Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B1EF7D8DB15D54379148B50DB90A4F61D2DD531FE334841DA30778834700DA9D/0/3137302e38312e3235332e302f32342d3234203d3e20323634383432.roa
File:                     3137302e38312e3235332e302f32342d3234203d3e20323634383432.roa (raw, json)
Hash identifier:          XPN4XrD1Bbbwt3YQ4/Cw82LzkU0H84M6KayDT9zJNrQ=
Subject key identifier:   1E:A6:F3:86:95:A7:C7:86:3C:B4:15:5B:96:15:A1:F7:EC:16:B0:51
Certificate issuer:       /CN=2AE59E62324C453AEB84910F81FFB3247C715B49
Certificate serial:       3D1E1569906A26F3387D4624A0EB19537737EF63
Authority key identifier: 2A:E5:9E:62:32:4C:45:3A:EB:84:91:0F:81:FF:B3:24:7C:71:5B:49
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2AE59E62324C453AEB84910F81FFB3247C715B49.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B1EF7D8DB15D54379148B50DB90A4F61D2DD531FE334841DA30778834700DA9D/0/3137302e38312e3235332e302f32342d3234203d3e20323634383432.roa
Signing time:             Tue 20 May 2025 15:19:52 +0000
ROA not before:           Tue 20 May 2025 15:14:52 +0000
ROA not after:            Tue 19 May 2026 15:19:52 +0000
asID:                     264842
IP address blocks:        170.81.253.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/B1EF7D8DB15D54379148B50DB90A4F61D2DD531FE334841DA30778834700DA9D/0/2AE59E62324C453AEB84910F81FFB3247C715B49.crl
                          rsync://repository.lacnic.net/rpki/lacnic/B1EF7D8DB15D54379148B50DB90A4F61D2DD531FE334841DA30778834700DA9D/0/2AE59E62324C453AEB84910F81FFB3247C715B49.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2AE59E62324C453AEB84910F81FFB3247C715B49.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 17 Jun 2025 04:39:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:1e:15:69:90:6a:26:f3:38:7d:46:24:a0:eb:19:53:77:37:ef:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2AE59E62324C453AEB84910F81FFB3247C715B49
        Validity
            Not Before: May 20 15:14:52 2025 GMT
            Not After : May 19 15:19:52 2026 GMT
        Subject: CN=1EA6F38695A7C7863CB4155B9615A1F7EC16B051
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:4f:11:e9:92:bb:a8:92:29:5c:2c:e5:b9:ce:
                    43:f9:8f:79:1e:86:e2:f3:5b:c6:36:17:39:98:ca:
                    27:f3:72:a6:3c:ef:2a:8c:e8:57:63:b5:ef:cb:1b:
                    80:ba:12:18:ce:b1:80:2b:1c:aa:fd:2f:a4:01:c2:
                    8c:2f:87:a6:95:79:7a:ed:3a:82:28:8c:4a:09:4b:
                    ee:1a:6d:a8:d5:8c:55:81:91:e4:ed:a7:8f:75:c7:
                    2f:7e:ba:21:65:7f:7b:28:eb:99:e3:60:f0:87:61:
                    d2:6c:7b:ed:f8:94:7c:6a:96:7a:28:5a:d5:ee:29:
                    ae:e8:89:2a:82:c5:7a:8c:20:56:c5:b4:98:8e:ef:
                    57:db:0a:bb:10:ca:3c:cf:28:15:de:36:d8:89:28:
                    58:40:bd:3c:b2:6c:fb:ef:ad:9a:4a:8a:38:06:36:
                    32:37:5a:07:3e:e3:d8:9c:62:d9:d1:4e:db:dc:4c:
                    31:10:8f:82:2f:b1:17:92:49:31:67:08:81:49:ba:
                    ed:86:6e:c5:27:86:ba:92:84:64:be:f3:df:87:58:
                    1b:98:9a:81:49:43:55:cd:61:a3:2b:97:85:47:43:
                    5e:4c:10:92:2e:73:34:c4:6c:b4:b8:4f:2e:66:30:
                    4a:b0:16:91:bf:bd:8e:6f:a2:dc:92:48:16:80:97:
                    8f:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:A6:F3:86:95:A7:C7:86:3C:B4:15:5B:96:15:A1:F7:EC:16:B0:51
            X509v3 Authority Key Identifier:
                keyid:2A:E5:9E:62:32:4C:45:3A:EB:84:91:0F:81:FF:B3:24:7C:71:5B:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B1EF7D8DB15D54379148B50DB90A4F61D2DD531FE334841DA30778834700DA9D/0/2AE59E62324C453AEB84910F81FFB3247C715B49.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2AE59E62324C453AEB84910F81FFB3247C715B49.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B1EF7D8DB15D54379148B50DB90A4F61D2DD531FE334841DA30778834700DA9D/0/3137302e38312e3235332e302f32342d3234203d3e20323634383432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.81.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:3d:4e:d6:db:72:07:7e:99:4f:d8:98:c1:2f:cb:53:b6:1d:
         0f:ef:7e:c1:98:92:41:a4:4a:7c:87:24:d4:ba:49:24:34:5e:
         ad:89:67:15:97:cd:3a:13:f7:8d:85:ea:29:94:80:76:35:d2:
         37:46:a5:52:03:82:96:8e:fa:7d:0f:b1:3f:9e:ed:85:0d:1d:
         78:50:ac:96:30:13:6b:59:be:dd:64:3e:7f:b7:8f:6d:b3:4d:
         81:59:43:01:93:68:25:55:c2:5f:e0:70:05:45:60:e5:b6:1c:
         24:73:58:bd:6b:8e:9d:be:78:c3:88:0b:34:2f:ca:f6:6f:d6:
         55:64:70:03:a2:51:f6:b4:ea:3d:68:0c:40:06:28:aa:ec:41:
         1a:0f:c1:a0:cf:10:7a:1e:cb:e4:5e:ae:b4:d9:22:4b:2b:99:
         03:c7:cc:df:40:3a:81:51:e3:12:c9:6a:21:a1:bb:ea:34:c3:
         b9:fe:19:d6:1e:5e:ff:e7:fb:fb:68:80:01:f4:5c:91:01:e8:
         15:49:58:98:17:b2:ff:a3:6d:43:13:60:b0:99:9d:51:3c:ba:
         a9:2e:64:75:c6:3a:0b:4a:93:8e:38:8d:86:1a:f0:1e:98:19:
         e6:69:84:7f:34:e2:ef:ae:3a:5a:5a:31:02:33:4f:cd:21:31:
         c8:fb:7f:54
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUPR4VaZBqJvM4fUYkoOsZU3c372MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkFFNTlFNjIzMjRDNDUzQUVCODQ5MTBGODFGRkIzMjQ3
QzcxNUI0OTAeFw0yNTA1MjAxNTE0NTJaFw0yNjA1MTkxNTE5NTJaMDMxMTAvBgNV
BAMTKDFFQTZGMzg2OTVBN0M3ODYzQ0I0MTU1Qjk2MTVBMUY3RUMxNkIwNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvTxHpkruokilcLOW5zkP5j3ke
huLzW8Y2FzmYyifzcqY87yqM6Fdjte/LG4C6EhjOsYArHKr9L6QBwowvh6aVeXrt
OoIojEoJS+4abajVjFWBkeTtp491xy9+uiFlf3so65njYPCHYdJse+34lHxqlnoo
WtXuKa7oiSqCxXqMIFbFtJiO71fbCrsQyjzPKBXeNtiJKFhAvTyybPvvrZpKijgG
NjI3Wgc+49icYtnRTtvcTDEQj4IvsReSSTFnCIFJuu2GbsUnhrqShGS+89+HWBuY
moFJQ1XNYaMrl4VHQ15MEJIuczTEbLS4Ty5mMEqwFpG/vY5votySSBaAl4+ZAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUHqbzhpWnx4Y8tBVblhWh9+wWsFEwHwYDVR0j
BBgwFoAUKuWeYjJMRTrrhJEPgf+zJHxxW0kwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMUVGN0Q4REIxNUQ1NDM3OTE0OEI1MERCOTBBNEY2MUQy
REQ1MzFGRTMzNDg0MURBMzA3Nzg4MzQ3MDBEQTlELzAvMkFFNTlFNjIzMjRDNDUz
QUVCODQ5MTBGODFGRkIzMjQ3QzcxNUI0OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yQUU1OUU2MjMyNEM0NTNBRUI4
NDkxMEY4MUZGQjMyNDdDNzE1QjQ5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjFFRjdEOERCMTVENTQzNzkxNDhCNTBEQjkwQTRGNjFEMkRENTMxRkUz
MzQ4NDFEQTMwNzc4ODM0NzAwREE5RC8wLzMxMzczMDJlMzgzMTJlMzIzNTMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM0MzgzNDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqlH9
MA0GCSqGSIb3DQEBCwUAA4IBAQBXPU7W23IHfplP2JjBL8tTth0P737BmJJBpEp8
hyTUukkkNF6tiWcVl806E/eNheoplIB2NdI3RqVSA4KWjvp9D7E/nu2FDR14UKyW
MBNrWb7dZD5/t49ts02BWUMBk2glVcJf4HAFRWDlthwkc1i9a46dvnjDiAs0L8r2
b9ZVZHADolH2tOo9aAxABiiq7EEaD8GgzxB6HsvkXq602SJLK5kDx8zfQDqBUeMS
yWohobvqNMO5/hnWHl7/5/v7aIAB9FyRAegVSViYF7L/o21DE2CwmZ1RPLqpLmR1
xjoLSpOOOI2GGvAemBnmaYR/NOLvrjpaWjECM0/NITHI+39U
-----END CERTIFICATE-----
Generated at Thu Jun 12 19:29:41 2025 by rpki-client