Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D932B69CBE34140327D3802970BFFFBE9112C0C84B4AD58C28D44E1578550061/0/3133382e3131372e34322e302f32332d3234203d3e20323639393830.roa
File:                     3133382e3131372e34322e302f32332d3234203d3e20323639393830.roa (raw, json)
Hash identifier:          E5LqNaN3vz2pDbnV2zQffecdaqEFCwiCwo6Rk9fPoUw=
Subject key identifier:   5E:1D:DC:26:20:BE:00:84:A3:9C:1D:C8:8A:A9:FE:E6:5F:8A:4A:40
Certificate issuer:       /CN=B19DCDB64E506EAC5C80E9A6A0E22F0DF25D723C
Certificate serial:       1F49A4B1E5604A9DD887B13B5CE9308AE8C468A1
Authority key identifier: B1:9D:CD:B6:4E:50:6E:AC:5C:80:E9:A6:A0:E2:2F:0D:F2:5D:72:3C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B19DCDB64E506EAC5C80E9A6A0E22F0DF25D723C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D932B69CBE34140327D3802970BFFFBE9112C0C84B4AD58C28D44E1578550061/0/3133382e3131372e34322e302f32332d3234203d3e20323639393830.roa
Signing time:             Tue 03 Jun 2025 14:30:01 +0000
ROA not before:           Tue 03 Jun 2025 14:25:01 +0000
ROA not after:            Tue 02 Jun 2026 14:30:01 +0000
asID:                     269980
IP address blocks:        138.117.42.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D932B69CBE34140327D3802970BFFFBE9112C0C84B4AD58C28D44E1578550061/0/B19DCDB64E506EAC5C80E9A6A0E22F0DF25D723C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D932B69CBE34140327D3802970BFFFBE9112C0C84B4AD58C28D44E1578550061/0/B19DCDB64E506EAC5C80E9A6A0E22F0DF25D723C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B19DCDB64E506EAC5C80E9A6A0E22F0DF25D723C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 15 Jun 2025 09:18:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:49:a4:b1:e5:60:4a:9d:d8:87:b1:3b:5c:e9:30:8a:e8:c4:68:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B19DCDB64E506EAC5C80E9A6A0E22F0DF25D723C
        Validity
            Not Before: Jun  3 14:25:01 2025 GMT
            Not After : Jun  2 14:30:01 2026 GMT
        Subject: CN=5E1DDC2620BE0084A39C1DC88AA9FEE65F8A4A40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:e1:0a:ef:06:ff:4d:ea:4d:3d:27:a5:6a:3e:
                    e1:0d:ff:57:6d:dd:de:00:01:41:11:6e:3d:29:fc:
                    73:4c:f6:a3:b5:f5:4f:83:f6:bb:e1:e1:a4:85:49:
                    be:39:70:ed:1b:39:c6:26:62:79:01:e3:8e:5d:bd:
                    78:10:fc:c9:17:ba:80:b5:17:bb:57:2c:a6:c5:ec:
                    04:b2:5b:21:82:2c:d1:c4:ec:f2:ff:c0:94:b0:88:
                    8e:2f:1b:25:71:6f:e6:68:84:d8:70:3b:99:38:07:
                    75:ca:98:16:c6:2d:68:e6:e5:47:6e:9c:a8:05:b9:
                    31:06:45:ff:6f:7a:a1:bd:ee:2b:70:6b:d6:73:bb:
                    e5:b3:40:77:b4:3e:e2:90:3e:6e:a6:29:2c:4d:ad:
                    aa:f7:be:c7:25:1f:82:72:e6:e5:3c:fc:66:c8:7d:
                    c1:a5:33:c5:38:cb:09:ea:df:66:95:08:fa:46:a4:
                    04:7a:78:0c:e8:68:b6:7b:80:eb:94:50:a5:5d:5c:
                    d1:b7:dd:a2:d3:b3:77:7b:81:d1:cb:0a:53:03:af:
                    27:62:c1:86:35:fd:f4:02:f0:ff:8f:c8:ba:41:cd:
                    d4:bd:c7:b0:32:81:b1:23:70:59:05:20:41:75:1d:
                    9d:10:d7:f5:ec:70:57:43:b0:4f:13:89:95:bd:11:
                    6b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:1D:DC:26:20:BE:00:84:A3:9C:1D:C8:8A:A9:FE:E6:5F:8A:4A:40
            X509v3 Authority Key Identifier:
                keyid:B1:9D:CD:B6:4E:50:6E:AC:5C:80:E9:A6:A0:E2:2F:0D:F2:5D:72:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D932B69CBE34140327D3802970BFFFBE9112C0C84B4AD58C28D44E1578550061/0/B19DCDB64E506EAC5C80E9A6A0E22F0DF25D723C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B19DCDB64E506EAC5C80E9A6A0E22F0DF25D723C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D932B69CBE34140327D3802970BFFFBE9112C0C84B4AD58C28D44E1578550061/0/3133382e3131372e34322e302f32332d3234203d3e20323639393830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.117.42.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1e:1f:52:d7:11:df:85:a6:7f:35:9a:fc:4b:1a:24:0b:ae:ee:
         db:40:ef:44:d6:c9:12:c3:8d:9d:c5:c2:d2:d4:fa:8f:2a:65:
         3c:62:3a:db:f7:06:c0:11:f4:8d:93:c7:60:e3:db:04:23:d1:
         0f:29:0b:f1:dd:fd:29:02:5a:50:4d:d4:67:a9:7b:9e:b9:10:
         2c:2a:3b:d7:4c:a4:72:e2:2e:f2:5f:fc:b0:14:ea:21:99:08:
         e5:22:c6:9a:83:1e:33:11:4b:bf:cb:19:91:c1:18:9f:22:29:
         56:8a:a1:80:64:9c:f5:2f:56:d7:e2:5f:8b:e4:9e:92:12:bc:
         2c:7c:40:31:ad:d9:8d:65:a1:70:08:83:f1:30:30:cf:b1:7a:
         2d:d3:96:e9:c4:f9:3d:53:02:0a:7f:f9:00:cb:c2:e8:3e:1c:
         99:db:9c:78:83:03:83:b9:5b:ee:f0:22:19:1a:c3:57:2a:97:
         de:cf:31:8d:2f:d8:05:b5:ce:b6:d5:56:b0:cc:07:0c:92:12:
         3a:23:50:5d:ae:8d:dd:2d:04:7e:8a:ff:c2:50:31:c1:c8:9f:
         3f:f5:98:af:90:17:dd:90:e2:a6:7c:70:09:48:7e:72:9a:13:
         c6:22:b0:0e:ba:05:9f:59:6d:eb:4a:e9:21:c0:4f:02:fc:f6:
         c3:27:37:31
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUH0mkseVgSp3Yh7E7XOkwiujEaKEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjE5RENEQjY0RTUwNkVBQzVDODBFOUE2QTBFMjJGMERG
MjVENzIzQzAeFw0yNTA2MDMxNDI1MDFaFw0yNjA2MDIxNDMwMDFaMDMxMTAvBgNV
BAMTKDVFMUREQzI2MjBCRTAwODRBMzlDMURDODhBQTlGRUU2NUY4QTRBNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDx4QrvBv9N6k09J6VqPuEN/1dt
3d4AAUERbj0p/HNM9qO19U+D9rvh4aSFSb45cO0bOcYmYnkB445dvXgQ/MkXuoC1
F7tXLKbF7ASyWyGCLNHE7PL/wJSwiI4vGyVxb+ZohNhwO5k4B3XKmBbGLWjm5Udu
nKgFuTEGRf9veqG97itwa9Zzu+WzQHe0PuKQPm6mKSxNrar3vsclH4Jy5uU8/GbI
fcGlM8U4ywnq32aVCPpGpAR6eAzoaLZ7gOuUUKVdXNG33aLTs3d7gdHLClMDrydi
wYY1/fQC8P+PyLpBzdS9x7AygbEjcFkFIEF1HZ0Q1/XscFdDsE8TiZW9EWubAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUXh3cJiC+AISjnB3Iiqn+5l+KSkAwHwYDVR0j
BBgwFoAUsZ3Ntk5QbqxcgOmmoOIvDfJdcjwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EOTMyQjY5Q0JFMzQxNDAzMjdEMzgwMjk3MEJGRkZCRTkx
MTJDMEM4NEI0QUQ1OEMyOEQ0NEUxNTc4NTUwMDYxLzAvQjE5RENEQjY0RTUwNkVB
QzVDODBFOUE2QTBFMjJGMERGMjVENzIzQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CMTlEQ0RCNjRFNTA2RUFDNUM4
MEU5QTZBMEUyMkYwREYyNUQ3MjNDLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDkzMkI2OUNCRTM0MTQwMzI3RDM4MDI5NzBCRkZGQkU5MTEyQzBDODRC
NEFENThDMjhENDRFMTU3ODU1MDA2MS8wLzMxMzMzODJlMzEzMTM3MmUzNDMyMmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNjM5MzkzODMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBinUq
MA0GCSqGSIb3DQEBCwUAA4IBAQAeH1LXEd+Fpn81mvxLGiQLru7bQO9E1skSw42d
xcLS1PqPKmU8Yjrb9wbAEfSNk8dg49sEI9EPKQvx3f0pAlpQTdRnqXueuRAsKjvX
TKRy4i7yX/ywFOohmQjlIsaagx4zEUu/yxmRwRifIilWiqGAZJz1L1bX4l+L5J6S
ErwsfEAxrdmNZaFwCIPxMDDPsXot05bpxPk9UwIKf/kAy8LoPhyZ25x4gwODuVvu
8CIZGsNXKpfezzGNL9gFtc621VawzAcMkhI6I1Bdro3dLQR+iv/CUDHByJ8/9Ziv
kBfdkOKmfHAJSH5ymhPGIrAOugWfWW3rSukhwE8C/PbDJzcx
-----END CERTIFICATE-----
Generated at Thu Jun 12 07:50:36 2025 by rpki-client