Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/03F888EBA74869DBA1334916A08AC126039599947A03095A373950F414C20BEB/0/34352e3232342e32382e302f32322d3234203d3e20323635383335.roa
File:                     34352e3232342e32382e302f32322d3234203d3e20323635383335.roa (raw, json)
Hash identifier:          kcglDBj8BgdHxMMz3IK2TM+k0lcX7+t341nYVldBIbE=
Subject key identifier:   A8:C1:48:90:AD:5A:FC:0C:6C:25:7A:92:05:87:46:10:59:1E:64:78
Certificate issuer:       /CN=9C2B9D6548DE9B20F9025DC759F9761A3D463E62
Certificate serial:       6AE0BE6652866EE2E41CA8CE0AB065DA18E3199D
Authority key identifier: 9C:2B:9D:65:48:DE:9B:20:F9:02:5D:C7:59:F9:76:1A:3D:46:3E:62
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9C2B9D6548DE9B20F9025DC759F9761A3D463E62.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/03F888EBA74869DBA1334916A08AC126039599947A03095A373950F414C20BEB/0/34352e3232342e32382e302f32322d3234203d3e20323635383335.roa
Signing time:             Tue 05 Mar 2024 17:51:33 +0000
ROA not before:           Tue 05 Mar 2024 17:46:33 +0000
ROA not after:            Tue 04 Mar 2025 17:51:33 +0000
asID:                     265835
IP address blocks:        45.224.28.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/03F888EBA74869DBA1334916A08AC126039599947A03095A373950F414C20BEB/0/9C2B9D6548DE9B20F9025DC759F9761A3D463E62.crl
                          rsync://repository.lacnic.net/rpki/lacnic/03F888EBA74869DBA1334916A08AC126039599947A03095A373950F414C20BEB/0/9C2B9D6548DE9B20F9025DC759F9761A3D463E62.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9C2B9D6548DE9B20F9025DC759F9761A3D463E62.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 16 Jul 2024 13:09:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:e0:be:66:52:86:6e:e2:e4:1c:a8:ce:0a:b0:65:da:18:e3:19:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9C2B9D6548DE9B20F9025DC759F9761A3D463E62
        Validity
            Not Before: Mar  5 17:46:33 2024 GMT
            Not After : Mar  4 17:51:33 2025 GMT
        Subject: CN=A8C14890AD5AFC0C6C257A9205874610591E6478
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:e7:cc:bb:91:04:39:a3:a7:9c:46:23:6b:35:
                    cd:41:3d:a1:de:0d:c5:91:4a:60:23:a8:4e:d2:f9:
                    c6:21:79:f0:5d:16:a9:e9:0d:36:f9:83:bf:37:fa:
                    03:8e:11:9a:74:9f:6d:6d:c5:6d:7e:e2:86:0a:28:
                    5a:78:52:b4:81:f6:72:6e:50:12:9e:95:1b:74:d1:
                    3f:b7:f0:5e:42:ef:7a:f2:b5:7b:7a:90:d2:05:a7:
                    e3:76:54:0d:99:ca:27:0e:ab:00:de:62:81:ca:7a:
                    69:7c:2f:3d:98:3c:19:d7:40:00:ce:f1:a8:e7:1b:
                    28:76:c7:90:44:4c:b5:62:2f:7b:9b:af:c5:6b:01:
                    bc:f0:53:df:82:74:e1:eb:da:dd:d1:c1:02:e0:37:
                    59:12:a5:52:20:53:71:06:b7:13:8a:5a:38:43:44:
                    22:fc:92:b7:f5:76:0b:73:30:bb:e0:0f:3f:ff:ec:
                    a4:af:e4:b9:19:0c:81:3d:50:06:b2:62:10:2b:c7:
                    d4:ae:80:0b:e3:09:de:74:9d:b3:10:8b:5b:d4:fa:
                    38:92:9c:7d:15:ac:cb:ec:c6:26:b5:e8:06:ff:f9:
                    e3:ae:da:fb:17:90:16:02:eb:07:28:97:1c:5b:5f:
                    c2:05:b2:55:70:08:9b:03:14:2b:31:ba:4b:84:3a:
                    0b:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:C1:48:90:AD:5A:FC:0C:6C:25:7A:92:05:87:46:10:59:1E:64:78
            X509v3 Authority Key Identifier:
