Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C5E62F0B4A7E8D08961E23359E6B86CA00EC3EF0291CB105DF6B2B0A707D3694/0/3137302e3233382e3230302e302f32322d3234203d3e20323634383134.roa
File:                     3137302e3233382e3230302e302f32322d3234203d3e20323634383134.roa (raw, json)
Hash identifier:          GRpexrYalqri/XtcatVVs5sF+kH+7mnIlifAOLf793g=
Subject key identifier:   EA:22:53:B2:54:A9:63:B1:DA:EE:45:50:4C:62:26:DB:2C:D1:63:AB
Certificate issuer:       /CN=5771463D9A603B67C2C5B155999D0F8CFE894F78
Certificate serial:       0CC71D8A2FACBC53CD473C69B4BA7F6DC123C399
Authority key identifier: 57:71:46:3D:9A:60:3B:67:C2:C5:B1:55:99:9D:0F:8C:FE:89:4F:78
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5771463D9A603B67C2C5B155999D0F8CFE894F78.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C5E62F0B4A7E8D08961E23359E6B86CA00EC3EF0291CB105DF6B2B0A707D3694/0/3137302e3233382e3230302e302f32322d3234203d3e20323634383134.roa
Signing time:             Tue 04 Feb 2025 18:16:52 +0000
ROA not before:           Tue 04 Feb 2025 18:11:52 +0000
ROA not after:            Tue 03 Feb 2026 18:16:52 +0000
asID:                     264814
IP address blocks:        170.238.200.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C5E62F0B4A7E8D08961E23359E6B86CA00EC3EF0291CB105DF6B2B0A707D3694/0/5771463D9A603B67C2C5B155999D0F8CFE894F78.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C5E62F0B4A7E8D08961E23359E6B86CA00EC3EF0291CB105DF6B2B0A707D3694/0/5771463D9A603B67C2C5B155999D0F8CFE894F78.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5771463D9A603B67C2C5B155999D0F8CFE894F78.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 14:57:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:c7:1d:8a:2f:ac:bc:53:cd:47:3c:69:b4:ba:7f:6d:c1:23:c3:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5771463D9A603B67C2C5B155999D0F8CFE894F78
        Validity
            Not Before: Feb  4 18:11:52 2025 GMT
            Not After : Feb  3 18:16:52 2026 GMT
        Subject: CN=EA2253B254A963B1DAEE45504C6226DB2CD163AB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:76:d9:15:f9:34:98:0a:31:fd:4f:8b:58:29:
                    e7:f7:bc:c1:e5:70:bb:02:70:3c:2e:72:91:ae:82:
                    d2:5e:f2:d3:09:9a:aa:43:8b:53:4b:f2:33:ea:b5:
                    c3:9e:9c:87:14:c5:d7:5a:6f:97:84:e8:61:dc:8f:
                    c4:f5:be:22:da:e7:50:1e:01:6f:0f:b1:fb:45:a4:
                    4a:08:67:71:41:be:7e:36:b1:67:2f:40:8d:f3:68:
                    fd:07:35:55:9b:dd:ef:14:dc:c5:f1:3a:ad:03:09:
                    0a:ae:65:8c:08:d2:4f:2f:4d:9a:99:9b:3a:e8:39:
                    f2:30:62:5d:bc:70:44:eb:a3:2a:8d:eb:f5:61:cf:
                    da:fe:cb:30:28:02:a4:c8:89:a4:83:55:e9:46:08:
                    26:86:75:08:5e:cc:e8:c2:0b:1b:9b:f4:6e:32:4f:
                    65:97:51:e5:90:5a:af:af:55:e8:de:d9:40:4d:f4:
                    cf:e0:63:5b:a3:0a:49:c6:8a:62:96:39:96:22:3a:
                    7c:05:cf:9e:48:2d:b8:9d:8b:83:3b:a7:86:95:2f:
                    fb:21:a9:e1:fa:36:f6:bc:32:23:99:2a:23:26:06:
                    ba:89:e3:ad:1b:ca:6b:cf:ef:d7:7e:d3:e2:97:4c:
                    e0:ff:53:87:37:b1:b8:8b:b6:1e:85:fd:71:a1:75:
                    67:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:22:53:B2:54:A9:63:B1:DA:EE:45:50:4C:62:26:DB:2C:D1:63:AB
            X509v3 Authority Key Identifier:
                keyid:57:71:46:3D:9A:60:3B:67:C2:C5:B1:55:99:9D:0F:8C:FE:89:4F:78

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C5E62F0B4A7E8D08961E23359E6B86CA00EC3EF0291CB105DF6B2B0A707D3694/0/5771463D9A603B67C2C5B155999D0F8CFE894F78.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5771463D9A603B67C2C5B155999D0F8CFE894F78.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C5E62F0B4A7E8D08961E23359E6B86CA00EC3EF0291CB105DF6B2B0A707D3694/0/3137302e3233382e3230302e302f32322d3234203d3e20323634383134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.238.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         15:40:47:d6:95:1b:2b:55:da:42:ee:41:11:32:22:77:ea:be:
         25:4c:cd:2d:a7:08:dc:f2:96:eb:6d:4c:42:fc:7b:68:46:b4:
         c3:b1:b2:f4:de:1c:9c:28:5c:69:dc:af:db:9e:0d:30:45:87:
         22:76:8f:fd:8b:1e:e2:86:e6:77:e4:e5:56:e4:94:22:d3:b4:
         f5:4b:4a:9f:93:8b:49:11:a4:c0:b2:ba:41:7d:ca:37:a3:55:
         f6:46:82:cf:0a:30:29:57:fe:d9:c1:e4:32:9f:cd:cf:55:74:
         3e:ef:33:fd:92:d9:df:23:7b:12:b9:4e:3a:cd:94:b7:39:c3:
         12:bd:b9:31:0f:61:3d:e8:42:9b:9c:ad:eb:31:01:36:51:fa:
         8a:38:ff:eb:6b:84:5a:ec:96:79:b6:7c:a7:c9:2b:6f:ab:cf:
         2e:9e:10:9b:f3:0c:4d:75:8c:0b:09:95:8c:47:af:73:f5:bc:
         82:d6:18:dd:fa:8a:d6:36:15:19:89:5f:92:5b:f0:3e:db:ea:
         62:f7:42:fa:02:ec:9e:60:9d:be:2f:f0:c3:64:12:81:a9:cc:
         21:41:09:b6:31:9b:ab:24:8a:2d:fd:72:01:49:26:76:11:f5:
         fa:f6:c2:bf:8c:48:dd:fb:0b:82:bc:bc:e4:20:7a:a0:20:f6:
         e8:bb:38:69
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUDMcdii+svFPNRzxptLp/bcEjw5kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTc3MTQ2M0Q5QTYwM0I2N0MyQzVCMTU1OTk5RDBGOENG
RTg5NEY3ODAeFw0yNTAyMDQxODExNTJaFw0yNjAyMDMxODE2NTJaMDMxMTAvBgNV
BAMTKEVBMjI1M0IyNTRBOTYzQjFEQUVFNDU1MDRDNjIyNkRCMkNEMTYzQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDidtkV+TSYCjH9T4tYKef3vMHl
cLsCcDwucpGugtJe8tMJmqpDi1NL8jPqtcOenIcUxddab5eE6GHcj8T1viLa51Ae
AW8PsftFpEoIZ3FBvn42sWcvQI3zaP0HNVWb3e8U3MXxOq0DCQquZYwI0k8vTZqZ
mzroOfIwYl28cETroyqN6/Vhz9r+yzAoAqTIiaSDVelGCCaGdQhezOjCCxub9G4y
T2WXUeWQWq+vVeje2UBN9M/gY1ujCknGimKWOZYiOnwFz55ILbidi4M7p4aVL/sh
qeH6Nva8MiOZKiMmBrqJ460bymvP79d+0+KXTOD/U4c3sbiLth6F/XGhdWdHAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU6iJTslSpY7Ha7kVQTGIm2yzRY6swHwYDVR0j
BBgwFoAUV3FGPZpgO2fCxbFVmZ0PjP6JT3gwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DNUU2MkYwQjRBN0U4RDA4OTYxRTIzMzU5RTZCODZDQTAw
RUMzRUYwMjkxQ0IxMDVERjZCMkIwQTcwN0QzNjk0LzAvNTc3MTQ2M0Q5QTYwM0I2
N0MyQzVCMTU1OTk5RDBGOENGRTg5NEY3OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81NzcxNDYzRDlBNjAzQjY3QzJD
NUIxNTU5OTlEMEY4Q0ZFODk0Rjc4LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzVFNjJGMEI0QTdFOEQwODk2MUUyMzM1OUU2Qjg2Q0EwMEVDM0VGMDI5
MUNCMTA1REY2QjJCMEE3MDdEMzY5NC8wLzMxMzczMDJlMzIzMzM4MmUzMjMwMzAy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzQzODMxMzQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKq
7sgwDQYJKoZIhvcNAQELBQADggEBABVAR9aVGytV2kLuQREyInfqviVMzS2nCNzy
luttTEL8e2hGtMOxsvTeHJwoXGncr9ueDTBFhyJ2j/2LHuKG5nfk5VbklCLTtPVL
Sp+Ti0kRpMCyukF9yjejVfZGgs8KMClX/tnB5DKfzc9VdD7vM/2S2d8jexK5TjrN
lLc5wxK9uTEPYT3oQpucresxATZR+oo4/+trhFrslnm2fKfJK2+rzy6eEJvzDE11
jAsJlYxHr3P1vILWGN36itY2FRmJX5Jb8D7b6mL3QvoC7J5gnb4v8MNkEoGpzCFB
CbYxm6skii39cgFJJnYR9fr2wr+MSN37C4K8vOQgeqAg9ui7OGk=
-----END CERTIFICATE-----
Generated at Sat Feb 15 00:07:57 2025 by rpki-client