Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/FF2D4DC420C4C39790BC2C03D51255D0A1C01933F37C28DC074059858B00573E/0/3138312e3139312e32352e302f32342d3234203d3e203532343235.roa
File:                     3138312e3139312e32352e302f32342d3234203d3e203532343235.roa (raw, json)
Hash identifier:          iKecu2bl4v7MpyyngAu4d36/vP4qmvIWY95ejRhpyUE=
Subject key identifier:   9A:51:B8:F2:CB:46:E8:64:FD:DB:CA:DF:C5:DA:F8:7F:D5:D6:54:AE
Certificate issuer:       /CN=3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76
Certificate serial:       73A12AA10711A15AB39F5D6AC1301660DB190566
Authority key identifier: 3D:06:F0:A5:D3:F0:CF:D8:4C:F1:A8:1F:12:D5:E3:C7:62:3E:CD:76
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/FF2D4DC420C4C39790BC2C03D51255D0A1C01933F37C28DC074059858B00573E/0/3138312e3139312e32352e302f32342d3234203d3e203532343235.roa
Signing time:             Tue 05 Mar 2024 18:09:05 +0000
ROA not before:           Tue 05 Mar 2024 18:04:05 +0000
ROA not after:            Tue 04 Mar 2025 18:09:05 +0000
asID:                     52425
IP address blocks:        181.191.25.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/FF2D4DC420C4C39790BC2C03D51255D0A1C01933F37C28DC074059858B00573E/0/3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FF2D4DC420C4C39790BC2C03D51255D0A1C01933F37C28DC074059858B00573E/0/3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:a1:2a:a1:07:11:a1:5a:b3:9f:5d:6a:c1:30:16:60:db:19:05:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76
        Validity
            Not Before: Mar  5 18:04:05 2024 GMT
            Not After : Mar  4 18:09:05 2025 GMT
        Subject: CN=9A51B8F2CB46E864FDDBCADFC5DAF87FD5D654AE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:22:f4:16:92:aa:f5:3f:30:18:aa:5b:59:c3:
                    90:bf:4c:4a:c8:c1:8c:a8:03:1d:d2:5b:23:1d:86:
                    ac:b8:86:75:19:9d:9e:9d:66:11:fc:b8:ee:be:4f:
                    77:e0:e8:fd:c3:84:61:e5:f6:1a:b0:ec:c7:c8:5b:
                    1c:cc:43:1b:f0:5f:2b:ed:42:a8:6e:0f:d2:c7:e4:
                    d6:bc:0a:97:f0:d2:f3:1c:73:77:89:3e:b7:39:eb:
                    cf:ef:72:c9:a3:5f:7e:56:2a:33:a3:c0:4f:49:8e:
                    d2:db:a0:bd:96:cc:64:38:45:2a:69:6b:a4:d6:bc:
                    ee:f8:a7:3a:a8:ec:02:64:65:bc:5a:66:6f:31:ce:
                    c1:e7:cf:28:30:7a:35:2d:46:a2:83:8c:6a:8d:d4:
                    04:d8:3b:77:5f:5e:a0:85:42:2e:8c:35:88:86:62:
                    ec:ae:20:4d:40:be:d0:2b:f2:12:da:fa:79:cf:26:
                    b1:24:1e:57:26:97:ac:b9:52:cf:cf:5b:fd:4e:71:
                    94:8d:b0:cc:4a:06:95:5e:da:1d:03:49:19:ca:64:
                    d5:51:19:7a:8a:02:aa:15:d5:ce:7f:cd:d4:b6:24:
                    0a:96:b3:df:df:63:c6:6c:2b:48:b2:ac:75:74:8d:
                    84:55:74:6c:a9:e6:73:0c:8f:ab:64:86:41:e5:6c:
                    40:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:51:B8:F2:CB:46:E8:64:FD:DB:CA:DF:C5:DA:F8:7F:D5:D6:54:AE
            X509v3 Authority Key Identifier:
                keyid:3D:06:F0:A5:D3:F0:CF:D8:4C:F1:A8:1F:12:D5:E3:C7:62:3E:CD:76

