Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/05C5BBC50936AE9E2CC4775A0417936211212BF226BE8411711628FEAF690970/0/34352e3232352e38392e302f32342d3234203d3e20323733313930.roa
File:                     34352e3232352e38392e302f32342d3234203d3e20323733313930.roa (raw, json)
Hash identifier:          bNRiZUq4O003CS4BWX2arTjJqsnoNpAnpaUQJkVcg60=
Subject key identifier:   0B:BD:89:0D:4B:8D:27:35:8D:22:9F:31:3A:88:B8:EA:BD:B3:47:44
Certificate issuer:       /CN=3A575D0F5F0EB7CC71330CE086214DBBA6B5C678
Certificate serial:       5CE103DAD0042D3F7FE997C20036093A6C255BF0
Authority key identifier: 3A:57:5D:0F:5F:0E:B7:CC:71:33:0C:E0:86:21:4D:BB:A6:B5:C6:78
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3A575D0F5F0EB7CC71330CE086214DBBA6B5C678.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/05C5BBC50936AE9E2CC4775A0417936211212BF226BE8411711628FEAF690970/0/34352e3232352e38392e302f32342d3234203d3e20323733313930.roa
Signing time:             Thu 28 Mar 2024 17:45:00 +0000
ROA not before:           Thu 28 Mar 2024 17:40:00 +0000
ROA not after:            Thu 27 Mar 2025 17:45:00 +0000
asID:                     273190
IP address blocks:        45.225.89.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/05C5BBC50936AE9E2CC4775A0417936211212BF226BE8411711628FEAF690970/0/3A575D0F5F0EB7CC71330CE086214DBBA6B5C678.crl
                          rsync://repository.lacnic.net/rpki/lacnic/05C5BBC50936AE9E2CC4775A0417936211212BF226BE8411711628FEAF690970/0/3A575D0F5F0EB7CC71330CE086214DBBA6B5C678.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3A575D0F5F0EB7CC71330CE086214DBBA6B5C678.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:e1:03:da:d0:04:2d:3f:7f:e9:97:c2:00:36:09:3a:6c:25:5b:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3A575D0F5F0EB7CC71330CE086214DBBA6B5C678
        Validity
            Not Before: Mar 28 17:40:00 2024 GMT
            Not After : Mar 27 17:45:00 2025 GMT
        Subject: CN=0BBD890D4B8D27358D229F313A88B8EABDB34744
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:9e:40:a7:2b:c3:ef:1b:b7:37:6c:27:03:cb:
                    b1:82:2a:c3:e1:b1:eb:64:20:7b:b4:81:79:64:bc:
                    18:43:22:b4:56:7b:ea:d8:8b:ff:e8:38:a1:29:ba:
                    06:4f:16:dc:3f:b6:ce:69:8e:0c:7f:2c:80:61:a4:
                    2a:66:b5:f6:86:de:63:f0:83:bb:8c:c1:7e:76:eb:
                    d4:6d:6b:fa:e3:2b:af:fd:d2:8d:8d:ba:95:a0:11:
                    da:a7:f3:d9:de:80:27:70:f8:3c:8e:0b:cb:3f:ed:
                    53:3f:16:f2:f0:22:2a:00:a4:a8:bc:9a:42:31:b7:
                    12:c1:dd:4a:6b:d8:16:8d:ab:c1:69:28:a9:4c:fa:
                    4d:1b:fa:94:d1:8c:55:26:5e:bc:76:08:54:76:5b:
                    34:de:7c:47:31:ec:ef:e0:a8:00:89:53:c2:45:62:
                    5f:b0:83:ca:25:2e:33:d2:c7:97:ce:7b:45:ac:38:
                    f6:40:8b:19:0c:cc:d8:e3:bd:49:a6:7f:66:3a:72:
                    8e:e9:2e:9c:6b:42:4e:77:92:ab:2c:04:e9:64:a9:
                    12:86:28:21:58:60:01:a6:b3:52:da:9c:f0:6e:32:
                    65:04:39:16:e6:4e:87:c5:5c:cc:b8:67:b9:00:80:
                    c3:ef:af:90:29:b6:94:0f:4b:32:0c:21:41:87:31:
                    54:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:BD:89:0D:4B:8D:27:35:8D:22:9F:31:3A:88:B8:EA:BD:B3:47:44
            X509v3 Authority Key Identifier:
                keyid:3A:57:5D:0F:5F:0E:B7:CC:71:33:0C:E0:86:21:4D:BB:A6:B5:C6:78

