Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/67251DDBF206F3078E36459E6E56B30893DF94A8FBF9C05E0F2D0E47457FCD38/0/3136312e32322e35322e302f32322d3233203d3e203237363630.roa
File:                     3136312e32322e35322e302f32322d3233203d3e203237363630.roa (raw, json)
Hash identifier:          4O8yanyBdcHKORvWEfEHO/yvNcHdgD1j64TksLomT68=
Subject key identifier:   4C:10:09:BE:E2:1C:43:CC:98:B9:4E:FB:71:3D:C1:0F:6B:8A:C9:EE
Certificate issuer:       /CN=4052A5C92CFA7072166954B78BEBA6DBD1517D9B
Certificate serial:       23D59B3356E2B153EC1E9D738C343D2C7AD06AEA
Authority key identifier: 40:52:A5:C9:2C:FA:70:72:16:69:54:B7:8B:EB:A6:DB:D1:51:7D:9B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4052A5C92CFA7072166954B78BEBA6DBD1517D9B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/67251DDBF206F3078E36459E6E56B30893DF94A8FBF9C05E0F2D0E47457FCD38/0/3136312e32322e35322e302f32322d3233203d3e203237363630.roa
Signing time:             Tue 24 Jun 2025 16:23:32 +0000
ROA not before:           Tue 24 Jun 2025 16:18:32 +0000
ROA not after:            Tue 23 Jun 2026 16:23:32 +0000
asID:                     27660
IP address blocks:        161.22.52.0/22 maxlen: 23
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/67251DDBF206F3078E36459E6E56B30893DF94A8FBF9C05E0F2D0E47457FCD38/0/4052A5C92CFA7072166954B78BEBA6DBD1517D9B.crl
                          rsync://repository.lacnic.net/rpki/lacnic/67251DDBF206F3078E36459E6E56B30893DF94A8FBF9C05E0F2D0E47457FCD38/0/4052A5C92CFA7072166954B78BEBA6DBD1517D9B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4052A5C92CFA7072166954B78BEBA6DBD1517D9B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 07 Jul 2025 18:57:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:d5:9b:33:56:e2:b1:53:ec:1e:9d:73:8c:34:3d:2c:7a:d0:6a:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4052A5C92CFA7072166954B78BEBA6DBD1517D9B
        Validity
            Not Before: Jun 24 16:18:32 2025 GMT
            Not After : Jun 23 16:23:32 2026 GMT
        Subject: CN=4C1009BEE21C43CC98B94EFB713DC10F6B8AC9EE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:7c:3f:e5:da:3b:76:3b:b6:0f:fa:1e:00:1a:
                    20:b3:ff:85:44:49:d3:0e:0e:6c:51:0a:d6:be:ac:
                    8f:a2:b6:14:8d:7c:4a:38:1b:b9:46:ac:ac:9c:37:
                    dc:72:d6:75:3a:01:b7:4a:13:1b:07:36:e5:c4:ce:
                    8d:4b:cd:4b:60:81:b8:ff:ad:56:88:dc:7a:07:bf:
                    73:9d:e8:4e:0b:3f:c4:c6:36:5b:f3:b9:ce:2f:22:
                    f9:fd:db:19:16:27:c0:3c:38:24:da:22:cb:6e:43:
                    f6:4f:7e:ed:00:a1:7e:b6:7a:5f:0d:50:b5:2f:43:
                    3d:3c:7d:ad:0d:4a:86:34:5f:ba:17:6b:be:5d:55:
                    10:91:a5:9e:6d:61:78:ea:0c:a5:7e:06:33:43:c2:
                    42:56:19:7a:58:3b:0d:4b:b7:7e:95:42:54:10:75:
                    b8:60:65:21:cd:eb:5d:e7:cf:05:83:19:02:65:86:
                    c2:43:6d:45:f9:6e:67:6e:9c:91:e2:22:f7:92:98:
                    cd:7b:93:17:f5:79:b7:16:76:27:4b:77:83:be:9f:
                    46:3b:a3:a6:61:a7:db:f5:86:da:16:ff:fb:8e:34:
                    ac:27:05:72:fb:7a:a9:60:50:05:33:21:db:ce:0f:
                    1c:53:45:7e:a7:27:d8:71:2c:46:ec:a8:b3:7d:11:
                    dd:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:10:09:BE:E2:1C:43:CC:98:B9:4E:FB:71:3D:C1:0F:6B:8A:C9:EE
            X509v3 Authority Key Identifier:
