Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/561568D8C9ADDDCA3CE770397277D5396B63174DB0C7B08B578633BC3267E147/0/AS27672.roa
File:                     AS27672.roa (raw, json)
Hash identifier:          h7y2BSaSciR/T7m9wxTk6moGRW+XYpI/ICXnC3YWHCY=
Subject key identifier:   F9:E3:2A:85:C5:3E:1D:A2:0A:33:C3:62:B3:58:46:1C:42:64:28:1B
Certificate issuer:       /CN=C586A9076CDE73FD896464010A3CE08E4C8FC4C5
Certificate serial:       7D693BC8BD8B88EAD2CE5B6BBB84CC473C2A69D4
Authority key identifier: C5:86:A9:07:6C:DE:73:FD:89:64:64:01:0A:3C:E0:8E:4C:8F:C4:C5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C586A9076CDE73FD896464010A3CE08E4C8FC4C5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/561568D8C9ADDDCA3CE770397277D5396B63174DB0C7B08B578633BC3267E147/0/AS27672.roa
Signing time:             Fri 19 Sep 2025 17:15:00 +0000
ROA not before:           Fri 19 Sep 2025 17:10:00 +0000
ROA not after:            Fri 18 Sep 2026 17:15:00 +0000
asID:                     27672
IP address blocks:        177.224.176.0/21 maxlen: 21
                          177.240.128.0/19 maxlen: 19
                          200.77.124.0/22 maxlen: 22
                          2806:260:1009::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/561568D8C9ADDDCA3CE770397277D5396B63174DB0C7B08B578633BC3267E147/0/C586A9076CDE73FD896464010A3CE08E4C8FC4C5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/561568D8C9ADDDCA3CE770397277D5396B63174DB0C7B08B578633BC3267E147/0/C586A9076CDE73FD896464010A3CE08E4C8FC4C5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C586A9076CDE73FD896464010A3CE08E4C8FC4C5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 24 Oct 2025 00:51:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:69:3b:c8:bd:8b:88:ea:d2:ce:5b:6b:bb:84:cc:47:3c:2a:69:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C586A9076CDE73FD896464010A3CE08E4C8FC4C5
        Validity
            Not Before: Sep 19 17:10:00 2025 GMT
            Not After : Sep 18 17:15:00 2026 GMT
        Subject: CN=F9E32A85C53E1DA20A33C362B358461C4264281B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:a3:43:1e:2d:f2:e6:f2:a5:66:de:f6:e9:2a:
                    02:4c:4b:46:13:48:98:d1:d9:93:86:af:31:0c:3b:
                    8f:c0:9b:7c:6a:63:58:aa:1a:5b:c3:bd:84:4b:a0:
                    e3:07:62:b1:a6:08:1e:fe:fc:66:17:4f:74:7d:ed:
                    7c:d9:c3:85:46:27:70:96:d3:6e:32:7e:3a:56:df:
                    e7:b1:a9:0c:4e:b7:a6:73:65:6e:0c:1b:e5:79:61:
                    b4:4f:14:ef:bf:35:ec:9b:d2:f8:ad:ed:36:ab:83:
                    9e:5d:42:2b:64:0f:a2:8f:86:fb:dc:eb:56:e3:f3:
                    11:9a:7d:5a:0d:c4:55:56:02:d0:cb:d0:32:4c:67:
                    40:8d:60:eb:f8:f9:d1:e6:2b:44:27:bd:a2:d1:1d:
                    e2:a5:24:f0:58:5e:47:43:29:68:cb:5d:e8:38:02:
                    fa:2a:07:6f:20:c7:5d:07:4e:1a:ca:0c:dd:14:2e:
                    1d:17:61:5e:6d:54:e8:78:4f:08:61:37:81:5c:e4:
                    68:dc:ff:c1:d0:21:2b:46:1e:27:23:b7:76:77:d2:
                    e2:58:89:83:b6:d6:fd:b2:d4:72:ee:c3:59:cd:31:
                    41:fa:43:e6:20:9d:77:e6:a9:6a:fe:75:98:2f:d5:
                    20:e4:5a:fb:2c:b1:22:68:3f:c1:dc:cd:1a:54:db:
                    57:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:E3:2A:85:C5:3E:1D:A2:0A:33:C3:62:B3:58:46:1C:42:64:28:1B
            X509v3 Authority Key Identifier:
                keyid:C5:86:A9:07:6C:DE:73:FD:89:64:64:01:0A:3C:E0:8E:4C:8F:C4:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/561568D8C9ADDDCA3CE770397277D5396B63174DB0C7B08B578633BC3267E147/0/C586A9076CDE73FD896464010A3CE08E4C8FC4C5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C586A9076CDE73FD896464010A3CE08E4C8FC4C5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/561568D8C9ADDDCA3CE770397277D5396B63174DB0C7B08B578633BC3267E147/0/AS27672.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.224.176.0/21
                  177.240.128.0/19
                  200.77.124.0/22
                IPv6:
                  2806:260:1009::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:aa:ac:25:96:ba:19:32:d1:4f:9c:d9:f4:25:86:ac:dc:ac:
         70:0a:2c:18:4e:e5:7f:d5:d7:9a:ff:48:a1:90:fb:a7:4a:31:
         04:8c:ea:3d:86:c0:49:7d:d5:35:67:63:16:9d:86:4f:76:c3:
         e2:20:f4:c3:81:73:3c:03:33:a5:47:3a:c8:c1:49:c6:93:4c:
         18:10:d3:ae:ce:f2:4e:6d:c2:37:5c:45:dd:3d:8c:1b:c9:0c:
         eb:40:c8:a3:02:9b:19:ab:75:2a:62:34:8d:22:05:c7:d6:af:
         03:78:da:1f:34:78:5c:ae:95:1f:51:3f:75:cb:92:22:70:f0:
         03:0b:46:59:00:54:e7:3e:e8:00:2b:a2:5b:ed:65:97:79:2c:
         6f:3b:c4:e8:3f:4d:cd:f3:e9:11:63:40:37:64:e0:8e:2d:d5:
         57:84:22:c0:96:6d:78:98:bf:58:ce:f0:ed:e8:f1:78:94:f3:
         dd:f9:a1:9b:e9:17:05:d7:f9:de:ba:da:c2:93:7e:f1:15:8c:
         98:8e:fc:a7:44:cf:a1:7e:41:00:07:c3:ce:52:6d:9e:de:e1:
         74:c6:3d:c4:dc:b3:6d:77:d2:18:61:8c:a9:f0:ef:71:53:1f:
         7d:c9:e2:78:7d:d1:ee:b6:b6:cf:8d:d7:c3:54:67:63:43:85:
         68:c6:ef:d3
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgIUfWk7yL2LiOrSzltru4TMRzwqadQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzU4NkE5MDc2Q0RFNzNGRDg5NjQ2NDAxMEEzQ0UwOEU0
QzhGQzRDNTAeFw0yNTA5MTkxNzEwMDBaFw0yNjA5MTgxNzE1MDBaMDMxMTAvBgNV
BAMTKEY5RTMyQTg1QzUzRTFEQTIwQTMzQzM2MkIzNTg0NjFDNDI2NDI4MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCko0MeLfLm8qVm3vbpKgJMS0YT
SJjR2ZOGrzEMO4/Am3xqY1iqGlvDvYRLoOMHYrGmCB7+/GYXT3R97XzZw4VGJ3CW
024yfjpW3+exqQxOt6ZzZW4MG+V5YbRPFO+/Neyb0vit7Targ55dQitkD6KPhvvc
61bj8xGafVoNxFVWAtDL0DJMZ0CNYOv4+dHmK0QnvaLRHeKlJPBYXkdDKWjLXeg4
AvoqB28gx10HThrKDN0ULh0XYV5tVOh4TwhhN4Fc5Gjc/8HQIStGHicjt3Z30uJY
iYO21v2y1HLuw1nNMUH6Q+YgnXfmqWr+dZgv1SDkWvsssSJoP8HczRpU21fJAgMB
AAGjggK1MIICsTAdBgNVHQ4EFgQU+eMqhcU+HaIKM8Nis1hGHEJkKBswHwYDVR0j
BBgwFoAUxYapB2zec/2JZGQBCjzgjkyPxMUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NjE1NjhEOEM5QURERENBM0NFNzcwMzk3Mjc3RDUzOTZC
NjMxNzREQjBDN0IwOEI1Nzg2MzNCQzMyNjdFMTQ3LzAvQzU4NkE5MDc2Q0RFNzNG
RDg5NjQ2NDAxMEEzQ0UwOEU0QzhGQzRDNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DNTg2QTkwNzZDREU3M0ZEODk2
NDY0MDEwQTNDRTA4RTRDOEZDNEM1LmNlcjCBlwYIKwYBBQUHAQsEgYowgYcwgYQG
CCsGAQUFBzALhnhyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy81NjE1NjhEOEM5QURERENBM0NFNzcwMzk3Mjc3RDUzOTZCNjMxNzREQjBD
N0IwOEI1Nzg2MzNCQzMyNjdFMTQ3LzAvQVMyNzY3Mi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA8BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEA7HgsAME
BbHwgAMEAshNfDAPBAIAAjAJAwcAKAYCYBAJMA0GCSqGSIb3DQEBCwUAA4IBAQAz
qqwllroZMtFPnNn0JYas3KxwCiwYTuV/1dea/0ihkPunSjEEjOo9hsBJfdU1Z2MW
nYZPdsPiIPTDgXM8AzOlRzrIwUnGk0wYENOuzvJObcI3XEXdPYwbyQzrQMijApsZ
q3UqYjSNIgXH1q8DeNofNHhcrpUfUT91y5IicPADC0ZZAFTnPugAK6Jb7WWXeSxv
O8ToP03N8+kRY0A3ZOCOLdVXhCLAlm14mL9YzvDt6PF4lPPd+aGb6RcF1/neutrC
k37xFYyYjvynRM+hfkEAB8POUm2e3uF0xj3E3LNtd9IYYYyp8O9xUx99yeJ4fdHu
trbPjdfDVGdjQ4Voxu/T
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:44:42 2025 by rpki-client