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/05C5BBC50936AE9E2CC4775A0417936211212BF226BE8411711628FEAF690970/0/3A575D0F5F0EB7CC71330CE086214DBBA6B5C678.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3A575D0F5F0EB7CC71330CE086214DBBA6B5C678.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/05C5BBC50936AE9E2CC4775A0417936211212BF226BE8411711628FEAF690970/0/34352e3232352e38392e302f32342d3234203d3e20323733313930.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.225.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:92:c2:24:41:94:85:a2:c1:17:ea:61:fd:21:c8:b1:7a:8f:
         8b:d6:ad:1f:8a:3f:15:1a:75:68:78:dd:d9:c8:b9:4c:fa:c7:
         aa:93:dd:44:a4:83:04:c9:cf:26:3a:b0:ac:61:ab:1b:1e:3d:
         f7:30:7b:a1:a5:94:80:9e:21:2a:42:e1:2c:72:4f:bb:ca:e4:
         c7:fc:b3:33:29:93:ac:2e:1f:81:3f:2c:e2:19:0b:68:16:0a:
         23:6d:ba:2b:a3:65:aa:7e:7f:ce:26:7d:4e:65:3f:47:2a:5d:
         9a:11:95:d8:0b:45:50:1a:23:8e:68:3d:63:98:b0:bc:c5:9b:
         99:b6:92:21:15:21:2a:fc:89:20:40:34:69:eb:8b:e0:f6:f2:
         98:01:2e:1f:82:fc:04:9d:d4:c0:b3:40:ae:c1:90:6b:25:ac:
         96:4d:72:07:77:54:7b:e4:49:54:2f:7e:d2:fb:c4:60:7e:06:
         ec:7d:64:e0:f5:38:e1:60:94:02:ee:56:6d:44:35:79:74:10:
         75:e4:56:c5:7b:27:ec:2a:9e:10:e4:3a:f3:ce:f1:22:90:46:
         8d:b3:d3:00:8c:20:f8:23:bb:6e:2d:c0:25:6f:1b:60:4b:ed:
         18:bf:b0:a7:ed:61:f4:9b:0a:dc:00:73:0b:eb:c4:b3:d9:e7:
         c3:e5:51:58
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUXOED2tAELT9/6ZfCADYJOmwlW/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0E1NzVEMEY1RjBFQjdDQzcxMzMwQ0UwODYyMTREQkJB
NkI1QzY3ODAeFw0yNDAzMjgxNzQwMDBaFw0yNTAzMjcxNzQ1MDBaMDMxMTAvBgNV
BAMTKDBCQkQ4OTBENEI4RDI3MzU4RDIyOUYzMTNBODhCOEVBQkRCMzQ3NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHnkCnK8PvG7c3bCcDy7GCKsPh
setkIHu0gXlkvBhDIrRWe+rYi//oOKEpugZPFtw/ts5pjgx/LIBhpCpmtfaG3mPw
g7uMwX5269Rta/rjK6/90o2NupWgEdqn89negCdw+DyOC8s/7VM/FvLwIioApKi8
mkIxtxLB3Upr2BaNq8FpKKlM+k0b+pTRjFUmXrx2CFR2WzTefEcx7O/gqACJU8JF
Yl+wg8olLjPSx5fOe0WsOPZAixkMzNjjvUmmf2Y6co7pLpxrQk53kqssBOlkqRKG
KCFYYAGms1LanPBuMmUEORbmTofFXMy4Z7kAgMPvr5AptpQPSzIMIUGHMVRTAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUC72JDUuNJzWNIp8xOoi46r2zR0QwHwYDVR0j
BBgwFoAUOlddD18Ot8xxMwzghiFNu6a1xngwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wNUM1QkJDNTA5MzZBRTlFMkNDNDc3NUEwNDE3OTM2MjEx
MjEyQkYyMjZCRTg0MTE3MTE2MjhGRUFGNjkwOTcwLzAvM0E1NzVEMEY1RjBFQjdD
QzcxMzMwQ0UwODYyMTREQkJBNkI1QzY3OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zQTU3NUQwRjVGMEVCN0NDNzEz
MzBDRTA4NjIxNERCQkE2QjVDNjc4LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDVDNUJCQzUwOTM2QUU5RTJDQzQ3NzVBMDQxNzkzNjIxMTIxMkJGMjI2
QkU4NDExNzExNjI4RkVBRjY5MDk3MC8wLzM0MzUyZTMyMzIzNTJlMzgzOTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczMzMxMzkzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC3hWTAN
BgkqhkiG9w0BAQsFAAOCAQEAGJLCJEGUhaLBF+ph/SHIsXqPi9atH4o/FRp1aHjd
2ci5TPrHqpPdRKSDBMnPJjqwrGGrGx499zB7oaWUgJ4hKkLhLHJPu8rkx/yzMymT
rC4fgT8s4hkLaBYKI226K6Nlqn5/ziZ9TmU/RypdmhGV2AtFUBojjmg9Y5iwvMWb
mbaSIRUhKvyJIEA0aeuL4PbymAEuH4L8BJ3UwLNArsGQayWslk1yB3dUe+RJVC9+
0vvEYH4G7H1k4PU44WCUAu5WbUQ1eXQQdeRWxXsn7CqeEOQ6887xIpBGjbPTAIwg
+CO7bi3AJW8bYEvtGL+wp+1h9JsK3ABzC+vEs9nnw+VRWA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:38:03 2024 by rpki-client on console-ams.rpki-client.org