                keyid:9C:2B:9D:65:48:DE:9B:20:F9:02:5D:C7:59:F9:76:1A:3D:46:3E:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/03F888EBA74869DBA1334916A08AC126039599947A03095A373950F414C20BEB/0/9C2B9D6548DE9B20F9025DC759F9761A3D463E62.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9C2B9D6548DE9B20F9025DC759F9761A3D463E62.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/03F888EBA74869DBA1334916A08AC126039599947A03095A373950F414C20BEB/0/34352e3232342e32382e302f32322d3234203d3e20323635383335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.224.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         00:c4:60:6e:12:db:83:94:80:62:fb:88:42:f0:80:d6:f7:44:
         28:20:79:f3:72:8b:51:27:ce:b0:50:b5:7d:9d:ad:01:6f:7e:
         63:9c:2a:28:39:ac:b7:e9:62:94:5b:31:b0:c4:3b:94:15:4c:
         3f:0a:37:77:8b:f4:1f:1e:96:5a:6e:9d:51:cc:b6:90:e0:ac:
         0a:aa:99:9d:4c:97:f0:35:2b:3e:82:c3:d9:69:aa:95:ee:e8:
         d1:22:b0:74:d9:b8:d2:a3:f0:e5:e6:8e:03:bf:b1:e6:2e:c4:
         7a:68:f0:db:ec:74:05:6d:3b:2c:66:a5:3f:8d:2a:cc:c2:ac:
         0a:51:8c:99:f4:2f:5d:1d:95:65:b0:fc:09:5a:fc:8a:39:be:
         14:ac:fc:ab:5d:f9:5b:fb:c8:1c:dc:bf:e6:4e:89:62:4e:a7:
         94:1b:2c:39:f4:88:af:e3:71:cd:12:67:0f:3f:ea:76:07:9d:
         85:09:60:14:f3:e3:6d:bc:54:9a:d7:25:de:8b:41:b5:56:cf:
         96:f0:c6:83:85:8c:6c:c0:2a:ea:11:c3:14:b8:a5:c1:fa:c4:
         2f:da:73:43:fc:19:77:72:28:d1:c3:99:f0:83:1e:07:cf:d3:
         65:07:bb:6d:01:ba:f4:8b:1b:47:ad:cc:c1:92:44:94:f0:dd:
         cd:7a:5d:52
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUauC+ZlKGbuLkHKjOCrBl2hjjGZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUMyQjlENjU0OERFOUIyMEY5MDI1REM3NTlGOTc2MUEz
RDQ2M0U2MjAeFw0yNDAzMDUxNzQ2MzNaFw0yNTAzMDQxNzUxMzNaMDMxMTAvBgNV
BAMTKEE4QzE0ODkwQUQ1QUZDMEM2QzI1N0E5MjA1ODc0NjEwNTkxRTY0NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS58y7kQQ5o6ecRiNrNc1BPaHe
DcWRSmAjqE7S+cYhefBdFqnpDTb5g783+gOOEZp0n21txW1+4oYKKFp4UrSB9nJu
UBKelRt00T+38F5C73rytXt6kNIFp+N2VA2ZyicOqwDeYoHKeml8Lz2YPBnXQADO
8ajnGyh2x5BETLViL3ubr8VrAbzwU9+CdOHr2t3RwQLgN1kSpVIgU3EGtxOKWjhD
RCL8krf1dgtzMLvgDz//7KSv5LkZDIE9UAayYhArx9SugAvjCd50nbMQi1vU+jiS
nH0VrMvsxia16Ab/+eOu2vsXkBYC6wcolxxbX8IFslVwCJsDFCsxukuEOguTAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUqMFIkK1a/AxsJXqSBYdGEFkeZHgwHwYDVR0j
BBgwFoAUnCudZUjemyD5Al3HWfl2Gj1GPmIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wM0Y4ODhFQkE3NDg2OURCQTEzMzQ5MTZBMDhBQzEyNjAz
OTU5OTk0N0EwMzA5NUEzNzM5NTBGNDE0QzIwQkVCLzAvOUMyQjlENjU0OERFOUIy
MEY5MDI1REM3NTlGOTc2MUEzRDQ2M0U2Mi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85QzJCOUQ2NTQ4REU5QjIwRjkw
MjVEQzc1OUY5NzYxQTNENDYzRTYyLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDNGODg4RUJBNzQ4NjlEQkExMzM0OTE2QTA4QUMxMjYwMzk1OTk5NDdB
MDMwOTVBMzczOTUwRjQxNEMyMEJFQi8wLzM0MzUyZTMyMzIzNDJlMzIzODJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNTM4MzMzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi3gHDAN
BgkqhkiG9w0BAQsFAAOCAQEAAMRgbhLbg5SAYvuIQvCA1vdEKCB583KLUSfOsFC1
fZ2tAW9+Y5wqKDmst+lilFsxsMQ7lBVMPwo3d4v0Hx6WWm6dUcy2kOCsCqqZnUyX
8DUrPoLD2Wmqle7o0SKwdNm40qPw5eaOA7+x5i7Eemjw2+x0BW07LGalP40qzMKs
ClGMmfQvXR2VZbD8CVr8ijm+FKz8q135W/vIHNy/5k6JYk6nlBssOfSIr+NxzRJn
Dz/qdgedhQlgFPPjbbxUmtcl3otBtVbPlvDGg4WMbMAq6hHDFLilwfrEL9pzQ/wZ
d3Io0cOZ8IMeB8/TZQe7bQG69IsbR63MwZJElPDdzXpdUg==
-----END CERTIFICATE-----
Generated at Thu Jul 11 17:24:51 2024 by rpki-client on console-fra.rpki-client.org