Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/3137302e3233332e37322e302f32332d3233203d3e203333333932.roa
File:                     3137302e3233332e37322e302f32332d3233203d3e203333333932.roa (raw, json)
Hash identifier:          rzL0ztqeHB444+0w0jTqAFObZIpq4VQTaa4WSDGFMDY=
Subject key identifier:   CE:85:D2:2E:0A:90:7F:00:82:9D:2E:31:AE:C3:DD:02:34:98:E2:8A
Certificate issuer:       /CN=9651F1E4B6480D19626E784CA1A8F0ABC94C1487
Certificate serial:       532EC8806980B2771FCBDF9305E6187F22EE2E3C
Authority key identifier: 96:51:F1:E4:B6:48:0D:19:62:6E:78:4C:A1:A8:F0:AB:C9:4C:14:87
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/3137302e3233332e37322e302f32332d3233203d3e203333333932.roa
Signing time:             Thu 19 Jun 2025 20:22:49 +0000
ROA not before:           Thu 19 Jun 2025 20:17:49 +0000
ROA not after:            Thu 18 Jun 2026 20:22:49 +0000
asID:                     33392
IP address blocks:        170.233.72.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.crl
                          rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 10 Jul 2025 07:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:2e:c8:80:69:80:b2:77:1f:cb:df:93:05:e6:18:7f:22:ee:2e:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9651F1E4B6480D19626E784CA1A8F0ABC94C1487
        Validity
            Not Before: Jun 19 20:17:49 2025 GMT
            Not After : Jun 18 20:22:49 2026 GMT
        Subject: CN=CE85D22E0A907F00829D2E31AEC3DD023498E28A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:34:9f:22:02:e9:4b:9f:5f:25:58:f0:f7:52:
                    3f:7a:72:88:ff:80:a7:c1:20:47:6a:7c:be:43:0c:
                    e0:b2:6f:b6:0f:f1:84:46:f5:43:09:b0:28:61:de:
                    24:aa:8b:d0:cc:d4:01:5e:19:5c:39:41:75:66:0b:
                    40:06:7d:91:fa:e3:1c:1f:5e:cc:3d:52:59:fd:34:
                    eb:62:bd:42:e2:e4:61:c8:0b:d1:00:ae:fa:54:cd:
                    1f:03:63:3c:2f:40:70:9b:fc:a6:cb:92:35:40:48:
                    cb:fb:cf:79:bf:36:2c:bd:5f:4a:d8:cc:23:7a:2f:
                    ac:78:90:6d:f5:97:2b:84:7f:0d:65:d7:99:91:51:
                    06:7b:ba:84:30:ec:28:e4:1b:f9:23:fa:eb:20:33:
                    c2:c8:18:3b:fa:e0:3e:b5:fa:6f:78:7f:13:f7:f1:
                    14:c3:67:80:47:e0:2b:bf:68:df:9a:ad:22:bd:31:
                    e1:73:76:a5:24:5e:49:15:61:3c:b6:f0:64:7b:74:
                    26:f3:05:2a:04:9d:44:23:e9:41:ef:85:73:4a:d6:
                    a2:0d:e9:0e:3f:10:ad:a2:9b:46:8c:88:9e:75:fb:
                    a0:10:83:29:6c:64:b2:1c:fb:da:05:68:53:94:1c:
                    eb:f6:a8:db:6a:f2:e5:a9:3f:26:15:4a:02:e3:33:
                    e9:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:85:D2:2E:0A:90:7F:00:82:9D:2E:31:AE:C3:DD:02:34:98:E2:8A
            X509v3 Authority Key Identifier:
                keyid:96:51:F1:E4:B6:48:0D:19:62:6E:78:4C:A1:A8:F0:AB:C9:4C:14:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/3137302e3233332e37322e302f32332d3233203d3e203333333932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.233.72.0/23