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/FF2D4DC420C4C39790BC2C03D51255D0A1C01933F37C28DC074059858B00573E/0/3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D06F0A5D3F0CFD84CF1A81F12D5E3C7623ECD76.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/FF2D4DC420C4C39790BC2C03D51255D0A1C01933F37C28DC074059858B00573E/0/3138312e3139312e32352e302f32342d3234203d3e203532343235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.191.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:02:50:2f:32:22:50:1b:00:1c:39:37:4b:f0:ac:b9:ae:d6:
         e8:a5:09:90:cc:8d:0d:51:68:cf:d8:13:3f:a3:cf:08:56:fe:
         02:bd:98:b6:af:44:5c:e7:ca:d6:c6:ae:6a:c3:61:58:c7:71:
         03:85:1a:35:02:57:39:b4:cc:a9:31:57:6b:d0:e0:c9:d0:33:
         31:2d:41:66:4e:bf:1e:ee:49:54:88:1f:34:07:ea:e3:83:ba:
         92:b2:3a:c6:0f:39:88:3a:41:6d:d0:57:74:92:bd:8f:c9:bc:
         25:70:d8:76:23:85:65:1e:e5:03:ce:11:01:ef:3b:a3:43:63:
         78:77:79:1d:1e:cf:10:ae:08:a2:df:42:bd:e6:2b:83:72:9e:
         1b:ca:79:31:9f:ee:16:a8:02:cd:ce:96:7b:f4:0d:7f:72:66:
         14:27:a8:15:54:84:f8:3e:03:e6:26:5e:22:f2:28:70:69:0e:
         2a:f1:15:93:49:d2:1c:36:e5:51:b2:a9:c6:d6:f1:d3:ae:96:
         bd:8c:55:bf:2a:63:e7:dd:da:06:04:5e:6d:79:d2:86:8d:7e:
         16:b5:30:ed:f8:f3:0e:70:33:a9:0d:19:24:02:8e:e7:3a:34:
         d1:38:23:4b:1d:a1:1d:a5:ae:fd:ba:79:ea:05:41:05:30:a8:
         96:69:6f:ee
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUc6EqoQcRoVqzn11qwTAWYNsZBWYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0QwNkYwQTVEM0YwQ0ZEODRDRjFBODFGMTJENUUzQzc2
MjNFQ0Q3NjAeFw0yNDAzMDUxODA0MDVaFw0yNTAzMDQxODA5MDVaMDMxMTAvBgNV
BAMTKDlBNTFCOEYyQ0I0NkU4NjRGRERCQ0FERkM1REFGODdGRDVENjU0QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6IvQWkqr1PzAYqltZw5C/TErI
wYyoAx3SWyMdhqy4hnUZnZ6dZhH8uO6+T3fg6P3DhGHl9hqw7MfIWxzMQxvwXyvt
QqhuD9LH5Na8Cpfw0vMcc3eJPrc568/vcsmjX35WKjOjwE9JjtLboL2WzGQ4RSpp
a6TWvO74pzqo7AJkZbxaZm8xzsHnzygwejUtRqKDjGqN1ATYO3dfXqCFQi6MNYiG
YuyuIE1AvtAr8hLa+nnPJrEkHlcml6y5Us/PW/1OcZSNsMxKBpVe2h0DSRnKZNVR
GXqKAqoV1c5/zdS2JAqWs9/fY8ZsK0iyrHV0jYRVdGyp5nMMj6tkhkHlbECDAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUmlG48stG6GT928rfxdr4f9XWVK4wHwYDVR0j
BBgwFoAUPQbwpdPwz9hM8agfEtXjx2I+zXYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GRjJENERDNDIwQzRDMzk3OTBCQzJDMDNENTEyNTVEMEEx
QzAxOTMzRjM3QzI4REMwNzQwNTk4NThCMDA1NzNFLzAvM0QwNkYwQTVEM0YwQ0ZE
ODRDRjFBODFGMTJENUUzQzc2MjNFQ0Q3Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRDA2RjBBNUQzRjBDRkQ4NENG
MUE4MUYxMkQ1RTNDNzYyM0VDRDc2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRkYyRDREQzQyMEM0QzM5NzkwQkMyQzAzRDUxMjU1RDBBMUMwMTkzM0Yz
N0MyOERDMDc0MDU5ODU4QjAwNTczRS8wLzMxMzgzMTJlMzEzOTMxMmUzMjM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjM0MzIzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALW/GTAN
BgkqhkiG9w0BAQsFAAOCAQEAcQJQLzIiUBsAHDk3S/Csua7W6KUJkMyNDVFoz9gT
P6PPCFb+Ar2Ytq9EXOfK1sauasNhWMdxA4UaNQJXObTMqTFXa9DgydAzMS1BZk6/
Hu5JVIgfNAfq44O6krI6xg85iDpBbdBXdJK9j8m8JXDYdiOFZR7lA84RAe87o0Nj
eHd5HR7PEK4Iot9CveYrg3KeG8p5MZ/uFqgCzc6We/QNf3JmFCeoFVSE+D4D5iZe
IvIocGkOKvEVk0nSHDblUbKpxtbx066WvYxVvypj593aBgRebXnSho1+FrUw7fjz
DnAzqQ0ZJAKO5zo00TgjSx2hHaWu/bp56gVBBTColmlv7g==
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:27:17 2024 by rpki-client on console-ams.rpki-client.org