Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D572EA2659715B3B002B9225A1529608FC29328B0BFED7958379A8EF9D006EF5/0/AS28064.roa
File:                     AS28064.roa (raw, json)
Hash identifier:          QqSXTWrYolMa2/E5Uj1Y6hCSuKpDJTcs6Witqje45CM=
Subject key identifier:   89:AC:30:45:43:E1:BA:B2:5F:82:D8:CC:3B:6C:40:25:F5:99:39:B7
Certificate issuer:       /CN=5D158BE61CA911BC34A887005B96056F4C474B1E
Certificate serial:       070E8F42A100D2E3E7D2A6AA2C7A2DF71F6D8FCF
Authority key identifier: 5D:15:8B:E6:1C:A9:11:BC:34:A8:87:00:5B:96:05:6F:4C:47:4B:1E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5D158BE61CA911BC34A887005B96056F4C474B1E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D572EA2659715B3B002B9225A1529608FC29328B0BFED7958379A8EF9D006EF5/0/AS28064.roa
Signing time:             Tue 04 Feb 2025 18:02:48 +0000
ROA not before:           Tue 04 Feb 2025 17:57:48 +0000
ROA not after:            Tue 03 Feb 2026 18:02:48 +0000
asID:                     28064
IP address blocks:        201.218.244.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D572EA2659715B3B002B9225A1529608FC29328B0BFED7958379A8EF9D006EF5/0/5D158BE61CA911BC34A887005B96056F4C474B1E.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D572EA2659715B3B002B9225A1529608FC29328B0BFED7958379A8EF9D006EF5/0/5D158BE61CA911BC34A887005B96056F4C474B1E.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5D158BE61CA911BC34A887005B96056F4C474B1E.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 21 Feb 2025 12:38:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:0e:8f:42:a1:00:d2:e3:e7:d2:a6:aa:2c:7a:2d:f7:1f:6d:8f:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5D158BE61CA911BC34A887005B96056F4C474B1E
        Validity
            Not Before: Feb  4 17:57:48 2025 GMT
            Not After : Feb  3 18:02:48 2026 GMT
        Subject: CN=89AC304543E1BAB25F82D8CC3B6C4025F59939B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:91:6d:89:72:79:36:b0:3a:d0:3c:36:84:62:
                    53:20:bd:c7:b5:4b:29:28:1d:7c:a4:b0:b4:35:3f:
                    92:54:ef:a1:26:9d:39:e5:cb:2e:6a:b2:db:f7:b5:
                    2b:ce:02:b8:4d:5e:42:09:3a:a9:ed:ac:c0:28:88:
                    5d:11:06:e2:88:f2:25:2f:4b:9c:24:d3:7d:bc:a0:
                    92:2a:fa:80:bb:2d:ce:f0:cd:df:86:ad:12:68:fb:
                    28:6c:ff:7d:ac:64:cf:55:51:f4:3f:9a:ae:fb:9a:
                    5c:43:25:f5:87:cc:b3:93:e3:cf:bc:c2:0e:cf:f1:
                    4e:0b:b3:11:c3:8f:c7:c2:ef:04:89:5e:2c:4d:2b:
                    da:59:91:e5:4c:35:ca:76:7e:0d:a6:2c:94:02:e6:
                    ab:53:af:d9:e1:b6:5e:22:15:ee:a8:9f:09:fc:9c:
                    38:bc:6c:b3:df:6c:9b:9e:b3:54:c4:22:72:82:3d:
                    76:0f:b1:f6:be:73:ea:87:d2:5e:f5:d0:cb:9c:54:
                    bf:a9:34:82:fd:24:a5:b0:9c:7a:e3:5f:69:26:43:
                    15:72:72:fe:52:b8:49:3d:7c:94:aa:1a:02:4d:a6:
                    53:0f:7c:ed:7b:6a:77:89:69:1d:72:e1:a0:e2:0e:
                    f3:a6:ab:c8:12:34:21:a3:6b:29:14:33:73:3b:16:
                    2a:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:AC:30:45:43:E1:BA:B2:5F:82:D8:CC:3B:6C:40:25:F5:99:39:B7
            X509v3 Authority Key Identifier:
