:40 2025 GMT
            Not After : Feb  3 18:50:40 2026 GMT
        Subject: CN=6E0CF8FDF0B42CCA09FB63BD96293EE0F06B1A3D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b3:4f:d6:f1:9f:4a:34:11:90:9a:34:3e:40:
                    0e:2c:17:77:c2:93:86:e7:2c:ca:38:46:a4:8d:10:
                    fd:65:5a:b7:49:f0:7c:35:61:c9:d3:97:af:84:65:
                    83:62:34:be:30:10:5b:a9:4c:65:ec:ce:70:57:01:
                    5b:b4:a6:0a:30:d1:eb:7c:5d:d8:e8:d1:77:d5:dc:
                    83:fc:e4:f4:84:9a:4d:b8:5d:c3:47:74:2d:d4:71:
                    d1:b7:f3:79:21:f6:4d:db:d6:c3:c5:6a:37:d2:90:
                    52:a7:c6:11:d0:c9:40:39:f2:3a:82:c4:2e:83:7b:
                    07:fb:ae:b9:ac:56:22:e5:e4:25:1c:94:a6:a8:0a:
                    d8:fb:75:1d:6f:3d:64:25:40:2d:f9:fd:f4:ba:d2:
                    96:d9:7e:7d:9f:ed:dc:6d:8e:08:aa:03:cf:d6:9b:
                    48:8d:f7:71:c0:cc:55:1b:94:53:27:a3:44:08:e0:
                    02:18:86:87:5f:81:62:04:fd:a4:6d:a5:b1:a7:9a:
                    f8:0b:4d:64:cf:8e:7a:c4:cc:ca:45:0c:b6:7e:e7:
                    c4:a1:1d:c4:68:d6:ff:c8:f6:8d:d7:39:30:29:5f:
                    ac:93:a1:33:35:31:b4:96:c5:5f:da:3f:6c:ce:dc:
                    c2:fc:09:d4:ce:0e:19:88:75:f9:37:36:59:b1:57:
                    90:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:0C:F8:FD:F0:B4:2C:CA:09:FB:63:BD:96:29:3E:E0:F0:6B:1A:3D
            X509v3 Authority Key Identifier:
                keyid:B3:30:31:ED:49:C5:CD:9D:43:9B:D3:81:00:D1:0B:FD:77:9C:46:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8C3DCD134D6C2BBC15295709504834DBAD7AC33D95AEC8228564D09869C17E2C/0/B33031ED49C5CD9D439BD38100D10BFD779C4683.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B33031ED49C5CD9D439BD38100D10BFD779C4683.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8C3DCD134D6C2BBC15295709504834DBAD7AC33D95AEC8228564D09869C17E2C/0/3137302e38302e3136382e302f32322d3234203d3e203532343434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.80.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:e6:ea:4b:e3:f8:9d:9b:d5:5c:e2:3b:2f:b0:6e:17:89:71:
         e6:85:5a:28:07:23:ef:e2:04:62:bd:cd:e4:06:8f:a2:f0:bb:
         72:05:b6:a2:70:2b:06:e0:40:d1:e2:c4:ae:5d:b3:ae:9d:af:
         bd:2d:69:54:d8:fd:ca:aa:71:67:e2:b2:e3:f7:d8:1f:d0:18:
         10:b8:10:d9:a3:0b:75:dd:d0:ff:0d:73:ed:89:72:47:64:f6:
         aa:db:22:9a:23:99:c3:91:a4:07:7f:47:0f:14:fb:00:02:53:
