Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0584C0A79D263758AD366ABC70AEE595CCAACB41A6F6A9C77347396AA83FBBAF/0/34352e3139312e372e302f32342d3234203d3e20323639383039.roa
File:                     34352e3139312e372e302f32342d3234203d3e20323639383039.roa (raw, json)
Hash identifier:          Lt5caR95xZtLUnxH6vxvOYBC5AHznQ/MrQIrr2Q8XAA=
Subject key identifier:   39:20:2B:98:AA:CA:11:AA:FC:3C:8E:17:43:89:DE:E4:74:93:E4:6B
Certificate issuer:       /CN=3D77237A7C9B2196D17146B7FDD8C031BE81DBF4
Certificate serial:       5FDE9268BC700149B77DD8B072B52DAA9A7B31AE
Authority key identifier: 3D:77:23:7A:7C:9B:21:96:D1:71:46:B7:FD:D8:C0:31:BE:81:DB:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D77237A7C9B2196D17146B7FDD8C031BE81DBF4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0584C0A79D263758AD366ABC70AEE595CCAACB41A6F6A9C77347396AA83FBBAF/0/34352e3139312e372e302f32342d3234203d3e20323639383039.roa
Signing time:             Tue 05 Mar 2024 18:06:37 +0000
ROA not before:           Tue 05 Mar 2024 18:01:37 +0000
ROA not after:            Tue 04 Mar 2025 18:06:37 +0000
asID:                     269809
IP address blocks:        45.191.7.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0584C0A79D263758AD366ABC70AEE595CCAACB41A6F6A9C77347396AA83FBBAF/0/3D77237A7C9B2196D17146B7FDD8C031BE81DBF4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0584C0A79D263758AD366ABC70AEE595CCAACB41A6F6A9C77347396AA83FBBAF/0/3D77237A7C9B2196D17146B7FDD8C031BE81DBF4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D77237A7C9B2196D17146B7FDD8C031BE81DBF4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:de:92:68:bc:70:01:49:b7:7d:d8:b0:72:b5:2d:aa:9a:7b:31:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3D77237A7C9B2196D17146B7FDD8C031BE81DBF4
        Validity
            Not Before: Mar  5 18:01:37 2024 GMT
            Not After : Mar  4 18:06:37 2025 GMT
        Subject: CN=39202B98AACA11AAFC3C8E174389DEE47493E46B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:7e:cc:15:03:06:c4:43:32:97:9a:6d:fe:1d:
                    69:a9:20:2f:69:6b:ca:50:8e:e0:c2:4a:1d:f8:95:
                    0b:fe:25:c4:1f:18:fe:63:7d:a9:d3:7b:ff:4d:c7:
                    0e:cf:9b:0e:34:40:96:a8:9d:42:b2:33:f2:be:d5:
                    c9:ea:08:4e:2a:31:8e:2c:47:c9:06:6f:03:df:f3:
                    34:f5:b8:ad:b6:dc:68:89:b9:df:1f:0e:23:64:b5:
                    c9:f8:0f:03:ae:26:8a:8b:e5:7d:06:6d:f4:5b:cb:
                    7e:d0:8c:fc:52:22:ee:ed:e3:64:cd:7e:7b:3e:20:
                    a5:c6:26:d2:c5:6f:0d:ac:ba:f5:d9:c5:5b:17:8d:
                    8c:b7:0f:e1:6e:9e:24:11:40:07:4a:4e:0f:4c:8a:
                    ac:eb:5f:36:da:24:c9:06:6c:aa:2f:6a:c6:d4:fa:
                    ea:8e:40:22:1e:d1:68:0a:d8:67:04:33:5b:b6:c7:
                    a4:ad:29:a0:4f:d0:ff:4b:a9:d2:7e:f5:96:de:ca:
                    c0:06:8f:48:0a:97:95:db:9e:b6:a3:26:44:58:15:
                    4f:2c:5f:c5:0a:e3:f1:99:ec:a6:67:a7:76:8f:a5:
                    1f:27:cd:1d:d7:26:ff:db:d9:01:b3:32:78:4d:46:
                    9b:4f:69:85:4e:85:5f:54:ba:64:d1:58:96:dd:7e:
                    0b:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:20:2B:98:AA:CA:11:AA:FC:3C:8E:17:43:89:DE:E4:74:93:E4:6B
            X509v3 Authority Key Identifier:
