Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DD35F68E9227CCEAAEA800CE80E70C92F4CEC522E4CD6BA43623E4D22907423E/0/3230322e352e39362e302f32302d3234203d3e20323635353430.roa
File:                     3230322e352e39362e302f32302d3234203d3e20323635353430.roa (raw, json)
Hash identifier:          WX8MAbfv/5iNN1hW6AorxbHTD7thUorfIA11rC75Fi0=
Subject key identifier:   1D:C7:25:C8:80:B1:A9:AF:EC:D4:8E:70:63:92:A9:B2:DE:54:28:84
Certificate issuer:       /CN=FAD90A03B0BB49A34C7BF9A5C88CCC4C61A7B3EC
Certificate serial:       04352128BBB3C87D506F26FEF9CBFFCE4CE95A8A
Authority key identifier: FA:D9:0A:03:B0:BB:49:A3:4C:7B:F9:A5:C8:8C:CC:4C:61:A7:B3:EC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FAD90A03B0BB49A34C7BF9A5C88CCC4C61A7B3EC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DD35F68E9227CCEAAEA800CE80E70C92F4CEC522E4CD6BA43623E4D22907423E/0/3230322e352e39362e302f32302d3234203d3e20323635353430.roa
Signing time:             Wed 07 May 2025 06:17:54 +0000
ROA not before:           Wed 07 May 2025 06:12:54 +0000
ROA not after:            Wed 06 May 2026 06:17:54 +0000
asID:                     265540
IP address blocks:        202.5.96.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DD35F68E9227CCEAAEA800CE80E70C92F4CEC522E4CD6BA43623E4D22907423E/0/FAD90A03B0BB49A34C7BF9A5C88CCC4C61A7B3EC.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DD35F68E9227CCEAAEA800CE80E70C92F4CEC522E4CD6BA43623E4D22907423E/0/FAD90A03B0BB49A34C7BF9A5C88CCC4C61A7B3EC.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FAD90A03B0BB49A34C7BF9A5C88CCC4C61A7B3EC.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Jun 2025 21:51:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:35:21:28:bb:b3:c8:7d:50:6f:26:fe:f9:cb:ff:ce:4c:e9:5a:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FAD90A03B0BB49A34C7BF9A5C88CCC4C61A7B3EC
        Validity
            Not Before: May  7 06:12:54 2025 GMT
            Not After : May  6 06:17:54 2026 GMT
        Subject: CN=1DC725C880B1A9AFECD48E706392A9B2DE542884
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:5c:a9:10:24:cf:21:66:b4:85:17:30:da:cf:
                    8a:0a:41:b4:ac:91:9d:96:70:1d:a0:5e:92:4f:e4:
                    f1:f7:29:67:45:c0:8f:6a:43:8b:fa:c6:00:ee:e3:
                    35:96:f1:5a:4e:4a:71:18:34:f1:e4:03:db:3a:a3:
                    b8:4e:db:6a:28:6c:ba:6a:94:bf:c7:1e:51:b9:07:
                    d1:2b:8b:4f:48:66:02:40:8e:93:da:b9:ec:34:08:
                    fe:f4:b0:c5:df:05:5f:46:92:a6:6d:ce:fd:ae:bb:
                    bb:07:7a:60:20:fc:5e:bd:a5:3f:99:ab:30:0b:76:
                    0e:c8:2a:0a:47:4d:0a:54:c1:b6:4d:3a:68:16:d9:
                    f5:18:39:3d:15:49:cb:49:e3:88:b6:e7:10:94:a5:
                    8f:f3:52:ac:00:25:68:91:c3:70:06:29:cd:64:fc:
                    cc:74:d1:47:a4:65:05:2b:6e:82:ed:aa:33:55:cc:
                    71:da:28:58:b5:41:24:b1:e6:13:23:56:1c:89:34:
                    70:e2:47:c4:4e:b4:07:a0:bf:c3:01:25:77:4b:35:
                    6b:15:51:ba:90:83:6c:c7:7c:8e:8d:fe:14:10:fc:
                    0f:ba:a4:eb:8b:d3:20:55:c5:50:b0:26:44:33:d4:
                    4b:ec:92:0e:13:1c:7f:f1:16:c3:9b:dd:a1:4c:33:
                    42:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:C7:25:C8:80:B1:A9:AF:EC:D4:8E:70:63:92:A9:B2:DE:54:28:84
            X509v3 Authority Key Identifier:
