Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B1EF7D8DB15D54379148B50DB90A4F61D2DD531FE334841DA30778834700DA9D/0/3137302e38312e3235342e302f32342d3234203d3e20323634383432.roa
File:                     3137302e38312e3235342e302f32342d3234203d3e20323634383432.roa (raw, json)
Hash identifier:          swFyWshSCHbF3iB7VL/miyHMTgzBzKLCyJbgbi9Roh8=
Subject key identifier:   84:56:C1:65:5D:A7:FA:CF:91:43:A0:F6:87:F7:88:A3:C5:BA:F0:5E
Certificate issuer:       /CN=2AE59E62324C453AEB84910F81FFB3247C715B49
Certificate serial:       74181BFD710377CF5024AEFC86B63F34ADEA85BE
Authority key identifier: 2A:E5:9E:62:32:4C:45:3A:EB:84:91:0F:81:FF:B3:24:7C:71:5B:49
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2AE59E62324C453AEB84910F81FFB3247C715B49.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B1EF7D8DB15D54379148B50DB90A4F61D2DD531FE334841DA30778834700DA9D/0/3137302e38312e3235342e302f32342d3234203d3e20323634383432.roa
Signing time:             Tue 20 May 2025 15:19:52 +0000
ROA not before:           Tue 20 May 2025 15:14:52 +0000
ROA not after:            Tue 19 May 2026 15:19:52 +0000
asID:                     264842
IP address blocks:        170.81.254.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/B1EF7D8DB15D54379148B50DB90A4F61D2DD531FE334841DA30778834700DA9D/0/2AE59E62324C453AEB84910F81FFB3247C715B49.crl
                          rsync://repository.lacnic.net/rpki/lacnic/B1EF7D8DB15D54379148B50DB90A4F61D2DD531FE334841DA30778834700DA9D/0/2AE59E62324C453AEB84910F81FFB3247C715B49.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2AE59E62324C453AEB84910F81FFB3247C715B49.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 15 Jun 2025 16:10:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:18:1b:fd:71:03:77:cf:50:24:ae:fc:86:b6:3f:34:ad:ea:85:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2AE59E62324C453AEB84910F81FFB3247C715B49
        Validity
            Not Before: May 20 15:14:52 2025 GMT
            Not After : May 19 15:19:52 2026 GMT
        Subject: CN=8456C1655DA7FACF9143A0F687F788A3C5BAF05E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9c:d7:37:7a:ed:75:36:aa:fd:bf:a2:7a:e0:
                    0f:38:80:39:d5:dd:66:66:fc:39:c2:fd:1a:bc:d0:
                    3d:07:4b:d3:ab:06:bb:6b:95:6e:c6:38:ed:7a:7b:
                    cb:ce:6f:05:ed:7b:83:5a:12:05:d0:92:3e:9b:a6:
                    0c:72:2a:db:94:75:dc:7d:5d:fa:b6:4b:08:3d:97:
                    9d:ff:ff:fb:c2:bf:9a:7b:fa:97:58:bd:7a:7f:36:
                    51:bd:40:20:ae:58:51:df:d9:bb:7f:2e:60:fb:90:
                    5f:d8:05:89:11:73:29:c9:f0:61:f5:e5:3e:19:8c:
                    3b:88:ef:7f:d7:33:ef:6a:9b:91:22:e4:33:9d:b3:
                    25:df:c1:c9:21:59:fa:8e:f2:72:d6:74:d0:91:3b:
                    5b:fa:0f:0c:a9:d9:55:08:5e:27:3f:5e:0f:81:1f:
                    32:7a:c9:ca:21:b8:4b:37:02:dc:d2:1e:94:97:0d:
                    f2:50:77:33:4f:e7:bf:76:d8:7c:ae:68:a2:75:f6:
                    74:a3:85:66:66:d0:05:7a:de:8b:77:1c:7e:70:81:
                    2e:f5:6f:8c:3d:63:e9:d0:5d:f5:bc:d9:68:fb:84:
                    bc:33:12:8e:d6:68:80:2f:e9:8d:34:f7:46:0f:88:
                    bf:e6:6d:3d:31:2a:d9:0f:e2:40:6d:ab:41:2d:31:
                    55:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:56:C1:65:5D:A7:FA:CF:91:43:A0:F6:87:F7:88:A3:C5:BA:F0:5E
            X509v3 Authority Key Identifier:
