Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/048FD601FAB1C192DDE27CD3AF21B7D17FFA0EB92648088807F42C070D4DB109/0/34352e3137362e3136342e302f32332d3234203d3e20323637383934.roa
File:                     34352e3137362e3136342e302f32332d3234203d3e20323637383934.roa (raw, json)
Hash identifier:          e7PhoxW63pT2V7a7pEOoyDK3c9cFBAcdsljfOvcHorU=
Subject key identifier:   72:6C:E4:E3:0B:EC:54:07:4B:F1:D4:01:E8:46:13:1C:C7:25:81:30
Certificate issuer:       /CN=AF5961CE89F38C3B4D8403327DF504436CE78585
Certificate serial:       46B4FDB0466F3257E4BFC26B98D2EE7D671F44BD
Authority key identifier: AF:59:61:CE:89:F3:8C:3B:4D:84:03:32:7D:F5:04:43:6C:E7:85:85
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AF5961CE89F38C3B4D8403327DF504436CE78585.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/048FD601FAB1C192DDE27CD3AF21B7D17FFA0EB92648088807F42C070D4DB109/0/34352e3137362e3136342e302f32332d3234203d3e20323637383934.roa
Signing time:             Tue 05 Mar 2024 18:12:22 +0000
ROA not before:           Tue 05 Mar 2024 18:07:22 +0000
ROA not after:            Tue 04 Mar 2025 18:12:22 +0000
asID:                     267894
IP address blocks:        45.176.164.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/048FD601FAB1C192DDE27CD3AF21B7D17FFA0EB92648088807F42C070D4DB109/0/AF5961CE89F38C3B4D8403327DF504436CE78585.crl
                          rsync://repository.lacnic.net/rpki/lacnic/048FD601FAB1C192DDE27CD3AF21B7D17FFA0EB92648088807F42C070D4DB109/0/AF5961CE89F38C3B4D8403327DF504436CE78585.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AF5961CE89F38C3B4D8403327DF504436CE78585.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Dec 2024 18:44:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:b4:fd:b0:46:6f:32:57:e4:bf:c2:6b:98:d2:ee:7d:67:1f:44:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AF5961CE89F38C3B4D8403327DF504436CE78585
        Validity
            Not Before: Mar  5 18:07:22 2024 GMT
            Not After : Mar  4 18:12:22 2025 GMT
        Subject: CN=726CE4E30BEC54074BF1D401E846131CC7258130
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:21:e8:bf:54:eb:45:5d:ea:c5:b1:c8:de:b3:
                    c8:33:02:cd:0a:06:58:c4:79:9b:15:1e:a0:14:03:
                    0d:5a:9a:a3:04:5d:f9:de:33:57:26:de:d9:a3:f5:
                    3e:89:1d:39:76:69:f8:8e:be:a0:36:3f:2d:eb:b8:
                    c4:b1:92:b8:cd:da:1f:3d:d3:48:78:dc:e1:93:b0:
                    aa:30:1d:aa:af:66:57:c0:ac:be:66:64:68:33:9e:
                    aa:31:a9:8c:70:31:69:d7:30:d6:a0:bf:b8:e1:07:
                    3d:01:1e:bc:a9:8e:c4:21:7c:6e:bf:6e:0a:ab:1d:
                    81:9a:de:20:85:b0:a5:97:59:ff:b5:78:85:f5:90:
                    6b:f8:2a:28:5b:e9:7e:17:ca:8e:c1:e5:43:74:62:
                    7f:e4:20:57:5f:ac:f7:6d:91:d6:8e:a1:1d:87:e4:
                    88:de:bf:93:8c:c0:21:84:7d:7c:c9:bf:34:30:af:
                    60:92:9d:01:66:88:83:21:61:00:7a:4c:5b:af:b4:
                    89:57:53:6f:bc:23:b9:88:41:47:48:e7:40:a1:b1:
                    98:fb:b5:29:67:fe:02:be:97:69:33:fa:54:05:2d:
                    c4:2d:5f:ed:93:97:b4:2b:ce:47:73:e2:90:ee:c6:
                    76:11:f3:4e:c5:c3:a0:13:b6:57:ae:46:3f:8e:1f:
                    4d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:6C:E4:E3:0B:EC:54:07:4B:F1:D4:01:E8:46:13:1C:C7:25:81:30
            X509v3 Authority Key Identifier:
                keyid:AF:59:61:CE:89:F3:8C:3B:4D:84:03:32:7D:F5:04:43:6C:E7:85:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/048FD601FAB1C192DDE27CD3AF21B7D17FFA0EB92648088807F42C070D4DB109/0/AF5961CE89F38C3B4D8403327DF504436CE78585.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AF5961CE89F38C3B4D8403327DF504436CE78585.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/048FD601FAB1C192DDE27CD3AF21B7D17FFA0EB92648088807F42C070D4DB109/0/34352e3137362e3136342e302f32332d3234203d3e20323637383934.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.176.164.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ab:12:c3:0d:77:f7:af:eb:2c:ff:50:fb:8b:ce:55:8a:61:15:
         39:6f:66:5f:69:0c:67:dd:59:63:76:11:c5:81:e5:79:9b:b2:
         ae:d4:76:4c:5e:0c:0a:32:de:b6:4f:7b:e1:7b:32:73:c0:6a:
         50:f0:38:5a:3d:71:13:51:30:3a:ef:df:6a:18:21:03:bb:39:
         06:18:aa:2d:6b:62:0b:c7:5a:88:9b:0b:0b:5a:79:bc:91:fa:
         de:e0:ad:4c:be:4e:63:b0:38:ff:dc:5d:2b:91:b9:16:ad:4e:
         09:be:51:dc:f6:47:f9:ef:b9:f8:61:e3:d8:c7:4d:e3:66:58:
         af:4e:8b:0c:90:87:ef:87:4e:7e:27:da:0c:2f:b2:33:b9:ce:
         19:83:f4:8d:e6:cc:38:ea:e8:6f:d0:af:0f:ce:55:3b:88:c2:
         a8:d6:6c:95:ac:87:36:a5:f9:9e:6b:d7:89:00:5d:28:47:13:
         0d:4a:e9:17:74:fe:78:73:3e:24:fd:75:2d:ec:d4:93:76:6d:
         a3:3e:95:60:bf:d5:31:71:40:e2:26:91:83:22:ac:64:ef:b9:
         7b:da:89:ea:24:6d:bd:39:5e:ad:3c:a8:b0:98:c9:0e:55:a4:
         db:bc:f9:9a:ae:82:35:f5:3f:34:5b:dd:be:8c:a5:ac:15:e0:
         2a:9e:84:1b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIURrT9sEZvMlfkv8JrmNLufWcfRL0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUY1OTYxQ0U4OUYzOEMzQjREODQwMzMyN0RGNTA0NDM2
Q0U3ODU4NTAeFw0yNDAzMDUxODA3MjJaFw0yNTAzMDQxODEyMjJaMDMxMTAvBgNV
BAMTKDcyNkNFNEUzMEJFQzU0MDc0QkYxRDQwMUU4NDYxMzFDQzcyNTgxMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClIei/VOtFXerFscjes8gzAs0K
BljEeZsVHqAUAw1amqMEXfneM1cm3tmj9T6JHTl2afiOvqA2Py3ruMSxkrjN2h89
00h43OGTsKowHaqvZlfArL5mZGgznqoxqYxwMWnXMNagv7jhBz0BHrypjsQhfG6/
bgqrHYGa3iCFsKWXWf+1eIX1kGv4Kihb6X4Xyo7B5UN0Yn/kIFdfrPdtkdaOoR2H
5Ijev5OMwCGEfXzJvzQwr2CSnQFmiIMhYQB6TFuvtIlXU2+8I7mIQUdI50ChsZj7
tSln/gK+l2kz+lQFLcQtX+2Tl7Qrzkdz4pDuxnYR807Fw6ATtleuRj+OH01LAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUcmzk4wvsVAdL8dQB6EYTHMclgTAwHwYDVR0j
BBgwFoAUr1lhzonzjDtNhAMyffUEQ2znhYUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wNDhGRDYwMUZBQjFDMTkyRERFMjdDRDNBRjIxQjdEMTdG
RkEwRUI5MjY0ODA4ODgwN0Y0MkMwNzBENERCMTA5LzAvQUY1OTYxQ0U4OUYzOEMz
QjREODQwMzMyN0RGNTA0NDM2Q0U3ODU4NS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BRjU5NjFDRTg5RjM4QzNCNEQ4
NDAzMzI3REY1MDQ0MzZDRTc4NTg1LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDQ4RkQ2MDFGQUIxQzE5MkRERTI3Q0QzQUYyMUI3RDE3RkZBMEVCOTI2
NDgwODg4MDdGNDJDMDcwRDREQjEwOS8wLzM0MzUyZTMxMzczNjJlMzEzNjM0MmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNjM3MzgzOTM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLbCk
MA0GCSqGSIb3DQEBCwUAA4IBAQCrEsMNd/ev6yz/UPuLzlWKYRU5b2ZfaQxn3Vlj
dhHFgeV5m7Ku1HZMXgwKMt62T3vhezJzwGpQ8DhaPXETUTA6799qGCEDuzkGGKot
a2ILx1qImwsLWnm8kfre4K1Mvk5jsDj/3F0rkbkWrU4JvlHc9kf577n4YePYx03j
ZlivTosMkIfvh05+J9oML7Izuc4Zg/SN5sw46uhv0K8PzlU7iMKo1myVrIc2pfme
a9eJAF0oRxMNSukXdP54cz4k/XUt7NSTdm2jPpVgv9UxcUDiJpGDIqxk77l72onq
JG29OV6tPKiwmMkOVaTbvPmaroI19T80W92+jKWsFeAqnoQb
-----END CERTIFICATE-----
Generated at Sun Dec 8 05:17:15 2024 by rpki-client on console-ams.rpki-client.org