                keyid:40:52:A5:C9:2C:FA:70:72:16:69:54:B7:8B:EB:A6:DB:D1:51:7D:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/67251DDBF206F3078E36459E6E56B30893DF94A8FBF9C05E0F2D0E47457FCD38/0/4052A5C92CFA7072166954B78BEBA6DBD1517D9B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4052A5C92CFA7072166954B78BEBA6DBD1517D9B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/67251DDBF206F3078E36459E6E56B30893DF94A8FBF9C05E0F2D0E47457FCD38/0/3136312e32322e35322e302f32322d3233203d3e203237363630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.22.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         53:40:62:e9:1e:dd:5e:eb:d6:eb:b8:a4:99:f7:2f:32:ec:b3:
         b7:c9:14:09:9c:73:df:4a:d8:36:f2:62:47:f3:0d:71:a4:46:
         a5:68:b5:cc:cc:35:48:e6:6e:aa:c4:2d:92:05:a7:b3:3e:04:
         ec:0b:e5:34:9b:84:ef:c7:db:ed:4e:e1:d0:7c:45:52:de:3d:
         35:d1:af:87:c9:d7:9d:f5:54:65:c3:fe:69:5f:01:36:6a:8e:
         f5:c0:7d:0a:45:98:b4:37:90:12:8e:d3:9b:69:24:f5:7b:97:
         96:66:d7:97:ab:51:9f:ff:d2:14:57:89:fc:fb:24:4f:a6:ce:
         21:ab:f8:c7:ce:a5:da:53:b5:2c:0e:62:82:61:d8:fb:2c:1a:
         c0:70:b8:45:e1:3c:56:f7:e6:34:90:a1:d2:2d:bb:98:c4:c1:
         16:7c:30:79:69:ea:c1:df:96:78:8b:18:66:ee:38:75:36:71:
         5f:7a:53:3e:8d:77:5e:da:85:83:04:55:75:0b:eb:74:a6:2d:
         83:5e:8b:a4:11:29:54:00:1c:df:d2:58:0c:ea:40:41:95:e4:
         32:62:7f:43:1b:11:51:b8:7c:f9:22:13:e9:08:13:1b:e0:61:
         27:43:0a:2e:b5:c3:f6:05:6f:6c:85:c7:aa:08:9b:ed:d2:73:
         cc:57:e9:8c
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUI9WbM1bisVPsHp1zjDQ9LHrQauowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDA1MkE1QzkyQ0ZBNzA3MjE2Njk1NEI3OEJFQkE2REJE
MTUxN0Q5QjAeFw0yNTA2MjQxNjE4MzJaFw0yNjA2MjMxNjIzMzJaMDMxMTAvBgNV
BAMTKDRDMTAwOUJFRTIxQzQzQ0M5OEI5NEVGQjcxM0RDMTBGNkI4QUM5RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvfD/l2jt2O7YP+h4AGiCz/4VE
SdMODmxRCta+rI+ithSNfEo4G7lGrKycN9xy1nU6AbdKExsHNuXEzo1LzUtggbj/
rVaI3HoHv3Od6E4LP8TGNlvzuc4vIvn92xkWJ8A8OCTaIstuQ/ZPfu0AoX62el8N
ULUvQz08fa0NSoY0X7oXa75dVRCRpZ5tYXjqDKV+BjNDwkJWGXpYOw1Lt36VQlQQ
dbhgZSHN613nzwWDGQJlhsJDbUX5bmdunJHiIveSmM17kxf1ebcWdidLd4O+n0Y7
o6Zhp9v1htoW//uONKwnBXL7eqlgUAUzIdvODxxTRX6nJ9hxLEbsqLN9Ed1BAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUTBAJvuIcQ8yYuU77cT3BD2uKye4wHwYDVR0j
BBgwFoAUQFKlySz6cHIWaVS3i+um29FRfZswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82NzI1MUREQkYyMDZGMzA3OEUzNjQ1OUU2RTU2QjMwODkz
REY5NEE4RkJGOUMwNUUwRjJEMEU0NzQ1N0ZDRDM4LzAvNDA1MkE1QzkyQ0ZBNzA3
MjE2Njk1NEI3OEJFQkE2REJEMTUxN0Q5Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80MDUyQTVDOTJDRkE3MDcyMTY2
OTU0Qjc4QkVCQTZEQkQxNTE3RDlCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjcyNTFEREJGMjA2RjMwNzhFMzY0NTlFNkU1NkIzMDg5M0RGOTRBOEZC
RjlDMDVFMEYyRDBFNDc0NTdGQ0QzOC8wLzMxMzYzMTJlMzIzMjJlMzUzMjJlMzAy
ZjMyMzIyZDMyMzMyMDNkM2UyMDMyMzczNjM2MzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKhFjQwDQYJ
KoZIhvcNAQELBQADggEBAFNAYuke3V7r1uu4pJn3LzLss7fJFAmcc99K2DbyYkfz
DXGkRqVotczMNUjmbqrELZIFp7M+BOwL5TSbhO/H2+1O4dB8RVLePTXRr4fJ1531
VGXD/mlfATZqjvXAfQpFmLQ3kBKO05tpJPV7l5Zm15erUZ//0hRXifz7JE+mziGr
+MfOpdpTtSwOYoJh2PssGsBwuEXhPFb35jSQodItu5jEwRZ8MHlp6sHflniLGGbu
OHU2cV96Uz6Nd17ahYMEVXUL63SmLYNei6QRKVQAHN/SWAzqQEGV5DJif0MbEVG4
fPkiE+kIExvgYSdDCi61w/YFb2yFx6oIm+3Sc8xX6Yw=
-----END CERTIFICATE-----
Generated at Fri Jul 4 08:48:53 2025 by rpki-client