    Signature Algorithm: sha256WithRSAEncryption
         56:33:23:05:26:3f:97:16:0e:67:2e:b3:7d:73:46:37:25:a2:
         24:34:74:74:cc:32:ab:85:b6:37:f4:94:9d:24:8f:2f:db:1d:
         b6:2b:63:32:1d:b7:53:a2:9d:63:d0:66:0f:85:65:e4:82:e5:
         14:df:92:f0:44:a2:63:db:f5:c6:4b:c5:c3:af:6d:62:70:bd:
         0e:1c:8c:4b:29:cd:28:b8:87:12:63:8d:d1:98:51:71:fa:c6:
         63:da:bb:df:86:ec:94:aa:e9:b7:66:33:a4:97:9f:62:05:76:
         5a:6a:ba:34:64:91:94:bd:37:4e:2d:64:44:ba:26:e9:67:5a:
         f9:b7:7f:8a:fe:84:e0:2d:f9:d4:0e:84:ff:1f:c0:05:46:1e:
         af:93:ff:a6:3d:31:3e:73:fa:8a:e6:a6:55:21:05:85:36:9e:
         c2:30:3c:72:d5:89:2d:95:89:54:09:75:8d:14:7e:7c:6b:26:
         54:b8:95:9c:28:b5:d2:78:18:2e:c7:52:11:98:f6:4e:f2:25:
         5a:d6:7a:01:ff:6c:90:ca:7b:99:a6:e7:4d:32:0a:5d:8d:42:
         90:8a:ff:b8:cd:63:23:16:d5:d4:79:9d:c3:93:3c:87:52:96:
         cb:e2:3f:9a:53:93:ae:6c:c1:c4:06:94:e8:da:0a:a8:c7:0b:
         e5:96:aa:80
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUUy7IgGmAsncfy9+TBeYYfyLuLjwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTY1MUYxRTRCNjQ4MEQxOTYyNkU3ODRDQTFBOEYwQUJD
OTRDMTQ4NzAeFw0yNTA2MTkyMDE3NDlaFw0yNjA2MTgyMDIyNDlaMDMxMTAvBgNV
BAMTKENFODVEMjJFMEE5MDdGMDA4MjlEMkUzMUFFQzNERDAyMzQ5OEUyOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwNJ8iAulLn18lWPD3Uj96coj/
gKfBIEdqfL5DDOCyb7YP8YRG9UMJsChh3iSqi9DM1AFeGVw5QXVmC0AGfZH64xwf
Xsw9Uln9NOtivULi5GHIC9EArvpUzR8DYzwvQHCb/KbLkjVASMv7z3m/Niy9X0rY
zCN6L6x4kG31lyuEfw1l15mRUQZ7uoQw7CjkG/kj+usgM8LIGDv64D61+m94fxP3
8RTDZ4BH4Cu/aN+arSK9MeFzdqUkXkkVYTy28GR7dCbzBSoEnUQj6UHvhXNK1qIN
6Q4/EK2im0aMiJ51+6AQgylsZLIc+9oFaFOUHOv2qNtq8uWpPyYVSgLjM+k1AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUzoXSLgqQfwCCnS4xrsPdAjSY4oowHwYDVR0j
BBgwFoAUllHx5LZIDRlibnhMoajwq8lMFIcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GNjhFMjE3RjY5REU5OUQ1MkFCM0I2Mzg1RDEzNEI5M0Mz
RDREODI2MEYxRTI0QzAyMzE0OTNFODlDMkZGMTBGLzAvOTY1MUYxRTRCNjQ4MEQx
OTYyNkU3ODRDQTFBOEYwQUJDOTRDMTQ4Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85NjUxRjFFNEI2NDgwRDE5NjI2
RTc4NENBMUE4RjBBQkM5NEMxNDg3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjY4RTIxN0Y2OURFOTlENTJBQjNCNjM4NUQxMzRCOTNDM0Q0RDgyNjBG
MUUyNEMwMjMxNDkzRTg5QzJGRjEwRi8wLzMxMzczMDJlMzIzMzMzMmUzNzMyMmUz
MDJmMzIzMzJkMzIzMzIwM2QzZTIwMzMzMzMzMzkzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAarpSDAN
BgkqhkiG9w0BAQsFAAOCAQEAVjMjBSY/lxYOZy6zfXNGNyWiJDR0dMwyq4W2N/SU
nSSPL9sdtitjMh23U6KdY9BmD4Vl5ILlFN+S8ESiY9v1xkvFw69tYnC9DhyMSynN
KLiHEmON0ZhRcfrGY9q734bslKrpt2YzpJefYgV2Wmq6NGSRlL03Ti1kRLom6Wda
+bd/iv6E4C351A6E/x/ABUYer5P/pj0xPnP6iuamVSEFhTaewjA8ctWJLZWJVAl1
jRR+fGsmVLiVnCi10ngYLsdSEZj2TvIlWtZ6Af9skMp7mabnTTIKXY1CkIr/uM1j
IxbV1Hmdw5M8h1KWy+I/mlOTrmzBxAaU6NoKqMcL5ZaqgA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 05:48:05 2025 by rpki-client