Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/3138352e3139372e3132382e302f32322d3232203d3e20323632313931.roa
File:                     3138352e3139372e3132382e302f32322d3232203d3e20323632313931.roa (raw, json)
Hash identifier:          WW8ahWEgFLUaxrpPHgXtHK5D51ZK5rNahFHYYkW/oA0=
Subject key identifier:   78:7E:8E:6E:98:20:09:0D:3B:D8:91:DF:A0:1F:FB:0A:A6:6F:78:DC
Certificate issuer:       /CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
Certificate serial:       0695F19952D1E0060BBB64F4FB803C9491AACC10
Authority key identifier: 85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/3138352e3139372e3132382e302f32322d3232203d3e20323632313931.roa
Signing time:             Fri 10 Oct 2025 12:49:55 +0000
ROA not before:           Fri 10 Oct 2025 12:44:55 +0000
ROA not after:            Fri 09 Oct 2026 12:49:55 +0000
asID:                     262191
IP address blocks:        185.197.128.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 23 Oct 2025 16:48:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:95:f1:99:52:d1:e0:06:0b:bb:64:f4:fb:80:3c:94:91:aa:cc:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
        Validity
            Not Before: Oct 10 12:44:55 2025 GMT
            Not After : Oct  9 12:49:55 2026 GMT
        Subject: CN=787E8E6E9820090D3BD891DFA01FFB0AA66F78DC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:c5:c8:57:7c:46:e9:1b:43:8f:90:8f:91:65:
                    bf:c1:9d:72:d4:e1:5c:89:98:2c:54:c5:0d:75:f0:
                    7e:aa:92:bc:30:75:5e:f9:e2:20:08:69:34:a6:0b:
                    8b:98:1a:ef:24:91:59:42:2d:cd:a3:23:08:78:23:
                    6c:2c:2a:bb:5f:36:d5:fd:33:bf:fb:7f:67:5d:79:
                    93:a6:2f:f6:85:2b:15:b8:c8:af:de:08:a1:ea:7d:
                    01:fe:cc:61:47:1f:b7:55:d8:ef:b4:bf:f3:66:2d:
                    56:c8:ea:38:88:f7:bf:90:3f:c4:94:c6:da:37:5c:
                    3a:4d:ac:25:77:00:1d:d0:e7:8b:b1:8d:0a:f7:f3:
                    91:36:f2:99:1b:4b:27:13:7b:3c:e4:7d:9d:c6:cb:
                    dc:fe:d6:8d:d9:ce:05:aa:fc:c6:00:ad:c4:52:6f:
                    91:03:80:3f:0b:4d:4d:de:77:24:ea:d6:c4:7e:cb:
                    98:15:74:62:89:dd:18:e1:55:d4:dd:f6:37:3b:61:
                    56:99:c6:66:7e:8d:29:07:c9:bd:d1:9f:01:b5:36:
                    a7:6a:62:38:fb:ca:ef:68:00:ab:6d:78:76:3f:21:
                    1c:3d:b2:17:7e:11:64:fe:68:63:e9:1c:c1:4f:c4:
                    5b:c4:a4:ef:0d:ca:c0:99:50:1a:e1:46:8b:95:b2:
                    52:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:7E:8E:6E:98:20:09:0D:3B:D8:91:DF:A0:1F:FB:0A:A6:6F:78:DC
            X509v3 Authority Key Identifier:
                keyid:85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/3138352e3139372e3132382e302f32322d3232203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.197.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:4f:7c:e0:e8:a3:f9:b6:7e:02:9a:ee:83:90:55:ec:17:f5:
         2a:7e:29:2c:fc:c3:59:60:5f:36:d5:74:37:42:17:aa:17:59:
         41:9e:09:41:9b:51:4d:d6:61:8a:85:a0:d1:8f:66:17:2d:bc:
         59:a8:9d:6d:38:58:a0:1a:80:81:51:e6:93:dc:97:9e:a6:88:
         7d:19:2d:28:3a:08:64:3e:01:19:c1:0d:07:bf:75:5b:7d:51:
         ef:6e:41:42:98:34:8d:0d:c9:e9:56:c3:b3:a2:f3:2e:3d:ac:
         f4:ec:14:10:a1:37:75:c0:94:9e:46:66:67:9c:b4:d8:b3:eb:
         19:3c:20:b5:8b:78:b8:ff:a1:81:34:d2:d4:ee:3b:9d:a5:9f:
         94:80:fd:02:e4:51:b1:ce:8b:36:97:e1:dc:b0:97:3a:69:74:
         3f:bc:63:82:b6:b2:7f:36:de:3f:41:59:69:04:f3:a6:7e:68:
         99:06:85:f0:aa:14:cb:3f:13:95:a4:07:35:e0:16:4d:45:3b:
         65:f0:84:e1:04:bf:d2:0e:ba:c1:c4:65:3c:ea:f3:df:0d:65:
         7b:c8:47:a8:f4:40:d9:96:d2:70:73:a0:06:0f:57:72:53:84:
         cc:c4:79:df:b1:a2:48:23:6c:56:2c:9c:56:ed:e5:0a:a2:c8:
         f7:73:e2:75
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUBpXxmVLR4AYLu2T0+4A8lJGqzBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVEOUU3RDlCRUVGRUQwQjlFMTg4REI3RThDQzNCNjQ4
OTA2NkRDRDAeFw0yNTEwMTAxMjQ0NTVaFw0yNjEwMDkxMjQ5NTVaMDMxMTAvBgNV
BAMTKDc4N0U4RTZFOTgyMDA5MEQzQkQ4OTFERkEwMUZGQjBBQTY2Rjc4REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDixchXfEbpG0OPkI+RZb/BnXLU
4VyJmCxUxQ118H6qkrwwdV754iAIaTSmC4uYGu8kkVlCLc2jIwh4I2wsKrtfNtX9
M7/7f2ddeZOmL/aFKxW4yK/eCKHqfQH+zGFHH7dV2O+0v/NmLVbI6jiI97+QP8SU
xto3XDpNrCV3AB3Q54uxjQr385E28pkbSycTezzkfZ3Gy9z+1o3ZzgWq/MYArcRS
b5EDgD8LTU3edyTq1sR+y5gVdGKJ3RjhVdTd9jc7YVaZxmZ+jSkHyb3RnwG1Nqdq
Yjj7yu9oAKtteHY/IRw9shd+EWT+aGPpHMFPxFvEpO8NysCZUBrhRouVslIPAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUeH6ObpggCQ072JHfoB/7CqZveNwwHwYDVR0j
BBgwFoAUhdnn2b7v7QueGI236Mw7ZIkGbc0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQUQ3MjYxQzdGRDFFNEVGRUNFQkU2RjM2MkZDRDBDNzU2
OTdFMDZCNDE0NzRCRUE4Q0FCQzcwNkY3OUVDRjNELzAvODVEOUU3RDlCRUVGRUQw
QjlFMTg4REI3RThDQzNCNjQ4OTA2NkRDRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUQ5RTdEOUJFRUZFRDBCOUUx
ODhEQjdFOENDM0I2NDg5MDY2RENELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUFENzI2MUM3RkQxRTRFRkVDRUJFNkYzNjJGQ0QwQzc1Njk3RTA2QjQx
NDc0QkVBOENBQkM3MDZGNzlFQ0YzRC8wLzMxMzgzNTJlMzEzOTM3MmUzMTMyMzgy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5
xYAwDQYJKoZIhvcNAQELBQADggEBABxPfODoo/m2fgKa7oOQVewX9Sp+KSz8w1lg
XzbVdDdCF6oXWUGeCUGbUU3WYYqFoNGPZhctvFmonW04WKAagIFR5pPcl56miH0Z
LSg6CGQ+ARnBDQe/dVt9Ue9uQUKYNI0NyelWw7Oi8y49rPTsFBChN3XAlJ5GZmec
tNiz6xk8ILWLeLj/oYE00tTuO52ln5SA/QLkUbHOizaX4dywlzppdD+8Y4K2sn82
3j9BWWkE86Z+aJkGhfCqFMs/E5WkBzXgFk1FO2XwhOEEv9IOusHEZTzq898NZXvI
R6j0QNmW0nBzoAYPV3JThMzEed+xokgjbFYsnFbt5QqiyPdz4nU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:35:12 2025 by rpki-client