         d8:63:c1:30:d1:ce:44:b8:3f:2d:2e:70:91:b6:6b:54:53:e9:
         68:0e:f2:4c:06:93:ae:e7:2f:b2:5a:02:ed:7a:03:ec:ce:c9:
         dd:b7:bb:63:09:3c:91:77:33:6e:60:97:76:1d:d1:d9:ee:a3:
         64:5e:88:dd:06:5b:e4:0c:51:03:dd:ac:f6:a3:cd:98:7f:71:
         91:f5:0c:90:b1:25:9a:e4:13:7b:95:9c:d8:1c:98:dd:f9:9a:
         fe:5f:04:0e:57:a1:e9:20:29:fe:b7:8d:b4:45:30:d4:5c:88:
         93:f1:97:bd:42:16:df:fa:da:85:cf:4e:6c:92:ad:08:63:3d:
         3b:fb:52:af:c4:3a:4a:27:dc:23:b0:98:46:9c:ab:cb:14:29:
         40:9d:8e:d8
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUEbZj16r7wNDG3au0JccEEKDfLuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjMzMDMxRUQ0OUM1Q0Q5RDQzOUJEMzgxMDBEMTBCRkQ3
NzlDNDY4MzAeFw0yNTAyMDQxODQ1NDBaFw0yNjAyMDMxODUwNDBaMDMxMTAvBgNV
BAMTKDZFMENGOEZERjBCNDJDQ0EwOUZCNjNCRDk2MjkzRUUwRjA2QjFBM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIs0/W8Z9KNBGQmjQ+QA4sF3fC
k4bnLMo4RqSNEP1lWrdJ8Hw1YcnTl6+EZYNiNL4wEFupTGXsznBXAVu0pgow0et8
Xdjo0XfV3IP85PSEmk24XcNHdC3UcdG383kh9k3b1sPFajfSkFKnxhHQyUA58jqC
xC6Dewf7rrmsViLl5CUclKaoCtj7dR1vPWQlQC35/fS60pbZfn2f7dxtjgiqA8/W
m0iN93HAzFUblFMno0QI4AIYhodfgWIE/aRtpbGnmvgLTWTPjnrEzMpFDLZ+58Sh
HcRo1v/I9o3XOTApX6yToTM1MbSWxV/aP2zO3ML8CdTODhmIdfk3NlmxV5DRAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUbgz4/fC0LMoJ+2O9lik+4PBrGj0wHwYDVR0j
BBgwFoAUszAx7UnFzZ1Dm9OBANEL/XecRoMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84QzNEQ0QxMzRENkMyQkJDMTUyOTU3MDk1MDQ4MzREQkFE
N0FDMzNEOTVBRUM4MjI4NTY0RDA5ODY5QzE3RTJDLzAvQjMzMDMxRUQ0OUM1Q0Q5
RDQzOUJEMzgxMDBEMTBCRkQ3NzlDNDY4My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CMzMwMzFFRDQ5QzVDRDlENDM5
QkQzODEwMEQxMEJGRDc3OUM0NjgzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEMzRENEMTM0RDZDMkJCQzE1Mjk1NzA5NTA0ODM0REJBRDdBQzMzRDk1
QUVDODIyODU2NEQwOTg2OUMxN0UyQy8wLzMxMzczMDJlMzgzMDJlMzEzNjM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzUzMjM0MzQzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqpQqDAN
BgkqhkiG9w0BAQsFAAOCAQEAHebqS+P4nZvVXOI7L7BuF4lx5oVaKAcj7+IEYr3N
5AaPovC7cgW2onArBuBA0eLErl2zrp2vvS1pVNj9yqpxZ+Ky4/fYH9AYELgQ2aML
dd3Q/w1z7YlyR2T2qtsimiOZw5GkB39HDxT7AAJT2GPBMNHORLg/LS5wkbZrVFPp
aA7yTAaTrucvsloC7XoD7M7J3be7Ywk8kXczbmCXdh3R2e6jZF6I3QZb5AxRA92s
9qPNmH9xkfUMkLElmuQTe5Wc2ByY3fma/l8EDleh6SAp/reNtEUw1FyIk/GXvUIW
3/rahc9ObJKtCGM9O/tSr8Q6SifcI7CYRpyryxQpQJ2O2A==
-----END CERTIFICATE-----
Generated at Sun Feb 9 14:53:32 2025 by rpki-client