Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/34352e3136332e32392e302f32342d3234203d3e20323637383431.roa
File:                     34352e3136332e32392e302f32342d3234203d3e20323637383431.roa (raw, json)
Hash identifier:          ZctugyaD43z5MNdD+uZRlCowS0yW0TCpoAZPcNC47o4=
Subject key identifier:   D0:FE:37:57:F9:FB:D8:67:51:3F:EB:9E:9A:93:FA:3C:7E:86:82:CD
Certificate issuer:       /CN=B83212ED5241F8A76D1955EDB09C991FF777815E
Certificate serial:       1C4165F5C6EA112719FA1D4941B085BF39DC1221
Authority key identifier: B8:32:12:ED:52:41:F8:A7:6D:19:55:ED:B0:9C:99:1F:F7:77:81:5E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B83212ED5241F8A76D1955EDB09C991FF777815E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/34352e3136332e32392e302f32342d3234203d3e20323637383431.roa
Signing time:             Tue 05 Mar 2024 18:21:42 +0000
ROA not before:           Tue 05 Mar 2024 18:16:42 +0000
ROA not after:            Tue 04 Mar 2025 18:21:42 +0000
asID:                     267841
IP address blocks:        45.163.29.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/B83212ED5241F8A76D1955EDB09C991FF777815E.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/B83212ED5241F8A76D1955EDB09C991FF777815E.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B83212ED5241F8A76D1955EDB09C991FF777815E.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:41:65:f5:c6:ea:11:27:19:fa:1d:49:41:b0:85:bf:39:dc:12:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B83212ED5241F8A76D1955EDB09C991FF777815E
        Validity
            Not Before: Mar  5 18:16:42 2024 GMT
            Not After : Mar  4 18:21:42 2025 GMT
        Subject: CN=D0FE3757F9FBD867513FEB9E9A93FA3C7E8682CD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:66:fe:83:51:75:64:9c:70:1e:27:5d:76:81:
                    40:5d:63:ac:bb:68:37:ad:59:1b:56:40:7e:a3:6f:
                    d0:ed:57:a0:24:b1:81:02:fa:da:ec:c4:cb:0a:3f:
                    95:68:57:eb:9f:04:fd:de:16:cb:5c:94:45:55:e6:
                    47:64:aa:60:81:4a:44:4c:1f:48:9e:99:d1:52:7c:
                    91:14:a5:17:fd:21:66:7e:38:25:d4:55:f2:4a:6f:
                    32:3c:ad:c7:71:ee:1d:35:34:f0:f9:15:93:b8:bd:
                    a5:14:ac:e7:8f:2e:94:af:6d:fb:9a:83:02:62:73:
                    25:20:f9:de:82:19:5c:cd:e0:90:54:6e:78:e8:c3:
                    da:a1:f9:eb:2b:c8:d6:f3:27:e8:df:ff:25:15:7b:
                    1c:41:8f:77:ed:10:34:80:7e:84:ae:f2:9e:c2:e8:
                    4b:f5:eb:ec:ca:c8:aa:e4:5e:98:b7:09:ad:fe:cf:
                    72:92:ec:65:37:47:11:6a:5f:79:4e:30:b9:a2:8c:
                    5e:3a:df:45:f3:bf:2c:b3:cc:51:ac:31:83:e2:d1:
                    3a:fc:ed:a1:66:5d:72:80:2c:57:93:5a:b2:4c:bb:
                    84:e6:ce:1f:70:e3:5b:fa:93:3b:3f:38:67:ee:d7:
                    18:96:fa:5c:a1:03:5f:1d:30:97:0a:bc:72:95:b6:
                    36:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:FE:37:57:F9:FB:D8:67:51:3F:EB:9E:9A:93:FA:3C:7E:86:82:CD
            X509v3 Authority Key Identifier:
                keyid:B8:32:12:ED:52:41:F8:A7:6D:19:55:ED:B0:9C:99:1F:F7:77:81:5E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/B83212ED5241F8A76D1955EDB09C991FF777815E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B83212ED5241F8A76D1955EDB09C991FF777815E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/34352e3136332e32392e302f32342d3234203d3e20323637383431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.163.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:d4:f4:0e:30:15:dd:ef:30:90:cc:ab:0e:42:0d:1f:8f:e5:
         cb:fd:5c:b6:b7:2b:ea:ae:d3:2c:5c:8e:1f:99:78:e6:c3:0a:
         b6:bb:c7:ba:ea:4e:4d:f5:4b:6d:0b:dd:62:9d:5b:86:59:e2:
         f6:bc:cb:12:2f:a1:d9:8a:a1:83:94:fe:26:8a:69:ec:f6:14:
         d8:59:ee:b1:27:e4:2e:33:2b:aa:48:be:88:77:ea:8a:15:14:
         1d:71:61:81:72:1c:6a:5f:a1:97:d7:f4:fb:77:fd:dc:b4:72:
         4b:74:28:e3:99:96:bd:a4:a1:49:eb:f7:92:7e:50:0f:da:62:
         5f:af:8c:39:77:29:3b:91:48:7e:ff:04:77:fa:a3:90:7d:35:
         cf:f2:95:be:64:c4:f6:04:85:ef:cc:83:24:1c:05:a5:06:98:
         6b:07:5e:95:63:82:de:eb:83:b7:bb:36:b1:4a:f7:3f:e3:4a:
         a1:23:8b:b5:3f:97:a2:49:39:0f:5f:e6:ac:42:c8:d4:4a:85:
         e6:b9:b4:16:04:1e:80:d8:09:c2:70:4f:1a:90:a3:b8:e9:c2:
         f5:6c:30:50:03:4f:7b:e6:b3:dd:a9:20:ae:fa:36:37:a6:7b:
         e1:e2:76:43:8e:35:04:5a:36:94:f0:8f:c9:0f:fb:b3:a2:90:
         93:e3:dd:18
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUHEFl9cbqEScZ+h1JQbCFvzncEiEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjgzMjEyRUQ1MjQxRjhBNzZEMTk1NUVEQjA5Qzk5MUZG
Nzc3ODE1RTAeFw0yNDAzMDUxODE2NDJaFw0yNTAzMDQxODIxNDJaMDMxMTAvBgNV
BAMTKEQwRkUzNzU3RjlGQkQ4Njc1MTNGRUI5RTlBOTNGQTNDN0U4NjgyQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8Zv6DUXVknHAeJ112gUBdY6y7
aDetWRtWQH6jb9DtV6AksYEC+trsxMsKP5VoV+ufBP3eFstclEVV5kdkqmCBSkRM
H0iemdFSfJEUpRf9IWZ+OCXUVfJKbzI8rcdx7h01NPD5FZO4vaUUrOePLpSvbfua
gwJicyUg+d6CGVzN4JBUbnjow9qh+esryNbzJ+jf/yUVexxBj3ftEDSAfoSu8p7C
6Ev16+zKyKrkXpi3Ca3+z3KS7GU3RxFqX3lOMLmijF4630XzvyyzzFGsMYPi0Tr8
7aFmXXKALFeTWrJMu4Tmzh9w41v6kzs/OGfu1xiW+lyhA18dMJcKvHKVtjYLAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU0P43V/n72GdRP+uempP6PH6Ggs0wHwYDVR0j
BBgwFoAUuDIS7VJB+KdtGVXtsJyZH/d3gV4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wRUQ1NzBGNzEwNDJFRUI3OUMwNTBFRkI3Njc2NjlEMUM0
QzZBMzFCNEUzNkFENzNGQTc3QUYyRjY1NzdFN0NBLzAvQjgzMjEyRUQ1MjQxRjhB
NzZEMTk1NUVEQjA5Qzk5MUZGNzc3ODE1RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CODMyMTJFRDUyNDFGOEE3NkQx
OTU1RURCMDlDOTkxRkY3Nzc4MTVFLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEVENTcwRjcxMDQyRUVCNzlDMDUwRUZCNzY3NjY5RDFDNEM2QTMxQjRF
MzZBRDczRkE3N0FGMkY2NTc3RTdDQS8wLzM0MzUyZTMxMzYzMzJlMzIzOTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzNzM4MzQzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2jHTAN
BgkqhkiG9w0BAQsFAAOCAQEArdT0DjAV3e8wkMyrDkINH4/ly/1ctrcr6q7TLFyO
H5l45sMKtrvHuupOTfVLbQvdYp1bhlni9rzLEi+h2Yqhg5T+Jopp7PYU2FnusSfk
LjMrqki+iHfqihUUHXFhgXIcal+hl9f0+3f93LRyS3Qo45mWvaShSev3kn5QD9pi
X6+MOXcpO5FIfv8Ed/qjkH01z/KVvmTE9gSF78yDJBwFpQaYawdelWOC3uuDt7s2
sUr3P+NKoSOLtT+Xokk5D1/mrELI1EqF5rm0FgQegNgJwnBPGpCjuOnC9WwwUANP
e+az3akgrvo2N6Z74eJ2Q441BFo2lPCPyQ/7s6KQk+PdGA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:09:41 2024 by rpki-client on console-fra.rpki-client.org