Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B5DC9768EA0AACF46DC911E81D0D9D049927D24AACAF0685CB367D54CEE2BD95/0/3139312e39372e31362e302f32322d3234203d3e20323634383434.roa
File:                     3139312e39372e31362e302f32322d3234203d3e20323634383434.roa (raw, json)
Hash identifier:          Yuf5XFzKCIo2d0epsdNAai1Ql9jRbdyDY/wpCpQorNA=
Subject key identifier:   34:A1:99:65:AF:71:9B:B7:1F:3C:E2:F1:95:26:18:A3:B1:A6:C4:AE
Certificate issuer:       /CN=CEFF58507AF1A06AEFDA67DD8D65125C364A4DEC
Certificate serial:       246704C3F01F3DAC10394E930BBC06C049BF7DA6
Authority key identifier: CE:FF:58:50:7A:F1:A0:6A:EF:DA:67:DD:8D:65:12:5C:36:4A:4D:EC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CEFF58507AF1A06AEFDA67DD8D65125C364A4DEC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B5DC9768EA0AACF46DC911E81D0D9D049927D24AACAF0685CB367D54CEE2BD95/0/3139312e39372e31362e302f32322d3234203d3e20323634383434.roa
Signing time:             Wed 07 May 2025 19:17:59 +0000
ROA not before:           Wed 07 May 2025 19:12:59 +0000
ROA not after:            Wed 06 May 2026 19:17:59 +0000
asID:                     264844
IP address blocks:        191.97.16.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/B5DC9768EA0AACF46DC911E81D0D9D049927D24AACAF0685CB367D54CEE2BD95/0/CEFF58507AF1A06AEFDA67DD8D65125C364A4DEC.crl
                          rsync://repository.lacnic.net/rpki/lacnic/B5DC9768EA0AACF46DC911E81D0D9D049927D24AACAF0685CB367D54CEE2BD95/0/CEFF58507AF1A06AEFDA67DD8D65125C364A4DEC.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CEFF58507AF1A06AEFDA67DD8D65125C364A4DEC.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 21 May 2025 01:23:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:67:04:c3:f0:1f:3d:ac:10:39:4e:93:0b:bc:06:c0:49:bf:7d:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CEFF58507AF1A06AEFDA67DD8D65125C364A4DEC
        Validity
            Not Before: May  7 19:12:59 2025 GMT
            Not After : May  6 19:17:59 2026 GMT
        Subject: CN=34A19965AF719BB71F3CE2F1952618A3B1A6C4AE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:79:a6:e4:39:c9:c5:ad:88:27:a5:cf:a1:1e:
                    2c:eb:61:50:0e:39:9e:32:92:b1:66:2c:6d:ba:de:
                    56:e9:a9:9d:51:12:fc:df:1e:3f:c5:5e:57:a2:d0:
                    a9:0e:02:31:70:ff:69:9b:8e:95:a1:ba:d2:d2:54:
                    ce:46:7b:a0:cc:84:9a:f0:92:d9:92:0f:31:63:8b:
                    e3:b1:06:43:a0:c2:f6:85:a1:08:2a:27:ef:a0:41:
                    60:78:ea:dc:34:b5:6c:6d:b1:9e:d4:03:88:81:b2:
                    d5:50:ed:0c:72:9a:47:b3:e9:56:35:e2:29:73:7f:
                    d1:54:96:b5:d5:78:74:80:d9:ca:98:fb:21:c6:06:
                    7d:eb:67:10:ba:a6:19:d5:5f:85:bf:10:31:dd:53:
                    ee:fd:e9:bd:8f:9c:d1:02:37:b2:ce:c1:df:25:bc:
                    3f:fb:07:93:10:22:46:f0:d8:34:4f:3b:8c:83:e4:
                    16:44:8a:39:97:37:58:98:c8:ab:04:fc:22:e1:13:
                    2a:92:71:91:f5:ec:8b:83:de:06:4c:4f:cb:48:9b:
                    e9:c1:61:14:cb:e3:e1:5d:16:bf:f5:fb:ee:f4:3c:
                    d7:f9:b1:db:92:bc:01:a8:5f:e3:87:fb:8e:3e:c8:
                    14:15:5d:55:a8:d0:6f:ba:05:4b:a5:55:b2:ae:21:
                    c5:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:A1:99:65:AF:71:9B:B7:1F:3C:E2:F1:95:26:18:A3:B1:A6:C4:AE
            X509v3 Authority Key Identifier:
                keyid:CE:FF:58:50:7A:F1:A0:6A:EF:DA:67:DD:8D:65:12:5C:36:4A:4D:EC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B5DC9768EA0AACF46DC911E81D0D9D049927D24AACAF0685CB367D54CEE2BD95/0/CEFF58507AF1A06AEFDA67DD8D65125C364A4DEC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CEFF58507AF1A06AEFDA67DD8D65125C364A4DEC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B5DC9768EA0AACF46DC911E81D0D9D049927D24AACAF0685CB367D54CEE2BD95/0/3139312e39372e31362e302f32322d3234203d3e20323634383434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.97.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5c:7f:d2:ff:67:ce:eb:12:9c:3d:bd:e4:f7:2e:27:80:fc:d9:
         5d:f8:a4:a5:91:9d:95:17:3a:36:1b:40:38:88:bf:7c:85:04:
         f1:fe:b6:27:ba:eb:f9:11:78:9d:b3:3f:76:d0:56:1f:d0:a4:
         12:89:44:2f:40:14:5e:46:a1:37:bb:3a:fa:a9:9d:45:f9:96:
         8d:c9:bf:1c:a4:7c:2b:76:64:ab:79:4f:0a:90:0f:af:69:a0:
         e3:2d:72:d1:df:c8:83:96:36:43:83:e9:b6:4c:b6:23:50:31:
         e0:d7:fc:ca:a2:08:78:c5:13:91:8a:58:85:12:7a:c3:b1:19:
         33:7c:7a:d4:40:99:a9:64:38:ef:f8:d8:f4:0d:56:d4:1b:aa:
         71:20:d5:45:c8:31:7b:b2:17:72:23:de:cb:93:a8:be:e8:06:
         cb:60:20:fb:7a:9c:c8:87:07:57:f5:a9:71:f7:3f:5b:61:cf:
         4c:f8:77:2b:66:94:25:2b:5e:21:2a:ea:61:90:df:10:9a:a2:
         ac:14:37:30:43:ae:39:87:82:2c:24:48:3e:bc:5c:4f:05:4d:
         b6:2f:d8:60:f5:b3:e5:27:61:19:a7:3c:a2:f2:61:1f:93:0b:
         23:78:a4:1e:21:07:12:47:6d:b6:19:76:ce:94:09:58:e1:8b:
         e0:ed:a1:7b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUJGcEw/AfPawQOU6TC7wGwEm/faYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0VGRjU4NTA3QUYxQTA2QUVGREE2N0REOEQ2NTEyNUMz
NjRBNERFQzAeFw0yNTA1MDcxOTEyNTlaFw0yNjA1MDYxOTE3NTlaMDMxMTAvBgNV
BAMTKDM0QTE5OTY1QUY3MTlCQjcxRjNDRTJGMTk1MjYxOEEzQjFBNkM0QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoeabkOcnFrYgnpc+hHizrYVAO
OZ4ykrFmLG263lbpqZ1REvzfHj/FXlei0KkOAjFw/2mbjpWhutLSVM5Ge6DMhJrw
ktmSDzFji+OxBkOgwvaFoQgqJ++gQWB46tw0tWxtsZ7UA4iBstVQ7Qxymkez6VY1
4ilzf9FUlrXVeHSA2cqY+yHGBn3rZxC6phnVX4W/EDHdU+796b2PnNECN7LOwd8l
vD/7B5MQIkbw2DRPO4yD5BZEijmXN1iYyKsE/CLhEyqScZH17IuD3gZMT8tIm+nB
YRTL4+FdFr/1++70PNf5sduSvAGoX+OH+44+yBQVXVWo0G+6BUulVbKuIcXLAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUNKGZZa9xm7cfPOLxlSYYo7GmxK4wHwYDVR0j
BBgwFoAUzv9YUHrxoGrv2mfdjWUSXDZKTewwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CNURDOTc2OEVBMEFBQ0Y0NkRDOTExRTgxRDBEOUQwNDk5
MjdEMjRBQUNBRjA2ODVDQjM2N0Q1NENFRTJCRDk1LzAvQ0VGRjU4NTA3QUYxQTA2
QUVGREE2N0REOEQ2NTEyNUMzNjRBNERFQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DRUZGNTg1MDdBRjFBMDZBRUZE
QTY3REQ4RDY1MTI1QzM2NEE0REVDLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjVEQzk3NjhFQTBBQUNGNDZEQzkxMUU4MUQwRDlEMDQ5OTI3RDI0QUFD
QUYwNjg1Q0IzNjdENTRDRUUyQkQ5NS8wLzMxMzkzMTJlMzkzNzJlMzEzNjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNDM4MzQzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAr9hEDAN
BgkqhkiG9w0BAQsFAAOCAQEAXH/S/2fO6xKcPb3k9y4ngPzZXfikpZGdlRc6NhtA
OIi/fIUE8f62J7rr+RF4nbM/dtBWH9CkEolEL0AUXkahN7s6+qmdRfmWjcm/HKR8
K3Zkq3lPCpAPr2mg4y1y0d/Ig5Y2Q4Pptky2I1Ax4Nf8yqIIeMUTkYpYhRJ6w7EZ
M3x61ECZqWQ47/jY9A1W1BuqcSDVRcgxe7IXciPey5OovugGy2Ag+3qcyIcHV/Wp
cfc/W2HPTPh3K2aUJSteISrqYZDfEJqirBQ3MEOuOYeCLCRIPrxcTwVNti/YYPWz
5SdhGac8ovJhH5MLI3ikHiEHEkdtthl2zpQJWOGL4O2hew==
-----END CERTIFICATE-----
Generated at Sun May 18 01:59:45 2025 by rpki-client