                keyid:3D:77:23:7A:7C:9B:21:96:D1:71:46:B7:FD:D8:C0:31:BE:81:DB:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0584C0A79D263758AD366ABC70AEE595CCAACB41A6F6A9C77347396AA83FBBAF/0/3D77237A7C9B2196D17146B7FDD8C031BE81DBF4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D77237A7C9B2196D17146B7FDD8C031BE81DBF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0584C0A79D263758AD366ABC70AEE595CCAACB41A6F6A9C77347396AA83FBBAF/0/34352e3139312e372e302f32342d3234203d3e20323639383039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.191.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:80:1d:de:24:f6:f2:d5:8b:db:d1:a1:c1:9b:28:65:fe:3f:
         f7:0e:01:ff:21:7a:52:85:cb:47:39:e7:aa:14:c9:89:9b:b4:
         85:ae:29:16:11:a8:22:76:b9:88:11:c5:a5:5f:ca:52:ed:77:
         6e:ae:97:eb:56:db:75:73:4b:6a:45:4f:b3:1b:18:8f:6d:48:
         2f:c1:c0:46:39:cd:ab:b6:40:19:8b:5f:61:1a:44:2e:19:ad:
         ae:49:89:59:12:9d:4f:08:5b:b8:04:e4:da:76:1a:28:3f:4d:
         51:9f:bd:81:56:5f:2e:6d:64:8b:58:7a:99:69:50:25:b7:a5:
         79:a5:78:f9:36:8d:79:ed:5a:ae:95:2b:3e:ad:a5:4b:5f:02:
         56:74:b6:56:a0:58:f5:8a:9b:72:5a:5e:1d:0c:eb:7f:e5:85:
         38:1a:b4:8c:28:e4:34:85:49:2d:9b:81:0f:26:4f:19:b5:16:
         c5:15:1a:80:7f:d8:7a:5c:9a:99:59:b1:27:0e:bd:9c:ce:60:
         33:a3:75:62:3c:f1:3e:b9:8c:60:57:81:38:b6:70:d4:e6:97:
         b6:59:d5:ec:68:dc:82:7c:0c:d5:fc:a7:04:51:40:82:1f:8e:
         c1:04:58:30:10:b1:12:e5:2c:0a:d5:8f:67:0c:11:3f:90:46:
         58:38:b6:16
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUX96SaLxwAUm3fdiwcrUtqpp7Ma4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Q3NzIzN0E3QzlCMjE5NkQxNzE0NkI3RkREOEMwMzFC
RTgxREJGNDAeFw0yNDAzMDUxODAxMzdaFw0yNTAzMDQxODA2MzdaMDMxMTAvBgNV
BAMTKDM5MjAyQjk4QUFDQTExQUFGQzNDOEUxNzQzODlERUU0NzQ5M0U0NkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYfswVAwbEQzKXmm3+HWmpIC9p
a8pQjuDCSh34lQv+JcQfGP5jfanTe/9Nxw7Pmw40QJaonUKyM/K+1cnqCE4qMY4s
R8kGbwPf8zT1uK223GiJud8fDiNktcn4DwOuJoqL5X0GbfRby37QjPxSIu7t42TN
fns+IKXGJtLFbw2suvXZxVsXjYy3D+FuniQRQAdKTg9MiqzrXzbaJMkGbKovasbU
+uqOQCIe0WgK2GcEM1u2x6StKaBP0P9LqdJ+9ZbeysAGj0gKl5XbnrajJkRYFU8s
X8UK4/GZ7KZnp3aPpR8nzR3XJv/b2QGzMnhNRptPaYVOhV9UumTRWJbdfgsfAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUOSArmKrKEar8PI4XQ4ne5HST5GswHwYDVR0j
BBgwFoAUPXcjenybIZbRcUa3/djAMb6B2/QwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wNTg0QzBBNzlEMjYzNzU4QUQzNjZBQkM3MEFFRTU5NUND
QUFDQjQxQTZGNkE5Qzc3MzQ3Mzk2QUE4M0ZCQkFGLzAvM0Q3NzIzN0E3QzlCMjE5
NkQxNzE0NkI3RkREOEMwMzFCRTgxREJGNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRDc3MjM3QTdDOUIyMTk2RDE3
MTQ2QjdGREQ4QzAzMUJFODFEQkY0LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDU4NEMwQTc5RDI2Mzc1OEFEMzY2QUJDNzBBRUU1OTVDQ0FBQ0I0MUE2
RjZBOUM3NzM0NzM5NkFBODNGQkJBRi8wLzM0MzUyZTMxMzkzMTJlMzcyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMjM2MzkzODMwMzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtvwcwDQYJ
KoZIhvcNAQELBQADggEBAHeAHd4k9vLVi9vRocGbKGX+P/cOAf8helKFy0c556oU
yYmbtIWuKRYRqCJ2uYgRxaVfylLtd26ul+tW23VzS2pFT7MbGI9tSC/BwEY5zau2
QBmLX2EaRC4Zra5JiVkSnU8IW7gE5Np2Gig/TVGfvYFWXy5tZItYeplpUCW3pXml
ePk2jXntWq6VKz6tpUtfAlZ0tlagWPWKm3JaXh0M63/lhTgatIwo5DSFSS2bgQ8m
Txm1FsUVGoB/2HpcmplZsScOvZzOYDOjdWI88T65jGBXgTi2cNTml7ZZ1exo3IJ8
DNX8pwRRQIIfjsEEWDAQsRLlLArVj2cMET+QRlg4thY=
-----END CERTIFICATE-----
Generated at Tue Nov 19 23:45:58 2024 by rpki-client on console-fra.rpki-client.org