Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e39352e3233322e302f32322d3233203d3e203133393939.roa
File:                     3230302e39352e3233322e302f32322d3233203d3e203133393939.roa (raw, json)
Hash identifier:          3Dg93x3F6bxNtc7ol3BS/uCqsOi75gcxWKWZNKqYTlY=
Subject key identifier:   EA:4F:41:3E:C5:B6:4D:15:3D:31:AC:C7:0F:97:BA:90:37:A5:CD:BC
Certificate issuer:       /CN=E9771B2D309B05BB8C2F0EA36FF17501E242A19E
Certificate serial:       37E5F552B92728BAB299EA1ABF74884073056E81
Authority key identifier: E9:77:1B:2D:30:9B:05:BB:8C:2F:0E:A3:6F:F1:75:01:E2:42:A1:9E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e39352e3233322e302f32322d3233203d3e203133393939.roa
Signing time:             Tue 15 Jul 2025 17:25:28 +0000
ROA not before:           Tue 15 Jul 2025 17:20:28 +0000
ROA not after:            Tue 14 Jul 2026 17:25:28 +0000
asID:                     13999
IP address blocks:        200.95.232.0/22 maxlen: 23
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 05 Aug 2025 07:51:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:e5:f5:52:b9:27:28:ba:b2:99:ea:1a:bf:74:88:40:73:05:6e:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E9771B2D309B05BB8C2F0EA36FF17501E242A19E
        Validity
            Not Before: Jul 15 17:20:28 2025 GMT
            Not After : Jul 14 17:25:28 2026 GMT
        Subject: CN=EA4F413EC5B64D153D31ACC70F97BA9037A5CDBC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:55:05:d1:12:1a:5e:e1:3f:69:ec:79:a5:49:
                    aa:ad:3d:0f:29:f1:1f:dc:6c:3e:28:fb:87:b6:c9:
                    38:ae:97:5b:82:0b:c9:4c:1f:ea:05:9f:03:db:44:
                    53:1f:72:83:df:9c:12:ff:c5:59:8e:dd:3c:f9:e9:
                    ca:af:16:79:63:62:b9:1c:a1:95:0f:f6:82:ef:d1:
                    f7:c8:02:f2:8d:12:4c:1b:da:85:c1:98:75:25:1c:
                    cf:5d:f3:a9:e4:b9:d3:15:9d:84:ab:6e:3d:68:5f:
                    e8:27:ac:d7:c7:1b:c6:ad:65:53:54:35:6c:1a:f1:
                    33:b7:09:96:e6:98:dc:23:fa:0f:c9:ad:c6:64:57:
                    20:d7:47:1e:82:7c:ca:c8:9b:9c:6a:ff:58:5a:9f:
                    9c:d7:a9:c9:6f:33:1d:c3:cc:b2:4a:4f:81:db:b8:
                    83:a1:68:d2:bb:55:54:c5:d5:04:43:1e:ee:3c:f3:
                    fc:31:18:3d:b5:9e:16:c3:60:91:42:36:30:0a:28:
                    b8:f0:85:9a:b3:da:43:32:5c:e1:cb:0a:c0:e8:e3:
                    04:10:ee:7b:ce:bb:87:87:db:b0:55:05:96:77:6e:
                    9a:1c:8d:ad:34:66:91:33:66:ca:ef:44:03:25:c2:
                    50:26:df:1b:b5:6a:68:d6:45:82:86:5d:4c:42:bb:
                    21:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:4F:41:3E:C5:B6:4D:15:3D:31:AC:C7:0F:97:BA:90:37:A5:CD:BC
            X509v3 Authority Key Identifier:
                keyid:E9:77:1B:2D:30:9B:05:BB:8C:2F:0E:A3:6F:F1:75:01:E2:42:A1:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e39352e3233322e302f32322d3233203d3e203133393939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.95.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:f6:c7:8e:a5:cd:cb:95:d6:d1:3b:a4:af:f5:09:9e:c0:fb:
         35:8f:f1:62:0b:b8:35:bd:5a:c5:7c:e9:99:39:23:1d:ff:3e:
         72:59:9c:4a:3e:9e:26:49:25:3e:a5:84:c4:b0:78:56:64:2f:
         24:b7:8f:86:bf:4b:8f:85:7f:5f:39:24:af:65:7b:41:18:52:
         8b:fa:41:93:27:c0:b4:0e:30:68:95:9e:8c:16:3d:f5:4b:11:
         95:69:12:af:6f:18:1e:04:23:96:07:3d:0c:e1:e6:6e:fc:2f:
         43:66:af:9b:ea:06:e5:9f:d5:64:e5:ac:b7:41:9b:9a:62:ca:
         a2:c9:18:14:c2:03:f6:3a:21:d8:ab:7a:2c:e1:ee:c7:e1:f5:
         91:21:ea:a5:40:eb:48:fe:a6:b9:69:39:22:df:97:80:62:86:
         e0:2c:56:5c:f1:27:e0:77:38:93:a6:4e:a3:d3:a1:ca:e6:36:
         a7:0f:c3:d8:6c:43:e3:15:09:21:ab:62:83:79:93:ae:42:7a:
         33:a5:69:20:c5:50:c5:c2:ea:56:2e:0b:a5:74:18:29:47:ef:
         fb:be:d5:1c:48:67:5a:1a:77:86:fe:2d:e6:cf:61:62:18:11:
         65:ba:20:a6:8f:67:9b:38:f2:58:6d:19:ec:d8:f1:98:83:41:
         1a:1b:e2:8c
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUN+X1UrknKLqymeoav3SIQHMFboEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTk3NzFCMkQzMDlCMDVCQjhDMkYwRUEzNkZGMTc1MDFF
MjQyQTE5RTAeFw0yNTA3MTUxNzIwMjhaFw0yNjA3MTQxNzI1MjhaMDMxMTAvBgNV
BAMTKEVBNEY0MTNFQzVCNjREMTUzRDMxQUNDNzBGOTdCQTkwMzdBNUNEQkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZVQXREhpe4T9p7HmlSaqtPQ8p
8R/cbD4o+4e2yTiul1uCC8lMH+oFnwPbRFMfcoPfnBL/xVmO3Tz56cqvFnljYrkc
oZUP9oLv0ffIAvKNEkwb2oXBmHUlHM9d86nkudMVnYSrbj1oX+gnrNfHG8atZVNU
NWwa8TO3CZbmmNwj+g/JrcZkVyDXRx6CfMrIm5xq/1han5zXqclvMx3DzLJKT4Hb
uIOhaNK7VVTF1QRDHu488/wxGD21nhbDYJFCNjAKKLjwhZqz2kMyXOHLCsDo4wQQ
7nvOu4eH27BVBZZ3bpocja00ZpEzZsrvRAMlwlAm3xu1amjWRYKGXUxCuyHpAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU6k9BPsW2TRU9MazHD5e6kDelzbwwHwYDVR0j
BBgwFoAU6XcbLTCbBbuMLw6jb/F1AeJCoZ4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMEVCNkQ5NTYxNUUzNkRDQUQzNTE2NEE2OTkxMDk3OTJD
M0ZDRDNGODYxQjhDN0QxQTYwMTA2QUQzM0ZGRkUyLzAvRTk3NzFCMkQzMDlCMDVC
QjhDMkYwRUEzNkZGMTc1MDFFMjQyQTE5RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FOTc3MUIyRDMwOUIwNUJCOEMy
RjBFQTM2RkYxNzUwMUUyNDJBMTlFLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDBFQjZEOTU2MTVFMzZEQ0FEMzUxNjRBNjk5MTA5NzkyQzNGQ0QzRjg2
MUI4QzdEMUE2MDEwNkFEMzNGRkZFMi8wLzMyMzAzMDJlMzkzNTJlMzIzMzMyMmUz
MDJmMzIzMjJkMzIzMzIwM2QzZTIwMzEzMzM5MzkzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAshf6DAN
BgkqhkiG9w0BAQsFAAOCAQEAkfbHjqXNy5XW0Tukr/UJnsD7NY/xYgu4Nb1axXzp
mTkjHf8+clmcSj6eJkklPqWExLB4VmQvJLePhr9Lj4V/Xzkkr2V7QRhSi/pBkyfA
tA4waJWejBY99UsRlWkSr28YHgQjlgc9DOHmbvwvQ2avm+oG5Z/VZOWst0GbmmLK
oskYFMID9joh2Kt6LOHux+H1kSHqpUDrSP6muWk5It+XgGKG4CxWXPEn4Hc4k6ZO
o9OhyuY2pw/D2GxD4xUJIatig3mTrkJ6M6VpIMVQxcLqVi4LpXQYKUfv+77VHEhn
Whp3hv4t5s9hYhgRZbogpo9nmzjyWG0Z7NjxmINBGhvijA==
-----END CERTIFICATE-----
Generated at Sat Aug 2 05:41:47 2025 by rpki-client