                keyid:2A:E5:9E:62:32:4C:45:3A:EB:84:91:0F:81:FF:B3:24:7C:71:5B:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B1EF7D8DB15D54379148B50DB90A4F61D2DD531FE334841DA30778834700DA9D/0/2AE59E62324C453AEB84910F81FFB3247C715B49.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2AE59E62324C453AEB84910F81FFB3247C715B49.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B1EF7D8DB15D54379148B50DB90A4F61D2DD531FE334841DA30778834700DA9D/0/3137302e38312e3235342e302f32342d3234203d3e20323634383432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.81.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:17:64:fb:31:59:49:00:ea:40:73:9e:87:50:42:c4:56:eb:
         65:ae:a1:fc:7e:47:14:a2:95:88:0e:5c:25:12:7e:9c:27:2d:
         a9:6d:ed:6e:5f:f1:94:04:e1:d6:ec:2b:7e:52:0d:8e:10:b1:
         0a:cf:22:55:bc:42:37:6b:c8:e6:19:36:91:b5:2b:60:cd:0d:
         72:4e:d5:2a:5e:a0:11:1b:71:c1:dc:69:de:e8:8d:80:73:b7:
         81:51:1c:b6:15:ae:e3:68:f4:c7:7d:61:06:ea:da:81:25:dc:
         bc:c9:9a:63:0c:2b:1d:a6:43:99:d0:9a:dc:c8:7e:75:37:a5:
         74:75:ac:1e:2a:38:7c:bd:3f:d1:eb:51:9e:bc:7f:9a:85:16:
         4a:94:a1:a0:4c:cb:61:65:34:d4:e1:da:77:5e:3b:b7:ed:40:
         48:58:ad:2e:4e:3a:f2:f6:7f:9a:e0:46:7c:e3:0f:66:d6:59:
         26:21:13:34:03:d4:3c:39:be:7e:7f:89:b0:78:f4:32:74:a0:
         0a:12:e0:ba:cb:fa:1d:01:e2:14:a9:ff:5c:a6:75:0c:d1:e9:
         6e:fe:ee:00:36:c3:79:3d:96:bd:ae:61:6b:01:17:c0:ec:fe:
         b1:9d:5a:b0:47:1c:85:cc:19:51:0c:fc:1f:8e:6c:d5:32:fa:
         1b:b9:18:ee
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUdBgb/XEDd89QJK78hrY/NK3qhb4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkFFNTlFNjIzMjRDNDUzQUVCODQ5MTBGODFGRkIzMjQ3
QzcxNUI0OTAeFw0yNTA1MjAxNTE0NTJaFw0yNjA1MTkxNTE5NTJaMDMxMTAvBgNV
BAMTKDg0NTZDMTY1NURBN0ZBQ0Y5MTQzQTBGNjg3Rjc4OEEzQzVCQUYwNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4nNc3eu11Nqr9v6J64A84gDnV
3WZm/DnC/Rq80D0HS9OrBrtrlW7GOO16e8vObwXte4NaEgXQkj6bpgxyKtuUddx9
Xfq2Swg9l53///vCv5p7+pdYvXp/NlG9QCCuWFHf2bt/LmD7kF/YBYkRcynJ8GH1
5T4ZjDuI73/XM+9qm5Ei5DOdsyXfwckhWfqO8nLWdNCRO1v6Dwyp2VUIXic/Xg+B
HzJ6ycohuEs3AtzSHpSXDfJQdzNP57922HyuaKJ19nSjhWZm0AV63ot3HH5wgS71
b4w9Y+nQXfW82Wj7hLwzEo7WaIAv6Y0090YPiL/mbT0xKtkP4kBtq0EtMVXlAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUhFbBZV2n+s+RQ6D2h/eIo8W68F4wHwYDVR0j
BBgwFoAUKuWeYjJMRTrrhJEPgf+zJHxxW0kwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMUVGN0Q4REIxNUQ1NDM3OTE0OEI1MERCOTBBNEY2MUQy
REQ1MzFGRTMzNDg0MURBMzA3Nzg4MzQ3MDBEQTlELzAvMkFFNTlFNjIzMjRDNDUz
QUVCODQ5MTBGODFGRkIzMjQ3QzcxNUI0OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yQUU1OUU2MjMyNEM0NTNBRUI4
NDkxMEY4MUZGQjMyNDdDNzE1QjQ5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjFFRjdEOERCMTVENTQzNzkxNDhCNTBEQjkwQTRGNjFEMkRENTMxRkUz
MzQ4NDFEQTMwNzc4ODM0NzAwREE5RC8wLzMxMzczMDJlMzgzMTJlMzIzNTM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM0MzgzNDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqlH+
MA0GCSqGSIb3DQEBCwUAA4IBAQCUF2T7MVlJAOpAc56HUELEVutlrqH8fkcUopWI
DlwlEn6cJy2pbe1uX/GUBOHW7Ct+Ug2OELEKzyJVvEI3a8jmGTaRtStgzQ1yTtUq
XqARG3HB3Gne6I2Ac7eBURy2Fa7jaPTHfWEG6tqBJdy8yZpjDCsdpkOZ0JrcyH51
N6V0daweKjh8vT/R61GevH+ahRZKlKGgTMthZTTU4dp3Xju37UBIWK0uTjry9n+a
4EZ84w9m1lkmIRM0A9Q8Ob5+f4mwePQydKAKEuC6y/odAeIUqf9cpnUM0elu/u4A
NsN5PZa9rmFrARfA7P6xnVqwRxyFzBlRDPwfjmzVMvobuRju
-----END CERTIFICATE-----
Generated at Thu Jun 12 07:42:44 2025 by rpki-client