Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0BB071D96D8FBE2A86990905DC17E199370A5705236A00065D68563FAADB85E6/0/3136382e3234332e37332e302f32342d3234203d3e20323732303237.roa
File:                     3136382e3234332e37332e302f32342d3234203d3e20323732303237.roa (raw, json)
Hash identifier:          dG3fBAgNSAJXNAhAgG8UGYWdKO2cSBxKSFPOsh1smPw=
Subject key identifier:   7F:2A:4E:BE:F1:9E:14:4A:A5:ED:4F:52:82:E4:29:CF:82:B7:C4:31
Certificate issuer:       /CN=D3503D03E3D4DFA0767F6DFF3BA71DD7B6236AFA
Certificate serial:       0B947FC551A6E84C3C848992A5BDAE4E6131DA75
Authority key identifier: D3:50:3D:03:E3:D4:DF:A0:76:7F:6D:FF:3B:A7:1D:D7:B6:23:6A:FA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D3503D03E3D4DFA0767F6DFF3BA71DD7B6236AFA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0BB071D96D8FBE2A86990905DC17E199370A5705236A00065D68563FAADB85E6/0/3136382e3234332e37332e302f32342d3234203d3e20323732303237.roa
Signing time:             Thu 16 Oct 2025 11:50:00 +0000
ROA not before:           Thu 16 Oct 2025 11:45:00 +0000
ROA not after:            Thu 15 Oct 2026 11:50:00 +0000
asID:                     272027
IP address blocks:        168.243.73.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0BB071D96D8FBE2A86990905DC17E199370A5705236A00065D68563FAADB85E6/0/D3503D03E3D4DFA0767F6DFF3BA71DD7B6236AFA.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0BB071D96D8FBE2A86990905DC17E199370A5705236A00065D68563FAADB85E6/0/D3503D03E3D4DFA0767F6DFF3BA71DD7B6236AFA.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D3503D03E3D4DFA0767F6DFF3BA71DD7B6236AFA.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 23 Oct 2025 10:42:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:94:7f:c5:51:a6:e8:4c:3c:84:89:92:a5:bd:ae:4e:61:31:da:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D3503D03E3D4DFA0767F6DFF3BA71DD7B6236AFA
        Validity
            Not Before: Oct 16 11:45:00 2025 GMT
            Not After : Oct 15 11:50:00 2026 GMT
        Subject: CN=7F2A4EBEF19E144AA5ED4F5282E429CF82B7C431
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e3:65:6b:d9:d8:fa:e3:0c:5a:77:24:be:fc:
                    ca:f3:22:fc:63:75:ce:7f:a8:76:8e:15:8c:e3:70:
                    09:f2:ec:4e:ae:7d:d7:3e:86:9b:de:41:5a:5d:11:
                    66:d3:47:98:c9:1b:35:0d:75:d2:a0:4b:7e:25:28:
                    1d:a8:a0:63:6c:9e:44:d7:67:2e:ea:f7:04:08:6f:
                    1d:f7:f1:8b:e6:2b:d8:fb:19:a2:d1:27:2c:e3:ca:
                    aa:42:7a:58:e0:b8:61:ae:13:87:18:09:ae:85:6c:
                    a5:8e:85:b1:f1:55:b2:5b:cb:16:f4:64:2f:58:55:
                    5a:49:81:e5:76:c7:4d:8b:51:60:79:ce:d9:a7:a5:
                    0f:d6:54:42:1b:2d:a0:1a:56:19:7b:4c:fb:65:4a:
                    ad:6d:7a:9d:33:af:66:af:17:8d:a4:08:cc:72:c6:
                    9b:41:ed:fc:6c:bd:e1:ac:a3:5a:aa:96:6c:b3:c3:
                    6f:bb:b7:c6:33:a8:77:00:6d:8d:f2:d4:05:f0:f2:
                    ab:ed:45:c7:66:eb:6f:4d:32:d3:75:4b:f7:8c:fa:
                    d2:47:e0:9e:c7:a2:85:f3:ca:23:35:73:68:c2:6c:
                    60:b6:79:87:a6:63:e1:66:8e:56:25:0a:5a:45:2d:
                    79:9d:56:82:9e:4c:03:3e:f8:05:76:c4:b4:58:6e:
                    fc:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:2A:4E:BE:F1:9E:14:4A:A5:ED:4F:52:82:E4:29:CF:82:B7:C4:31
            X509v3 Authority Key Identifier:
