Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/FE23E216DF322905837021068BCA30C55CB95FDC90C21B9DDF83AC1123186D29/0/3136362e3131342e31362e302f32302d3234203d3e2036353638.roa
File:                     3136362e3131342e31362e302f32302d3234203d3e2036353638.roa (raw, json)
Hash identifier:          VAh+uP4NZDBjdapggpIUZZfpc6MMm0A/9Z9z1asSgpE=
Subject key identifier:   EC:8E:18:4D:34:B9:05:D6:E6:31:B5:28:C9:26:B2:B1:1B:69:6A:FE
Certificate issuer:       /CN=677CEC9F1C4060755422FE75661CBC3718515578
Certificate serial:       586AFE3C33F548A5E41DC7DDFC71AAFF830D0C18
Authority key identifier: 67:7C:EC:9F:1C:40:60:75:54:22:FE:75:66:1C:BC:37:18:51:55:78
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/677CEC9F1C4060755422FE75661CBC3718515578.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/FE23E216DF322905837021068BCA30C55CB95FDC90C21B9DDF83AC1123186D29/0/3136362e3131342e31362e302f32302d3234203d3e2036353638.roa
Signing time:             Thu 22 May 2025 17:10:00 +0000
ROA not before:           Thu 22 May 2025 17:05:00 +0000
ROA not after:            Thu 21 May 2026 17:10:00 +0000
asID:                     6568
IP address blocks:        166.114.16.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/FE23E216DF322905837021068BCA30C55CB95FDC90C21B9DDF83AC1123186D29/0/677CEC9F1C4060755422FE75661CBC3718515578.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FE23E216DF322905837021068BCA30C55CB95FDC90C21B9DDF83AC1123186D29/0/677CEC9F1C4060755422FE75661CBC3718515578.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/677CEC9F1C4060755422FE75661CBC3718515578.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 08:43:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:6a:fe:3c:33:f5:48:a5:e4:1d:c7:dd:fc:71:aa:ff:83:0d:0c:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=677CEC9F1C4060755422FE75661CBC3718515578
        Validity
            Not Before: May 22 17:05:00 2025 GMT
            Not After : May 21 17:10:00 2026 GMT
        Subject: CN=EC8E184D34B905D6E631B528C926B2B11B696AFE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b0:f1:d1:3f:ec:00:75:6e:94:83:f2:0c:15:
                    80:ab:ef:bd:1c:20:89:31:3f:0c:ee:68:8a:01:ea:
                    5d:09:08:9a:03:f2:3e:5c:6d:01:77:14:e9:11:e9:
                    30:ce:d0:40:47:8d:85:25:60:12:cb:80:34:17:0f:
                    55:f6:a8:a6:81:08:d8:5e:0a:10:af:24:54:07:b1:
                    12:6f:d9:60:be:21:e8:8a:f0:38:f1:0e:a7:28:64:
                    f0:e0:b6:5a:0a:e3:29:3c:d9:d6:71:7a:cf:59:85:
                    bb:03:e6:6a:94:89:07:89:e2:74:fb:79:9b:f8:3b:
                    d3:f4:03:42:94:72:31:9c:2f:78:a3:28:ca:3a:be:
                    fa:14:05:c8:f1:85:41:0d:39:12:1b:87:34:70:36:
                    9f:3f:9a:86:c7:65:00:30:87:2c:4e:86:a1:d8:6e:
                    6f:02:62:3e:45:68:70:70:ef:aa:98:62:5f:9b:90:
                    1b:7c:8d:49:c3:39:63:2e:f2:50:14:3f:2e:f0:e6:
                    80:15:7e:40:d7:d8:44:e3:1f:16:03:8c:31:50:56:
                    d0:a7:f9:82:b8:fb:35:6f:3e:fc:af:b6:55:e9:83:
                    62:a0:07:2f:73:ff:f7:1d:c5:0e:67:9b:a2:aa:1c:
                    93:51:f0:d1:e6:24:7c:5a:20:34:cd:c5:63:a8:b2:
                    4c:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:8E:18:4D:34:B9:05:D6:E6:31:B5:28:C9:26:B2:B1:1B:69:6A:FE
            X509v3 Authority Key Identifier:
                keyid:67:7C:EC:9F:1C:40:60:75:54:22:FE:75:66:1C:BC:37:18:51:55:78

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/FE23E216DF322905837021068BCA30C55CB95FDC90C21B9DDF83AC1123186D29/0/677CEC9F1C4060755422FE75661CBC3718515578.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/677CEC9F1C4060755422FE75661CBC3718515578.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/FE23E216DF322905837021068BCA30C55CB95FDC90C21B9DDF83AC1123186D29/0/3136362e3131342e31362e302f32302d3234203d3e2036353638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.114.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         7f:61:f2:ae:12:19:4e:e1:c3:76:bd:54:95:d4:82:4f:e2:17:
         75:96:26:c3:f7:a4:a0:50:49:6d:28:14:41:09:8b:83:b1:44:
         74:f5:30:88:a3:61:c6:dc:64:ab:ea:c1:87:44:9f:40:d2:07:
         78:8e:5e:07:78:94:5e:4e:7c:59:40:6f:48:be:4f:b9:c1:6b:
         d4:65:12:ff:a1:37:f5:b3:07:f7:3a:96:ea:c9:79:19:ef:8b:
         cd:14:b1:50:4f:42:5c:de:b5:df:a3:81:f6:1f:51:0f:ac:c3:
         19:d8:21:5d:a3:0b:46:17:1c:3e:49:17:d5:89:5a:85:78:3a:
         01:0a:64:6b:dc:1a:0f:dd:e5:73:2d:03:9b:c6:38:9b:25:e0:
         d8:49:a8:6b:c8:dc:fa:0a:5a:b6:39:89:3d:91:3e:80:cf:ea:
         a1:f8:eb:af:89:d5:7b:af:4d:c2:81:87:38:8c:48:9e:eb:b0:
         7f:7e:c0:19:63:bd:a5:e3:70:9e:b9:4e:46:c6:1e:d6:43:97:
         6d:ba:64:12:22:08:8e:5c:ad:cd:b5:3a:2c:2f:71:9a:94:41:
         7d:1f:f0:a1:d8:21:27:aa:5e:67:0c:d7:79:4f:8e:cf:38:6b:
         cd:1e:df:0e:21:4d:bf:ec:68:45:35:64:98:c4:a1:b2:5a:08:
         0a:b2:65:d8
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUWGr+PDP1SKXkHcfd/HGq/4MNDBgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjc3Q0VDOUYxQzQwNjA3NTU0MjJGRTc1NjYxQ0JDMzcx
ODUxNTU3ODAeFw0yNTA1MjIxNzA1MDBaFw0yNjA1MjExNzEwMDBaMDMxMTAvBgNV
BAMTKEVDOEUxODREMzRCOTA1RDZFNjMxQjUyOEM5MjZCMkIxMUI2OTZBRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqsPHRP+wAdW6Ug/IMFYCr770c
IIkxPwzuaIoB6l0JCJoD8j5cbQF3FOkR6TDO0EBHjYUlYBLLgDQXD1X2qKaBCNhe
ChCvJFQHsRJv2WC+IeiK8DjxDqcoZPDgtloK4yk82dZxes9ZhbsD5mqUiQeJ4nT7
eZv4O9P0A0KUcjGcL3ijKMo6vvoUBcjxhUENORIbhzRwNp8/mobHZQAwhyxOhqHY
bm8CYj5FaHBw76qYYl+bkBt8jUnDOWMu8lAUPy7w5oAVfkDX2ETjHxYDjDFQVtCn
+YK4+zVvPvyvtlXpg2KgBy9z//cdxQ5nm6KqHJNR8NHmJHxaIDTNxWOoskwvAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU7I4YTTS5BdbmMbUoySaysRtpav4wHwYDVR0j
BBgwFoAUZ3zsnxxAYHVUIv51Zhy8NxhRVXgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GRTIzRTIxNkRGMzIyOTA1ODM3MDIxMDY4QkNBMzBDNTVD
Qjk1RkRDOTBDMjFCOURERjgzQUMxMTIzMTg2RDI5LzAvNjc3Q0VDOUYxQzQwNjA3
NTU0MjJGRTc1NjYxQ0JDMzcxODUxNTU3OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NzdDRUM5RjFDNDA2MDc1NTQy
MkZFNzU2NjFDQkMzNzE4NTE1NTc4LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRkUyM0UyMTZERjMyMjkwNTgzNzAyMTA2OEJDQTMwQzU1Q0I5NUZEQzkw
QzIxQjlEREY4M0FDMTEyMzE4NkQyOS8wLzMxMzYzNjJlMzEzMTM0MmUzMTM2MmUz
MDJmMzIzMDJkMzIzNDIwM2QzZTIwMzYzNTM2Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBASmchAwDQYJ
KoZIhvcNAQELBQADggEBAH9h8q4SGU7hw3a9VJXUgk/iF3WWJsP3pKBQSW0oFEEJ
i4OxRHT1MIijYcbcZKvqwYdEn0DSB3iOXgd4lF5OfFlAb0i+T7nBa9RlEv+hN/Wz
B/c6lurJeRnvi80UsVBPQlzetd+jgfYfUQ+swxnYIV2jC0YXHD5JF9WJWoV4OgEK
ZGvcGg/d5XMtA5vGOJsl4NhJqGvI3PoKWrY5iT2RPoDP6qH466+J1XuvTcKBhziM
SJ7rsH9+wBljvaXjcJ65TkbGHtZDl226ZBIiCI5crc21OiwvcZqUQX0f8KHYISeq
XmcM13lPjs84a80e3w4hTb/saEU1ZJjEobJaCAqyZdg=
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:15:25 2025 by rpki-client