Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/09F9E0A0FA6F9AC66A133D8A8EEC5686AF036E3DF09331A90EC1F99B02D94088/0/3137302e3234372e35382e302f32332d3234203d3e20323635363436.roa
File:                     3137302e3234372e35382e302f32332d3234203d3e20323635363436.roa (raw, json)
Hash identifier:          myZB+QtziVWWSn1+5q/GL73+98V7LGr/CxqERDLRCQA=
Subject key identifier:   FA:F7:20:84:D2:3B:14:8E:75:CE:4C:DA:4C:F1:E2:BE:46:41:D8:B3
Certificate issuer:       /CN=125312172ACB5206FC23726C19566C8F6B3F0B99
Certificate serial:       7AC327ED3D86E14A4FAA04D89538F06EEA70EE20
Authority key identifier: 12:53:12:17:2A:CB:52:06:FC:23:72:6C:19:56:6C:8F:6B:3F:0B:99
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/125312172ACB5206FC23726C19566C8F6B3F0B99.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/09F9E0A0FA6F9AC66A133D8A8EEC5686AF036E3DF09331A90EC1F99B02D94088/0/3137302e3234372e35382e302f32332d3234203d3e20323635363436.roa
Signing time:             Wed 25 Jun 2025 19:35:00 +0000
ROA not before:           Wed 25 Jun 2025 19:30:00 +0000
ROA not after:            Wed 24 Jun 2026 19:35:00 +0000
asID:                     265646
IP address blocks:        170.247.58.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/09F9E0A0FA6F9AC66A133D8A8EEC5686AF036E3DF09331A90EC1F99B02D94088/0/125312172ACB5206FC23726C19566C8F6B3F0B99.crl
                          rsync://repository.lacnic.net/rpki/lacnic/09F9E0A0FA6F9AC66A133D8A8EEC5686AF036E3DF09331A90EC1F99B02D94088/0/125312172ACB5206FC23726C19566C8F6B3F0B99.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/125312172ACB5206FC23726C19566C8F6B3F0B99.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 10 Jul 2025 07:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:c3:27:ed:3d:86:e1:4a:4f:aa:04:d8:95:38:f0:6e:ea:70:ee:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=125312172ACB5206FC23726C19566C8F6B3F0B99
        Validity
            Not Before: Jun 25 19:30:00 2025 GMT
            Not After : Jun 24 19:35:00 2026 GMT
        Subject: CN=FAF72084D23B148E75CE4CDA4CF1E2BE4641D8B3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f6:b2:5b:cf:a8:36:b8:e1:68:cc:a7:bc:7b:
                    1c:f5:c7:61:4d:df:d7:cd:b1:d3:fd:db:61:45:c0:
                    f0:27:35:17:32:7a:b3:28:37:8e:ae:ff:b9:9b:01:
                    13:7c:0c:06:4b:f6:de:53:60:8b:b9:fb:4f:96:d7:
                    84:a9:3a:1e:2a:12:19:9f:b8:6a:97:6d:08:ac:e5:
                    d8:7e:96:fb:82:78:0d:18:5f:10:99:cd:7a:84:19:
                    7c:5b:1f:c0:75:74:3d:86:c6:42:4c:b3:9b:5e:bb:
                    8a:a9:f9:01:af:26:13:12:ea:d1:02:08:35:60:8d:
                    d8:f8:ec:ed:c8:78:f1:62:b4:a5:1f:c0:00:a3:82:
                    13:a9:e8:7b:94:10:a9:bc:85:e8:6a:af:c1:6f:22:
                    9d:3e:16:c7:b2:f2:10:32:df:dd:59:77:c8:0b:6a:
                    55:05:3d:c6:30:59:18:5e:64:71:dc:da:62:63:e3:
                    10:43:aa:7b:46:96:bf:ad:43:a8:c7:0c:e3:06:e9:
                    f1:77:54:d4:1c:5d:f6:f8:ab:6d:db:48:8b:cd:20:
                    86:f9:6c:59:79:dc:8c:5b:1b:13:30:b0:6d:5c:07:
                    6b:5f:4f:43:36:7a:94:fc:f9:b8:87:72:91:b4:57:
                    b5:9a:74:e6:28:de:1e:fd:23:cd:55:ab:a0:d5:98:
                    f4:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:F7:20:84:D2:3B:14:8E:75:CE:4C:DA:4C:F1:E2:BE:46:41:D8:B3
            X509v3 Authority Key Identifier:
                keyid:12:53:12:17:2A:CB:52:06:FC:23:72:6C:19:56:6C:8F:6B:3F:0B:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/09F9E0A0FA6F9AC66A133D8A8EEC5686AF036E3DF09331A90EC1F99B02D94088/0/125312172ACB5206FC23726C19566C8F6B3F0B99.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/125312172ACB5206FC23726C19566C8F6B3F0B99.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/09F9E0A0FA6F9AC66A133D8A8EEC5686AF036E3DF09331A90EC1F99B02D94088/0/3137302e3234372e35382e302f32332d3234203d3e20323635363436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.247.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2f:79:44:ce:97:a9:3a:c7:d9:87:f3:b2:00:6c:5f:01:df:9f:
         89:c3:73:b2:4e:5b:c0:43:c6:69:33:df:e3:0e:33:18:4e:3b:
         52:43:be:be:78:92:5d:f8:0b:34:39:7f:6c:94:bd:6a:bb:5c:
         65:d8:e7:d0:3e:00:2b:f9:b9:df:5f:27:96:51:e5:11:e5:88:
         6b:12:94:ec:72:bf:85:28:60:31:90:16:05:9d:f6:7e:81:2d:
         ac:96:31:70:d1:5e:68:01:9a:ca:a7:a2:c8:58:25:8f:3b:ec:
         6d:90:9b:6e:3e:f9:51:7c:8a:90:4a:bd:44:43:d0:56:fb:c9:
         06:94:2f:9a:c1:d7:e6:25:26:8e:af:e2:af:82:3f:da:c2:b9:
         3a:b3:55:8a:df:88:42:1c:e2:fb:41:ba:65:38:7d:00:89:d9:
         cd:a9:1d:4b:ca:99:2d:9c:6a:ac:c7:7c:f9:ef:ff:b3:e9:be:
         01:9f:92:09:bd:01:0b:87:fe:49:04:73:6e:49:f8:eb:6e:98:
         ae:5a:f4:b7:01:84:a7:ff:df:95:20:5a:73:c9:99:1b:38:c3:
         6f:63:4b:08:1a:68:5a:5e:63:a0:b5:81:79:74:32:25:7a:43:
         ec:e3:77:2c:73:24:78:da:6f:79:86:3a:c5:ea:05:36:27:cd:
         7c:e2:1e:0b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUesMn7T2G4UpPqgTYlTjwbupw7iAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI1MzEyMTcyQUNCNTIwNkZDMjM3MjZDMTk1NjZDOEY2
QjNGMEI5OTAeFw0yNTA2MjUxOTMwMDBaFw0yNjA2MjQxOTM1MDBaMDMxMTAvBgNV
BAMTKEZBRjcyMDg0RDIzQjE0OEU3NUNFNENEQTRDRjFFMkJFNDY0MUQ4QjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB9rJbz6g2uOFozKe8exz1x2FN
39fNsdP922FFwPAnNRcyerMoN46u/7mbARN8DAZL9t5TYIu5+0+W14SpOh4qEhmf
uGqXbQis5dh+lvuCeA0YXxCZzXqEGXxbH8B1dD2GxkJMs5teu4qp+QGvJhMS6tEC
CDVgjdj47O3IePFitKUfwACjghOp6HuUEKm8hehqr8FvIp0+Fsey8hAy391Zd8gL
alUFPcYwWRheZHHc2mJj4xBDqntGlr+tQ6jHDOMG6fF3VNQcXfb4q23bSIvNIIb5
bFl53IxbGxMwsG1cB2tfT0M2epT8+biHcpG0V7WadOYo3h79I81Vq6DVmPT7AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU+vcghNI7FI51zkzaTPHivkZB2LMwHwYDVR0j
BBgwFoAUElMSFyrLUgb8I3JsGVZsj2s/C5kwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wOUY5RTBBMEZBNkY5QUM2NkExMzNEOEE4RUVDNTY4NkFG
MDM2RTNERjA5MzMxQTkwRUMxRjk5QjAyRDk0MDg4LzAvMTI1MzEyMTcyQUNCNTIw
NkZDMjM3MjZDMTk1NjZDOEY2QjNGMEI5OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xMjUzMTIxNzJBQ0I1MjA2RkMy
MzcyNkMxOTU2NkM4RjZCM0YwQjk5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDlGOUUwQTBGQTZGOUFDNjZBMTMzRDhBOEVFQzU2ODZBRjAzNkUzREYw
OTMzMUE5MEVDMUY5OUIwMkQ5NDA4OC8wLzMxMzczMDJlMzIzNDM3MmUzNTM4MmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNjM1MzYzNDM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBqvc6
MA0GCSqGSIb3DQEBCwUAA4IBAQAveUTOl6k6x9mH87IAbF8B35+Jw3OyTlvAQ8Zp
M9/jDjMYTjtSQ76+eJJd+As0OX9slL1qu1xl2OfQPgAr+bnfXyeWUeUR5YhrEpTs
cr+FKGAxkBYFnfZ+gS2sljFw0V5oAZrKp6LIWCWPO+xtkJtuPvlRfIqQSr1EQ9BW
+8kGlC+awdfmJSaOr+Kvgj/awrk6s1WK34hCHOL7QbplOH0AidnNqR1LypktnGqs
x3z57/+z6b4Bn5IJvQELh/5JBHNuSfjrbpiuWvS3AYSn/9+VIFpzyZkbOMNvY0sI
GmhaXmOgtYF5dDIlekPs43cscyR42m95hjrF6gU2J8184h4L
-----END CERTIFICATE-----
Generated at Sat Jul 5 19:40:18 2025 by rpki-client