                keyid:FA:D9:0A:03:B0:BB:49:A3:4C:7B:F9:A5:C8:8C:CC:4C:61:A7:B3:EC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DD35F68E9227CCEAAEA800CE80E70C92F4CEC522E4CD6BA43623E4D22907423E/0/FAD90A03B0BB49A34C7BF9A5C88CCC4C61A7B3EC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FAD90A03B0BB49A34C7BF9A5C88CCC4C61A7B3EC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DD35F68E9227CCEAAEA800CE80E70C92F4CEC522E4CD6BA43623E4D22907423E/0/3230322e352e39362e302f32302d3234203d3e20323635353430.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.5.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         16:4b:d4:2d:df:bf:98:bf:d2:63:4c:45:be:14:51:ab:44:9f:
         7c:80:66:2f:dd:32:36:ff:22:f7:a8:89:48:76:13:ed:cc:eb:
         eb:08:98:c1:3c:29:2e:77:c1:a1:ad:4f:a9:1a:c8:7d:93:6a:
         32:3d:1e:a6:43:70:3f:79:bc:08:e1:12:16:e9:70:7b:4d:6f:
         c1:51:26:c4:63:8a:27:57:0d:b6:79:4f:78:15:b1:b0:42:0b:
         1e:6a:25:40:bd:8d:fa:16:09:f3:44:11:c2:e5:dd:db:fe:e3:
         95:77:77:86:50:91:ea:3e:e0:2c:8f:b6:fc:3c:16:0c:e0:09:
         c2:56:69:06:3a:01:76:34:57:47:01:56:9f:37:7e:99:68:40:
         e1:32:8a:3c:14:ea:78:df:83:0a:7d:b2:02:4e:25:c1:1e:33:
         26:69:66:32:42:b1:b7:1d:6c:0c:53:ee:c5:84:c9:2f:82:6b:
         08:b3:0f:15:2e:f6:75:83:18:0f:ce:63:6e:cb:8a:7e:db:15:
         99:41:5c:ff:2c:ff:91:e0:91:ab:e3:65:6a:f3:6e:03:4b:06:
         df:b7:13:78:4c:73:d6:ca:d4:f5:57:4d:ec:2c:19:4b:27:03:
         5e:d1:7a:a2:b4:9c:d2:9f:06:5a:00:f7:41:8e:de:a3:c8:0b:
         c8:17:2b:69
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUBDUhKLuzyH1Qbyb++cv/zkzpWoowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkFEOTBBMDNCMEJCNDlBMzRDN0JGOUE1Qzg4Q0NDNEM2
MUE3QjNFQzAeFw0yNTA1MDcwNjEyNTRaFw0yNjA1MDYwNjE3NTRaMDMxMTAvBgNV
BAMTKDFEQzcyNUM4ODBCMUE5QUZFQ0Q0OEU3MDYzOTJBOUIyREU1NDI4ODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCEXKkQJM8hZrSFFzDaz4oKQbSs
kZ2WcB2gXpJP5PH3KWdFwI9qQ4v6xgDu4zWW8VpOSnEYNPHkA9s6o7hO22oobLpq
lL/HHlG5B9Eri09IZgJAjpPauew0CP70sMXfBV9GkqZtzv2uu7sHemAg/F69pT+Z
qzALdg7IKgpHTQpUwbZNOmgW2fUYOT0VSctJ44i25xCUpY/zUqwAJWiRw3AGKc1k
/Mx00UekZQUrboLtqjNVzHHaKFi1QSSx5hMjVhyJNHDiR8ROtAegv8MBJXdLNWsV
UbqQg2zHfI6N/hQQ/A+6pOuL0yBVxVCwJkQz1Evskg4THH/xFsOb3aFMM0KXAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUHcclyICxqa/s1I5wY5Kpst5UKIQwHwYDVR0j
BBgwFoAU+tkKA7C7SaNMe/mlyIzMTGGns+wwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ERDM1RjY4RTkyMjdDQ0VBQUVBODAwQ0U4MEU3MEM5MkY0
Q0VDNTIyRTRDRDZCQTQzNjIzRTREMjI5MDc0MjNFLzAvRkFEOTBBMDNCMEJCNDlB
MzRDN0JGOUE1Qzg4Q0NDNEM2MUE3QjNFQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GQUQ5MEEwM0IwQkI0OUEzNEM3
QkY5QTVDODhDQ0M0QzYxQTdCM0VDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREQzNUY2OEU5MjI3Q0NFQUFFQTgwMENFODBFNzBDOTJGNENFQzUyMkU0
Q0Q2QkE0MzYyM0U0RDIyOTA3NDIzRS8wLzMyMzAzMjJlMzUyZTM5MzYyZTMwMmYz
MjMwMmQzMjM0MjAzZDNlMjAzMjM2MzUzNTM0MzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATKBWAwDQYJ
KoZIhvcNAQELBQADggEBABZL1C3fv5i/0mNMRb4UUatEn3yAZi/dMjb/IveoiUh2
E+3M6+sImME8KS53waGtT6kayH2TajI9HqZDcD95vAjhEhbpcHtNb8FRJsRjiidX
DbZ5T3gVsbBCCx5qJUC9jfoWCfNEEcLl3dv+45V3d4ZQkeo+4CyPtvw8FgzgCcJW
aQY6AXY0V0cBVp83fploQOEyijwU6njfgwp9sgJOJcEeMyZpZjJCsbcdbAxT7sWE
yS+CawizDxUu9nWDGA/OY27Lin7bFZlBXP8s/5HgkavjZWrzbgNLBt+3E3hMc9bK
1PVXTewsGUsnA17ReqK0nNKfBloA90GO3qPIC8gXK2k=
-----END CERTIFICATE-----
Generated at Wed Jun 11 07:34:14 2025 by rpki-client