                keyid:5D:15:8B:E6:1C:A9:11:BC:34:A8:87:00:5B:96:05:6F:4C:47:4B:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D572EA2659715B3B002B9225A1529608FC29328B0BFED7958379A8EF9D006EF5/0/5D158BE61CA911BC34A887005B96056F4C474B1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5D158BE61CA911BC34A887005B96056F4C474B1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D572EA2659715B3B002B9225A1529608FC29328B0BFED7958379A8EF9D006EF5/0/AS28064.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.218.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:b3:1b:76:98:01:e2:33:76:dd:98:9c:0f:5f:8f:db:9d:ce:
         b4:4f:9e:b1:46:f5:e3:d2:08:7f:c7:4a:3b:31:4c:39:09:02:
         9b:9c:b9:3c:81:cd:52:52:be:5c:4d:ec:d7:34:10:bd:f8:37:
         7f:8a:6e:23:b1:f8:24:ed:08:c4:46:6b:d5:c9:29:09:12:1c:
         db:87:4b:74:5a:6e:e0:3d:43:ce:be:36:22:84:94:b2:af:fc:
         41:df:ff:b0:e5:f7:01:3d:c9:3e:fa:40:e7:89:bc:9f:77:50:
         9b:b5:43:0f:f0:8b:bf:e8:74:76:36:84:29:d8:3d:16:a9:ed:
         7c:52:0f:85:fd:bb:df:9c:ee:32:f9:d1:d3:21:ff:66:62:57:
         db:df:88:d6:c9:1d:fd:f0:7e:90:88:b2:83:5f:48:1f:0a:b1:
         54:2f:19:6a:2f:25:99:53:2b:ab:b6:5a:a4:a8:d6:b9:45:0b:
         02:08:5a:79:6b:6a:dd:5b:76:76:1f:ce:ca:27:26:3a:91:0c:
         74:6f:c1:c2:71:a0:25:8b:5b:86:c7:d5:d7:a5:89:55:aa:55:
         69:63:13:b8:65:03:9a:a2:4e:4e:ab:52:c0:23:6e:ac:29:80:
         cc:b3:3c:0e:f6:59:0a:eb:ee:40:e7:7b:e3:4c:b1:a2:86:e1:
         e5:01:ab:ee
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIUBw6PQqEA0uPn0qaqLHot9x9tj88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUQxNThCRTYxQ0E5MTFCQzM0QTg4NzAwNUI5NjA1NkY0
QzQ3NEIxRTAeFw0yNTAyMDQxNzU3NDhaFw0yNjAyMDMxODAyNDhaMDMxMTAvBgNV
BAMTKDg5QUMzMDQ1NDNFMUJBQjI1RjgyRDhDQzNCNkM0MDI1RjU5OTM5QjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCekW2Jcnk2sDrQPDaEYlMgvce1
SykoHXyksLQ1P5JU76EmnTnlyy5qstv3tSvOArhNXkIJOqntrMAoiF0RBuKI8iUv
S5wk0328oJIq+oC7Lc7wzd+GrRJo+yhs/32sZM9VUfQ/mq77mlxDJfWHzLOT48+8
wg7P8U4LsxHDj8fC7wSJXixNK9pZkeVMNcp2fg2mLJQC5qtTr9nhtl4iFe6onwn8
nDi8bLPfbJues1TEInKCPXYPsfa+c+qH0l710MucVL+pNIL9JKWwnHrjX2kmQxVy
cv5SuEk9fJSqGgJNplMPfO17aneJaR1y4aDiDvOmq8gSNCGjaykUM3M7FirtAgMB
AAGjggKYMIIClDAdBgNVHQ4EFgQUiawwRUPhurJfgtjMO2xAJfWZObcwHwYDVR0j
BBgwFoAUXRWL5hypEbw0qIcAW5YFb0xHSx4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ENTcyRUEyNjU5NzE1QjNCMDAyQjkyMjVBMTUyOTYwOEZD
MjkzMjhCMEJGRUQ3OTU4Mzc5QThFRjlEMDA2RUY1LzAvNUQxNThCRTYxQ0E5MTFC
QzM0QTg4NzAwNUI5NjA1NkY0QzQ3NEIxRS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81RDE1OEJFNjFDQTkxMUJDMzRB
ODg3MDA1Qjk2MDU2RjRDNDc0QjFFLmNlcjCBlwYIKwYBBQUHAQsEgYowgYcwgYQG
CCsGAQUFBzALhnhyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy9ENTcyRUEyNjU5NzE1QjNCMDAyQjkyMjVBMTUyOTYwOEZDMjkzMjhCMEJG
RUQ3OTU4Mzc5QThFRjlEMDA2RUY1LzAvQVMyODA2NC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMna9DAN
BgkqhkiG9w0BAQsFAAOCAQEAhrMbdpgB4jN23ZicD1+P253OtE+esUb149IIf8dK
OzFMOQkCm5y5PIHNUlK+XE3s1zQQvfg3f4puI7H4JO0IxEZr1ckpCRIc24dLdFpu
4D1Dzr42IoSUsq/8Qd//sOX3AT3JPvpA54m8n3dQm7VDD/CLv+h0djaEKdg9Fqnt
fFIPhf2735zuMvnR0yH/ZmJX29+I1skd/fB+kIiyg19IHwqxVC8Zai8lmVMrq7Za
pKjWuUULAghaeWtq3Vt2dh/OyicmOpEMdG/BwnGgJYtbhsfV16WJVapVaWMTuGUD
mqJOTqtSwCNurCmAzLM8DvZZCuvuQOd740yxoobh5QGr7g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 00:32:35 2025 by rpki-client