Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1559F2209C14CD903D7329EF42951AFB3388A93132E941F09C9362952F9154F6/0/34352e3137332e35362e302f32322d3234203d3e20323637383630.roa
File:                     34352e3137332e35362e302f32322d3234203d3e20323637383630.roa (raw, json)
Hash identifier:          RjWD7pet5QidSeYiBEjulcw9wYdjVIMgcg8V5FO8DOk=
Subject key identifier:   BA:E5:49:AF:15:02:9C:EC:9E:63:30:DE:50:3F:09:C9:1C:30:B6:C6
Certificate issuer:       /CN=918A5C11875DD4073ED693708755E20AA9FF3212
Certificate serial:       2BCF93483CA64160E1513ED94DB7E26B58C88309
Authority key identifier: 91:8A:5C:11:87:5D:D4:07:3E:D6:93:70:87:55:E2:0A:A9:FF:32:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/918A5C11875DD4073ED693708755E20AA9FF3212.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1559F2209C14CD903D7329EF42951AFB3388A93132E941F09C9362952F9154F6/0/34352e3137332e35362e302f32322d3234203d3e20323637383630.roa
Signing time:             Tue 05 Mar 2024 17:40:08 +0000
ROA not before:           Tue 05 Mar 2024 17:35:08 +0000
ROA not after:            Tue 04 Mar 2025 17:40:08 +0000
asID:                     267860
IP address blocks:        45.173.56.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1559F2209C14CD903D7329EF42951AFB3388A93132E941F09C9362952F9154F6/0/918A5C11875DD4073ED693708755E20AA9FF3212.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1559F2209C14CD903D7329EF42951AFB3388A93132E941F09C9362952F9154F6/0/918A5C11875DD4073ED693708755E20AA9FF3212.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/918A5C11875DD4073ED693708755E20AA9FF3212.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 17 Jul 2024 00:52:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:cf:93:48:3c:a6:41:60:e1:51:3e:d9:4d:b7:e2:6b:58:c8:83:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=918A5C11875DD4073ED693708755E20AA9FF3212
        Validity
            Not Before: Mar  5 17:35:08 2024 GMT
            Not After : Mar  4 17:40:08 2025 GMT
        Subject: CN=BAE549AF15029CEC9E6330DE503F09C91C30B6C6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:de:7b:84:81:10:5e:dd:a8:76:32:a2:28:6c:
                    38:cf:3d:d8:69:be:5e:bb:ed:a8:b1:af:57:a2:b4:
                    66:a2:fd:ea:1f:33:61:a3:3b:d4:78:c1:32:3b:48:
                    9c:d3:c6:b7:87:24:4b:a1:89:32:d0:cf:d6:9a:ab:
                    93:c3:45:65:55:65:ac:e3:9d:95:5f:34:05:a3:cc:
                    12:2c:af:f7:78:ce:58:5a:b6:73:52:9f:df:db:c9:
                    7c:51:b8:0b:97:98:19:87:8c:27:0a:9d:aa:c4:f3:
                    76:5f:08:46:8e:9c:ad:c8:91:00:2b:be:ad:85:03:
                    74:a3:18:ab:21:66:35:f6:ec:9e:31:37:9e:57:27:
                    33:59:ab:e3:72:57:5b:0f:ef:11:dd:c7:b8:a2:e7:
                    31:7e:93:da:ca:e2:28:3b:8a:99:8d:98:73:e2:e0:
                    05:6c:3a:98:b6:74:8f:44:a0:6e:cd:b3:5f:dc:f0:
                    d3:3e:45:83:87:f9:a2:75:6c:8a:54:3e:02:ae:71:
                    5f:db:0e:93:65:1c:05:85:ba:ce:23:76:5c:d9:e6:
                    16:a8:4e:7e:8b:7a:e5:08:9a:e7:4e:63:82:10:9e:
                    09:c9:0f:7e:0b:4d:c7:2f:f8:5b:75:13:f2:5b:47:
                    5e:0f:80:35:b6:f4:dc:0d:2b:29:90:f4:dd:ef:07:
                    ac:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:E5:49:AF:15:02:9C:EC:9E:63:30:DE:50:3F:09:C9:1C:30:B6:C6
            X509v3 Authority Key Identifier:
                keyid:91:8A:5C:11:87:5D:D4:07:3E:D6:93:70:87:55:E2:0A:A9:FF:32:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1559F2209C14CD903D7329EF42951AFB3388A93132E941F09C9362952F9154F6/0/918A5C11875DD4073ED693708755E20AA9FF3212.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/918A5C11875DD4073ED693708755E20AA9FF3212.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1559F2209C14CD903D7329EF42951AFB3388A93132E941F09C9362952F9154F6/0/34352e3137332e35362e302f32322d3234203d3e20323637383630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.173.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         93:8b:3e:2c:c4:fc:58:08:eb:3b:c2:27:61:d3:18:de:e2:31:
         c1:d2:5c:0a:e4:57:21:57:ab:ef:fd:f9:fa:d9:12:b2:5f:32:
         69:2d:d8:35:0b:fd:36:3a:4a:77:7f:6a:87:ee:07:13:a6:77:
         60:dc:eb:b6:e5:31:bc:23:2f:1e:13:1d:ec:a3:fd:70:6e:40:
         d5:61:64:98:0d:3d:e1:ed:82:49:49:aa:49:43:3a:84:9c:4f:
         65:21:ba:a7:71:f2:4c:23:05:73:91:0d:8a:fa:cc:ba:fc:8e:
         ea:60:63:13:6f:23:43:32:fb:e4:71:d2:04:c9:76:c0:a1:ae:
         0f:e8:b4:55:d3:a2:42:f2:51:39:74:b8:6b:cd:c6:69:08:ab:
         e5:2b:ae:39:e0:03:80:5f:41:14:9c:e6:85:69:63:97:0b:de:
         4d:b2:4d:34:2b:a8:c6:02:12:2b:1e:e9:a9:2a:19:0f:18:38:
         21:52:87:bd:35:01:b3:69:43:89:19:9e:4e:d0:ae:dc:ba:3e:
         2a:2f:80:b8:f9:30:fc:64:02:bb:bc:b6:dd:56:7c:c0:38:30:
         4b:8e:67:fc:8c:56:1b:b8:9a:38:8a:4e:39:a1:fe:b9:83:f4:
         ee:c9:31:f8:25:23:53:b4:fd:d7:25:6e:8e:c5:5b:6d:97:ef:
         ec:b1:55:8b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUK8+TSDymQWDhUT7ZTbfia1jIgwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTE4QTVDMTE4NzVERDQwNzNFRDY5MzcwODc1NUUyMEFB
OUZGMzIxMjAeFw0yNDAzMDUxNzM1MDhaFw0yNTAzMDQxNzQwMDhaMDMxMTAvBgNV
BAMTKEJBRTU0OUFGMTUwMjlDRUM5RTYzMzBERTUwM0YwOUM5MUMzMEI2QzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK3nuEgRBe3ah2MqIobDjPPdhp
vl677aixr1eitGai/eofM2GjO9R4wTI7SJzTxreHJEuhiTLQz9aaq5PDRWVVZazj
nZVfNAWjzBIsr/d4zlhatnNSn9/byXxRuAuXmBmHjCcKnarE83ZfCEaOnK3IkQAr
vq2FA3SjGKshZjX27J4xN55XJzNZq+NyV1sP7xHdx7ii5zF+k9rK4ig7ipmNmHPi
4AVsOpi2dI9EoG7Ns1/c8NM+RYOH+aJ1bIpUPgKucV/bDpNlHAWFus4jdlzZ5hao
Tn6LeuUImudOY4IQngnJD34LTccv+Ft1E/JbR14PgDW29NwNKymQ9N3vB6w3AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUuuVJrxUCnOyeYzDeUD8JyRwwtsYwHwYDVR0j
BBgwFoAUkYpcEYdd1Ac+1pNwh1XiCqn/MhIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNTU5RjIyMDlDMTRDRDkwM0Q3MzI5RUY0Mjk1MUFGQjMz
ODhBOTMxMzJFOTQxRjA5QzkzNjI5NTJGOTE1NEY2LzAvOTE4QTVDMTE4NzVERDQw
NzNFRDY5MzcwODc1NUUyMEFBOUZGMzIxMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85MThBNUMxMTg3NURENDA3M0VE
NjkzNzA4NzU1RTIwQUE5RkYzMjEyLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTU1OUYyMjA5QzE0Q0Q5MDNENzMyOUVGNDI5NTFBRkIzMzg4QTkzMTMy
RTk0MUYwOUM5MzYyOTUyRjkxNTRGNi8wLzM0MzUyZTMxMzczMzJlMzUzNjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNzM4MzYzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2tODAN
BgkqhkiG9w0BAQsFAAOCAQEAk4s+LMT8WAjrO8InYdMY3uIxwdJcCuRXIVer7/35
+tkSsl8yaS3YNQv9NjpKd39qh+4HE6Z3YNzrtuUxvCMvHhMd7KP9cG5A1WFkmA09
4e2CSUmqSUM6hJxPZSG6p3HyTCMFc5ENivrMuvyO6mBjE28jQzL75HHSBMl2wKGu
D+i0VdOiQvJROXS4a83GaQir5SuuOeADgF9BFJzmhWljlwveTbJNNCuoxgISKx7p
qSoZDxg4IVKHvTUBs2lDiRmeTtCu3Lo+Ki+AuPkw/GQCu7y23VZ8wDgwS45n/IxW
G7iaOIpOOaH+uYP07skx+CUjU7T91yVujsVbbZfv7LFViw==
-----END CERTIFICATE-----
Generated at Fri Jul 12 16:50:07 2024 by rpki-client on console-ams.rpki-client.org