                keyid:D3:50:3D:03:E3:D4:DF:A0:76:7F:6D:FF:3B:A7:1D:D7:B6:23:6A:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0BB071D96D8FBE2A86990905DC17E199370A5705236A00065D68563FAADB85E6/0/D3503D03E3D4DFA0767F6DFF3BA71DD7B6236AFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D3503D03E3D4DFA0767F6DFF3BA71DD7B6236AFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0BB071D96D8FBE2A86990905DC17E199370A5705236A00065D68563FAADB85E6/0/3136382e3234332e37332e302f32342d3234203d3e20323732303237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.243.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:4e:ac:30:dc:20:d3:f8:0d:4f:da:91:d5:bc:48:94:cc:79:
         30:0b:94:2b:85:42:2c:ff:e8:93:91:b8:3a:32:1e:41:cb:69:
         67:93:55:fc:e8:1f:92:71:d8:fc:78:41:07:aa:1f:83:13:ea:
         ff:a7:5e:95:bd:c4:36:dc:8b:49:cf:fc:2f:a9:ea:d1:6b:ff:
         52:bb:55:fc:3f:1e:34:63:13:66:fd:d6:d4:63:98:7d:c6:31:
         76:52:51:19:3b:23:3b:41:67:ec:40:70:65:9d:41:1e:ce:76:
         56:f6:9f:28:99:61:44:0a:bd:af:a6:ab:f3:ce:b8:aa:49:84:
         e8:a0:63:e3:ae:84:97:81:16:d2:05:9b:a2:31:55:a4:d0:bf:
         fb:ba:97:e0:6a:56:a3:cd:3f:0b:5a:ad:ab:03:0a:26:5e:11:
         c6:89:f1:a6:d1:8a:2e:38:63:78:ca:e0:e1:bc:4b:11:81:61:
         12:f2:90:0c:b9:92:46:e9:89:a8:40:71:ef:07:ff:99:04:e7:
         27:5a:c3:9b:a8:df:3e:bd:5b:db:e8:91:f8:98:d6:d8:db:a9:
         95:3b:f7:bd:e7:26:13:eb:9e:fa:6e:4e:bc:c9:f4:94:f5:7f:
         c4:60:23:b5:2c:c5:45:cf:b7:6f:4a:6c:f9:2a:57:d2:18:88:
         48:da:bd:12
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUC5R/xVGm6Ew8hImSpb2uTmEx2nUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM1MDNEMDNFM0Q0REZBMDc2N0Y2REZGM0JBNzFERDdC
NjIzNkFGQTAeFw0yNTEwMTYxMTQ1MDBaFw0yNjEwMTUxMTUwMDBaMDMxMTAvBgNV
BAMTKDdGMkE0RUJFRjE5RTE0NEFBNUVENEY1MjgyRTQyOUNGODJCN0M0MzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy42Vr2dj64wxadyS+/MrzIvxj
dc5/qHaOFYzjcAny7E6ufdc+hpveQVpdEWbTR5jJGzUNddKgS34lKB2ooGNsnkTX
Zy7q9wQIbx338YvmK9j7GaLRJyzjyqpCeljguGGuE4cYCa6FbKWOhbHxVbJbyxb0
ZC9YVVpJgeV2x02LUWB5ztmnpQ/WVEIbLaAaVhl7TPtlSq1tep0zr2avF42kCMxy
xptB7fxsveGso1qqlmyzw2+7t8YzqHcAbY3y1AXw8qvtRcdm629NMtN1S/eM+tJH
4J7HooXzyiM1c2jCbGC2eYemY+FmjlYlClpFLXmdVoKeTAM++AV2xLRYbvx9AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUfypOvvGeFEql7U9SguQpz4K3xDEwHwYDVR0j
BBgwFoAU01A9A+PU36B2f23/O6cd17YjavowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wQkIwNzFEOTZEOEZCRTJBODY5OTA5MDVEQzE3RTE5OTM3
MEE1NzA1MjM2QTAwMDY1RDY4NTYzRkFBREI4NUU2LzAvRDM1MDNEMDNFM0Q0REZB
MDc2N0Y2REZGM0JBNzFERDdCNjIzNkFGQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMzUwM0QwM0UzRDRERkEwNzY3
RjZERkYzQkE3MUREN0I2MjM2QUZBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEJCMDcxRDk2RDhGQkUyQTg2OTkwOTA1REMxN0UxOTkzNzBBNTcwNTIz
NkEwMDA2NUQ2ODU2M0ZBQURCODVFNi8wLzMxMzYzODJlMzIzNDMzMmUzNzMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzMyMzAzMjM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqPNJ
MA0GCSqGSIb3DQEBCwUAA4IBAQA7Tqww3CDT+A1P2pHVvEiUzHkwC5QrhUIs/+iT
kbg6Mh5By2lnk1X86B+Scdj8eEEHqh+DE+r/p16VvcQ23ItJz/wvqerRa/9Su1X8
Px40YxNm/dbUY5h9xjF2UlEZOyM7QWfsQHBlnUEeznZW9p8omWFECr2vpqvzzriq
SYTooGPjroSXgRbSBZuiMVWk0L/7upfgalajzT8LWq2rAwomXhHGifGm0YouOGN4
yuDhvEsRgWES8pAMuZJG6YmoQHHvB/+ZBOcnWsObqN8+vVvb6JH4mNbY26mVO/e9
5yYT6576bk68yfSU9X/EYCO1LMVFz7dvSmz5KlfSGIhI2r0S
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:11:05 2025 by rpki-client